Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/XeQ7JURMuoIH-rnP2J1DtbQiSGA.roa
File: XeQ7JURMuoIH-rnP2J1DtbQiSGA.roa (raw, json)
Hash identifier: Cjg9MI7aGaQ5pt8ocobYQt68lp7K9WWPyGo905ZkYwA=
Subject key identifier: 5D:E4:3B:25:44:4C:BA:82:07:FA:B9:CF:D8:9D:43:B5:B4:22:48:60
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019E844225E14A70E83B7E52B51E79E4289B
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/XeQ7JURMuoIH-rnP2J1DtbQiSGA.roa
Signing time: Mon 01 Jun 2026 17:36:27 +0000
ROA not before: Mon 01 Jun 2026 17:36:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 2.26.152.0/24 maxlen: 24
2.26.163.0/24 maxlen: 24
2.26.169.0/24 maxlen: 24
2.26.173.0/24 maxlen: 24
2.26.192.0/21 maxlen: 24
2.26.224.0/22 maxlen: 24
2.27.98.0/24 maxlen: 24
2.27.152.0/24 maxlen: 24
2.27.154.0/24 maxlen: 24
2.27.155.0/24 maxlen: 24
2.27.214.0/23 maxlen: 24
2.27.241.0/24 maxlen: 24
2.27.243.0/24 maxlen: 24
2.27.244.0/24 maxlen: 24
2.27.252.0/24 maxlen: 24
31.77.97.0/24 maxlen: 24
31.77.98.0/24 maxlen: 24
31.77.99.0/24 maxlen: 24
31.77.104.0/24 maxlen: 24
31.77.105.0/24 maxlen: 24
31.77.109.0/24 maxlen: 24
31.77.119.0/24 maxlen: 24
31.77.120.0/24 maxlen: 24
31.77.121.0/24 maxlen: 24
31.77.122.0/24 maxlen: 24
31.77.125.0/24 maxlen: 24
31.77.144.0/22 maxlen: 24
31.77.148.0/22 maxlen: 24
31.77.152.0/22 maxlen: 24
31.77.180.0/23 maxlen: 24
31.77.190.0/23 maxlen: 24
31.77.202.0/23 maxlen: 24
31.77.204.0/23 maxlen: 24
31.77.206.0/23 maxlen: 24
31.77.217.0/24 maxlen: 24
31.77.229.0/24 maxlen: 24
31.77.231.0/24 maxlen: 24
31.77.233.0/24 maxlen: 24
31.77.234.0/24 maxlen: 24
31.77.235.0/24 maxlen: 24
31.77.248.0/24 maxlen: 24
31.77.250.0/24 maxlen: 24
31.77.251.0/24 maxlen: 24
144.31.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:84:42:25:e1:4a:70:e8:3b:7e:52:b5:1e:79:e4:28:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 1 17:36:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5de43b25444cba8207fab9cfd89d43b5b4224860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ba:57:04:49:80:db:b2:c4:a0:b2:52:ca:42:
7a:57:cb:2f:82:26:a1:60:38:94:a6:d0:a9:5e:5e:
d3:a0:52:48:e0:a4:c1:1d:71:f6:94:a1:48:3b:d5:
0a:31:f9:c8:c2:9d:34:d0:32:ed:30:17:8e:b2:b9:
7c:c1:3c:96:0b:28:0b:3c:5b:13:28:36:98:31:fb:
13:b3:4a:d6:c8:2f:e2:3c:90:07:bc:84:25:25:03:
ca:1e:d5:d7:83:6b:89:84:21:e7:51:fe:72:8f:69:
b5:1a:94:cc:be:a4:f8:d4:cb:ff:0c:e3:7c:b2:4e:
09:ea:e6:46:10:32:09:b5:d0:35:db:85:c6:fe:4f:
dc:37:79:fb:cf:78:69:4b:4c:73:bc:d3:ce:59:68:
46:44:51:64:96:1e:17:7d:ce:40:84:09:be:20:1e:
6b:e3:16:f3:bc:6b:e8:15:c2:cb:47:1f:eb:90:7d:
89:eb:59:0f:91:77:d9:b4:d5:46:b9:52:69:f1:55:
eb:0d:53:bf:1f:c0:5c:7c:07:b7:66:24:f3:08:7e:
d0:8b:33:15:c6:5e:fb:62:f4:e7:e9:f8:26:19:4f:
6a:eb:bf:05:6c:34:ad:0b:d7:21:d5:11:7a:a7:47:
17:6c:e1:44:b5:f4:c8:7b:b5:94:0f:4b:bb:83:67:
d6:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E4:3B:25:44:4C:BA:82:07:FA:B9:CF:D8:9D:43:B5:B4:22:48:60
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/XeQ7JURMuoIH-rnP2J1DtbQiSGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.152.0/24
