Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/xQWOEZjZxfN1fsjAFeYeLGH_Yss.roa
File: xQWOEZjZxfN1fsjAFeYeLGH_Yss.roa (raw, json)
Hash identifier: /wXOaaMZa5be37a4SmXhA9K2bDXIwaBMOINyIIwyN7M=
Subject key identifier: C5:05:8E:11:98:D9:C5:F3:75:7E:C8:C0:15:E6:1E:2C:61:FF:62:CB
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019DDB67DB5ECFEF9C6C5B8D2EC02A7B5AB2
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/xQWOEZjZxfN1fsjAFeYeLGH_Yss.roa
Signing time: Wed 29 Apr 2026 22:41:49 +0000
ROA not before: Wed 29 Apr 2026 22:41:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216039
IP address blocks: 2.27.7.0/24 maxlen: 24
31.76.246.0/24 maxlen: 24
144.31.220.0/24 maxlen: 24
144.31.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 07:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:db:67:db:5e:cf:ef:9c:6c:5b:8d:2e:c0:2a:7b:5a:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 29 22:41:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c5058e1198d9c5f3757ec8c015e61e2c61ff62cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:01:21:bf:5b:80:92:53:f3:5e:9b:e2:96:68:
0f:2e:9f:16:5e:ab:8d:98:66:a3:bd:0f:d2:d2:03:
08:ff:91:ff:17:74:17:ba:c5:b6:b3:7e:50:5f:5b:
88:9f:bb:21:32:92:5f:98:cc:29:1e:03:bc:14:90:
17:b0:03:12:17:39:2f:c0:18:da:47:4d:3e:5f:30:
c5:a6:e8:1a:f1:71:06:d8:e8:1e:9b:21:78:ba:e9:
fa:1c:e1:8f:4d:e3:e5:99:18:39:6c:ed:77:c9:3f:
75:f0:31:0f:80:99:46:76:de:6a:a6:66:2d:7f:43:
d5:3c:27:c3:a1:48:d7:a5:d6:59:f7:98:01:e7:5d:
3b:98:da:dd:fa:21:2a:82:96:0c:5c:b6:e7:e2:99:
ac:00:8e:32:45:17:a5:af:f4:54:0b:54:bf:b4:5b:
f5:c5:51:31:90:a1:59:c8:8d:df:3f:e1:a8:32:b3:
13:bb:28:f6:99:5d:c3:34:31:f7:1e:2d:77:fe:0e:
2e:a8:3f:ce:fa:3c:38:00:d5:89:d6:df:1c:43:e9:
01:ea:8e:45:6e:79:ee:a5:71:e3:27:1e:11:a0:07:
54:1b:57:a4:3a:38:9e:29:6a:fc:4e:23:56:52:c3:
f0:09:a7:e6:16:67:16:4c:9c:c2:f2:54:51:c0:a6:
e6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:05:8E:11:98:D9:C5:F3:75:7E:C8:C0:15:E6:1E:2C:61:FF:62:CB
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/xQWOEZjZxfN1fsjAFeYeLGH_Yss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.7.0/24
31.76.246.0/24
144.31.220.0/24
144.31.225.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:60:dc:ff:7d:84:28:ba:3a:52:76:ed:c1:f0:f2:da:59:45:
a7:55:28:47:ec:33:7f:e6:ce:43:45:06:3c:a6:36:64:3a:cf:
4a:d6:76:95:5e:81:f8:b1:14:03:75:27:a5:99:49:8c:90:d0:
83:81:af:05:a2:6b:35:0f:25:f5:8b:9d:01:2e:ea:eb:f0:6e:
cb:b9:79:05:a0:e4:47:72:33:6b:6c:44:e2:f7:58:4c:c8:73:
89:f5:3c:34:21:13:da:e4:00:20:2e:d2:f8:99:9b:38:54:77:
86:d4:4e:bc:e8:e0:99:ee:aa:46:45:94:b9:70:d7:87:a5:c1:
0d:21:e3:88:89:e7:8e:a4:f1:9a:21:77:c0:cd:de:f8:fe:2c:
99:e5:99:9c:60:a5:8e:15:c7:e2:65:b1:de:32:80:1a:a3:1f:
51:19:0e:2b:19:e8:91:80:26:43:76:bf:bf:e4:1a:53:88:11:
ea:46:4c:5d:24:d3:17:b9:65:d6:86:1b:7c:50:cf:9e:10:3a:
e8:e1:e0:04:f4:c5:3f:e3:43:25:18:9c:39:92:5b:24:bf:f5:
25:f5:3c:75:6f:d2:9a:27:c5:a3:b7:62:51:58:dd:58:90:98:
5d:76:4d:20:fb:d2:47:15:f6:a1:66:3a:3b:91:87:25:c5:fa:
6f:03:86:66
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3bZ9tez++cbFuNLsAqe1qyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDI5MjI0MTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTA1OGUxMTk4ZDljNWYzNzU3ZWM4YzAxNWU2MWUyYzYxZmY2MmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQEhv1uAklPzXpvilmgPLp8WXquN
mGajvQ/S0gMI/5H/F3QXusW2s35QX1uIn7shMpJfmMwpHgO8FJAXsAMSFzkvwBja
R00+XzDFpuga8XEG2OgemyF4uun6HOGPTePlmRg5bO13yT918DEPgJlGdt5qpmYt
f0PVPCfDoUjXpdZZ95gB5107mNrd+iEqgpYMXLbn4pmsAI4yRRelr/RUC1S/tFv1
xVExkKFZyI3fP+GoMrMTuyj2mV3DNDH3Hi13/g4uqD/O+jw4ANWJ1t8cQ+kB6o5F
bnnupXHjJx4RoAdUG1ekOjieKWr8TiNWUsPwCafmFmcWTJzC8lRRwKbmpwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMUFjhGY2cXzdX7IwBXmHixh/2LLMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEveFFXT0Vaalp4Zk4xZnNqQUZlWWVMR0hfWXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAhsHAwQA
H0z2AwQAkB/cAwQAkB/hMA0GCSqGSIb3DQEBCwUAA4IBAQB6YNz/fYQoujpSdu3B
8PLaWUWnVShH7DN/5s5DRQY8pjZkOs9K1naVXoH4sRQDdSelmUmMkNCDga8Foms1
DyX1i50BLurr8G7LuXkFoORHcjNrbETi91hMyHOJ9Tw0IRPa5AAgLtL4mZs4VHeG
1E686OCZ7qpGRZS5cNeHpcENIeOIieeOpPGaIXfAzd74/iyZ5ZmcYKWOFcfiZbHe
MoAaox9RGQ4rGeiRgCZDdr+/5BpTiBHqRkxdJNMXuWXWhht8UM+eEDro4eAE9MU/
40MlGJw5klskv/Ul9Tx1b9KaJ8Wjt2JRWN1YkJhddk0g+9JHFfahZjo7kYclxfpv
A4Zm
-----END CERTIFICATE-----
Generated at Tue May 5 16:50:44 2026 by rpki-client