Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/hm052ZkYFBTB9SjI-aQBiDP06WI.roa
File: hm052ZkYFBTB9SjI-aQBiDP06WI.roa (raw, json)
Hash identifier: GvJDUT6DOPEerHwF0VqegUWDTN6OQKm2qr2NThoK958=
Subject key identifier: 86:6D:39:D9:99:18:14:14:C1:F5:28:C8:F9:A4:01:88:33:F4:E9:62
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019F1089D7DC2908DF5E4700BC1E3E1DF410
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/hm052ZkYFBTB9SjI-aQBiDP06WI.roa
Signing time: Sun 28 Jun 2026 23:21:36 +0000
ROA not before: Sun 28 Jun 2026 23:21:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 2.26.169.0/24 maxlen: 24
2.26.170.0/24 maxlen: 24
2.26.173.0/24 maxlen: 24
2.26.175.0/24 maxlen: 24
2.26.177.0/24 maxlen: 24
2.26.179.0/24 maxlen: 24
2.26.180.0/24 maxlen: 24
2.26.184.0/24 maxlen: 24
2.26.187.0/24 maxlen: 24
2.26.188.0/24 maxlen: 24
2.27.110.0/24 maxlen: 24
2.27.117.0/24 maxlen: 24
2.27.142.0/23 maxlen: 24
2.27.146.0/23 maxlen: 24
2.27.196.0/22 maxlen: 24
2.27.212.0/23 maxlen: 24
2.27.244.0/24 maxlen: 24
2.27.246.0/24 maxlen: 24
2.27.247.0/24 maxlen: 24
2.27.252.0/24 maxlen: 24
31.77.97.0/24 maxlen: 24
31.77.100.0/24 maxlen: 24
31.77.103.0/24 maxlen: 24
31.77.106.0/24 maxlen: 24
31.77.110.0/24 maxlen: 24
31.77.111.0/24 maxlen: 24
31.77.124.0/24 maxlen: 24
31.77.242.0/24 maxlen: 24
31.77.247.0/24 maxlen: 24
31.77.248.0/24 maxlen: 24
31.77.249.0/24 maxlen: 24
31.77.250.0/24 maxlen: 24
31.77.251.0/24 maxlen: 24
144.31.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:10:89:d7:dc:29:08:df:5e:47:00:bc:1e:3e:1d:f4:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 28 23:21:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=866d39d999181414c1f528c8f9a4018833f4e962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e5:a2:93:1c:f8:7c:3c:7f:5c:21:4a:6d:7d:
26:67:a8:f8:2a:7a:a9:3b:a5:61:0a:a5:a9:00:63:
73:26:a8:84:27:d8:5c:14:a6:5e:82:68:96:e7:5d:
2b:92:6b:5d:d8:5d:61:a0:29:99:1b:9c:4e:4b:1f:
b1:bf:46:44:26:7d:b2:ec:e1:1b:07:15:93:c8:e8:
e0:52:a7:25:47:e9:96:2f:a2:0b:7b:78:8b:f5:ca:
d3:eb:2b:48:14:7a:c0:51:60:c2:4a:d5:5e:c5:2e:
37:ee:63:e7:e1:b6:bd:e9:b8:23:5f:d0:1d:3e:a5:
00:cb:ae:e8:94:b5:4b:80:8f:39:14:55:47:1c:95:
e5:4e:67:26:1c:4d:80:1a:07:ac:f6:88:d8:91:75:
d3:06:7c:ef:7f:cc:c7:8f:2e:2c:3d:a1:a2:ec:94:
bd:cc:8b:e0:ae:ee:ab:17:5f:de:77:e8:a0:e7:7d:
67:da:2c:2e:c1:a2:b8:80:a6:b8:95:4c:c0:9e:8f:
90:f5:5d:73:05:0a:18:69:e5:2c:92:4f:e6:f2:36:
7a:ec:08:09:cd:94:1b:11:9f:3b:25:92:30:0a:1e:
06:b0:7f:e8:41:8e:a4:bf:af:3a:a3:9b:88:6b:10:
e2:67:ae:34:8f:1d:22:4a:5c:42:8e:45:3d:a2:fe:
e8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:6D:39:D9:99:18:14:14:C1:F5:28:C8:F9:A4:01:88:33:F4:E9:62
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/hm052ZkYFBTB9SjI-aQBiDP06WI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.169.0-2.26.170.255
