Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Hyh9Uq-ILACDKCtdiu-A_ZW2dC0.roa
File: Hyh9Uq-ILACDKCtdiu-A_ZW2dC0.roa (raw, json)
Hash identifier: JyYTD/s+ij/UCu5dnM7wrZpdjXVikEVMzf9+XLSPa2A=
Subject key identifier: 1F:28:7D:52:AF:88:2C:00:83:28:2B:5D:8A:EF:80:FD:95:B6:74:2D
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019CC438F4C544222B2180A8143E30EAAB46
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Hyh9Uq-ILACDKCtdiu-A_ZW2dC0.roa
Signing time: Fri 06 Mar 2026 17:36:32 +0000
ROA not before: Fri 06 Mar 2026 17:36:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213520
IP address blocks: 64.188.68.0/22 maxlen: 24
64.188.74.0/24 maxlen: 24
64.188.104.0/22 maxlen: 24
77.239.120.0/23 maxlen: 24
144.31.16.0/23 maxlen: 24
144.31.18.0/23 maxlen: 24
144.31.62.0/23 maxlen: 24
144.31.84.0/23 maxlen: 24
144.31.116.0/23 maxlen: 24
144.31.118.0/23 maxlen: 24
144.31.122.0/23 maxlen: 24
144.31.134.0/23 maxlen: 24
144.31.138.0/23 maxlen: 24
144.31.196.0/23 maxlen: 24
144.31.232.0/24 maxlen: 24
144.31.233.0/24 maxlen: 24
150.241.64.0/24 maxlen: 24
150.241.78.0/23 maxlen: 24
193.23.197.0/24 maxlen: 24
193.23.210.0/23 maxlen: 24
193.23.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Mar 2026 09:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c4:38:f4:c5:44:22:2b:21:80:a8:14:3e:30:ea:ab:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Mar 6 17:36:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1f287d52af882c0083282b5d8aef80fd95b6742d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5a:8d:46:40:3e:f4:13:aa:bc:6b:70:44:bf:
df:f1:6c:19:a5:49:45:c7:0b:5c:e5:ef:e5:5c:fd:
e6:fb:8e:88:d3:1a:a8:0c:e3:e3:26:0a:20:28:2f:
37:9e:5c:25:1f:5d:6b:56:4c:93:7c:1e:9f:d8:17:
22:74:50:84:d2:db:57:61:66:5d:e9:d2:bf:07:5d:
dc:2b:b3:f1:88:fc:5e:90:cc:a5:08:9e:5e:a4:6f:
72:e2:4a:5a:df:c1:c0:2b:0d:3a:89:ec:e7:15:2d:
16:0e:8d:85:4b:d0:42:f8:f0:f1:54:86:78:28:fb:
fe:fc:5b:0d:78:20:ca:97:8c:99:e4:32:41:b4:f7:
5d:d4:45:9d:0d:88:c3:e8:aa:95:24:6c:a7:f9:19:
ac:d3:60:12:63:01:56:97:4f:9a:90:58:1d:24:70:
bb:83:2e:d8:ae:2e:05:6a:8d:8e:c2:2b:f0:9c:ff:
91:b2:35:f8:98:ea:b9:62:83:f3:86:5e:b9:42:5a:
d7:a8:1a:c6:c7:95:4a:56:67:df:ee:e1:09:c1:3e:
45:e8:e3:87:3c:8d:d7:b2:e1:bd:fa:e4:6c:25:e9:
6a:df:9b:b1:64:ff:98:ba:0d:74:a7:2a:cd:b0:ba:
b4:f6:d1:b8:d0:8f:da:74:42:67:fc:25:f1:2d:d8:
9c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:28:7D:52:AF:88:2C:00:83:28:2B:5D:8A:EF:80:FD:95:B6:74:2D
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Hyh9Uq-ILACDKCtdiu-A_ZW2dC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.68.0/22
