Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/ejBvJUX1gUY-5VvHWH0shL0WlsM.roa
File: ejBvJUX1gUY-5VvHWH0shL0WlsM.roa (raw, json)
Hash identifier: /n3byFfhHoXQfPb/ySFSISfG0+bVICF8Hh3rU2Ckmzs=
Subject key identifier: 7A:30:6F:25:45:F5:81:46:3E:E5:5B:C7:58:7D:2C:84:BD:16:96:C3
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D06F93AD025A0F3734CA2D59A10EDB726
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/ejBvJUX1gUY-5VvHWH0shL0WlsM.roa
Signing time: Thu 19 Mar 2026 16:41:29 +0000
ROA not before: Thu 19 Mar 2026 16:41:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215439
IP address blocks: 2.27.40.0/24 maxlen: 24
2.27.41.0/24 maxlen: 24
2.27.42.0/24 maxlen: 24
2.27.43.0/24 maxlen: 24
64.188.64.0/22 maxlen: 24
77.239.125.0/24 maxlen: 24
144.31.14.0/24 maxlen: 24
144.31.30.0/24 maxlen: 24
144.31.47.0/24 maxlen: 24
144.31.54.0/24 maxlen: 24
144.31.95.0/24 maxlen: 24
144.31.147.0/24 maxlen: 24
144.31.156.0/24 maxlen: 24
144.31.157.0/24 maxlen: 24
144.31.158.0/24 maxlen: 24
144.31.164.0/22 maxlen: 24
144.31.203.0/24 maxlen: 24
144.31.207.0/24 maxlen: 24
144.31.212.0/24 maxlen: 24
144.31.224.0/24 maxlen: 24
144.31.230.0/24 maxlen: 24
144.31.234.0/23 maxlen: 24
150.241.70.0/24 maxlen: 24
150.241.71.0/24 maxlen: 24
150.241.94.0/24 maxlen: 24
193.23.194.0/24 maxlen: 24
193.23.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:f9:3a:d0:25:a0:f3:73:4c:a2:d5:9a:10:ed:b7:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Mar 19 16:41:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7a306f2545f581463ee55bc7587d2c84bd1696c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ef:9e:4d:05:9e:a6:1f:c3:bf:35:5d:d3:ee:
ca:fa:a1:79:d4:d7:63:c0:f5:05:46:b6:d0:f5:a2:
14:be:ae:c2:a9:46:a2:66:bc:23:f7:82:4b:4e:87:
4d:f2:e1:07:67:f4:6d:67:71:39:f1:10:e9:2a:d6:
3f:64:98:a8:72:16:4f:65:e3:9a:b3:c4:5b:b9:93:
1a:64:5f:4c:7e:b3:bc:80:0e:3d:95:bf:78:ff:0d:
0c:6d:cc:4d:cb:76:8b:86:a8:59:a7:0d:63:46:22:
fd:72:d4:ef:5c:bd:93:70:70:1f:06:79:b0:2e:cb:
55:31:65:7b:64:d3:70:6e:eb:78:b7:f3:51:8f:4e:
2c:f9:12:d6:e9:52:ba:ea:d8:de:76:b7:3f:9f:c4:
ce:1f:2c:c8:1d:0d:23:0d:88:8f:42:b3:e3:6c:5a:
3f:ec:1e:54:0b:28:0c:4d:3d:13:e7:84:a0:70:37:
3d:cf:35:4f:9d:45:9f:e2:34:46:d4:56:72:0d:c3:
59:0d:86:aa:06:19:38:c7:de:72:96:69:4e:8d:5e:
4a:64:2b:9c:96:51:6a:a7:f6:93:f5:a5:a9:12:56:
28:47:ff:3c:f3:b5:f2:dc:d8:9e:37:60:6d:f7:c6:
ce:bb:2f:1a:f0:d5:0c:af:e9:65:8e:4a:f3:da:d5:
a2:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:30:6F:25:45:F5:81:46:3E:E5:5B:C7:58:7D:2C:84:BD:16:96:C3
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/ejBvJUX1gUY-5VvHWH0shL0WlsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.40.0/22
