
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/wq8C3pfdMLC7TihWtlxzfRrLLps.roa
File: wq8C3pfdMLC7TihWtlxzfRrLLps.roa (raw, json)
Hash identifier: NZrEZr2n6osbG6om78qOmrztSfZidWSAUefQNDkB3rg=
Subject key identifier: C2:AF:02:DE:97:DD:30:B0:BB:4E:28:56:B6:5C:73:7D:1A:CB:2E:9B
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019F05B94AA052CC917F8FE549FAEB1303CA
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/wq8C3pfdMLC7TihWtlxzfRrLLps.roa
Signing time: Fri 26 Jun 2026 20:57:37 +0000
ROA not before: Fri 26 Jun 2026 20:57:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 219393
IP address blocks: 2.26.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:05:b9:4a:a0:52:cc:91:7f:8f:e5:49:fa:eb:13:03:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 26 20:57:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c2af02de97dd30b0bb4e2856b65c737d1acb2e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:23:57:67:5f:b3:80:95:de:0b:2b:bc:d6:8b:
1e:fe:58:e2:1d:f4:e1:7a:59:90:7b:9e:f6:1a:32:
2d:9d:ab:e9:f6:a4:ac:cb:53:38:a9:76:c9:64:b9:
99:9b:4a:e7:5d:50:7d:af:7a:8c:3a:6a:6b:9a:d4:
4d:b5:12:b0:7c:da:08:20:a9:94:44:4a:0c:56:3e:
36:8d:1d:04:7b:b8:c8:ad:ed:e1:6b:8b:bf:a0:2e:
c3:89:6f:7a:94:35:43:e8:3e:a0:6c:af:b8:1b:b2:
6f:4b:86:da:b8:98:0b:4a:f9:3b:95:ab:5a:ad:78:
d5:58:8f:00:58:3b:57:90:a3:61:d9:45:7e:6b:0d:
4f:f4:9b:d6:f6:fa:04:06:cb:8e:26:6d:ac:18:7f:
0e:95:6f:f3:bd:65:81:2e:55:8e:80:7d:a1:57:1f:
b9:68:dd:0d:99:a6:92:1f:1f:7f:b7:53:2d:3f:5a:
61:21:87:b1:14:24:c5:21:4d:a0:de:be:58:cc:28:
b3:5a:6e:ec:79:78:c0:66:80:33:e1:b1:a4:de:00:
b1:00:94:aa:fb:0b:2e:14:84:7a:c3:7a:b6:0d:3d:
d2:8b:22:6d:80:9f:30:ab:06:57:51:84:96:5a:2e:
5f:03:db:eb:ec:69:e4:ca:05:ce:2b:a4:28:51:9a:
c9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:AF:02:DE:97:DD:30:B0:BB:4E:28:56:B6:5C:73:7D:1A:CB:2E:9B
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/wq8C3pfdMLC7TihWtlxzfRrLLps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.189.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:26:eb:71:0c:c5:f2:80:43:e9:cf:ed:89:67:ba:5a:32:1b:
a8:08:e4:63:62:bc:9e:b0:3c:f2:e7:a3:6f:47:03:ed:3a:f4:
99:51:6d:a7:c2:43:d0:bb:e1:1f:87:2c:98:f7:84:d7:22:24:
6e:6a:53:04:d9:9e:79:b3:2f:b6:b3:0d:c3:68:fd:5b:df:bb:
e6:07:79:8b:a6:a2:72:e9:56:02:85:7c:5e:da:d2:39:1b:51:
74:1a:19:83:6a:16:28:47:0b:0e:58:f3:28:7b:d1:35:dc:7d:
c1:f8:74:a9:bb:18:98:48:1f:eb:b3:b1:cb:be:17:74:8f:88:
d7:76:b4:c3:8a:2a:5d:30:d7:e7:59:96:45:70:b0:8a:e1:18:
50:5e:f6:99:3d:5e:2e:c3:cb:6b:c2:70:7e:33:5d:5e:ba:37:
02:7d:fb:b5:09:23:3d:51:86:0f:56:fd:f7:b0:99:59:85:21:
36:0c:c1:cc:4e:00:40:f6:2c:cd:e7:22:30:eb:5c:23:89:f7:
3a:26:87:14:0e:d2:da:f7:53:a5:9f:5a:4b:4a:61:4e:42:cc:
05:64:f8:22:58:2e:48:f5:7c:0f:3c:17:c2:0f:84:3a:f8:f3:
30:d6:ec:bb:2f:3d:a8:9c:af:82:83:77:dd:2c:33:a6:75:e1:
ca:e3:c4:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ8FuUqgUsyRf4/lSfrrEwPKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjI2MjA1NzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmFmMDJkZTk3ZGQzMGIwYmI0ZTI4NTZiNjVjNzM3ZDFhY2IyZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyNXZ1+zgJXeCyu81ose/ljiHfTh
elmQe572GjItnavp9qSsy1M4qXbJZLmZm0rnXVB9r3qMOmprmtRNtRKwfNoIIKmU
REoMVj42jR0Ee7jIre3ha4u/oC7DiW96lDVD6D6gbK+4G7JvS4bauJgLSvk7lata
rXjVWI8AWDtXkKNh2UV+aw1P9JvW9voEBsuOJm2sGH8OlW/zvWWBLlWOgH2hVx+5
aN0NmaaSHx9/t1MtP1phIYexFCTFIU2g3r5YzCizWm7seXjAZoAz4bGk3gCxAJSq
+wsuFIR6w3q2DT3SiyJtgJ8wqwZXUYSWWi5fA9vr7GnkygXOK6QoUZrJJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMKvAt6X3TCwu04oVrZcc30ayy6bMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvd3E4QzNwZmRNTEM3VGloV3RseHpmUnJMTHBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAhq9MA0G
CSqGSIb3DQEBCwUAA4IBAQBvJutxDMXygEPpz+2JZ7paMhuoCORjYryesDzy56Nv
RwPtOvSZUW2nwkPQu+EfhyyY94TXIiRualME2Z55sy+2sw3DaP1b37vmB3mLpqJy
6VYChXxe2tI5G1F0GhmDahYoRwsOWPMoe9E13H3B+HSpuxiYSB/rs7HLvhd0j4jX
drTDiipdMNfnWZZFcLCK4RhQXvaZPV4uw8trwnB+M11eujcCffu1CSM9UYYPVv33
sJlZhSE2DMHMTgBA9izN5yIw61wjifc6JocUDtLa91Oln1pLSmFOQswFZPgiWC5I
9XwPPBfCD4Q6+PMw1uy7Lz2onK+Cg3fdLDOmdeHK48Qv
-----END CERTIFICATE-----
Generated at Fri Jul 3 19:58:02 2026 by rpki-client