Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/VurAPwnJjQTaD1Su29k5EqSN1JU.roa
File: VurAPwnJjQTaD1Su29k5EqSN1JU.roa (raw, json)
Hash identifier: 4x4QxIg156tfJDWpKuGckPbyabWEofQvnW9JQE/mhxg=
Subject key identifier: 56:EA:C0:3F:09:C9:8D:04:DA:0F:54:AE:DB:D9:39:12:A4:8D:D4:95
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019CF575E436F521CE88E5F29D0F0EB1DF58
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/VurAPwnJjQTaD1Su29k5EqSN1JU.roa
Signing time: Mon 16 Mar 2026 07:04:29 +0000
ROA not before: Mon 16 Mar 2026 07:04:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199785
IP address blocks: 2.27.48.0/23 maxlen: 24
2.27.50.0/23 maxlen: 24
37.46.16.0/24 maxlen: 24
37.46.17.0/24 maxlen: 24
37.46.18.0/24 maxlen: 24
37.46.19.0/24 maxlen: 24
64.188.72.0/24 maxlen: 24
64.188.99.0/24 maxlen: 24
77.239.106.0/24 maxlen: 24
144.31.80.0/23 maxlen: 24
144.31.132.0/23 maxlen: 24
144.31.184.0/23 maxlen: 24
144.31.194.0/23 maxlen: 24
150.241.76.0/23 maxlen: 24
150.241.113.0/24 maxlen: 24
150.241.114.0/24 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f5:75:e4:36:f5:21:ce:88:e5:f2:9d:0f:0e:b1:df:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Mar 16 07:04:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=56eac03f09c98d04da0f54aedbd93912a48dd495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:90:e0:9f:2a:b2:f3:c3:60:2a:1b:28:6e:2f:
11:cb:6f:93:7b:46:5a:44:2d:8f:69:c9:b4:67:6d:
d6:10:eb:60:2a:a7:be:04:c3:64:eb:93:fe:48:13:
c7:33:46:76:6b:fb:86:fd:8e:69:83:c2:c7:0f:60:
d2:91:9a:57:2a:1d:85:24:5f:98:fa:5c:6a:d2:7d:
56:33:9c:36:a2:61:93:a0:26:87:d8:53:01:85:ef:
bd:c6:63:fb:db:ea:af:cf:2d:d5:50:f8:9f:b9:50:
f8:1f:76:a5:ac:15:6a:8d:00:73:25:60:32:03:d1:
eb:5b:66:8b:3c:e4:e4:87:af:43:3b:24:86:3f:30:
ef:d9:9c:60:58:81:c9:9f:26:24:61:e8:ab:f2:30:
2f:c4:18:2b:44:aa:99:a4:f0:a3:94:7f:f9:f8:3d:
93:fa:c3:bb:f5:9d:ee:83:5f:d6:6d:97:56:07:36:
78:a4:76:be:22:76:58:61:d3:f6:88:20:60:7e:06:
15:e5:3b:69:75:3c:95:f3:d5:5d:91:b0:79:6f:3d:
92:88:60:a4:ff:b5:92:53:ea:61:32:8d:b1:b4:df:
d3:e6:d1:ab:b4:8e:1e:89:8f:d5:00:14:8d:aa:4c:
30:52:4c:fa:5e:f7:14:47:ea:8a:5a:92:ee:cf:78:
ca:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:EA:C0:3F:09:C9:8D:04:DA:0F:54:AE:DB:D9:39:12:A4:8D:D4:95
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/VurAPwnJjQTaD1Su29k5EqSN1JU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.48.0/22
37.46.16.0/22