2.26.163.0/24
2.26.169.0/24
2.26.173.0/24
2.26.192.0/21
2.26.224.0/22
2.27.98.0/24
2.27.152.0/24
2.27.154.0/23
2.27.214.0/23
2.27.241.0/24
2.27.243.0-2.27.244.255
2.27.252.0/24
31.77.97.0-31.77.99.255
31.77.104.0/23
31.77.109.0/24
31.77.119.0-31.77.122.255
31.77.125.0/24
31.77.144.0-31.77.155.255
31.77.180.0/23
31.77.190.0/23
31.77.202.0-31.77.207.255
31.77.217.0/24
31.77.229.0/24
31.77.231.0/24
31.77.233.0-31.77.235.255
31.77.248.0/24
31.77.250.0/23
144.31.39.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:a2:d3:5f:2f:e7:d2:94:45:c4:4e:26:54:65:fd:45:1e:f6:
99:c4:20:b1:0e:3e:50:68:c8:44:2d:f5:3b:2b:28:09:56:31:
2a:f7:9e:77:a0:18:a7:08:89:36:98:0c:32:2b:64:3a:20:c6:
83:78:37:c1:2a:25:f0:bb:3a:84:b2:0f:e5:59:cb:8d:c0:03:
92:7e:00:36:b2:f9:32:f1:e9:a0:33:8a:78:88:84:28:64:6c:
89:f3:c2:a3:e4:2a:b8:63:76:d5:4e:67:ef:df:02:c2:9b:f6:
7c:3f:32:9b:c6:91:bc:c9:0b:53:23:54:bb:60:e6:eb:68:7b:
2a:57:bc:a8:d6:4f:1a:a1:39:46:f2:e4:6c:b8:21:21:0a:5a:
57:3e:54:df:67:2f:3d:7c:e5:b6:9d:32:96:99:80:a4:bd:8c:
98:df:a6:dd:ea:80:1c:3c:6a:a6:f2:cd:b8:af:c4:68:b5:28:
27:f9:7d:f5:e9:08:24:84:af:b2:28:c3:ae:b3:4d:ab:e0:ce:
60:b9:cf:0f:9e:dd:16:1b:83:e1:f6:e3:7b:28:08:2b:05:88:
11:5d:f2:5b:0c:12:30:37:6d:e3:ca:2e:ed:7d:8b:18:37:bc:
d1:9b:44:79:a4:9b:05:0d:5b:6e:b6:dd:0b:b2:9b:bc:f1:93:
b8:8a:bf:07
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZ6EQiXhSnDoO35StR555CibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjAxMTczNjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGU0M2IyNTQ0NGNiYTgyMDdmYWI5Y2ZkODlkNDNiNWI0MjI0ODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbpXBEmA27LEoLJSykJ6V8svgiah
YDiUptCpXl7ToFJI4KTBHXH2lKFIO9UKMfnIwp000DLtMBeOsrl8wTyWCygLPFsT
KDaYMfsTs0rWyC/iPJAHvIQlJQPKHtXXg2uJhCHnUf5yj2m1GpTMvqT41Mv/DON8
sk4J6uZGEDIJtdA124XG/k/cN3n7z3hpS0xzvNPOWWhGRFFklh4Xfc5AhAm+IB5r
4xbzvGvoFcLLRx/rkH2J61kPkXfZtNVGuVJp8VXrDVO/H8BcfAe3ZiTzCH7QizMV
xl77YvTn6fgmGU9q678FbDStC9ch1RF6p0cXbOFEtfTIe7WUD0u7g2fWVwIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFF3kOyVETLqCB/q5z9idQ7W0IkhgMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvWGVRN0pVUk11b0lILXJuUDJKMUR0YlFpU0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBAAC
GpgDBAACGqMDBAACGqkDBAACGq0DBAMCGsADBAICGuADBAACG2IDBAACG5gDBAEC
G5oDBAECG9YDBAACG/EwDAMEAAIb8wMEAAIb9AMEAAIb/DAMAwQAH01hAwQCH01g
AwQBH01oAwQAH01tMAwDBAAfTXcDBAAfTXoDBAAfTX0wDAMEBB9NkAMEAh9NmAME
AR9NtAMEAR9NvjAMAwQBH03KAwQEH03AAwQAH03ZAwQAH03lAwQAH03nMAwDBAAf
TekDBAIfTegDBAAfTfgDBAEfTfoDBACQHycwDQYJKoZIhvcNAQELBQADggEBAK6i
018v59KURcROJlRl/UUe9pnEILEOPlBoyEQt9TsrKAlWMSr3nnegGKcIiTaYDDIr
ZDogxoN4N8EqJfC7OoSyD+VZy43AA5J+ADay+TLx6aAziniIhChkbInzwqPkKrhj
dtVOZ+/fAsKb9nw/MpvGkbzJC1MjVLtg5utoeypXvKjWTxqhOUby5Gy4ISEKWlc+
VN9nLz185badMpaZgKS9jJjfpt3qgBw8aqbyzbivxGi1KCf5ffXpCCSEr7Iow66z
TavgzmC5zw+e3RYbg+H243soCCsFiBFd8lsMEjA3bePKLu19ixg3vNGbRHmkmwUN
W2623Quym7zxk7iKvwc=
-----END CERTIFICATE-----
Generated at Tue Jun 2 20:50:36 2026 by rpki-client