
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/YN9OYzSkCepF_ETTQMFxvchB9wY.roa
File: YN9OYzSkCepF_ETTQMFxvchB9wY.roa (raw, json)
Hash identifier: K170a/PgqwVw/zgLZBUHIhQ52+izWWuXMPT0VnomBtA=
Subject key identifier: 60:DF:4E:63:34:A4:09:EA:45:FC:44:D3:40:C1:71:BD:C8:41:F7:06
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019F14B385ECE083716C27A596C0EDDCF054
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/YN9OYzSkCepF_ETTQMFxvchB9wY.roa
Signing time: Mon 29 Jun 2026 18:45:37 +0000
ROA not before: Mon 29 Jun 2026 18:45:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 153259
IP address blocks: 2.26.152.0/24 maxlen: 24
2.27.152.0/24 maxlen: 24
13.143.108.0/23 maxlen: 24
13.143.112.0/23 maxlen: 24
13.143.120.0/24 maxlen: 24
13.143.123.0/24 maxlen: 24
13.143.125.0/24 maxlen: 24
13.143.127.0/24 maxlen: 24
31.77.231.0/24 maxlen: 24
31.77.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 20:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:14:b3:85:ec:e0:83:71:6c:27:a5:96:c0:ed:dc:f0:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 29 18:45:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=60df4e6334a409ea45fc44d340c171bdc841f706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:83:fc:6f:1d:6e:aa:51:68:2e:9d:b4:5a:5c:
a9:83:cd:b5:a4:d4:5a:33:45:5c:a3:89:60:f5:ba:
46:4d:c4:da:06:eb:a2:eb:2c:e6:f9:5a:7b:1b:d7:
b8:42:7f:5d:f9:c0:2f:3e:c6:f4:67:18:0c:0c:f6:
39:f3:5d:a3:24:09:67:bc:7a:3a:78:12:12:70:de:
3f:b6:77:10:cd:cb:07:43:7f:4b:8c:af:02:72:8f:
a7:10:94:02:75:a6:11:c8:63:ae:a6:a3:33:b2:aa:
16:9c:e7:03:f6:e2:15:1c:58:8a:33:1b:00:35:fd:
97:9b:32:83:9e:71:8f:9e:36:b1:05:fe:22:9f:dd:
66:b1:ad:b3:a5:19:05:33:52:70:88:18:f9:d3:1b:
d9:26:e6:50:7e:6a:b3:5d:bf:05:0e:bd:cf:56:53:
e8:c8:7f:c8:78:ce:00:a1:8a:83:a9:fa:26:b8:2b:
89:bc:cb:e1:4a:1e:e7:6d:84:d4:fb:52:3f:ca:5f:
e5:d6:c6:9d:bf:80:06:1f:55:a6:c1:79:fc:96:58:
c2:24:b0:bd:1a:a2:e2:db:74:2b:f3:81:02:5f:fe:
60:9c:45:28:c0:35:7e:e1:d7:5e:72:75:c1:f9:af:
48:d5:43:78:d7:91:4c:5d:93:7e:cd:df:ba:9e:6d:
a9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:DF:4E:63:34:A4:09:EA:45:FC:44:D3:40:C1:71:BD:C8:41:F7:06
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/YN9OYzSkCepF_ETTQMFxvchB9wY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.152.0/24
2.27.152.0/24
13.143.108.0/23
13.143.112.0/23
13.143.120.0/24
13.143.123.0/24
13.143.125.0/24
13.143.127.0/24
31.77.231.0/24
31.77.233.0/24
Signature Algorithm: sha256WithRSAEncryption
36:0a:5d:98:5a:2a:72:cf:06:4c:72:46:79:46:6d:2b:16:04:
dc:db:25:4b:00:09:8a:98:4d:4c:b4:e6:7d:61:f0:65:5c:33:
99:60:c5:e7:1f:9c:a8:bd:0c:27:40:a7:e6:6f:73:bc:3c:27:
90:8b:f1:15:b2:46:22:61:40:a6:1e:af:d2:39:1d:1f:2b:64:
f3:1e:7b:42:37:0e:35:d5:26:83:e5:eb:5e:ea:b6:e2:44:76:
05:ab:85:69:8a:c0:ef:6a:78:f6:17:77:b3:70:8f:db:9f:a5:
e9:01:ad:58:1e:25:9d:da:07:91:da:d3:d7:4f:16:fd:28:03:
2c:a3:d1:81:08:23:ad:6a:a7:7c:8c:34:2c:54:ba:9d:3c:9d:
24:86:40:2c:83:ec:7f:75:80:5f:46:42:68:5c:f9:b9:8b:e2:
2f:23:f7:31:9b:a0:37:2a:69:81:08:9f:da:d1:b1:e7:b2:ba:
22:02:e6:b8:e6:34:20:47:12:38:24:56:d2:32:58:00:0c:15:
a7:45:26:40:f9:2d:a8:1a:f3:ab:ca:ff:35:16:e6:12:20:9f:
af:bf:c4:19:3d:f8:c4:8e:d0:9a:4b:54:45:aa:8d:62:1e:21:
3a:ce:61:a7:08:15:5d:5b:49:b1:06:ec:c7:7a:0d:0a:81:b8:
6c:4f:3f:ed
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ8Us4Xs4INxbCellsDt3PBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjI5MTg0NTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGRmNGU2MzM0YTQwOWVhNDVmYzQ0ZDM0MGMxNzFiZGM4NDFmNzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4P8bx1uqlFoLp20Wlypg821pNRa
M0Vco4lg9bpGTcTaBuui6yzm+Vp7G9e4Qn9d+cAvPsb0ZxgMDPY5812jJAlnvHo6
eBIScN4/tncQzcsHQ39LjK8Cco+nEJQCdaYRyGOupqMzsqoWnOcD9uIVHFiKMxsA
Nf2XmzKDnnGPnjaxBf4in91msa2zpRkFM1JwiBj50xvZJuZQfmqzXb8FDr3PVlPo
yH/IeM4AoYqDqfomuCuJvMvhSh7nbYTU+1I/yl/l1sadv4AGH1WmwXn8lljCJLC9
GqLi23Qr84ECX/5gnEUowDV+4ddecnXB+a9I1UN415FMXZN+zd+6nm2puwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFGDfTmM0pAnqRfxE00DBcb3IQfcGMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvWU45T1l6U2tDZXBGX0VUVFFNRnh2Y2hCOXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAAhqYAwQA
AhuYAwQBDY9sAwQBDY9wAwQADY94AwQADY97AwQADY99AwQADY9/AwQAH03nAwQA
H03pMA0GCSqGSIb3DQEBCwUAA4IBAQA2Cl2YWipyzwZMckZ5Rm0rFgTc2yVLAAmK
mE1MtOZ9YfBlXDOZYMXnH5yovQwnQKfmb3O8PCeQi/EVskYiYUCmHq/SOR0fK2Tz
HntCNw411SaD5ete6rbiRHYFq4VpisDvanj2F3ezcI/bn6XpAa1YHiWd2geR2tPX
Txb9KAMso9GBCCOtaqd8jDQsVLqdPJ0khkAsg+x/dYBfRkJoXPm5i+IvI/cxm6A3
KmmBCJ/a0bHnsroiAua45jQgRxI4JFbSMlgADBWnRSZA+S2oGvOryv81FuYSIJ+v
v8QZPfjEjtCaS1RFqo1iHiE6zmGnCBVdW0mxBuzHeg0KgbhsTz/t
-----END CERTIFICATE-----
Generated at Wed Jul 1 01:34:32 2026 by rpki-client