Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/j89aKXbXYk2j6vn0Zo5Wb5fmj8M.roa
File: j89aKXbXYk2j6vn0Zo5Wb5fmj8M.roa (raw, json)
Hash identifier: tsnfaLcgX77mHJ/jCdcyHWzTHIGLHjq+H3vSTrmlMJ8=
Subject key identifier: 8F:CF:5A:29:76:D7:62:4D:A3:EA:F9:F4:66:8E:56:6F:97:E6:8F:C3
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D9CB4657DC20DCC049BF22E2F4A8C122A
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/j89aKXbXYk2j6vn0Zo5Wb5fmj8M.roa
Signing time: Fri 17 Apr 2026 18:29:21 +0000
ROA not before: Fri 17 Apr 2026 18:29:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 2.26.133.0/24 maxlen: 24
2.26.134.0/24 maxlen: 24
2.26.136.0/24 maxlen: 24
2.26.137.0/24 maxlen: 24
2.26.141.0/24 maxlen: 24
2.26.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 07:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:b4:65:7d:c2:0d:cc:04:9b:f2:2e:2f:4a:8c:12:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 17 18:29:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8fcf5a2976d7624da3eaf9f4668e566f97e68fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6b:fe:5a:dc:a2:f5:63:d3:e2:25:ce:b3:e9:
34:8c:9e:b6:38:da:37:5a:f9:25:f9:f3:67:60:19:
b7:fb:23:e8:2c:71:48:29:48:e3:5e:ae:d1:9d:2f:
8c:3a:10:99:68:cf:3b:9f:7b:fc:81:c0:ec:81:dd:
a2:85:9f:31:02:e0:b4:dc:2b:78:10:e3:20:1b:12:
b0:62:cd:c1:b8:e0:d3:92:f3:5d:12:89:6f:5d:c5:
6e:3a:d7:31:4f:ac:c6:bb:bf:dd:0f:87:6a:4e:f2:
d3:04:e6:8c:d8:0b:49:02:bf:a8:9b:09:7d:6a:44:
39:87:88:96:97:f3:f3:9a:ae:2b:34:82:e5:24:e2:
02:5d:1b:21:f8:a4:24:0a:5d:d4:fa:1a:68:79:80:
f6:e4:50:30:03:2f:03:ab:2b:b7:14:e4:d7:b9:b4:
be:0e:9c:b4:dc:c1:05:28:b8:1b:4f:6c:1d:cd:ab:
ea:90:33:29:39:2f:d8:ff:91:94:d5:79:c4:82:78:
a2:4c:f3:09:43:dd:36:98:5a:f7:86:b5:79:f4:7c:
85:ae:6e:87:d3:79:f1:9e:0d:75:64:2a:31:8e:6b:
96:2d:d3:4a:fd:4e:93:c9:30:bb:3a:12:61:96:c5:
d8:8a:23:65:38:17:e4:a0:ee:c7:8e:24:48:d8:ab:
d1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:CF:5A:29:76:D7:62:4D:A3:EA:F9:F4:66:8E:56:6F:97:E6:8F:C3
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/j89aKXbXYk2j6vn0Zo5Wb5fmj8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.133.0-2.26.134.255
2.26.136.0/23
2.26.141.0-2.26.142.255
Signature Algorithm: sha256WithRSAEncryption
b3:38:c3:52:ae:11:40:fd:6f:a4:83:1c:02:fa:5f:90:69:ac:
b3:05:86:48:b1:a3:2e:b4:77:dd:9b:12:5f:5c:55:66:01:0c:
8b:9e:76:47:15:74:ea:cd:c1:fa:bf:fc:4b:f6:91:c0:7e:b6:
f5:b9:ea:87:6f:75:79:5a:40:9d:71:31:c5:4e:75:9a:e8:09:
06:dd:4a:eb:9c:22:f5:6d:c5:26:d2:04:bb:a7:72:6a:79:bd:
eb:c3:c0:a4:8b:1d:30:1e:10:66:4b:81:bf:d5:1f:ba:5b:a5:
93:65:db:0f:94:09:88:ad:7d:2c:26:07:a3:cd:a9:20:d6:6b:
d3:7b:de:02:ed:e7:48:16:75:54:1f:04:a8:b0:b4:53:80:f3:
68:2a:16:69:01:f7:95:cd:54:61:eb:d9:a5:90:e8:42:85:5b:
ae:60:79:e5:a7:16:28:fe:1f:bc:3e:e3:81:c7:e0:fa:ae:ee:
e8:de:56:d7:ad:00:d9:cc:7a:2b:21:c9:15:31:55:be:88:26:
0f:de:c7:ad:04:8d:7c:45:66:8f:f8:45:36:8f:4d:6e:e2:3a:
6a:70:ac:0f:af:08:4a:a3:74:bf:16:1d:44:3e:40:2d:3e:f2:
16:57:aa:75:72:f7:37:dc:63:04:1b:fd:7f:bc:d2:95:25:23:
1e:ac:c3:16
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ2ctGV9wg3MBJvyLi9KjBIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDE3MTgyOTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmNmNWEyOTc2ZDc2MjRkYTNlYWY5ZjQ2NjhlNTY2Zjk3ZTY4ZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWv+Wtyi9WPT4iXOs+k0jJ62ONo3
Wvkl+fNnYBm3+yPoLHFIKUjjXq7RnS+MOhCZaM87n3v8gcDsgd2ihZ8xAuC03Ct4
EOMgGxKwYs3BuODTkvNdEolvXcVuOtcxT6zGu7/dD4dqTvLTBOaM2AtJAr+omwl9
akQ5h4iWl/Pzmq4rNILlJOICXRsh+KQkCl3U+hpoeYD25FAwAy8Dqyu3FOTXubS+
Dpy03MEFKLgbT2wdzavqkDMpOS/Y/5GU1XnEgniiTPMJQ902mFr3hrV59HyFrm6H
03nxng11ZCoxjmuWLdNK/U6TyTC7OhJhlsXYiiNlOBfkoO7HjiRI2KvRWQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFI/PWil212JNo+r59GaOVm+X5o/DMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvajg5YUtYYlhZazJqNnZuMFpvNVdiNWZtajhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAACGoUD
BAACGoYDBAECGogwDAMEAAIajQMEAAIajjANBgkqhkiG9w0BAQsFAAOCAQEAszjD
Uq4RQP1vpIMcAvpfkGmsswWGSLGjLrR33ZsSX1xVZgEMi552RxV06s3B+r/8S/aR
wH629bnqh291eVpAnXExxU51mugJBt1K65wi9W3FJtIEu6dyanm968PApIsdMB4Q
ZkuBv9Ufululk2XbD5QJiK19LCYHo82pINZr03veAu3nSBZ1VB8EqLC0U4DzaCoW
aQH3lc1UYevZpZDoQoVbrmB55acWKP4fvD7jgcfg+q7u6N5W160A2cx6KyHJFTFV
vogmD97HrQSNfEVmj/hFNo9NbuI6anCsD68ISqN0vxYdRD5ALT7yFleqdXL3N9xj
BBv9f7zSlSUjHqzDFg==
-----END CERTIFICATE-----
Generated at Tue May 5 16:50:40 2026 by rpki-client