Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/l-S0anYnUNuFsfkzxDj3u-EWAlM.roa
File: l-S0anYnUNuFsfkzxDj3u-EWAlM.roa (raw, json)
Hash identifier: hGhPvLhg80XchzFA0U8bvTbBUe2AP/X8Bgy7x1P/8Es=
Subject key identifier: 97:E4:B4:6A:76:27:50:DB:85:B1:F9:33:C4:38:F7:BB:E1:16:02:53
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019DE4DD6C9E50EA67C75AC200861B132F77
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/l-S0anYnUNuFsfkzxDj3u-EWAlM.roa
Signing time: Fri 01 May 2026 18:46:49 +0000
ROA not before: Fri 01 May 2026 18:46:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401152
IP address blocks: 2.26.95.0/24 maxlen: 24
2.26.253.0/24 maxlen: 24
144.31.8.0/23 maxlen: 24
144.31.10.0/24 maxlen: 24
144.31.110.0/24 maxlen: 24
144.31.160.0/22 maxlen: 24
144.31.235.0/24 maxlen: 24
150.241.69.0/24 maxlen: 24
185.207.135.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.192.0/24 maxlen: 24
193.23.196.0/24 maxlen: 24
193.23.198.0/24 maxlen: 24
193.23.204.0/22 maxlen: 22
193.23.212.0/22 maxlen: 24
193.23.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 07:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e4:dd:6c:9e:50:ea:67:c7:5a:c2:00:86:1b:13:2f:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 1 18:46:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=97e4b46a762750db85b1f933c438f7bbe1160253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9d:28:e5:69:c0:46:b6:c7:fa:74:d3:da:f9:
30:69:09:80:73:34:77:bd:af:d2:de:4a:61:40:49:
74:77:fb:f3:0d:3f:5a:f3:57:60:29:6e:0b:37:10:
36:72:c3:f5:62:52:d9:2c:18:92:57:b4:31:41:86:
3d:56:d6:18:77:b5:81:7f:42:4e:c3:b4:3d:7b:00:
0d:cb:95:e8:9b:5e:78:86:e5:2c:7c:82:bf:41:fa:
6f:6c:9c:eb:f3:03:93:c7:8e:ce:5d:0e:3d:8b:28:
24:a5:c8:73:29:a2:d8:51:66:02:90:bf:8d:d6:86:
3a:13:99:fe:32:9b:44:46:80:55:d7:d8:75:01:55:
b0:2f:48:96:7b:23:8a:67:8d:6b:cc:af:6e:26:0f:
f4:25:20:3b:7f:92:f0:86:cf:50:93:78:04:f7:41:
28:e1:6a:31:f2:88:e0:30:11:ad:03:81:f0:56:56:
c1:a3:b5:83:2a:22:e7:11:54:d6:aa:24:a0:fc:c0:
4f:79:c9:19:cf:89:55:1c:ce:0b:a3:f2:5e:45:b6:
57:82:73:f9:ae:8b:63:92:8f:f5:f4:5b:e1:64:ed:
fc:7b:ad:b2:0b:6e:e3:ab:08:90:ce:16:8c:c6:be:
c4:e9:45:a6:ac:2f:2b:2c:02:41:58:84:27:a2:d7:
2b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:E4:B4:6A:76:27:50:DB:85:B1:F9:33:C4:38:F7:BB:E1:16:02:53
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/l-S0anYnUNuFsfkzxDj3u-EWAlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.95.0/24
2.26.253.0/24
144.31.8.0-144.31.10.255
