Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/iPnnRLs2dNSWxj_ILn2CtOC8emw.roa
File: iPnnRLs2dNSWxj_ILn2CtOC8emw.roa (raw, json)
Hash identifier: s1qa0cxUzRSHjDHWekdRthu8jjuBS81s0aTiCa6ohlw=
Subject key identifier: 88:F9:E7:44:BB:36:74:D4:96:C6:3F:C8:2E:7D:82:B4:E0:BC:7A:6C
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D9CCEF14657B91792F834072CB3AB646F
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/iPnnRLs2dNSWxj_ILn2CtOC8emw.roa
Signing time: Fri 17 Apr 2026 18:58:21 +0000
ROA not before: Fri 17 Apr 2026 18:58:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207957
IP address blocks: 2.26.8.0/24 maxlen: 24
2.26.9.0/24 maxlen: 24
2.26.88.0/24 maxlen: 24
2.26.89.0/24 maxlen: 24
2.26.90.0/24 maxlen: 24
2.26.91.0/24 maxlen: 24
2.26.92.0/24 maxlen: 24
2.26.93.0/24 maxlen: 24
64.188.89.0/24 maxlen: 24
64.188.90.0/24 maxlen: 24
64.188.98.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
77.239.107.0/24 maxlen: 24
144.31.15.0/24 maxlen: 24
144.31.49.0/24 maxlen: 24
144.31.50.0/24 maxlen: 24
144.31.51.0/24 maxlen: 24
144.31.57.0/24 maxlen: 24
144.31.82.0/24 maxlen: 24
144.31.83.0/24 maxlen: 24
144.31.93.0/24 maxlen: 24
144.31.103.0/24 maxlen: 24
144.31.107.0/24 maxlen: 24
144.31.108.0/24 maxlen: 24
144.31.109.0/24 maxlen: 24
144.31.213.0/24 maxlen: 24
144.31.214.0/24 maxlen: 24
144.31.216.0/24 maxlen: 24
144.31.217.0/24 maxlen: 24
144.31.218.0/24 maxlen: 24
144.31.219.0/24 maxlen: 24
144.31.239.0/24 maxlen: 24
144.31.240.0/24 maxlen: 24
144.31.241.0/24 maxlen: 24
144.31.242.0/24 maxlen: 24
144.31.243.0/24 maxlen: 24
144.31.249.0/24 maxlen: 24
150.241.72.0/24 maxlen: 24
150.241.73.0/24 maxlen: 24
150.241.74.0/24 maxlen: 24
150.241.75.0/24 maxlen: 24
150.241.82.0/24 maxlen: 24
150.241.83.0/24 maxlen: 24
150.241.100.0/24 maxlen: 24
150.241.101.0/24 maxlen: 24
150.241.102.0/24 maxlen: 24
150.241.103.0/24 maxlen: 24
185.170.153.0/24 maxlen: 24
185.170.154.0/24 maxlen: 24
193.23.195.0/24 maxlen: 24
193.23.200.0/24 maxlen: 24
193.23.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 17:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:ce:f1:46:57:b9:17:92:f8:34:07:2c:b3:ab:64:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 17 18:58:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=88f9e744bb3674d496c63fc82e7d82b4e0bc7a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ff:2d:e8:e4:ae:fa:56:34:7c:8f:46:a5:d9:
ef:15:1d:0d:d0:9a:8d:6e:d8:a1:2b:84:b7:ac:7c:
ff:ea:75:ad:64:f5:14:7c:76:62:f7:07:73:12:ae:
2a:29:e0:72:8e:bb:59:57:70:fa:35:c9:17:9d:20:
9e:a2:8a:fa:95:56:b4:da:81:16:9a:09:80:d7:cb:
cd:3d:7a:51:04:d6:4d:d2:13:99:02:6a:ad:9d:bb:
5b:48:43:bb:03:15:7b:64:9b:aa:c8:7b:1b:35:7f:
f0:44:1d:f4:9a:27:9e:73:f2:c1:ad:dd:6f:17:3e:
cf:b8:55:56:66:93:ca:69:67:e0:0e:03:db:4b:f1:
65:0c:4d:98:7f:45:68:4e:85:bc:db:6b:7c:fd:95:
29:f6:bd:e9:25:1f:c4:fa:88:d3:7d:69:cc:fa:e9:
5c:29:47:b2:19:3c:74:11:57:db:5e:c5:0b:38:19:
03:c7:48:9b:c1:77:d6:1a:ea:fe:13:25:c7:90:8c:
ef:bf:e0:58:66:9f:73:ea:4e:7f:c0:05:15:bb:19:
96:0e:af:7d:12:71:21:e8:b8:60:8b:53:d5:08:7d:
4b:1f:26:f4:af:38:26:d9:e8:e7:e3:10:10:29:23:
47:09:3d:61:db:0a:cd:f3:0f:0a:3e:72:cc:f6:55:
31:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F9:E7:44:BB:36:74:D4:96:C6:3F:C8:2E:7D:82:B4:E0:BC:7A:6C
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/iPnnRLs2dNSWxj_ILn2CtOC8emw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.8.0/23
2.26.88.0-2.26.93.255
64.188.89.0-64.188.90.255
64.188.98.0/24
64.188.127.0/24
77.239.107.0/24
144.31.15.0/24
144.31.49.0-144.31.51.255
144.31.57.0/24
144.31.82.0/23
144.31.93.0/24
144.31.103.0/24
144.31.107.0-144.31.109.255
144.31.213.0-144.31.214.255
144.31.216.0/22
144.31.239.0-144.31.243.255
144.31.249.0/24
150.241.72.0/22
150.241.82.0/23
150.241.100.0/22
185.170.153.0-185.170.154.255
193.23.195.0/24
193.23.200.0/24
193.23.202.0/24
Signature Algorithm: sha256WithRSAEncryption
75:b5:28:89:43:c7:af:09:fa:23:65:d1:ed:1f:de:10:34:30:
5b:4c:89:43:89:43:2d:45:20:87:df:cb:c7:2d:1b:f3:9d:dd:
bc:2e:d4:83:66:d7:79:4c:67:c8:f9:60:39:20:30:29:58:9a:
38:cc:b6:20:7a:b0:d9:e8:4f:30:7d:5b:08:be:6c:9c:61:94:
97:cc:98:24:e6:76:ff:f1:3a:40:ce:5c:7d:96:ed:04:14:dd:
59:d6:5c:9f:88:04:21:85:77:f3:d0:0c:cc:cb:54:a3:17:f6:
f0:15:04:9b:dc:0b:7e:60:62:93:bf:6e:7a:ea:c9:35:44:f7:
6d:e3:b1:18:78:37:6f:71:4a:e3:31:d4:4f:44:e6:fe:d5:5d:
84:26:75:99:1d:8e:bb:94:c5:09:e1:de:9c:ca:b2:42:fe:52:
de:fd:cd:3a:d6:78:47:84:84:5b:dd:37:a0:0b:70:cb:d2:4f:
ff:1c:cd:3d:65:2d:33:62:f5:e5:a2:9d:6c:fc:6a:6e:1a:17:
95:54:6e:74:d8:97:4f:28:fa:b7:d9:a8:fb:60:e1:4b:b1:3c:
cd:82:21:bb:d2:05:a4:21:23:75:0e:1f:1d:4f:1f:cc:eb:7b:
70:71:9c:38:d8:3d:0f:e4:fb:38:5e:3f:d7:60:27:70:61:92:
47:03:f7:c3
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZ2czvFGV7kXkvg0Byyzq2RvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDE3MTg1ODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGY5ZTc0NGJiMzY3NGQ0OTZjNjNmYzgyZTdkODJiNGUwYmM3YTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv8t6OSu+lY0fI9GpdnvFR0N0JqN
btihK4S3rHz/6nWtZPUUfHZi9wdzEq4qKeByjrtZV3D6NckXnSCeoor6lVa02oEW
mgmA18vNPXpRBNZN0hOZAmqtnbtbSEO7AxV7ZJuqyHsbNX/wRB30mieec/LBrd1v
Fz7PuFVWZpPKaWfgDgPbS/FlDE2Yf0VoToW822t8/ZUp9r3pJR/E+ojTfWnM+ulc
KUeyGTx0EVfbXsULOBkDx0ibwXfWGur+EyXHkIzvv+BYZp9z6k5/wAUVuxmWDq99
EnEh6Lhgi1PVCH1LHyb0rzgm2ejn4xAQKSNHCT1h2wrN8w8KPnLM9lUx5wIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFIj550S7NnTUlsY/yC59grTgvHpsMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvaVBublJMczJkTlNXeGpfSUxuMkN0T0M4ZW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBAEC
GggwDAMEAwIaWAMEAQIaXDAMAwQAQLxZAwQAQLxaAwQAQLxiAwQAQLx/AwQATe9r
AwQAkB8PMAwDBACQHzEDBAKQHzADBACQHzkDBAGQH1IDBACQH10DBACQH2cwDAME
AJAfawMEAZAfbDAMAwQAkB/VAwQAkB/WAwQCkB/YMAwDBACQH+8DBAKQH/ADBACQ
H/kDBAKW8UgDBAGW8VIDBAKW8WQwDAMEALmqmQMEALmqmgMEAMEXwwMEAMEXyAME
AMEXyjANBgkqhkiG9w0BAQsFAAOCAQEAdbUoiUPHrwn6I2XR7R/eEDQwW0yJQ4lD
LUUgh9/Lxy0b853dvC7Ug2bXeUxnyPlgOSAwKViaOMy2IHqw2ehPMH1bCL5snGGU
l8yYJOZ2//E6QM5cfZbtBBTdWdZcn4gEIYV389AMzMtUoxf28BUEm9wLfmBik79u
eurJNUT3beOxGHg3b3FK4zHUT0Tm/tVdhCZ1mR2Ou5TFCeHenMqyQv5S3v3NOtZ4
R4SEW903oAtwy9JP/xzNPWUtM2L15aKdbPxqbhoXlVRudNiXTyj6t9mo+2DhS7E8
zYIhu9IFpCEjdQ4fHU8fzOt7cHGcONg9D+T7OF4/12AncGGSRwP3ww==
-----END CERTIFICATE-----
Generated at Mon Apr 27 21:55:09 2026 by rpki-client