Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/bG_AhnvaHW8DR-hRSaXiBu7FRTA.roa
File: bG_AhnvaHW8DR-hRSaXiBu7FRTA.roa (raw, json)
Hash identifier: vK5vZtergze/XQyRsu9Vnt29ooEXwBAVYUfz9VTN6KA=
Subject key identifier: 6C:6F:C0:86:7B:DA:1D:6F:03:47:E8:51:49:A5:E2:06:EE:C5:45:30
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019E278E2AC0CD71C393A52F2A02BDFBF4A3
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/bG_AhnvaHW8DR-hRSaXiBu7FRTA.roa
Signing time: Thu 14 May 2026 17:34:48 +0000
ROA not before: Thu 14 May 2026 17:34:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 2.26.152.0/24 maxlen: 24
2.26.163.0/24 maxlen: 24
2.26.172.0/24 maxlen: 24
2.26.192.0/21 maxlen: 24
2.26.224.0/22 maxlen: 24
2.26.228.0/22 maxlen: 24
2.27.126.0/24 maxlen: 24
2.27.140.0/23 maxlen: 24
2.27.152.0/24 maxlen: 24
2.27.168.0/24 maxlen: 24
144.31.145.0/24 maxlen: 24
144.31.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 May 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:27:8e:2a:c0:cd:71:c3:93:a5:2f:2a:02:bd:fb:f4:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 14 17:34:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6c6fc0867bda1d6f0347e85149a5e206eec54530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9a:9c:8f:38:81:b5:1d:46:2a:b3:6c:c5:c8:
30:e8:f2:9a:18:06:43:a2:54:65:13:02:dc:c9:c9:
4a:dc:3f:2a:ef:e0:85:8c:f9:c7:88:25:48:26:9c:
22:fa:a3:bf:6d:c0:7d:e4:32:5d:4b:84:e3:05:c6:
91:47:28:26:bb:b8:10:98:2f:c7:f5:19:1d:c2:ef:
03:aa:cc:4f:dc:2c:f8:c3:66:ee:26:71:c7:94:c9:
04:56:d3:95:2a:9f:49:2a:2a:99:a9:01:ab:86:82:
5b:cf:a3:74:b4:ff:7b:be:3d:22:a7:72:a9:95:0a:
42:da:83:19:34:57:8a:a8:12:db:08:db:e9:27:51:
b0:d9:52:0a:65:ee:61:fb:09:bb:03:02:53:ac:3b:
c9:43:ef:a6:c4:ba:66:a8:35:ff:89:83:7a:84:dc:
18:69:88:b5:3c:61:52:e7:db:45:4e:fd:4b:cc:7b:
b9:c5:8b:5d:22:8a:50:a1:47:68:e0:91:81:be:37:
07:0e:8c:12:2b:7d:11:27:80:7c:88:b4:d9:cf:1b:
1f:37:4f:5c:78:53:1a:46:eb:dc:cb:e2:83:35:6c:
46:b6:f5:ea:2d:cc:33:aa:29:ab:48:4d:32:33:3f:
69:43:65:97:7a:14:01:7f:40:79:2c:04:e5:27:d1:
21:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:6F:C0:86:7B:DA:1D:6F:03:47:E8:51:49:A5:E2:06:EE:C5:45:30
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/bG_AhnvaHW8DR-hRSaXiBu7FRTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.152.0/24
2.26.163.0/24
2.26.172.0/24
2.26.192.0/21
