Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Gn4iBEc1nMIqWDbciTONEJRlwXI.roa
File: Gn4iBEc1nMIqWDbciTONEJRlwXI.roa (raw, json)
Hash identifier: jMuJP8hN6doiAfbPfKq/mYMRYFgIKszn8pPLuKwLxNg=
Subject key identifier: 1A:7E:22:04:47:35:9C:C2:2A:58:36:DC:89:33:8D:10:94:65:C1:72
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019C57ED924D8081DC1A7FC5098CFDB4CADD
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Gn4iBEc1nMIqWDbciTONEJRlwXI.roa
Signing time: Fri 13 Feb 2026 16:55:13 +0000
ROA not before: Fri 13 Feb 2026 16:55:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215439
IP address blocks: 64.188.64.0/22 maxlen: 24
77.239.125.0/24 maxlen: 24
144.31.14.0/24 maxlen: 24
144.31.30.0/24 maxlen: 24
144.31.54.0/24 maxlen: 24
144.31.95.0/24 maxlen: 24
144.31.164.0/22 maxlen: 24
144.31.203.0/24 maxlen: 24
144.31.207.0/24 maxlen: 24
144.31.212.0/24 maxlen: 24
144.31.224.0/24 maxlen: 24
150.241.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Feb 2026 03:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:57:ed:92:4d:80:81:dc:1a:7f:c5:09:8c:fd:b4:ca:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 13 16:55:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1a7e220447359cc22a5836dc89338d109465c172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:29:7c:9e:f7:a0:6f:1b:58:f5:c1:aa:62:ec:
c8:b6:c5:35:63:1d:44:44:74:af:99:5a:9c:60:8c:
80:3e:63:86:4c:71:38:13:c6:c2:d8:90:f5:8f:15:
e2:de:3c:cc:e1:ca:65:3f:a9:a8:00:89:2a:2a:4a:
0b:91:49:34:68:ed:dd:dd:7d:db:a2:b7:3e:c2:93:
1e:80:74:7a:24:ca:d7:9e:0f:6a:a8:28:eb:16:5e:
f9:f7:d3:06:9f:f0:62:46:47:96:f5:17:83:f3:bf:
78:ac:49:02:90:07:05:6c:b9:f3:1d:42:1d:2b:cf:
58:27:1a:89:42:9c:53:76:c2:bb:c3:fc:6c:97:21:
66:64:1d:fd:19:d5:bc:fd:f6:2d:7b:fd:aa:56:d3:
f3:93:af:8c:13:65:6c:0a:f8:06:7c:56:c3:86:97:
6c:f7:4f:d5:c3:66:e8:cd:28:47:ac:19:60:ea:5f:
9d:54:0e:a9:bd:d1:2d:5f:62:86:e9:80:3c:c7:8a:
d9:05:7b:be:01:04:62:0e:53:ec:52:f9:66:d0:b3:
23:8b:f3:04:ab:b6:62:ed:49:bb:db:7b:21:5b:cf:
68:4e:0f:ce:ea:ab:50:a4:10:62:ba:d7:99:f7:b8:
ee:04:8d:10:64:ad:c4:9a:de:75:25:58:24:81:20:
79:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:7E:22:04:47:35:9C:C2:2A:58:36:DC:89:33:8D:10:94:65:C1:72
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Gn4iBEc1nMIqWDbciTONEJRlwXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.64.0/22
77.239.125.0/24
144.31.14.0/24
144.31.30.0/24
