Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/P1hK7bThnxskVKoLce8snBipKSI.roa
File: P1hK7bThnxskVKoLce8snBipKSI.roa (raw, json)
Hash identifier: Ci4DFttvXgcSLn0S7MFvimoOduMT8crYfLrKCVpThNM=
Subject key identifier: 3F:58:4A:ED:B4:E1:9F:1B:24:54:AA:0B:71:EF:2C:9C:18:A9:29:22
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019DAC4E04F65F33366B7027A584006AA9CF
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/P1hK7bThnxskVKoLce8snBipKSI.roa
Signing time: Mon 20 Apr 2026 19:11:27 +0000
ROA not before: Mon 20 Apr 2026 19:11:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202226
IP address blocks: 2.26.74.0/24 maxlen: 24
2.26.75.0/24 maxlen: 24
2.27.5.0/24 maxlen: 24
144.31.236.0/24 maxlen: 24
150.241.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 07:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ac:4e:04:f6:5f:33:36:6b:70:27:a5:84:00:6a:a9:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 20 19:11:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3f584aedb4e19f1b2454aa0b71ef2c9c18a92922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:72:30:79:df:1f:d9:69:21:3e:37:c1:fb:0f:
46:2b:4f:c8:d4:21:60:27:ee:c2:35:0d:c1:85:5c:
4d:84:40:5d:ac:0e:8b:c2:6c:57:1f:4b:3f:5e:be:
68:9c:05:4a:02:d8:3b:c2:63:b1:df:f5:26:cc:35:
26:4b:8a:ea:60:a4:01:ac:75:1c:3d:22:e6:40:5c:
2e:a8:d6:6c:9d:a9:1e:e2:08:c9:48:9a:ff:15:0a:
5a:6e:76:3e:86:f1:9c:26:16:51:96:33:4e:4d:c6:
12:ab:cb:4a:0b:84:3b:0e:61:bc:86:40:5e:4e:20:
3e:d1:e3:5d:84:60:7e:ba:b2:df:cc:e7:d6:c5:23:
15:03:74:d6:7f:db:5e:f7:96:fe:63:24:eb:e6:3c:
0c:9b:ae:ec:7c:a9:55:5b:3e:f8:e6:23:ce:ca:0d:
d8:8c:62:f9:21:d1:19:78:d2:78:bf:c6:2d:bf:3f:
1b:70:7a:f8:cf:49:2c:56:d3:63:84:71:e4:6c:47:
95:d5:9b:4c:a0:21:72:bc:a3:9c:8b:2d:bd:95:9f:
ab:a1:72:a2:4e:fa:37:2f:8f:81:37:27:d5:49:63:
9a:39:ad:8d:2e:2f:d1:7b:8c:95:c5:b8:b3:30:ab:
11:33:52:63:84:ab:71:35:9b:6e:0b:7b:68:00:28:
f8:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:58:4A:ED:B4:E1:9F:1B:24:54:AA:0B:71:EF:2C:9C:18:A9:29:22
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/P1hK7bThnxskVKoLce8snBipKSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.74.0/23
2.27.5.0/24
144.31.236.0/24
150.241.81.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:7e:4a:d0:2c:c7:ae:24:c4:40:b0:1c:a8:34:84:db:85:ad:
3a:67:64:4a:f3:38:f6:24:51:08:2a:cf:fa:82:37:2f:e8:95:
d6:df:ed:79:38:7f:a9:ed:67:7a:c8:06:b6:a3:92:a1:31:d6:
22:34:d3:36:0e:02:34:ee:c2:38:92:84:01:e6:8e:ec:b3:f6:
bf:33:89:05:5f:c0:34:a0:bf:6c:b4:c4:35:e2:03:e8:c7:95:
e8:6e:05:f3:12:33:6b:16:3e:8a:8b:33:11:9d:8f:44:ac:88:
d6:40:b2:e8:18:3a:be:99:93:17:fe:92:ac:6e:b3:91:71:44:
ff:52:4d:a1:d8:53:d6:c2:75:99:01:3d:68:93:34:b9:b5:38:
42:03:2c:a9:75:3d:55:fb:3e:67:df:9b:db:64:e5:bb:9b:a8:
67:62:82:18:e9:7a:da:04:f2:6d:88:84:9d:37:9e:5b:3d:ed:
32:7b:94:0f:a6:ec:85:03:c7:17:14:f8:7b:77:20:07:f8:47:
d7:13:90:17:81:73:cb:ef:e4:f7:2a:3e:39:5e:bf:51:00:66:
5e:31:bb:a9:ae:8c:2b:8b:b1:8e:93:b8:35:ec:4a:7e:c2:9a:
75:99:93:db:d7:52:47:f6:37:da:e9:ed:bf:78:5b:48:a5:6f:
58:df:8e:aa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2sTgT2XzM2a3AnpYQAaqnPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDIwMTkxMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjU4NGFlZGI0ZTE5ZjFiMjQ1NGFhMGI3MWVmMmM5YzE4YTkyOTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXIwed8f2WkhPjfB+w9GK0/I1CFg
J+7CNQ3BhVxNhEBdrA6LwmxXH0s/Xr5onAVKAtg7wmOx3/UmzDUmS4rqYKQBrHUc
PSLmQFwuqNZsnake4gjJSJr/FQpabnY+hvGcJhZRljNOTcYSq8tKC4Q7DmG8hkBe
TiA+0eNdhGB+urLfzOfWxSMVA3TWf9te95b+YyTr5jwMm67sfKlVWz745iPOyg3Y
jGL5IdEZeNJ4v8Ytvz8bcHr4z0ksVtNjhHHkbEeV1ZtMoCFyvKOciy29lZ+roXKi
Tvo3L4+BNyfVSWOaOa2NLi/Re4yVxbizMKsRM1JjhKtxNZtuC3toACj4XwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD9YSu204Z8bJFSqC3HvLJwYqSkiMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvUDFoSzdiVGhueHNrVktvTGNlOHNuQmlwS1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBAhpKAwQA
AhsFAwQAkB/sAwQAlvFRMA0GCSqGSIb3DQEBCwUAA4IBAQA9fkrQLMeuJMRAsByo
NITbha06Z2RK8zj2JFEIKs/6gjcv6JXW3+15OH+p7Wd6yAa2o5KhMdYiNNM2DgI0
7sI4koQB5o7ss/a/M4kFX8A0oL9stMQ14gPox5XobgXzEjNrFj6KizMRnY9ErIjW
QLLoGDq+mZMX/pKsbrORcUT/Uk2h2FPWwnWZAT1okzS5tThCAyypdT1V+z5n35vb
ZOW7m6hnYoIY6XraBPJtiISdN55bPe0ye5QPpuyFA8cXFPh7dyAH+EfXE5AXgXPL
7+T3Kj45Xr9RAGZeMbuprowri7GOk7g17Ep+wpp1mZPb11JH9jfa6e2/eFtIpW9Y
346q
-----END CERTIFICATE-----
Generated at Tue May 5 16:51:21 2026 by rpki-client