2.26.173.0/24
2.26.175.0/24
2.26.177.0/24
2.26.179.0-2.26.180.255
2.26.184.0/24
2.26.187.0-2.26.188.255
2.27.110.0/24
2.27.117.0/24
2.27.142.0/23
2.27.146.0/23
2.27.196.0/22
2.27.212.0/23
2.27.244.0/24
2.27.246.0/23
2.27.252.0/24
31.77.97.0/24
31.77.100.0/24
31.77.103.0/24
31.77.106.0/24
31.77.110.0/23
31.77.124.0/24
31.77.242.0/24
31.77.247.0-31.77.251.255
144.31.145.0/24
Signature Algorithm: sha256WithRSAEncryption
76:ef:10:3e:27:14:63:5b:89:f8:48:37:c9:44:ee:df:c1:e9:
7f:72:28:0e:86:3f:45:fc:52:85:74:15:55:92:12:e2:12:dd:
87:08:10:62:e2:79:cd:c1:97:ff:02:ff:a8:32:aa:01:e2:5a:
81:3b:90:90:36:0c:34:6f:dd:f1:af:da:19:ca:a6:c8:fa:19:
de:b3:60:41:0c:75:be:10:42:d9:23:10:c4:63:39:8c:30:c8:
92:2f:91:57:4e:06:de:3f:e3:62:c7:c8:1d:5e:0e:69:a2:a0:
d5:e6:4f:05:a7:1d:85:83:a6:50:92:aa:4f:99:77:5c:ed:f0:
c4:af:a3:f5:4e:ca:ca:d0:1b:b5:59:08:2c:26:72:b1:57:0d:
d6:fc:45:cb:dc:73:9e:59:9d:fd:cb:20:c4:94:60:7f:f5:0c:
6b:fb:6a:24:e1:2a:9a:98:9b:aa:d4:cc:37:c6:77:2e:7e:7c:
43:e3:f3:3d:20:c9:3e:89:40:27:28:bd:67:3c:ee:17:8b:be:
35:95:4d:a0:c4:a0:f0:a0:1e:35:85:a6:80:ef:fd:da:9d:6d:
52:be:9d:7a:33:44:f4:d8:26:c6:d6:43:bb:b4:90:86:d3:70:
66:1e:d4:7a:ca:a0:5a:5b:c6:b6:26:61:44:07:83:3d:d7:9c:
02:a0:e6:72
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZ8QidfcKQjfXkcAvB4+HfQQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjI4MjMyMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjZkMzlkOTk5MTgxNDE0YzFmNTI4YzhmOWE0MDE4ODMzZjRlOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeWikxz4fDx/XCFKbX0mZ6j4Knqp
O6VhCqWpAGNzJqiEJ9hcFKZegmiW510rkmtd2F1hoCmZG5xOSx+xv0ZEJn2y7OEb
BxWTyOjgUqclR+mWL6ILe3iL9crT6ytIFHrAUWDCStVexS437mPn4ba96bgjX9Ad
PqUAy67olLVLgI85FFVHHJXlTmcmHE2AGges9ojYkXXTBnzvf8zHjy4sPaGi7JS9
zIvgru6rF1/ed+ig531n2iwuwaK4gKa4lUzAno+Q9V1zBQoYaeUskk/m8jZ67AgJ
zZQbEZ87JZIwCh4GsH/oQY6kv686o5uIaxDiZ640jx0iSlxCjkU9ov7oawIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFIZtOdmZGBQUwfUoyPmkAYgz9OliMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvaG0wNTJaa1lGQlRCOVNqSS1hUUJpRFAwNldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYwDAME
AAIaqQMEAAIaqgMEAAIarQMEAAIarwMEAAIasTAMAwQAAhqzAwQAAhq0AwQAAhq4
MAwDBAACGrsDBAACGrwDBAACG24DBAACG3UDBAECG44DBAECG5IDBAICG8QDBAEC
G9QDBAACG/QDBAECG/YDBAACG/wDBAAfTWEDBAAfTWQDBAAfTWcDBAAfTWoDBAEf
TW4DBAAfTXwDBAAfTfIwDAMEAB9N9wMEAh9N+AMEAJAfkTANBgkqhkiG9w0BAQsF
AAOCAQEAdu8QPicUY1uJ+Eg3yUTu38Hpf3IoDoY/RfxShXQVVZIS4hLdhwgQYuJ5
zcGX/wL/qDKqAeJagTuQkDYMNG/d8a/aGcqmyPoZ3rNgQQx1vhBC2SMQxGM5jDDI
ki+RV04G3j/jYsfIHV4OaaKg1eZPBacdhYOmUJKqT5l3XO3wxK+j9U7KytAbtVkI
LCZysVcN1vxFy9xznlmd/csgxJRgf/UMa/tqJOEqmpibqtTMN8Z3Ln58Q+PzPSDJ
PolAJyi9ZzzuF4u+NZVNoMSg8KAeNYWmgO/92p1tUr6dejNE9NgmxtZDu7SQhtNw
Zh7UesqgWlvGtiZhRAeDPdecAqDmcg==
-----END CERTIFICATE-----
Generated at Mon Jun 29 09:59:53 2026 by rpki-client