144.31.54.0/24
144.31.95.0/24
144.31.164.0/22
144.31.203.0/24
144.31.207.0/24
144.31.212.0/24
144.31.224.0/24
150.241.94.0/24
Signature Algorithm: sha256WithRSAEncryption
74:43:db:fe:92:7f:25:22:91:cf:4e:98:05:53:52:48:39:98:
51:b7:40:78:63:9f:c6:60:41:90:9a:24:d9:13:1d:5b:6c:34:
3f:37:db:67:82:30:1b:b9:36:14:23:07:0c:06:0d:51:bd:4c:
30:29:0f:dd:f5:52:70:84:8f:86:3a:cd:30:5f:de:42:1c:a0:
35:d7:e5:09:6a:fc:cd:fe:46:30:cb:42:6a:54:27:1e:c3:d2:
92:f4:44:85:e8:8d:3d:85:f6:e8:10:54:6a:93:63:9c:df:db:
07:77:69:a1:4b:3f:db:ce:97:f2:0d:00:0a:60:01:a8:c1:84:
9d:fa:55:98:66:e1:fe:29:ad:1c:a3:eb:09:d9:f6:ec:39:94:
3f:d7:b5:24:3e:67:ce:1d:2b:f2:48:de:65:0b:4e:6a:74:9e:
18:5c:fb:b0:4d:2d:f7:dc:56:d6:b2:4d:e9:0f:c0:ee:de:cf:
d2:e8:fb:30:b4:6b:52:df:7c:bc:39:16:ca:f5:6d:df:ee:b8:
c9:a9:43:39:91:3e:d2:63:bc:d1:d8:6c:21:5d:47:d2:df:b3:
4b:3e:61:7e:6b:9b:9a:50:ac:4b:08:ad:1b:37:82:ed:8f:5d:
38:8d:89:c9:d0:7b:2b:01:23:c6:72:49:6d:0c:36:5f:a5:c8:
27:22:04:8e
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZxX7ZJNgIHcGn/FCYz9tMrdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMjEzMTY1NTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTdlMjIwNDQ3MzU5Y2MyMmE1ODM2ZGM4OTMzOGQxMDk0NjVjMTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSl8nvegbxtY9cGqYuzItsU1Yx1E
RHSvmVqcYIyAPmOGTHE4E8bC2JD1jxXi3jzM4cplP6moAIkqKkoLkUk0aO3d3X3b
orc+wpMegHR6JMrXng9qqCjrFl7599MGn/BiRkeW9ReD8794rEkCkAcFbLnzHUId
K89YJxqJQpxTdsK7w/xslyFmZB39GdW8/fYte/2qVtPzk6+ME2VsCvgGfFbDhpds
90/Vw2bozShHrBlg6l+dVA6pvdEtX2KG6YA8x4rZBXu+AQRiDlPsUvlm0LMji/ME
q7Zi7Um723shW89oTg/O6qtQpBBiuteZ97juBI0QZK3Emt51JVgkgSB5KQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBp+IgRHNZzCKlg23IkzjRCUZcFyMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvR240aUJFYzFuTUlxV0RiY2lUT05FSlJsd1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQCQLxAAwQA
Te99AwQAkB8OAwQAkB8eAwQAkB82AwQAkB9fAwQCkB+kAwQAkB/LAwQAkB/PAwQA
kB/UAwQAkB/gAwQAlvFeMA0GCSqGSIb3DQEBCwUAA4IBAQB0Q9v+kn8lIpHPTpgF
U1JIOZhRt0B4Y5/GYEGQmiTZEx1bbDQ/N9tngjAbuTYUIwcMBg1RvUwwKQ/d9VJw
hI+GOs0wX95CHKA11+UJavzN/kYwy0JqVCcew9KS9ESF6I09hfboEFRqk2Oc39sH
d2mhSz/bzpfyDQAKYAGowYSd+lWYZuH+Ka0co+sJ2fbsOZQ/17UkPmfOHSvySN5l
C05qdJ4YXPuwTS333FbWsk3pD8Du3s/S6PswtGtS33y8ORbK9W3f7rjJqUM5kT7S
Y7zR2GwhXUfS37NLPmF+a5uaUKxLCK0bN4Ltj104jYnJ0HsrASPGckltDDZfpcgn
IgSO
-----END CERTIFICATE-----
Generated at Tue Feb 17 14:01:16 2026 by rpki-client