Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/MIqQQbd-qlvAcqZG29jPvWO6ZxE.roa
File: MIqQQbd-qlvAcqZG29jPvWO6ZxE.roa (raw, json)
Hash identifier: d8NcdWVBpXvDkpZ6oSOhbq5BupNOQH6aFD3bkSRYa2k=
Subject key identifier: 30:8A:90:41:B7:7E:AA:5B:C0:72:A6:46:DB:D8:CF:BD:63:BA:67:11
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019E94BF629681F6C3527FE403E2314B3D28
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/MIqQQbd-qlvAcqZG29jPvWO6ZxE.roa
Signing time: Thu 04 Jun 2026 22:27:11 +0000
ROA not before: Thu 04 Jun 2026 22:27:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215590
IP address blocks: 2.26.20.0/22 maxlen: 24
2.26.60.0/22 maxlen: 24
2.26.68.0/22 maxlen: 24
2.26.104.0/21 maxlen: 24
2.27.32.0/21 maxlen: 24
2.27.52.0/23 maxlen: 24
2.27.54.0/23 maxlen: 24
31.76.12.0/22 maxlen: 24
31.76.48.0/22 maxlen: 24
31.76.230.0/23 maxlen: 24
31.77.196.0/22 maxlen: 24
64.188.118.0/23 maxlen: 24
77.239.108.0/22 maxlen: 24
144.31.52.0/24 maxlen: 24
144.31.126.0/24 maxlen: 24
144.31.127.0/24 maxlen: 24
144.31.140.0/22 maxlen: 24
144.31.152.0/23 maxlen: 24
144.31.186.0/23 maxlen: 24
150.241.88.0/23 maxlen: 24
150.241.96.0/22 maxlen: 24
150.241.106.0/23 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:20:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:94:bf:62:96:81:f6:c3:52:7f:e4:03:e2:31:4b:3d:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 4 22:27:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=308a9041b77eaa5bc072a646dbd8cfbd63ba6711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:64:28:af:d2:bc:03:f3:83:91:20:d0:16:fa:
48:a5:84:78:aa:32:74:70:d7:f6:51:4c:dc:04:b3:
85:7a:59:55:6d:f5:9a:b6:88:0c:f7:b8:cf:1a:48:
a0:ba:8c:89:4b:e1:c8:d0:c6:81:31:69:5f:5b:0d:
c2:06:3d:eb:53:8d:b0:84:cc:bf:e8:c6:b8:dc:61:
5b:21:09:29:b4:96:aa:94:fd:96:62:fe:fb:20:ce:
7d:e2:a0:a7:fe:b3:dd:91:64:16:97:a1:63:73:c4:
2e:f1:be:b5:59:10:63:ea:b1:88:00:5a:bc:70:0d:
af:d9:27:e3:95:4f:93:50:4d:95:16:76:50:2c:ff:
e9:76:7f:9a:b3:84:d5:a7:9a:c6:0c:cf:f4:3c:07:
55:b2:51:bf:88:b4:b4:67:3f:17:20:ee:2d:02:6f:
99:08:62:ca:a3:87:05:70:7e:36:fd:90:f0:5f:84:
32:09:76:60:27:29:a9:92:a5:b3:1b:fc:e9:d0:6d:
ff:47:d0:96:59:8c:3a:25:2c:3a:8e:27:04:2d:21:
e8:b1:39:0d:2f:62:a8:3f:58:05:f1:9c:76:19:ba:
9c:74:fb:68:c4:3d:ae:8f:53:28:42:b7:d9:5c:b6:
95:12:ee:e9:7b:b8:4d:e1:89:9b:ee:71:00:5f:f4:
47:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:8A:90:41:B7:7E:AA:5B:C0:72:A6:46:DB:D8:CF:BD:63:BA:67:11
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/MIqQQbd-qlvAcqZG29jPvWO6ZxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.20.0/22
2.26.60.0/22
2.26.68.0/22
2.26.104.0/21