64.188.74.0/24
64.188.104.0/22
77.239.120.0/23
144.31.16.0/22
144.31.62.0/23
144.31.84.0/23
144.31.116.0/22
144.31.122.0/23
144.31.134.0/23
144.31.138.0/23
144.31.196.0/23
144.31.232.0/23
150.241.64.0/24
150.241.78.0/23
193.23.197.0/24
193.23.210.0/23
193.23.218.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:8f:34:1b:09:f6:e1:f6:44:a7:8e:f7:03:7a:00:49:bb:3b:
69:02:93:c4:8d:1f:17:08:60:d5:87:46:7b:aa:27:50:81:ec:
69:42:45:1c:7f:93:60:65:c3:ed:52:44:22:9d:d1:7a:9f:d4:
aa:06:61:d9:7c:fe:08:35:f8:12:b3:b3:43:2f:92:22:18:c0:
f4:8e:74:e2:4e:ca:bb:a2:9d:19:cd:b2:b3:d3:c1:a1:a2:9f:
58:46:db:70:45:9a:fc:2f:25:78:c0:81:19:db:a8:02:f9:64:
56:b3:92:97:4c:4d:3d:a4:f9:82:6c:2d:d7:d0:d0:67:09:ef:
52:9d:d2:6d:23:6e:34:95:78:7c:24:90:23:b0:7c:4d:f1:5a:
4d:a5:3d:ec:0d:d2:f0:77:85:6d:62:bc:2b:04:9e:06:85:8d:
54:2a:de:c6:83:2e:58:b9:ea:6e:d2:cc:cf:08:4c:83:18:4b:
58:96:97:12:b9:f0:66:f8:24:a5:bd:20:cd:2b:e4:98:66:34:
84:a4:e4:02:4b:d2:c0:93:48:09:cb:f6:52:46:fb:39:ac:8a:
30:fd:cf:33:1c:89:8c:fe:71:a8:9c:72:24:87:5d:f9:39:ca:
13:be:c4:d1:8c:a0:3c:7e:21:76:9c:e0:8a:6c:e7:cb:b1:d7:
1d:7e:7d:55
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZzEOPTFRCIrIYCoFD4w6qtGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMzA2MTczNjMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjI4N2Q1MmFmODgyYzAwODMyODJiNWQ4YWVmODBmZDk1YjY3NDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVqNRkA+9BOqvGtwRL/f8WwZpUlF
xwtc5e/lXP3m+46I0xqoDOPjJgogKC83nlwlH11rVkyTfB6f2BcidFCE0ttXYWZd
6dK/B13cK7PxiPxekMylCJ5epG9y4kpa38HAKw06ieznFS0WDo2FS9BC+PDxVIZ4
KPv+/FsNeCDKl4yZ5DJBtPdd1EWdDYjD6KqVJGyn+Rms02ASYwFWl0+akFgdJHC7
gy7Yri4Fao2OwivwnP+RsjX4mOq5YoPzhl65QlrXqBrGx5VKVmff7uEJwT5F6OOH
PI3XsuG9+uRsJelq35uxZP+Yug10pyrNsLq09tG40I/adEJn/CXxLdicBQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFB8ofVKviCwAgygrXYrvgP2VtnQtMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvSHloOVVxLUlMQUNES0N0ZGl1LUFfWlcyZEMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAkC8RAME
AEC8SgMEAkC8aAMEAU3veAMEApAfEAMEAZAfPgMEAZAfVAMEApAfdAMEAZAfegME
AZAfhgMEAZAfigMEAZAfxAMEAZAf6AMEAJbxQAMEAZbxTgMEAMEXxQMEAcEX0gME
AcEX2jANBgkqhkiG9w0BAQsFAAOCAQEATI80Gwn24fZEp473A3oASbs7aQKTxI0f
Fwhg1YdGe6onUIHsaUJFHH+TYGXD7VJEIp3Rep/UqgZh2Xz+CDX4ErOzQy+SIhjA
9I504k7Ku6KdGc2ys9PBoaKfWEbbcEWa/C8leMCBGduoAvlkVrOSl0xNPaT5gmwt
19DQZwnvUp3SbSNuNJV4fCSQI7B8TfFaTaU97A3S8HeFbWK8KwSeBoWNVCrexoMu
WLnqbtLMzwhMgxhLWJaXErnwZvgkpb0gzSvkmGY0hKTkAkvSwJNICcv2Ukb7OayK
MP3PMxyJjP5xqJxyJIdd+TnKE77E0YygPH4hdpzgimzny7HXHX59VQ==
-----END CERTIFICATE-----
Generated at Tue Mar 17 18:04:37 2026 by rpki-client