Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/blKC5RC916PLHGk856YtOaKc20Q.roa
File: blKC5RC916PLHGk856YtOaKc20Q.roa (raw, json)
Hash identifier: tb6Uw7rgnmS0sl0dibiQjPcCWOUcCbMqI3ktafDBPpc=
Subject key identifier: 6E:52:82:E5:10:BD:D7:A3:CB:1C:69:3C:E7:A6:2D:39:A2:9C:DB:44
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D695301F7E85E54F2F33B497324D51334
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/blKC5RC916PLHGk856YtOaKc20Q.roa
Signing time: Tue 07 Apr 2026 19:02:20 +0000
ROA not before: Tue 07 Apr 2026 19:02:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210734
IP address blocks: 2.26.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 Apr 2026 00:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:69:53:01:f7:e8:5e:54:f2:f3:3b:49:73:24:d5:13:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 7 19:02:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e5282e510bdd7a3cb1c693ce7a62d39a29cdb44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a7:01:c4:67:6a:c2:38:0b:ff:01:61:54:b4:
96:1c:2e:14:a7:ed:46:21:b3:27:c4:57:b7:0c:46:
56:3e:4f:28:44:e0:0b:36:27:3e:f8:c3:b7:d5:a9:
c6:a5:12:3b:59:80:5a:9a:de:e2:08:15:a3:a3:5a:
18:28:d2:2f:96:b9:c3:78:4d:a7:84:a9:6a:c8:c5:
4a:67:06:47:da:65:ae:26:87:8f:90:dc:7b:47:b2:
b9:ed:1e:35:ce:45:5b:49:66:96:30:d7:29:a3:95:
b9:9e:00:5e:1f:05:10:3c:ed:dc:ed:b6:94:5d:e0:
b6:8e:3d:0c:24:07:a9:82:40:d4:ca:60:ab:00:be:
f4:16:c7:05:56:39:b2:e6:66:76:d4:ec:cd:74:f3:
12:b0:72:eb:c9:7c:b7:d4:a9:15:70:3f:1e:82:f4:
5a:6b:c8:dc:ce:40:55:3f:61:36:f8:35:62:50:bb:
c6:89:1c:87:ef:4c:0f:b0:cb:a9:01:8d:dd:07:cf:
37:88:7a:47:21:74:95:ca:2b:93:aa:ae:fc:80:5a:
ac:f1:45:8a:14:56:9c:60:11:c7:97:18:50:c7:0e:
4a:48:19:2a:5d:ad:9c:d6:14:dc:87:3e:cf:91:a0:
17:16:f5:14:d0:5a:27:7e:b9:ca:da:39:a6:f8:ef:
99:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:52:82:E5:10:BD:D7:A3:CB:1C:69:3C:E7:A6:2D:39:A2:9C:DB:44
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/blKC5RC916PLHGk856YtOaKc20Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.143.0/24
Signature Algorithm: sha256WithRSAEncryption
68:e1:9b:fe:bf:97:64:42:38:c5:46:86:ca:1e:d6:fb:b7:28:
ee:e2:b6:78:2a:4b:d0:d4:33:6b:e6:4d:9c:38:c3:f4:04:4f:
0a:df:05:f4:f7:4f:c8:9a:d0:d7:82:eb:ee:bd:a1:95:6d:2f:
d7:94:0b:c5:81:47:84:24:c1:a8:c8:41:e7:5a:f4:83:a2:8b:
7b:42:ad:76:e6:19:c7:51:c5:db:d4:30:80:8f:d2:c5:41:bd:
ca:41:39:c6:40:b2:0b:0e:1e:d3:af:2c:65:97:7a:1a:ae:3a:
5e:8f:62:b9:07:53:75:b4:45:eb:4d:ea:ff:c5:96:aa:c2:3d:
f2:a6:d5:44:81:ab:c8:7a:82:93:be:be:b1:82:f0:52:d0:67:
8e:27:c5:c6:93:1d:81:51:9e:a0:6d:ab:d8:ae:37:a3:17:0f:
ef:c6:7d:96:0b:7c:87:01:9f:f5:1a:f1:7e:2f:c3:70:3c:d6:
2b:79:1b:6e:33:1d:50:db:5a:1f:26:38:28:32:b8:86:57:de:
2f:97:3a:95:ac:9b:38:e2:d5:02:f2:49:7a:42:c3:ac:07:0d:
4e:b2:23:af:a7:ec:90:90:ba:f3:32:3e:c9:9f:dc:eb:56:aa:
74:14:7c:9a:8f:f7:ea:9c:b5:89:9f:b6:f5:44:0c:33:03:d8:
d2:23:97:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1pUwH36F5U8vM7SXMk1RM0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDA3MTkwMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTUyODJlNTEwYmRkN2EzY2IxYzY5M2NlN2E2MmQzOWEyOWNkYjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKcBxGdqwjgL/wFhVLSWHC4Up+1G
IbMnxFe3DEZWPk8oROALNic++MO31anGpRI7WYBamt7iCBWjo1oYKNIvlrnDeE2n
hKlqyMVKZwZH2mWuJoePkNx7R7K57R41zkVbSWaWMNcpo5W5ngBeHwUQPO3c7baU
XeC2jj0MJAepgkDUymCrAL70FscFVjmy5mZ21OzNdPMSsHLryXy31KkVcD8egvRa
a8jczkBVP2E2+DViULvGiRyH70wPsMupAY3dB883iHpHIXSVyiuTqq78gFqs8UWK
FFacYBHHlxhQxw5KSBkqXa2c1hTchz7PkaAXFvUU0FonfrnK2jmm+O+ZqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5SguUQvdejyxxpPOemLTminNtEMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvYmxLQzVSQzkxNlBMSEdrODU2WXRPYUtjMjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAhqPMA0G
CSqGSIb3DQEBCwUAA4IBAQBo4Zv+v5dkQjjFRobKHtb7tyju4rZ4KkvQ1DNr5k2c
OMP0BE8K3wX090/ImtDXguvuvaGVbS/XlAvFgUeEJMGoyEHnWvSDoot7Qq125hnH
UcXb1DCAj9LFQb3KQTnGQLILDh7Tryxll3oarjpej2K5B1N1tEXrTer/xZaqwj3y
ptVEgavIeoKTvr6xgvBS0GeOJ8XGkx2BUZ6gbavYrjejFw/vxn2WC3yHAZ/1GvF+
L8NwPNYreRtuMx1Q21ofJjgoMriGV94vlzqVrJs44tUC8kl6QsOsBw1OsiOvp+yQ
kLrzMj7Jn9zrVqp0FHyaj/fqnLWJn7b1RAwzA9jSI5eK
-----END CERTIFICATE-----
Generated at Thu Apr 9 08:24:11 2026 by rpki-client