2.27.32.0/21
2.27.52.0/22
31.76.12.0/22
31.76.48.0/22
31.76.230.0/23
31.77.196.0/22
64.188.118.0/23
77.239.108.0/22
144.31.52.0/24
144.31.126.0/23
144.31.140.0/22
144.31.152.0/23
144.31.186.0/23
150.241.88.0/23
150.241.96.0/22
150.241.106.0/23
150.241.115.0-150.241.116.255
150.241.123.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:6a:f7:8d:a5:63:41:fb:41:92:30:9b:d1:81:2e:f4:7c:b8:
fb:fb:e2:0a:30:14:ee:05:4e:8d:53:9a:6b:a4:0f:1b:62:79:
ee:f3:94:1d:94:1c:4a:c8:ad:bc:98:31:ba:61:1a:c0:4e:ea:
7f:8b:20:98:60:11:ea:97:a7:09:ce:de:ff:24:7c:3a:ad:2d:
87:01:7c:03:59:ff:3a:ad:a6:7c:11:f4:84:aa:cc:22:35:3f:
78:4b:cd:c5:e4:dc:ce:14:94:8a:8f:95:71:bb:3c:c9:e2:24:
37:2d:43:1d:a5:96:86:8d:c4:0a:1c:ea:0f:a2:e1:2d:1b:8b:
03:88:2b:0a:ea:66:ab:61:4f:c2:ba:3b:83:a3:85:d6:ea:9f:
a0:cb:2e:c0:fe:f6:58:a6:fd:27:cc:7a:54:17:f0:cb:fd:45:
51:1e:4a:e5:d8:53:9f:24:2f:73:f1:d9:e5:7d:ab:8a:ea:21:
5b:32:59:a9:8d:3f:29:9c:60:34:fa:ef:0a:21:c7:96:36:56:
82:2c:88:cd:7b:33:30:7c:7e:b1:0e:98:dd:a6:43:2d:3b:2d:
a3:bf:09:bc:7c:85:de:4f:d1:b7:00:ea:d7:fa:07:a7:6e:c8:
ff:39:2b:b0:99:92:4f:9d:79:09:ce:1c:1a:f2:38:36:39:53:
2e:7f:3a:03
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZ6Uv2KWgfbDUn/kA+IxSz0oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjA0MjIyNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDhhOTA0MWI3N2VhYTViYzA3MmE2NDZkYmQ4Y2ZiZDYzYmE2NzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4WQor9K8A/ODkSDQFvpIpYR4qjJ0
cNf2UUzcBLOFellVbfWatogM97jPGkiguoyJS+HI0MaBMWlfWw3CBj3rU42whMy/
6Ma43GFbIQkptJaqlP2WYv77IM594qCn/rPdkWQWl6Fjc8Qu8b61WRBj6rGIAFq8
cA2v2SfjlU+TUE2VFnZQLP/pdn+as4TVp5rGDM/0PAdVslG/iLS0Zz8XIO4tAm+Z
CGLKo4cFcH42/ZDwX4QyCXZgJympkqWzG/zp0G3/R9CWWYw6JSw6jicELSHosTkN
L2KoP1gF8Zx2GbqcdPtoxD2uj1MoQrfZXLaVEu7pe7hN4Ymb7nEAX/RHZQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFDCKkEG3fqpbwHKmRtvYz71jumcRMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvTUlxUVFiZC1xbHZBY3FaRzI5alB2V082WnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAIC
GhQDBAICGjwDBAICGkQDBAMCGmgDBAMCGyADBAICGzQDBAIfTAwDBAIfTDADBAEf
TOYDBAIfTcQDBAFAvHYDBAJN72wDBACQHzQDBAGQH34DBAKQH4wDBAGQH5gDBAGQ
H7oDBAGW8VgDBAKW8WADBAGW8WowDAMEAJbxcwMEAJbxdAMEAJbxezANBgkqhkiG
9w0BAQsFAAOCAQEAi2r3jaVjQftBkjCb0YEu9Hy4+/viCjAU7gVOjVOaa6QPG2J5
7vOUHZQcSsitvJgxumEawE7qf4sgmGAR6penCc7e/yR8Oq0thwF8A1n/Oq2mfBH0
hKrMIjU/eEvNxeTczhSUio+Vcbs8yeIkNy1DHaWWho3EChzqD6LhLRuLA4grCupm
q2FPwro7g6OF1uqfoMsuwP72WKb9J8x6VBfwy/1FUR5K5dhTnyQvc/HZ5X2riuoh
WzJZqY0/KZxgNPrvCiHHljZWgiyIzXszMHx+sQ6Y3aZDLTsto78JvHyF3k/RtwDq
1/oHp27I/zkrsJmST515Cc4cGvI4NjlTLn86Aw==
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:15:37 2026 by rpki-client