64.188.72.0/24
64.188.99.0/24
77.239.106.0/24
144.31.80.0/23
144.31.132.0/23
144.31.184.0/23
144.31.194.0/23
150.241.76.0/23
150.241.113.0-150.241.116.255
Signature Algorithm: sha256WithRSAEncryption
b6:7f:6c:81:51:bc:46:b8:dc:a6:3c:7d:21:a9:70:69:31:ae:
e9:86:0e:19:33:5b:cf:54:13:2c:a8:d1:07:a4:5f:21:bc:23:
2e:ec:f7:dc:7f:03:9e:c9:1b:b4:86:1c:07:e6:67:2d:3d:c5:
94:f6:1c:e1:7a:9b:d7:4e:fa:d4:95:9d:ee:c8:02:54:01:95:
fc:d1:63:15:62:ac:3a:06:eb:89:c7:37:6c:13:b5:cd:1a:1a:
6f:09:10:ca:fb:68:16:64:e8:c5:68:e4:9b:ba:e7:6f:eb:5c:
8d:dd:76:7b:b1:e8:7a:f8:e1:ea:a4:02:c0:a0:d8:19:ab:fa:
21:b9:ba:0a:de:87:4b:75:63:fe:4a:cf:c1:79:8f:11:41:89:
eb:cf:b7:5e:c2:d5:41:ff:05:c7:84:7c:d0:13:fc:55:4a:fc:
4e:03:e2:fb:6f:e4:21:da:f6:44:a4:69:8b:31:ff:73:bd:fb:
ec:b6:0b:3b:41:4a:69:8e:86:17:95:aa:b3:69:07:f6:ca:b3:
d8:c3:e1:5b:1b:cc:43:c2:a2:c6:7e:49:bd:2c:94:82:f4:ac:
4d:82:c4:e7:2f:2f:76:90:30:f5:61:28:62:1c:ff:36:fb:1a:
3a:27:98:02:e3:0b:d5:22:3a:20:bb:6e:34:41:0a:7e:b7:f3:
3e:83:a5:d1
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZz1deQ29SHOiOXynQ8Osd9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMzE2MDcwNDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmVhYzAzZjA5Yzk4ZDA0ZGEwZjU0YWVkYmQ5MzkxMmE0OGRkNDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZDgnyqy88NgKhsobi8Ry2+Te0Za
RC2Pacm0Z23WEOtgKqe+BMNk65P+SBPHM0Z2a/uG/Y5pg8LHD2DSkZpXKh2FJF+Y
+lxq0n1WM5w2omGToCaH2FMBhe+9xmP72+qvzy3VUPifuVD4H3alrBVqjQBzJWAy
A9HrW2aLPOTkh69DOySGPzDv2ZxgWIHJnyYkYeir8jAvxBgrRKqZpPCjlH/5+D2T
+sO79Z3ug1/WbZdWBzZ4pHa+InZYYdP2iCBgfgYV5TtpdTyV89VdkbB5bz2SiGCk
/7WSU+phMo2xtN/T5tGrtI4eiY/VABSNqkwwUkz6XvcUR+qKWpLuz3jKvwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFFbqwD8JyY0E2g9UrtvZORKkjdSVMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvVnVyQVB3bkpqUVRhRDFTdTI5azVFcVNOMUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQCAhswAwQC
JS4QAwQAQLxIAwQAQLxjAwQATe9qAwQBkB9QAwQBkB+EAwQBkB+4AwQBkB/CAwQB
lvFMMAwDBACW8XEDBACW8XQwDQYJKoZIhvcNAQELBQADggEBALZ/bIFRvEa43KY8
fSGpcGkxrumGDhkzW89UEyyo0QekXyG8Iy7s99x/A57JG7SGHAfmZy09xZT2HOF6
m9dO+tSVne7IAlQBlfzRYxVirDoG64nHN2wTtc0aGm8JEMr7aBZk6MVo5Ju652/r
XI3ddnux6Hr44eqkAsCg2Bmr+iG5ugreh0t1Y/5Kz8F5jxFBievPt17C1UH/BceE
fNAT/FVK/E4D4vtv5CHa9kSkaYsx/3O9++y2CztBSmmOhheVqrNpB/bKs9jD4Vsb
zEPCosZ+Sb0slIL0rE2CxOcvL3aQMPVhKGIc/zb7GjonmALjC9UiOiC7bjRBCn63
8z6DpdE=
-----END CERTIFICATE-----
Generated at Sat Mar 21 14:36:25 2026 by rpki-client