Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/JToZsnD07Q8xAD6t7dESnm6gk6I.roa
File: JToZsnD07Q8xAD6t7dESnm6gk6I.roa (raw, json)
Hash identifier: Rv2S3sb2mSWsE1PmdCkOFaAOJJDTngzzouINAkKjsjo=
Subject key identifier: 25:3A:19:B2:70:F4:ED:0F:31:00:3E:AD:ED:D1:12:9E:6E:A0:93:A2
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019E419AB1814987ED7702F075F7EFA6D59D
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/JToZsnD07Q8xAD6t7dESnm6gk6I.roa
Signing time: Tue 19 May 2026 18:58:37 +0000
ROA not before: Tue 19 May 2026 18:58:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 4593
IP address blocks: 2.26.148.0/24 maxlen: 24
2.26.176.0/24 maxlen: 24
2.26.216.0/24 maxlen: 24
2.26.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:41:9a:b1:81:49:87:ed:77:02:f0:75:f7:ef:a6:d5:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 19 18:58:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=253a19b270f4ed0f31003eadedd1129e6ea093a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:da:36:ec:fa:80:9e:09:e8:e0:71:17:03:e8:
f0:83:20:47:f5:6c:33:72:98:09:99:be:48:69:ad:
da:38:da:df:80:fd:cf:c6:de:ee:5d:f8:a2:54:fa:
3b:c9:9a:61:b2:9f:d3:7d:2c:ab:78:e6:f0:f8:bd:
af:8c:37:b6:11:5f:75:56:ae:21:68:cf:af:55:2a:
79:21:2c:c4:eb:5b:e9:51:d8:16:39:7b:16:b6:b6:
da:43:d9:37:c5:66:27:e9:fb:ec:8d:0e:25:e8:68:
65:22:3d:10:13:6c:02:b3:d6:a7:d4:34:c2:76:d0:
36:8f:24:aa:6b:b4:cd:1a:d3:a1:ab:a5:90:d2:66:
77:d3:87:81:f7:16:fd:f7:ce:2e:34:77:73:d3:8a:
ea:45:13:0d:b7:6b:7e:a9:85:2a:4e:c4:76:77:85:
c0:c4:6d:3f:e8:5e:2e:36:5b:0e:ea:a0:c3:5c:64:
76:7f:e6:e5:d8:aa:44:21:4e:2a:d4:2b:56:8d:d9:
85:01:45:0b:57:ba:c0:8f:f7:84:1a:bf:5d:90:3b:
d5:0f:1b:15:6b:aa:0e:0f:71:ea:58:90:a0:b7:a0:
e8:89:39:b4:f7:69:2a:a7:c2:75:a9:b3:7b:20:9a:
89:63:43:6e:a7:52:95:da:cf:43:ed:7e:97:84:de:
be:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:3A:19:B2:70:F4:ED:0F:31:00:3E:AD:ED:D1:12:9E:6E:A0:93:A2
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/JToZsnD07Q8xAD6t7dESnm6gk6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.148.0/24
2.26.176.0/24
2.26.216.0/24
2.26.219.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:ae:43:ba:84:2e:f1:02:df:27:ac:b6:d3:15:cd:fa:bb:ba:
73:46:65:f3:f0:1a:5a:d5:51:f2:80:85:90:8e:25:8c:21:70:
54:13:7d:eb:48:5f:40:eb:d0:48:0a:dc:93:45:4a:e3:c6:3b:
e7:76:f3:eb:7d:74:6a:3e:f7:22:81:bb:91:d6:da:da:e1:2f:
9d:9a:2e:c4:e4:d8:e9:09:fe:c8:58:b5:67:7a:7f:a0:eb:16:
ea:f2:ea:09:ac:ff:47:aa:a8:2d:3e:a2:78:f7:89:9b:e1:f3:
24:c7:f6:c8:d3:0c:e1:15:a8:b4:c4:0e:c4:86:6c:a2:f5:68:
3d:50:2d:ee:3b:0c:05:ab:0e:00:f5:2f:6b:0d:ac:56:68:7c:
07:d8:10:ba:8d:5e:5a:64:86:d4:26:eb:70:df:91:66:77:87:
fe:14:44:91:ff:3e:7d:15:a2:bc:89:5d:7f:5a:32:0f:25:88:
26:6c:56:09:00:35:09:26:56:2f:6c:88:6d:5c:16:7e:84:77:
32:30:7b:d9:a2:8d:af:e4:9a:55:a0:77:b3:48:4b:b1:6e:67:
2a:aa:3e:fa:50:f1:2c:95:63:cb:f2:a1:80:7d:92:4c:b5:cd:
df:d8:78:11:08:c8:c7:f5:3e:77:51:85:cb:16:5c:de:a2:b6:
8a:65:28:51
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ5BmrGBSYftdwLwdffvptWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNTE5MTg1ODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTNhMTliMjcwZjRlZDBmMzEwMDNlYWRlZGQxMTI5ZTZlYTA5M2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdo27PqAngno4HEXA+jwgyBH9Wwz
cpgJmb5Iaa3aONrfgP3Pxt7uXfiiVPo7yZphsp/TfSyreObw+L2vjDe2EV91Vq4h
aM+vVSp5ISzE61vpUdgWOXsWtrbaQ9k3xWYn6fvsjQ4l6GhlIj0QE2wCs9an1DTC
dtA2jySqa7TNGtOhq6WQ0mZ304eB9xb9984uNHdz04rqRRMNt2t+qYUqTsR2d4XA
xG0/6F4uNlsO6qDDXGR2f+bl2KpEIU4q1CtWjdmFAUULV7rAj/eEGr9dkDvVDxsV
a6oOD3HqWJCgt6DoiTm092kqp8J1qbN7IJqJY0Nup1KV2s9D7X6XhN6+8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCU6GbJw9O0PMQA+re3REp5uoJOiMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvSlRvWnNuRDA3UTh4QUQ2dDdkRVNubTZnazZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAhqUAwQA
AhqwAwQAAhrYAwQAAhrbMA0GCSqGSIb3DQEBCwUAA4IBAQA7rkO6hC7xAt8nrLbT
Fc36u7pzRmXz8Bpa1VHygIWQjiWMIXBUE33rSF9A69BICtyTRUrjxjvndvPrfXRq
PvcigbuR1tra4S+dmi7E5NjpCf7IWLVnen+g6xbq8uoJrP9HqqgtPqJ494mb4fMk
x/bI0wzhFai0xA7Ehmyi9Wg9UC3uOwwFqw4A9S9rDaxWaHwH2BC6jV5aZIbUJutw
35Fmd4f+FESR/z59FaK8iV1/WjIPJYgmbFYJADUJJlYvbIhtXBZ+hHcyMHvZoo2v
5JpVoHezSEuxbmcqqj76UPEslWPL8qGAfZJMtc3f2HgRCMjH9T53UYXLFlzeoraK
ZShR
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:25:04 2026 by rpki-client