Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/mWPAwLWuN3LfQw2CYarGzdXrbkI.roa
File: mWPAwLWuN3LfQw2CYarGzdXrbkI.roa (raw, json)
Hash identifier: H+0Vc9IZzHJWEHIhfNudViPrI2ZycS2cMaZDQCXuwrY=
Subject key identifier: 99:63:C0:C0:B5:AE:37:72:DF:43:0D:82:61:AA:C6:CD:D5:EB:6E:42
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019EE1F45DEB5EDA212991830C9A6F40E36A
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/mWPAwLWuN3LfQw2CYarGzdXrbkI.roa
Signing time: Fri 19 Jun 2026 22:15:48 +0000
ROA not before: Fri 19 Jun 2026 22:15:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401152
IP address blocks: 2.26.95.0/24 maxlen: 24
2.26.152.0/24 maxlen: 24
2.26.162.0/23 maxlen: 24
2.27.152.0/24 maxlen: 24
31.76.128.0/21 maxlen: 24
31.76.168.0/21 maxlen: 24
31.76.192.0/22 maxlen: 24
31.76.208.0/22 maxlen: 24
31.76.228.0/23 maxlen: 24
31.76.232.0/23 maxlen: 24
31.76.236.0/23 maxlen: 24
31.76.242.0/23 maxlen: 24
31.77.73.0/24 maxlen: 24
31.77.152.0/22 maxlen: 24
31.77.176.0/23 maxlen: 24
31.77.180.0/23 maxlen: 24
31.77.202.0/23 maxlen: 24
31.77.204.0/23 maxlen: 24
31.77.221.0/24 maxlen: 24
31.77.227.0/24 maxlen: 24
31.77.231.0/24 maxlen: 24
31.77.233.0/24 maxlen: 24
31.77.234.0/23 maxlen: 24
144.31.8.0/23 maxlen: 24
144.31.110.0/24 maxlen: 24
144.31.160.0/22 maxlen: 24
144.31.235.0/24 maxlen: 24
150.241.69.0/24 maxlen: 24
185.207.135.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.192.0/24 maxlen: 24
193.23.198.0/24 maxlen: 24
193.23.204.0/22 maxlen: 22
193.23.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 19:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e1:f4:5d:eb:5e:da:21:29:91:83:0c:9a:6f:40:e3:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 19 22:15:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9963c0c0b5ae3772df430d8261aac6cdd5eb6e42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:49:bc:20:ec:5c:71:6b:0f:57:ae:f0:a0:39:
6e:07:e6:ab:f4:ca:18:52:48:fd:e4:35:be:5b:70:
71:6f:e5:a6:c0:d3:3b:65:1a:75:a0:68:9c:e8:b0:
9f:38:9b:34:a7:64:dc:f4:c3:c3:9f:85:5f:67:d2:
6c:a7:0b:9f:2b:ea:35:41:90:be:1d:0f:b3:e2:e9:
e4:64:7d:e6:94:1d:a3:9c:cd:7d:22:b6:55:5e:96:
6c:3e:20:69:c6:a1:41:09:ac:d6:16:20:3d:d9:18:
95:44:07:c5:f5:a8:08:e2:30:d9:43:ec:e3:fd:85:
93:7a:1a:f6:6e:9d:69:a7:30:fb:a8:28:15:7d:dd:
39:c8:ff:ab:e4:a1:2c:74:59:f9:74:46:cd:30:45:
79:68:ad:f9:72:14:48:66:e3:af:a6:60:7a:7e:ad:
3d:11:d4:c9:3f:a9:e5:f5:84:34:59:22:f6:cc:99:
76:34:e7:bb:06:c4:30:a6:f5:4b:80:0f:b8:02:be:
0f:9f:c2:ea:ca:0c:5e:54:2f:30:b6:33:4c:01:48:
ca:aa:cb:68:10:5b:73:32:47:96:f4:1b:3d:0a:16:
bf:bb:16:85:82:de:4d:f1:d4:73:b8:61:9c:b9:65:
f3:2f:9f:d8:c5:a5:6d:14:98:eb:3f:6c:a9:be:e7:
6c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:63:C0:C0:B5:AE:37:72:DF:43:0D:82:61:AA:C6:CD:D5:EB:6E:42
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/mWPAwLWuN3LfQw2CYarGzdXrbkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.95.0/24
2.26.152.0/24
