Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/wxd1ty0Ga8WeTLnNx7LGHGl0kpo.roa
File: wxd1ty0Ga8WeTLnNx7LGHGl0kpo.roa (raw, json)
Hash identifier: Rc5L/7bldJ+224e48baVXxCa6L4o86x67E8BRlYXt6I=
Subject key identifier: C3:17:75:B7:2D:06:6B:C5:9E:4C:B9:CD:C7:B2:C6:1C:69:74:92:9A
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019EA83FC2C708E32FC29C72842ABB7579AA
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/wxd1ty0Ga8WeTLnNx7LGHGl0kpo.roa
Signing time: Mon 08 Jun 2026 17:20:11 +0000
ROA not before: Mon 08 Jun 2026 17:20:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207957
IP address blocks: 2.26.8.0/24 maxlen: 24
2.26.9.0/24 maxlen: 24
2.26.10.0/24 maxlen: 24
2.26.11.0/24 maxlen: 24
2.26.88.0/24 maxlen: 24
2.26.89.0/24 maxlen: 24
2.26.90.0/24 maxlen: 24
2.26.91.0/24 maxlen: 24
2.26.92.0/24 maxlen: 24
2.26.93.0/24 maxlen: 24
31.76.0.0/24 maxlen: 24
31.76.1.0/24 maxlen: 24
31.76.2.0/24 maxlen: 24
31.76.3.0/24 maxlen: 24
31.76.4.0/24 maxlen: 24
31.76.5.0/24 maxlen: 24
31.76.6.0/24 maxlen: 24
31.76.7.0/24 maxlen: 24
31.76.52.0/24 maxlen: 24
31.76.53.0/24 maxlen: 24
31.76.54.0/24 maxlen: 24
31.76.55.0/24 maxlen: 24
31.76.82.0/24 maxlen: 24
31.76.83.0/24 maxlen: 24
31.76.84.0/24 maxlen: 24
31.76.85.0/24 maxlen: 24
31.76.114.0/24 maxlen: 24
31.76.115.0/24 maxlen: 24
31.77.140.0/24 maxlen: 24
31.77.141.0/24 maxlen: 24
31.77.142.0/24 maxlen: 24
31.77.143.0/24 maxlen: 24
64.188.89.0/24 maxlen: 24
64.188.90.0/24 maxlen: 24
64.188.98.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
77.239.107.0/24 maxlen: 24
144.31.15.0/24 maxlen: 24
144.31.49.0/24 maxlen: 24
144.31.50.0/24 maxlen: 24
144.31.51.0/24 maxlen: 24
144.31.57.0/24 maxlen: 24
144.31.82.0/24 maxlen: 24
144.31.83.0/24 maxlen: 24
144.31.93.0/24 maxlen: 24
144.31.103.0/24 maxlen: 24
144.31.107.0/24 maxlen: 24
144.31.108.0/24 maxlen: 24
144.31.109.0/24 maxlen: 24
144.31.213.0/24 maxlen: 24
144.31.214.0/24 maxlen: 24
144.31.216.0/24 maxlen: 24
144.31.217.0/24 maxlen: 24
144.31.218.0/24 maxlen: 24
144.31.219.0/24 maxlen: 24
144.31.239.0/24 maxlen: 24
144.31.240.0/24 maxlen: 24
144.31.241.0/24 maxlen: 24
144.31.242.0/24 maxlen: 24
144.31.243.0/24 maxlen: 24
144.31.249.0/24 maxlen: 24
150.241.72.0/24 maxlen: 24
150.241.73.0/24 maxlen: 24
150.241.74.0/24 maxlen: 24
150.241.75.0/24 maxlen: 24
150.241.82.0/24 maxlen: 24