64.188.64.0/22
77.239.125.0/24
144.31.14.0/24
144.31.30.0/24
144.31.47.0/24
144.31.54.0/24
144.31.95.0/24
144.31.147.0/24
144.31.156.0-144.31.158.255
144.31.164.0/22
144.31.203.0/24
144.31.207.0/24
144.31.212.0/24
144.31.224.0/24
144.31.230.0/24
144.31.234.0/23
150.241.70.0/23
150.241.94.0/24
193.23.194.0/24
193.23.201.0/24
Signature Algorithm: sha256WithRSAEncryption
39:55:30:71:c7:c6:11:89:08:3b:53:82:6b:15:27:e1:e7:99:
03:84:c2:0e:9b:1f:ab:59:f6:a1:97:08:8e:c1:6b:71:93:cf:
fd:66:3a:e1:1e:ff:4a:3a:2f:d1:5b:8b:96:7d:19:a6:d6:02:
f0:8b:d7:30:56:2a:b3:00:d2:c4:10:fb:e3:f5:ee:24:a7:0a:
0f:57:a3:6e:04:63:02:87:7f:26:33:33:3e:35:d2:67:79:31:
da:26:96:8c:8a:60:88:3d:71:41:3b:aa:66:c3:2b:42:78:09:
9b:d3:e9:41:af:d1:c5:a0:a1:47:f5:5a:9f:07:8b:de:de:ab:
a5:1a:74:5b:f7:03:48:fe:24:50:50:ce:d3:9b:8b:a3:69:bc:
38:5c:8d:f8:27:7e:94:8b:19:16:82:fb:dd:d3:20:3d:e1:a3:
bf:25:30:15:d3:b9:dd:81:67:d1:57:7d:ab:c0:e8:97:34:c9:
4c:5f:9c:6f:e8:ff:96:5e:41:1b:e3:f5:e8:3e:31:cd:c1:7c:
60:4c:d4:a0:02:aa:70:4b:00:f0:41:10:69:13:04:55:f0:b0:
c8:66:76:e3:0c:98:ef:75:5e:5b:60:78:1d:87:cc:e8:85:66:
22:bb:46:2d:ac:7b:d6:f5:99:f9:41:ec:71:80:9f:40:d3:02:
ef:1d:f1:dc
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZ0G+TrQJaDzc0yi1ZoQ7bcmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMzE5MTY0MTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTMwNmYyNTQ1ZjU4MTQ2M2VlNTViYzc1ODdkMmM4NGJkMTY5NmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO+eTQWeph/DvzVd0+7K+qF51Ndj
wPUFRrbQ9aIUvq7CqUaiZrwj94JLTodN8uEHZ/RtZ3E58RDpKtY/ZJiochZPZeOa
s8RbuZMaZF9MfrO8gA49lb94/w0MbcxNy3aLhqhZpw1jRiL9ctTvXL2TcHAfBnmw
LstVMWV7ZNNwbut4t/NRj04s+RLW6VK66tjedrc/n8TOHyzIHQ0jDYiPQrPjbFo/
7B5UCygMTT0T54SgcDc9zzVPnUWf4jRG1FZyDcNZDYaqBhk4x95ylmlOjV5KZCuc
llFqp/aT9aWpElYoR/8887Xy3NieN2Bt98bOuy8a8NUMr+lljkrz2tWiwQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFHowbyVF9YFGPuVbx1h9LIS9FpbDMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvZWpCdkpVWDFnVVktNVZ2SFdIMHNoTDBXbHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAIC
GygDBAJAvEADBABN730DBACQHw4DBACQHx4DBACQHy8DBACQHzYDBACQH18DBACQ
H5MwDAMEApAfnAMEAJAfngMEApAfpAMEAJAfywMEAJAfzwMEAJAf1AMEAJAf4AME
AJAf5gMEAZAf6gMEAZbxRgMEAJbxXgMEAMEXwgMEAMEXyTANBgkqhkiG9w0BAQsF
AAOCAQEAOVUwccfGEYkIO1OCaxUn4eeZA4TCDpsfq1n2oZcIjsFrcZPP/WY64R7/
Sjov0VuLln0ZptYC8IvXMFYqswDSxBD74/XuJKcKD1ejbgRjAod/JjMzPjXSZ3kx
2iaWjIpgiD1xQTuqZsMrQngJm9PpQa/RxaChR/VanweL3t6rpRp0W/cDSP4kUFDO
05uLo2m8OFyN+Cd+lIsZFoL73dMgPeGjvyUwFdO53YFn0Vd9q8DolzTJTF+cb+j/
ll5BG+P16D4xzcF8YEzUoAKqcEsA8EEQaRMEVfCwyGZ24wyY73VeW2B4HYfM6IVm
IrtGLax71vWZ+UHscYCfQNMC7x3x3A==
-----END CERTIFICATE-----
Generated at Sat Mar 21 14:36:27 2026 by rpki-client