2.26.162.0/23
2.27.152.0/24
31.76.128.0/21
31.76.168.0/21
31.76.192.0/22
31.76.208.0/22
31.76.228.0/23
31.76.232.0/23
31.76.236.0/23
31.76.242.0/23
31.77.73.0/24
31.77.152.0/22
31.77.176.0/23
31.77.180.0/23
31.77.202.0-31.77.205.255
31.77.221.0/24
31.77.227.0/24
31.77.231.0/24
31.77.233.0-31.77.235.255
144.31.8.0/23
144.31.110.0/24
144.31.160.0/22
144.31.235.0/24
150.241.69.0/24
185.207.135.0/24
185.216.104.0/22
193.23.192.0/24
193.23.198.0/24
193.23.204.0/22
193.23.212.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:7e:0e:ff:ff:de:f3:b7:54:67:3c:88:02:4a:e4:4e:d6:1c:
ed:b1:79:24:fc:11:45:d9:b1:44:0e:94:41:e3:d2:ce:ce:26:
23:b7:50:00:4a:a6:62:37:e5:44:3e:ad:a7:07:00:1e:0d:23:
00:26:c8:41:06:95:3d:41:4d:13:dc:59:8a:9e:18:50:c0:87:
f3:ce:9f:b8:05:08:1b:86:71:2d:3a:aa:fd:5d:2b:c7:bc:65:
2c:c2:71:49:0c:54:f9:93:11:e1:53:8d:4f:b5:18:8a:ce:e9:
26:b5:c6:9f:57:d2:37:c0:cc:7c:1d:f3:72:c2:28:ed:41:0d:
a6:57:a1:43:6b:f3:82:a0:ba:ee:78:32:16:3e:ab:e1:4a:7a:
8e:ce:d8:1a:f0:13:5c:ae:5e:56:9e:64:c0:e0:82:9f:82:59:
47:7e:11:17:64:5b:f8:b6:c4:7a:4a:dc:28:25:4b:46:3b:10:
e0:78:a2:54:78:d9:98:95:ab:65:e8:34:b4:49:33:04:5e:06:
c9:76:3b:98:4b:ec:8f:81:ff:35:20:3b:25:94:91:f7:f3:bc:
ab:26:e5:ac:57:2a:17:8e:d8:19:f7:3c:7f:a5:21:30:ef:82:
59:be:ed:ec:2f:54:07:32:b9:cb:a7:98:fb:f8:66:74:f5:52:
06:05:69:5a
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZ7h9F3rXtohKZGDDJpvQONqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjE5MjIxNTQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTYzYzBjMGI1YWUzNzcyZGY0MzBkODI2MWFhYzZjZGQ1ZWI2ZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUm8IOxccWsPV67woDluB+ar9MoY
Ukj95DW+W3Bxb+WmwNM7ZRp1oGic6LCfOJs0p2Tc9MPDn4VfZ9JspwufK+o1QZC+
HQ+z4unkZH3mlB2jnM19IrZVXpZsPiBpxqFBCazWFiA92RiVRAfF9agI4jDZQ+zj
/YWTehr2bp1ppzD7qCgVfd05yP+r5KEsdFn5dEbNMEV5aK35chRIZuOvpmB6fq09
EdTJP6nl9YQ0WSL2zJl2NOe7BsQwpvVLgA+4Ar4Pn8LqygxeVC8wtjNMAUjKqsto
EFtzMkeW9Bs9Cha/uxaFgt5N8dRzuGGcuWXzL5/YxaVtFJjrP2ypvudsLQIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFJljwMC1rjdy30MNgmGqxs3V625CMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvbVdQQXdMV3VOM0xmUXcyQ1lhckd6ZFhyYmtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdADBAAC
Gl8DBAACGpgDBAECGqIDBAACG5gDBAMfTIADBAMfTKgDBAIfTMADBAIfTNADBAEf
TOQDBAEfTOgDBAEfTOwDBAEfTPIDBAAfTUkDBAIfTZgDBAEfTbADBAEfTbQwDAME
AR9NygMEAR9NzAMEAB9N3QMEAB9N4wMEAB9N5zAMAwQAH03pAwQCH03oAwQBkB8I
AwQAkB9uAwQCkB+gAwQAkB/rAwQAlvFFAwQAuc+HAwQCudhoAwQAwRfAAwQAwRfG
AwQCwRfMAwQCwRfUMA0GCSqGSIb3DQEBCwUAA4IBAQB8fg7//97zt1RnPIgCSuRO
1hztsXkk/BFF2bFEDpRB49LOziYjt1AASqZiN+VEPq2nBwAeDSMAJshBBpU9QU0T
3FmKnhhQwIfzzp+4BQgbhnEtOqr9XSvHvGUswnFJDFT5kxHhU41PtRiKzukmtcaf
V9I3wMx8HfNywijtQQ2mV6FDa/OCoLrueDIWPqvhSnqOztga8BNcrl5WnmTA4IKf
gllHfhEXZFv4tsR6StwoJUtGOxDgeKJUeNmYlatl6DS0STMEXgbJdjuYS+yPgf81
IDsllJH387yrJuWsVyoXjtgZ9zx/pSEw74JZvu3sL1QHMrnLp5j7+GZ09VIGBWla
-----END CERTIFICATE-----
Generated at Sat Jun 20 04:05:54 2026 by rpki-client