Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/ilBH2YQrycp2It24DQsfk_-1Kaw.roa
File: ilBH2YQrycp2It24DQsfk_-1Kaw.roa (raw, json)
Hash identifier: uuWOC2G9Zn4Bi/1KLQega5WjpQVWaTOJwZTHyzSjXGM=
Subject key identifier: 8A:50:47:D9:84:2B:C9:CA:76:22:DD:B8:0D:0B:1F:93:FF:B5:29:AC
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019C435E34DA10D9238730CCB5CC2058EADC
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/ilBH2YQrycp2It24DQsfk_-1Kaw.roa
Signing time: Mon 09 Feb 2026 17:06:13 +0000
ROA not before: Mon 09 Feb 2026 17:06:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207513
IP address blocks: 144.31.13.0/24 maxlen: 24
144.31.29.0/24 maxlen: 24
144.31.91.0/24 maxlen: 24
144.31.92.0/24 maxlen: 24
144.31.100.0/24 maxlen: 24
144.31.101.0/24 maxlen: 24
144.31.102.0/24 maxlen: 24
144.31.111.0/24 maxlen: 24
144.31.112.0/24 maxlen: 24
144.31.113.0/24 maxlen: 24
144.31.248.0/24 maxlen: 24
150.241.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 06:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:43:5e:34:da:10:d9:23:87:30:cc:b5:cc:20:58:ea:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 9 17:06:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8a5047d9842bc9ca7622ddb80d0b1f93ffb529ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e5:33:fd:77:8a:b7:2f:ff:8f:7e:83:d2:78:
46:b7:ad:31:74:14:fc:8b:14:b8:a7:d9:2e:76:21:
3b:39:a0:fa:55:00:c4:16:85:4a:bd:48:37:be:a7:
47:62:74:17:fc:fb:2f:84:8c:2e:de:c2:af:20:63:
0c:2c:db:8e:c9:70:34:ac:13:68:b4:99:28:a9:a8:
68:76:f2:be:00:b6:9e:8c:ed:91:1a:60:a8:75:2f:
9e:64:ec:18:65:55:32:1b:db:aa:88:95:7e:cb:7c:
a1:c8:15:c0:d9:eb:ea:be:cf:fe:63:2d:02:96:3e:
ec:0e:6d:2f:b8:c7:bf:00:cf:f9:c6:d9:ae:79:00:
d0:f6:d5:7c:a2:99:ad:3e:41:83:31:e9:75:4d:ad:
90:ac:10:30:c9:be:3d:64:0e:54:86:71:bf:10:98:
38:fc:f2:e9:7a:db:54:e6:19:7e:9b:b7:9d:af:3d:
08:1c:8d:28:b9:8b:ad:f1:88:ec:5d:33:0c:fa:6d:
94:1f:1b:10:7c:08:6f:78:a6:8f:c5:5a:56:37:69:
53:bc:70:68:3f:9e:fd:1f:f9:ee:db:f7:5a:77:da:
fa:56:d0:ca:a5:36:b3:07:84:a8:5e:f0:0d:c7:28:
ad:ac:0c:e7:81:9e:2a:f0:39:a3:29:75:d8:3f:6c:
1a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:50:47:D9:84:2B:C9:CA:76:22:DD:B8:0D:0B:1F:93:FF:B5:29:AC
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/ilBH2YQrycp2It24DQsfk_-1Kaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.31.13.0/24
144.31.29.0/24
