Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/E64P0Knpx5CBcJtkiYxa41VOWJk.roa
File: E64P0Knpx5CBcJtkiYxa41VOWJk.roa (raw, json)
Hash identifier: Wb7rCmRpQP2Y9rXn/pmXLeK0u8ZrtwjfKztQKj0FvMM=
Subject key identifier: 13:AE:0F:D0:A9:E9:C7:90:81:70:9B:64:89:8C:5A:E3:55:4E:58:99
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019EADA0BB7BA8FF611EEB8A2D853E62FC03
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/E64P0Knpx5CBcJtkiYxa41VOWJk.roa
Signing time: Tue 09 Jun 2026 18:24:12 +0000
ROA not before: Tue 09 Jun 2026 18:24:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216334
IP address blocks: 31.77.78.0/24 maxlen: 24
31.77.169.0/24 maxlen: 24
31.77.171.0/24 maxlen: 24
31.77.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:20:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ad:a0:bb:7b:a8:ff:61:1e:eb:8a:2d:85:3e:62:fc:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 9 18:24:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=13ae0fd0a9e9c79081709b64898c5ae3554e5899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:41:fa:81:7a:5a:35:4d:ef:13:dc:7f:52:aa:
f0:74:20:59:df:81:27:ae:4d:d7:20:74:02:24:b8:
d7:37:ae:ef:fe:ab:8d:8d:0f:da:2b:8f:34:3c:7a:
a4:fb:a2:0f:73:1f:48:c5:2b:0b:76:74:27:fd:6d:
fd:b4:0f:97:3b:2d:de:f1:54:06:c9:0e:22:22:e7:
17:62:ed:50:b8:e4:78:64:dc:3d:30:9c:ae:d2:cf:
c4:cf:6e:9f:41:64:0c:93:83:53:80:29:d1:85:d3:
83:8a:b2:db:12:7a:e7:4b:93:08:bf:5f:7d:14:9a:
9c:96:ef:52:35:90:4f:ec:15:17:26:a8:c8:bd:ea:
06:d7:87:82:54:43:95:2c:00:9a:69:5e:b1:26:cb:
ed:99:fb:55:4d:72:6f:cd:b8:33:35:e0:fb:a6:3d:
57:b3:9e:3d:b1:f9:52:a6:d5:f9:94:bf:38:d2:23:
35:93:57:fa:45:19:93:c1:18:03:57:58:8b:87:6e:
e3:16:a0:9c:29:4e:32:6c:4f:ec:b0:ff:77:67:ef:
33:59:31:0a:bb:3e:2f:9f:a7:8d:38:54:c1:8c:56:
12:3e:5f:a8:90:a0:04:be:7c:3c:64:31:c9:a3:17:
a3:38:3a:3c:97:29:07:b2:69:be:3b:80:14:7f:f5:
e4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:AE:0F:D0:A9:E9:C7:90:81:70:9B:64:89:8C:5A:E3:55:4E:58:99
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/E64P0Knpx5CBcJtkiYxa41VOWJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.77.78.0/24
31.77.169.0/24
31.77.171.0/24
31.77.173.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:00:d7:a0:d6:e1:1a:55:ff:62:e1:b8:9b:f2:56:56:cb:55:
a4:6e:75:27:50:e3:6f:2b:96:5f:1a:a0:8e:d4:78:c6:04:67:
6e:c6:e8:c0:ba:3d:50:cb:e6:92:7e:5d:d0:22:5e:95:82:94:
a4:21:50:7a:f6:86:b0:0e:e5:11:e8:9b:e0:09:de:a2:d3:43:
63:88:fa:59:0c:eb:46:fb:b0:b9:34:20:25:1c:04:cb:51:32:
dc:b2:8a:66:ea:33:c1:30:ba:71:31:06:89:7f:00:36:22:69:
72:9e:89:54:d9:89:99:a0:af:c5:08:8c:99:b5:71:8b:48:b1:
2f:d8:09:77:98:ed:2a:c0:22:7b:06:5f:a5:4c:c2:46:d3:c4:
83:2a:36:19:d9:21:15:20:01:23:c0:84:62:f9:8e:7b:a8:c2:
b2:58:ca:99:da:08:9f:e4:20:fe:78:27:a5:25:0a:35:4a:60:
da:36:e8:af:f6:70:52:9f:33:ab:28:43:3d:54:9f:0a:07:2f:
07:9f:40:64:19:7a:c4:4c:c8:57:c9:57:f4:4d:94:8f:ec:57:
3a:d4:a8:bd:c1:9a:ee:d0:7b:ed:c1:ea:5b:f2:ed:8d:95:73:
98:0c:f7:cd:0c:d2:ac:a8:10:02:c5:d5:ba:24:f3:7b:ee:d7:
99:9c:3b:06
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6toLt7qP9hHuuKLYU+YvwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjA5MTgyNDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2FlMGZkMGE5ZTljNzkwODE3MDliNjQ4OThjNWFlMzU1NGU1ODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkH6gXpaNU3vE9x/UqrwdCBZ34En
rk3XIHQCJLjXN67v/quNjQ/aK480PHqk+6IPcx9IxSsLdnQn/W39tA+XOy3e8VQG
yQ4iIucXYu1QuOR4ZNw9MJyu0s/Ez26fQWQMk4NTgCnRhdODirLbEnrnS5MIv199
FJqclu9SNZBP7BUXJqjIveoG14eCVEOVLACaaV6xJsvtmftVTXJvzbgzNeD7pj1X
s549sflSptX5lL840iM1k1f6RRmTwRgDV1iLh27jFqCcKU4ybE/ssP93Z+8zWTEK
uz4vn6eNOFTBjFYSPl+okKAEvnw8ZDHJoxejODo8lykHsmm+O4AUf/XkZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBOuD9Cp6ceQgXCbZImMWuNVTliZMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvRTY0UDBLbnB4NUNCY0p0a2lZeGE0MVZPV0prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH01OAwQA
H02pAwQAH02rAwQAH02tMA0GCSqGSIb3DQEBCwUAA4IBAQBrANeg1uEaVf9i4bib
8lZWy1WkbnUnUONvK5ZfGqCO1HjGBGduxujAuj1Qy+aSfl3QIl6VgpSkIVB69oaw
DuUR6JvgCd6i00NjiPpZDOtG+7C5NCAlHATLUTLcsopm6jPBMLpxMQaJfwA2Imly
nolU2YmZoK/FCIyZtXGLSLEv2Al3mO0qwCJ7Bl+lTMJG08SDKjYZ2SEVIAEjwIRi
+Y57qMKyWMqZ2gif5CD+eCelJQo1SmDaNuiv9nBSnzOrKEM9VJ8KBy8Hn0BkGXrE
TMhXyVf0TZSP7Fc61Ki9wZru0Hvtwepb8u2NlXOYDPfNDNKsqBACxdW6JPN77teZ
nDsG
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:41:10 2026 by rpki-client