144.31.110.0/24
144.31.160.0/22
144.31.235.0/24
150.241.69.0/24
185.207.135.0/24
185.216.104.0/22
193.23.192.0/24
193.23.196.0/24
193.23.198.0/24
193.23.204.0/22
193.23.212.0/22
193.23.223.0/24
Signature Algorithm: sha256WithRSAEncryption
58:d4:12:1d:43:59:4e:4d:6e:9f:81:1e:eb:c4:be:14:39:9c:
9d:67:56:0f:04:80:64:35:82:73:ec:56:71:e8:d0:ce:6a:26:
7f:58:fd:72:69:6d:bc:a5:e6:79:f7:ad:2d:4c:4e:91:66:7b:
79:c5:d2:f3:1e:f8:db:17:e6:a3:15:1e:64:4d:14:6f:a9:14:
6e:86:11:3f:00:09:39:52:9f:4f:cd:06:57:0c:d4:75:17:f9:
d0:48:b4:0d:60:8b:ea:f8:53:ef:de:db:db:a7:c8:7a:05:f1:
d8:90:19:98:5d:32:a0:76:10:72:f8:5b:2f:e3:5d:7c:b0:c7:
ad:37:08:a2:56:e9:4c:bb:8e:e9:7b:a0:c8:ad:c2:7c:08:8f:
bb:19:31:8f:d0:b0:79:53:4f:17:8d:fa:21:38:43:a5:00:72:
3e:72:19:4d:8c:a1:18:c7:34:1e:12:8f:bc:a8:1e:74:a5:27:
49:3c:e0:b0:58:98:1e:47:b0:78:56:e4:bd:e0:fb:15:75:9d:
9b:3c:f1:54:1f:9d:88:d1:a3:1e:2a:c6:cf:8a:a4:4e:03:b1:
d7:a6:c1:ec:01:2c:47:24:1f:8d:ba:b6:8b:66:a9:d6:38:15:
de:05:82:30:a9:c2:dc:53:d6:38:2a:63:e5:ac:d0:2b:c1:2a:
c3:47:e2:82
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZ3k3WyeUOpnx1rCAIYbEy93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNTAxMTg0NjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2U0YjQ2YTc2Mjc1MGRiODViMWY5MzNjNDM4ZjdiYmUxMTYwMjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu50o5WnARrbH+nTT2vkwaQmAczR3
va/S3kphQEl0d/vzDT9a81dgKW4LNxA2csP1YlLZLBiSV7QxQYY9VtYYd7WBf0JO
w7Q9ewANy5Xom154huUsfIK/QfpvbJzr8wOTx47OXQ49iygkpchzKaLYUWYCkL+N
1oY6E5n+MptERoBV19h1AVWwL0iWeyOKZ41rzK9uJg/0JSA7f5Lwhs9Qk3gE90Eo
4Wox8ojgMBGtA4HwVlbBo7WDKiLnEVTWqiSg/MBPeckZz4lVHM4Lo/JeRbZXgnP5
rotjko/19FvhZO38e62yC27jqwiQzhaMxr7E6UWmrC8rLAJBWIQnotcrSQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFJfktGp2J1DbhbH5M8Q497vhFgJTMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvbC1TMGFuWW5VTnVGc2ZrenhEajN1LUVXQWxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAAhpfAwQA
Ahr9MAwDBAOQHwgDBACQHwoDBACQH24DBAKQH6ADBACQH+sDBACW8UUDBAC5z4cD
BAK52GgDBADBF8ADBADBF8QDBADBF8YDBALBF8wDBALBF9QDBADBF98wDQYJKoZI
hvcNAQELBQADggEBAFjUEh1DWU5Nbp+BHuvEvhQ5nJ1nVg8EgGQ1gnPsVnHo0M5q
Jn9Y/XJpbbyl5nn3rS1MTpFme3nF0vMe+NsX5qMVHmRNFG+pFG6GET8ACTlSn0/N
BlcM1HUX+dBItA1gi+r4U+/e29unyHoF8diQGZhdMqB2EHL4Wy/jXXywx603CKJW
6Uy7jul7oMitwnwIj7sZMY/QsHlTTxeN+iE4Q6UAcj5yGU2MoRjHNB4Sj7yoHnSl
J0k84LBYmB5HsHhW5L3g+xV1nZs88VQfnYjRox4qxs+KpE4DsdemwewBLEckH426
totmqdY4Fd4FgjCpwtxT1jgqY+Ws0CvBKsNH4oI=
-----END CERTIFICATE-----
Generated at Tue May 5 16:50:56 2026 by rpki-client