144.31.91.0-144.31.92.255
144.31.100.0-144.31.102.255
144.31.111.0-144.31.113.255
144.31.248.0/24
150.241.80.0/24
Signature Algorithm: sha256WithRSAEncryption
93:23:d1:b6:18:89:94:92:76:1b:ad:52:7f:35:b3:b6:09:47:
5e:ec:b2:84:37:5d:17:45:2c:96:6c:a3:d6:97:f6:c0:c9:ce:
e7:dd:19:fd:b5:8e:af:87:51:14:7c:0c:3b:d6:56:3b:01:c6:
2a:ed:cc:7e:84:a9:f3:81:41:5b:6c:48:50:18:b1:99:1b:0b:
e1:db:d9:69:30:f5:7a:e7:1a:1d:58:12:e9:a3:0f:40:21:b8:
86:7b:71:2a:7e:61:69:bf:09:28:52:25:18:c9:06:04:81:43:
ec:f8:d4:92:ef:5d:0b:db:65:e2:45:05:70:31:f1:8b:f5:7a:
6b:b7:6a:dc:eb:7b:34:5c:3a:ea:3c:67:12:1c:2d:4a:61:95:
94:1b:f2:8a:e8:25:24:46:58:cc:e0:c9:c7:d8:70:47:a9:11:
7b:22:fb:75:00:32:41:c8:6e:13:eb:e9:5c:d0:59:0b:93:96:
35:5c:ff:57:4a:8b:c4:4c:d5:ba:8b:2c:e6:17:a0:34:2c:bf:
59:b4:b3:3a:ad:9a:a1:62:47:72:0f:19:9c:b3:fd:96:f8:c7:
9a:38:f7:93:54:0f:8d:af:b5:12:e4:c0:e3:21:f1:ea:03:7b:
7f:82:41:34:26:9c:43:c8:a9:f9:e7:0b:f0:da:a8:6c:b2:3f:
ee:cb:e9:43
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZxDXjTaENkjhzDMtcwgWOrcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMjA5MTcwNjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTUwNDdkOTg0MmJjOWNhNzYyMmRkYjgwZDBiMWY5M2ZmYjUyOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOUz/XeKty//j36D0nhGt60xdBT8
ixS4p9kudiE7OaD6VQDEFoVKvUg3vqdHYnQX/PsvhIwu3sKvIGMMLNuOyXA0rBNo
tJkoqahodvK+ALaejO2RGmCodS+eZOwYZVUyG9uqiJV+y3yhyBXA2evqvs/+Yy0C
lj7sDm0vuMe/AM/5xtmueQDQ9tV8opmtPkGDMel1Ta2QrBAwyb49ZA5UhnG/EJg4
/PLpettU5hl+m7edrz0IHI0ouYut8YjsXTMM+m2UHxsQfAhveKaPxVpWN2lTvHBo
P579H/nu2/dad9r6VtDKpTazB4SoXvANxyitrAzngZ4q8DmjKXXYP2waNwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFIpQR9mEK8nKdiLduA0LH5P/tSmsMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvaWxCSDJZUXJ5Y3AySXQyNERRc2ZrXy0xS2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAkB8NAwQA
kB8dMAwDBACQH1sDBACQH1wwDAMEApAfZAMEAJAfZjAMAwQAkB9vAwQBkB9wAwQA
kB/4AwQAlvFQMA0GCSqGSIb3DQEBCwUAA4IBAQCTI9G2GImUknYbrVJ/NbO2CUde
7LKEN10XRSyWbKPWl/bAyc7n3Rn9tY6vh1EUfAw71lY7AcYq7cx+hKnzgUFbbEhQ
GLGZGwvh29lpMPV65xodWBLpow9AIbiGe3EqfmFpvwkoUiUYyQYEgUPs+NSS710L
22XiRQVwMfGL9Xprt2rc63s0XDrqPGcSHC1KYZWUG/KK6CUkRljM4MnH2HBHqRF7
Ivt1ADJByG4T6+lc0FkLk5Y1XP9XSovETNW6iyzmF6A0LL9ZtLM6rZqhYkdyDxmc
s/2W+MeaOPeTVA+Nr7US5MDjIfHqA3t/gkE0JpxDyKn55wvw2qhssj/uy+lD
-----END CERTIFICATE-----
Generated at Thu Feb 26 11:58:02 2026 by rpki-client