150.241.83.0/24 maxlen: 24
150.241.100.0/24 maxlen: 24
150.241.101.0/24 maxlen: 24
150.241.102.0/24 maxlen: 24
150.241.103.0/24 maxlen: 24
185.170.153.0/24 maxlen: 24
185.170.154.0/24 maxlen: 24
193.23.195.0/24 maxlen: 24
193.23.200.0/24 maxlen: 24
193.23.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:20:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a8:3f:c2:c7:08:e3:2f:c2:9c:72:84:2a:bb:75:79:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 8 17:20:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c31775b72d066bc59e4cb9cdc7b2c61c6974929a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:57:12:17:e8:3b:ea:52:9d:05:28:6d:aa:30:
93:9a:11:50:26:cb:06:50:fb:3e:c0:91:0e:0e:4a:
50:9f:a4:57:4a:b0:5a:fe:c9:ec:d6:cb:9b:fe:c8:
bd:be:91:9c:5c:be:65:14:b2:fd:54:1a:43:b1:4e:
51:67:0b:d1:6d:1a:6e:79:01:23:50:d6:75:98:28:
44:af:e8:f0:c8:ec:1b:54:c5:71:9e:45:47:4d:c0:
77:7e:16:f8:37:f3:54:0b:8e:53:a9:20:40:75:94:
af:32:36:11:76:32:a8:dc:f2:7e:19:1c:8c:f9:b7:
c6:62:c6:4c:8d:95:ef:14:82:e2:4d:63:14:cd:53:
15:06:2e:84:3c:42:91:2a:5f:c1:37:82:32:c4:6f:
cf:fc:8f:40:b4:59:5f:60:43:0b:80:0e:82:fc:83:
df:fc:40:4a:95:b7:8f:36:03:b5:84:e8:fe:ae:a2:
3d:a9:e4:72:64:fb:9f:85:59:d7:af:10:3a:54:82:
33:ef:b4:6e:84:c1:b9:22:82:88:6b:54:55:9c:fe:
77:af:fc:8a:0c:1d:71:4b:2a:c2:71:4b:86:14:d8:
8c:2b:bd:67:cc:2a:fe:06:ca:ad:86:01:f0:fc:08:
b8:0c:a2:e6:e5:11:3e:bd:62:2c:43:61:18:fd:33:
43:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:17:75:B7:2D:06:6B:C5:9E:4C:B9:CD:C7:B2:C6:1C:69:74:92:9A
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/wxd1ty0Ga8WeTLnNx7LGHGl0kpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.8.0/22
2.26.88.0-2.26.93.255
31.76.0.0/21
31.76.52.0/22
31.76.82.0-31.76.85.255
31.76.114.0/23
31.77.140.0/22
64.188.89.0-64.188.90.255
64.188.98.0/24
64.188.127.0/24
77.239.107.0/24
144.31.15.0/24
144.31.49.0-144.31.51.255
144.31.57.0/24
144.31.82.0/23
144.31.93.0/24
144.31.103.0/24
144.31.107.0-144.31.109.255
144.31.213.0-144.31.214.255
144.31.216.0/22
144.31.239.0-144.31.243.255
144.31.249.0/24
150.241.72.0/22
150.241.82.0/23
150.241.100.0/22
185.170.153.0-185.170.154.255
193.23.195.0/24
193.23.200.0/24
193.23.202.0/24
Signature Algorithm: sha256WithRSAEncryption
79:ba:ad:76:7f:95:df:04:bd:88:49:fb:9c:ae:23:ea:1e:30:
47:5d:bb:49:4e:82:10:12:a9:92:ec:01:e1:8b:5b:89:0b:e5:
6a:27:59:b7:80:5c:e7:7c:0a:01:a6:c0:15:ac:c2:26:9b:eb:
54:77:54:ca:73:bf:de:67:29:55:93:ef:72:db:f1:72:d0:d0:
71:93:a7:26:69:f6:13:33:62:bc:de:e3:81:d2:91:65:ea:3e:
37:83:cb:95:6c:35:18:23:3a:b5:6e:7b:27:98:5b:90:1f:b6:
ce:4e:ad:a0:36:cf:5a:cf:bb:f9:7f:7f:3e:54:c6:47:e7:55:
23:5a:41:7d:7f:ee:15:ea:2b:5f:38:26:94:aa:02:2b:4c:69:
98:e0:cd:83:b0:9c:b3:ae:bc:68:9f:c7:7a:7f:93:1f:74:17:
92:85:f0:3e:51:67:03:34:38:f3:14:a7:54:fd:89:ab:5f:a0:
77:14:bf:e7:47:b1:f0:b1:7f:01:d0:98:75:3d:06:b8:3a:be:
4f:7e:b4:fc:ca:72:7d:08:b0:8f:2d:b6:6e:6b:20:39:19:3c:
7c:a7:53:28:dc:19:d3:33:10:9c:b3:1f:67:98:1b:29:b9:17:
ad:9c:a7:5b:67:be:00:6b:bd:19:00:7b:23:3c:1a:84:ad:5d:
c3:c2:9e:f1
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAZ6oP8LHCOMvwpxyhCq7dXmqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjA4MTcyMDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzE3NzViNzJkMDY2YmM1OWU0Y2I5Y2RjN2IyYzYxYzY5NzQ5MjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFcSF+g76lKdBShtqjCTmhFQJssG
UPs+wJEODkpQn6RXSrBa/sns1sub/si9vpGcXL5lFLL9VBpDsU5RZwvRbRpueQEj
UNZ1mChEr+jwyOwbVMVxnkVHTcB3fhb4N/NUC45TqSBAdZSvMjYRdjKo3PJ+GRyM
+bfGYsZMjZXvFILiTWMUzVMVBi6EPEKRKl/BN4IyxG/P/I9AtFlfYEMLgA6C/IPf
/EBKlbePNgO1hOj+rqI9qeRyZPufhVnXrxA6VIIz77RuhMG5IoKIa1RVnP53r/yK
DB1xSyrCcUuGFNiMK71nzCr+BsqthgHw/Ai4DKLm5RE+vWIsQ2EY/TNDCQIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFMMXdbctBmvFnky5zceyxhxpdJKaMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvd3hkMXR5MEdhOFdlVExuTng3TEdIR2wwa3BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQC
AhoIMAwDBAMCGlgDBAECGlwDBAMfTAADBAIfTDQwDAMEAR9MUgMEAR9MVAMEAR9M
cgMEAh9NjDAMAwQAQLxZAwQAQLxaAwQAQLxiAwQAQLx/AwQATe9rAwQAkB8PMAwD
BACQHzEDBAKQHzADBACQHzkDBAGQH1IDBACQH10DBACQH2cwDAMEAJAfawMEAZAf
bDAMAwQAkB/VAwQAkB/WAwQCkB/YMAwDBACQH+8DBAKQH/ADBACQH/kDBAKW8UgD
BAGW8VIDBAKW8WQwDAMEALmqmQMEALmqmgMEAMEXwwMEAMEXyAMEAMEXyjANBgkq
hkiG9w0BAQsFAAOCAQEAebqtdn+V3wS9iEn7nK4j6h4wR127SU6CEBKpkuwB4Ytb
iQvlaidZt4Bc53wKAabAFazCJpvrVHdUynO/3mcpVZPvctvxctDQcZOnJmn2EzNi
vN7jgdKRZeo+N4PLlWw1GCM6tW57J5hbkB+2zk6toDbPWs+7+X9/PlTGR+dVI1pB
fX/uFeorXzgmlKoCK0xpmODNg7Ccs668aJ/Hen+TH3QXkoXwPlFnAzQ48xSnVP2J
q1+gdxS/50ex8LF/AdCYdT0GuDq+T360/MpyfQiwjy22bmsgORk8fKdTKNwZ0zMQ
nLMfZ5gbKbkXrZynW2e+AGu9GQB7IzwahK1dw8Ke8Q==
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:41:12 2026 by rpki-client