Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/snQvGQ7-ZlwsRPceNzlFDol0roU.roa
File: snQvGQ7-ZlwsRPceNzlFDol0roU.roa (raw, json)
Hash identifier: 2xfT2Ywmd1/CcuO4lh12W+55427xEhwD1LycCFeMZiY=
Subject key identifier: B2:74:2F:19:0E:FE:66:5C:2C:44:F7:1E:37:39:45:0E:89:74:AE:85
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019DF41A7CD7CE3D271F1AFCA9F6488C2F7D
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/snQvGQ7-ZlwsRPceNzlFDol0roU.roa
Signing time: Mon 04 May 2026 17:47:49 +0000
ROA not before: Mon 04 May 2026 17:47:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207957
IP address blocks: 2.26.8.0/24 maxlen: 24
2.26.9.0/24 maxlen: 24
2.26.10.0/24 maxlen: 24
2.26.11.0/24 maxlen: 24
2.26.88.0/24 maxlen: 24
2.26.89.0/24 maxlen: 24
2.26.90.0/24 maxlen: 24
2.26.91.0/24 maxlen: 24
2.26.92.0/24 maxlen: 24
2.26.93.0/24 maxlen: 24
64.188.89.0/24 maxlen: 24
64.188.90.0/24 maxlen: 24
64.188.98.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
77.239.107.0/24 maxlen: 24
144.31.15.0/24 maxlen: 24
144.31.49.0/24 maxlen: 24
144.31.50.0/24 maxlen: 24
144.31.51.0/24 maxlen: 24
144.31.57.0/24 maxlen: 24
144.31.82.0/24 maxlen: 24
144.31.83.0/24 maxlen: 24
144.31.93.0/24 maxlen: 24
144.31.103.0/24 maxlen: 24
144.31.107.0/24 maxlen: 24
144.31.108.0/24 maxlen: 24
144.31.109.0/24 maxlen: 24
144.31.213.0/24 maxlen: 24
144.31.214.0/24 maxlen: 24
144.31.216.0/24 maxlen: 24
144.31.217.0/24 maxlen: 24
144.31.218.0/24 maxlen: 24
144.31.219.0/24 maxlen: 24
144.31.239.0/24 maxlen: 24
144.31.240.0/24 maxlen: 24
144.31.241.0/24 maxlen: 24
144.31.242.0/24 maxlen: 24
144.31.243.0/24 maxlen: 24
144.31.249.0/24 maxlen: 24
150.241.72.0/24 maxlen: 24
150.241.73.0/24 maxlen: 24
150.241.74.0/24 maxlen: 24
150.241.75.0/24 maxlen: 24
150.241.82.0/24 maxlen: 24
150.241.83.0/24 maxlen: 24
150.241.100.0/24 maxlen: 24
150.241.101.0/24 maxlen: 24
150.241.102.0/24 maxlen: 24
150.241.103.0/24 maxlen: 24
185.170.153.0/24 maxlen: 24
185.170.154.0/24 maxlen: 24
193.23.195.0/24 maxlen: 24
193.23.200.0/24 maxlen: 24
193.23.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 07:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f4:1a:7c:d7:ce:3d:27:1f:1a:fc:a9:f6:48:8c:2f:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 4 17:47:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b2742f190efe665c2c44f71e3739450e8974ae85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bd:49:c9:a1:f4:a1:f0:cb:32:19:aa:48:03:
f4:92:6b:01:77:85:ec:2c:6c:8f:16:8c:c2:93:76:
9a:57:61:25:b7:8d:07:f5:cc:9a:9e:53:e1:9a:91:
9f:9c:30:fa:ac:f0:64:f7:fb:8d:83:d8:b8:20:ef:
aa:14:77:1b:18:95:44:1f:6a:cb:de:1c:54:0e:81:
eb:1d:48:65:76:f7:1b:3f:54:89:36:be:67:0d:34:
3a:cf:28:53:9d:34:ed:33:34:86:7d:98:b2:ff:a6:
8c:7b:fb:be:e8:14:8f:ac:b1:3c:7c:07:64:a4:92:
9a:1d:90:83:e2:c5:9a:cc:75:71:34:3c:74:00:d0:
aa:0d:29:b4:6a:34:67:e0:f0:2d:61:b4:8c:04:b4:
0f:b5:b1:30:94:7f:c5:54:0d:d4:90:16:22:7e:d9:
cd:4a:11:d0:63:2b:24:51:27:1c:40:b9:f5:4b:68:
8c:78:83:c8:f6:5a:01:7d:01:c1:3f:f3:e0:11:50:
08:a7:ad:2a:3a:03:71:b4:ff:8a:c1:4e:c5:0a:e6:
7b:68:bb:77:f7:a3:68:59:00:ad:40:05:c4:20:8e:
f6:9c:d4:88:b7:b6:63:65:ec:f4:bd:e3:4f:2e:8c:
