Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/UkGPsxUIiOFrBllse6Mr14F-Mkk.roa
File: UkGPsxUIiOFrBllse6Mr14F-Mkk.roa (raw, json)
Hash identifier: nfrOOOpWla1vQevR5L4i2gyIbJiG4TgBxWlgFE8tL6Y=
Subject key identifier: 52:41:8F:B3:15:08:88:E1:6B:06:59:6C:7B:A3:2B:D7:81:7E:32:49
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D0C3764EA8606B0BFF8EC03D22199252B
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/UkGPsxUIiOFrBllse6Mr14F-Mkk.roa
Signing time: Fri 20 Mar 2026 17:07:30 +0000
ROA not before: Fri 20 Mar 2026 17:07:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215590
IP address blocks: 2.27.32.0/21 maxlen: 24
2.27.52.0/23 maxlen: 24
2.27.54.0/23 maxlen: 24
64.188.118.0/23 maxlen: 24
77.239.108.0/22 maxlen: 24
144.31.52.0/24 maxlen: 24
144.31.126.0/24 maxlen: 24
144.31.127.0/24 maxlen: 24
144.31.140.0/22 maxlen: 24
144.31.152.0/23 maxlen: 24
144.31.186.0/23 maxlen: 24
150.241.88.0/23 maxlen: 24
150.241.96.0/22 maxlen: 24
150.241.106.0/23 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0c:37:64:ea:86:06:b0:bf:f8:ec:03:d2:21:99:25:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Mar 20 17:07:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=52418fb3150888e16b06596c7ba32bd7817e3249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:be:51:48:63:87:d8:f9:8c:10:fe:db:70:de:
05:39:28:92:1f:eb:b4:0f:79:a7:b6:c7:27:63:d7:
49:27:c9:74:4f:1f:c8:02:2e:ca:3d:57:41:c6:a5:
a3:71:df:62:bb:25:68:88:8e:9f:18:e3:25:27:e9:
3c:68:c2:23:a1:1d:0a:b4:7a:32:c8:d5:68:88:bc:
40:5f:18:4d:d0:26:35:3d:c6:77:b3:08:c2:02:6a:
b1:55:4e:48:8d:81:17:6b:30:a3:7b:83:d4:d0:a1:
0c:64:da:8f:84:5b:19:38:db:c6:f8:a8:73:f2:8d:
74:d5:22:05:da:9c:d0:94:fe:50:cb:77:34:aa:f5:
6a:02:0a:8f:fa:05:32:3a:4d:52:a7:a0:40:44:92:
ef:8d:28:76:0f:8f:cb:6e:4d:15:44:05:63:ac:aa:
ad:be:bf:bb:02:ae:b6:65:06:a7:f3:9c:39:f3:09:
f4:05:b9:96:b6:d2:42:76:b1:97:63:75:dc:7b:85:
36:be:85:7f:3a:7b:77:56:c0:e6:e2:43:4a:69:32:
4d:7b:b5:a7:b4:bb:b0:aa:ed:cc:a7:06:94:63:24:
ec:a8:fa:31:5c:d4:71:f7:b2:41:db:7e:8f:37:84:
e0:c0:a1:d7:8a:8c:df:cf:c2:0c:2e:81:06:cf:d7:
b7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:41:8F:B3:15:08:88:E1:6B:06:59:6C:7B:A3:2B:D7:81:7E:32:49
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/UkGPsxUIiOFrBllse6Mr14F-Mkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.32.0/21
2.27.52.0/22
64.188.118.0/23
77.239.108.0/22
144.31.52.0/24
144.31.126.0/23