2.26.224.0/21
2.27.126.0/24
2.27.140.0/23
2.27.152.0/24
2.27.168.0/24
144.31.145.0-144.31.146.255
Signature Algorithm: sha256WithRSAEncryption
1e:4b:e9:e4:fe:d7:58:e1:80:ed:e8:eb:48:d8:3d:9a:fc:10:
66:2e:cd:f4:b5:3b:9e:99:f4:f0:54:3d:e1:9c:8e:66:9a:1c:
89:21:1f:ad:51:a1:84:c4:88:08:5d:c4:ed:4b:4c:e7:a2:e8:
b2:53:b0:3e:78:45:e8:15:f3:c9:00:f6:c2:48:b9:40:b1:0d:
a5:b5:a1:ac:11:8e:20:41:87:fd:17:53:48:3d:61:48:2c:2e:
65:9d:7e:58:18:2c:7e:1b:94:99:24:62:b5:a0:6d:36:43:53:
81:26:08:8b:23:ba:b8:ac:18:2f:49:c3:1a:58:9b:87:d3:b2:
74:ba:b7:a9:d7:0b:88:1a:a0:4e:96:37:f4:c4:d7:a6:df:dd:
10:8d:af:d8:9e:ab:50:8a:ab:3c:7a:6e:f7:6d:53:ca:a5:30:
6c:3a:58:ea:29:f9:29:d7:f4:fc:ed:30:e9:cf:5b:b9:d3:9c:
4a:41:da:ef:0a:18:fc:e8:45:b5:99:fd:f7:29:0b:96:55:90:
5f:cc:1d:e2:1b:a2:cd:c5:12:d3:1b:3a:11:97:25:f0:36:62:
ed:84:44:f5:6b:99:7e:34:7c:45:46:a0:3b:97:d7:20:42:eb:
9d:88:66:16:47:cd:3d:19:64:37:7e:97:28:fb:68:0d:98:90:
e6:ee:84:14
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZ4njirAzXHDk6UvKgK9+/SjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNTE0MTczNDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzZmYzA4NjdiZGExZDZmMDM0N2U4NTE0OWE1ZTIwNmVlYzU0NTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pqcjziBtR1GKrNsxcgw6PKaGAZD
olRlEwLcyclK3D8q7+CFjPnHiCVIJpwi+qO/bcB95DJdS4TjBcaRRygmu7gQmC/H
9Rkdwu8DqsxP3Cz4w2buJnHHlMkEVtOVKp9JKiqZqQGrhoJbz6N0tP97vj0ip3Kp
lQpC2oMZNFeKqBLbCNvpJ1Gw2VIKZe5h+wm7AwJTrDvJQ++mxLpmqDX/iYN6hNwY
aYi1PGFS59tFTv1LzHu5xYtdIopQoUdo4JGBvjcHDowSK30RJ4B8iLTZzxsfN09c
eFMaRuvcy+KDNWxGtvXqLcwzqimrSE0yMz9pQ2WXehQBf0B5LATlJ9Eh/QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFGxvwIZ72h1vA0foUUml4gbuxUUwMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvYkdfQWhudmFIVzhEUi1oUlNhWGlCdTdGUlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAAhqYAwQA
AhqjAwQAAhqsAwQDAhrAAwQDAhrgAwQAAht+AwQBAhuMAwQAAhuYAwQAAhuoMAwD
BACQH5EDBACQH5IwDQYJKoZIhvcNAQELBQADggEBAB5L6eT+11jhgO3o60jYPZr8
EGYuzfS1O56Z9PBUPeGcjmaaHIkhH61RoYTEiAhdxO1LTOei6LJTsD54RegV88kA
9sJIuUCxDaW1oawRjiBBh/0XU0g9YUgsLmWdflgYLH4blJkkYrWgbTZDU4EmCIsj
urisGC9JwxpYm4fTsnS6t6nXC4gaoE6WN/TE16bf3RCNr9ieq1CKqzx6bvdtU8ql
MGw6WOop+SnX9PztMOnPW7nTnEpB2u8KGPzoRbWZ/fcpC5ZVkF/MHeIbos3FEtMb
OhGXJfA2Yu2ERPVrmX40fEVGoDuX1yBC652IZhZHzT0ZZDd+lyj7aA2YkObuhBQ=
-----END CERTIFICATE-----
Generated at Fri May 15 08:17:41 2026 by rpki-client