f8:26:98:c2:98:cb:b5:96:f8:87:68:d0:90:4e:ae:
35:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:74:2F:19:0E:FE:66:5C:2C:44:F7:1E:37:39:45:0E:89:74:AE:85
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/snQvGQ7-ZlwsRPceNzlFDol0roU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.8.0/22
2.26.88.0-2.26.93.255
64.188.89.0-64.188.90.255
64.188.98.0/24
64.188.127.0/24
77.239.107.0/24
144.31.15.0/24
144.31.49.0-144.31.51.255
144.31.57.0/24
144.31.82.0/23
144.31.93.0/24
144.31.103.0/24
144.31.107.0-144.31.109.255
144.31.213.0-144.31.214.255
144.31.216.0/22
144.31.239.0-144.31.243.255
144.31.249.0/24
150.241.72.0/22
150.241.82.0/23
150.241.100.0/22
185.170.153.0-185.170.154.255
193.23.195.0/24
193.23.200.0/24
193.23.202.0/24
Signature Algorithm: sha256WithRSAEncryption
66:79:d1:57:01:d2:2a:81:7a:b6:19:68:54:bf:64:61:ae:6c:
84:b1:e1:d0:31:fb:e7:e8:8a:47:60:02:d5:b9:f3:8a:db:ea:
87:d8:f9:73:c5:1c:d4:ea:ed:9f:06:ea:93:d9:65:02:e8:0c:
fd:8b:53:71:fc:c7:f9:45:d9:85:02:3e:27:df:56:c6:cf:c8:
83:12:b2:f2:40:22:2f:c4:a6:79:e6:0a:b9:04:b1:e1:e3:9f:
75:a7:fb:19:5f:77:68:be:1a:9b:02:0d:2f:32:ce:ac:52:31:
3b:d1:8f:f3:d8:33:3c:67:a6:01:59:73:02:06:c6:83:34:33:
44:f2:85:ff:3c:7f:a4:99:7f:d8:af:02:3b:fb:20:e6:95:02:
ef:3d:1a:cd:0e:a7:fd:63:91:7d:ba:63:79:6b:9a:54:08:5c:
f0:e3:7d:a5:3e:b9:06:6e:1c:d0:d3:96:7c:c7:89:f4:22:50:
d3:db:74:fe:5f:04:68:f2:76:85:ae:df:09:b0:2c:e2:24:ff:
c9:0e:ce:b2:82:f6:42:97:be:56:c7:a3:cd:65:c3:cf:e9:2e:
9b:c5:86:cc:e1:8d:22:9c:4b:b1:dd:a2:35:06:8a:85:ad:28:
a4:0f:31:a3:92:3f:dc:41:4d:2e:49:c3:c5:6b:0f:17:66:a2:
4e:53:ce:84
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZ30GnzXzj0nHxr8qfZIjC99MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNTA0MTc0NzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjc0MmYxOTBlZmU2NjVjMmM0NGY3MWUzNzM5NDUwZTg5NzRhZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL1JyaH0ofDLMhmqSAP0kmsBd4Xs
LGyPFozCk3aaV2Elt40H9cyanlPhmpGfnDD6rPBk9/uNg9i4IO+qFHcbGJVEH2rL
3hxUDoHrHUhldvcbP1SJNr5nDTQ6zyhTnTTtMzSGfZiy/6aMe/u+6BSPrLE8fAdk
pJKaHZCD4sWazHVxNDx0ANCqDSm0ajRn4PAtYbSMBLQPtbEwlH/FVA3UkBYiftnN
ShHQYyskUSccQLn1S2iMeIPI9loBfQHBP/PgEVAIp60qOgNxtP+KwU7FCuZ7aLt3
96NoWQCtQAXEII72nNSIt7ZjZez0veNPLoz4JpjCmMu1lviHaNCQTq417QIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFLJ0LxkO/mZcLET3Hjc5RQ6JdK6FMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvc25RdkdRNy1abHdzUlBjZU56bEZEb2wwcm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBzwQCAAEwgcgDBAIC
GggwDAMEAwIaWAMEAQIaXDAMAwQAQLxZAwQAQLxaAwQAQLxiAwQAQLx/AwQATe9r
AwQAkB8PMAwDBACQHzEDBAKQHzADBACQHzkDBAGQH1IDBACQH10DBACQH2cwDAME
AJAfawMEAZAfbDAMAwQAkB/VAwQAkB/WAwQCkB/YMAwDBACQH+8DBAKQH/ADBACQ
H/kDBAKW8UgDBAGW8VIDBAKW8WQwDAMEALmqmQMEALmqmgMEAMEXwwMEAMEXyAME
AMEXyjANBgkqhkiG9w0BAQsFAAOCAQEAZnnRVwHSKoF6thloVL9kYa5shLHh0DH7
5+iKR2AC1bnzitvqh9j5c8Uc1Ortnwbqk9llAugM/YtTcfzH+UXZhQI+J99Wxs/I
gxKy8kAiL8SmeeYKuQSx4eOfdaf7GV93aL4amwINLzLOrFIxO9GP89gzPGemAVlz
AgbGgzQzRPKF/zx/pJl/2K8CO/sg5pUC7z0azQ6n/WORfbpjeWuaVAhc8ON9pT65
Bm4c0NOWfMeJ9CJQ09t0/l8EaPJ2ha7fCbAs4iT/yQ7OsoL2Qpe+VsejzWXDz+ku
m8WGzOGNIpxLsd2iNQaKha0opA8xo5I/3EFNLknDxWsPF2aiTlPOhA==
-----END CERTIFICATE-----
Generated at Tue May 5 16:50:41 2026 by rpki-client