144.31.140.0/22
144.31.152.0/23
144.31.186.0/23
150.241.88.0/23
150.241.96.0/22
150.241.106.0/23
150.241.115.0-150.241.116.255
150.241.123.0/24
Signature Algorithm: sha256WithRSAEncryption
55:80:d2:f1:35:f1:79:4f:5d:82:5d:d3:9b:8f:f6:a3:8b:d7:
22:b1:a4:c0:de:92:fe:bf:7c:e2:13:a9:7f:4f:1e:07:d6:c8:
97:a8:4f:c0:63:ad:56:d3:c9:b5:5d:4a:99:58:15:89:7b:51:
cf:66:53:ad:ef:18:67:a0:a2:96:22:52:4a:b0:a3:23:50:79:
e8:24:67:59:57:af:75:8f:e9:55:94:58:8e:94:60:9c:03:21:
20:82:0e:2d:e7:76:8c:af:c7:9e:fa:ed:16:a5:03:b7:9d:94:
cd:35:75:e1:7f:69:fa:68:01:34:5d:21:45:db:c8:4c:ea:cf:
bc:a7:11:ae:1e:7f:09:64:82:3d:84:61:7b:ba:04:c5:af:65:
a0:e0:30:39:ed:5a:ed:fa:f6:c9:4d:f4:2d:56:f2:04:b1:0f:
ab:9e:58:6a:40:f6:6a:fc:3e:61:98:0f:d5:05:9c:0e:7d:17:
dd:f9:02:5d:44:0f:be:bc:24:e7:28:71:b9:ea:aa:96:31:50:
60:ea:a7:06:d0:89:ac:c3:9b:a4:fd:91:8d:50:96:cc:41:6d:
c0:3d:7d:e7:f4:69:d7:c9:88:98:f8:21:da:eb:4d:2c:cb:fb:
94:94:81:f4:91:bf:1b:10:d4:84:95:f9:3a:65:40:99:d7:95:
16:29:1f:36
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZ0MN2Tqhgawv/jsA9IhmSUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMzIwMTcwNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQxOGZiMzE1MDg4OGUxNmIwNjU5NmM3YmEzMmJkNzgxN2UzMjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6b5RSGOH2PmMEP7bcN4FOSiSH+u0
D3mntscnY9dJJ8l0Tx/IAi7KPVdBxqWjcd9iuyVoiI6fGOMlJ+k8aMIjoR0KtHoy
yNVoiLxAXxhN0CY1PcZ3swjCAmqxVU5IjYEXazCje4PU0KEMZNqPhFsZONvG+Khz
8o101SIF2pzQlP5Qy3c0qvVqAgqP+gUyOk1Sp6BARJLvjSh2D4/Lbk0VRAVjrKqt
vr+7Aq62ZQan85w58wn0BbmWttJCdrGXY3Xce4U2voV/Ont3VsDm4kNKaTJNe7Wn
tLuwqu3MpwaUYyTsqPoxXNRx97JB236PN4TgwKHXiozfz8IMLoEGz9e3IQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFFJBj7MVCIjhawZZbHujK9eBfjJJMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvVWtHUHN4VUlpT0ZyQmxsc2U2TXIxNEYtTWtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQDAhsgAwQC
Ahs0AwQBQLx2AwQCTe9sAwQAkB80AwQBkB9+AwQCkB+MAwQBkB+YAwQBkB+6AwQB
lvFYAwQClvFgAwQBlvFqMAwDBACW8XMDBACW8XQDBACW8XswDQYJKoZIhvcNAQEL
BQADggEBAFWA0vE18XlPXYJd05uP9qOL1yKxpMDekv6/fOITqX9PHgfWyJeoT8Bj
rVbTybVdSplYFYl7Uc9mU63vGGegopYiUkqwoyNQeegkZ1lXr3WP6VWUWI6UYJwD
ISCCDi3ndoyvx5767RalA7edlM01deF/afpoATRdIUXbyEzqz7ynEa4efwlkgj2E
YXu6BMWvZaDgMDntWu369slN9C1W8gSxD6ueWGpA9mr8PmGYD9UFnA59F935Al1E
D768JOcocbnqqpYxUGDqpwbQiazDm6T9kY1QlsxBbcA9fef0adfJiJj4IdrrTSzL
+5SUgfSRvxsQ1ISV+TplQJnXlRYpHzY=
-----END CERTIFICATE-----
Generated at Sat Mar 21 14:30:04 2026 by rpki-client