Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/xV2iNYXoWU72izEzr0K4P2z5pMU.roa
File: xV2iNYXoWU72izEzr0K4P2z5pMU.roa (raw, json)
Hash identifier: 79u1sQPt4vhMlI4UmjyroS/7IHYOJQoK1xHYKdxtJnM=
Subject key identifier: C5:5D:A2:35:85:E8:59:4E:F6:8B:31:33:AF:42:B8:3F:6C:F9:A4:C5
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019E98C0C680F8C16A9C101F2AF07AEB3F0F
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/xV2iNYXoWU72izEzr0K4P2z5pMU.roa
Signing time: Fri 05 Jun 2026 17:07:11 +0000
ROA not before: Fri 05 Jun 2026 17:07:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212701
IP address blocks: 31.77.132.0/22 maxlen: 24
144.31.154.0/23 maxlen: 24
144.31.180.0/22 maxlen: 24
144.31.188.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:98:c0:c6:80:f8:c1:6a:9c:10:1f:2a:f0:7a:eb:3f:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 5 17:07:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c55da23585e8594ef68b3133af42b83f6cf9a4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ab:ac:5a:a6:be:ea:05:07:eb:32:e2:7e:c5:
47:0d:8b:1c:87:40:f9:17:a5:d5:99:ce:ca:be:44:
48:5f:4b:b8:ae:aa:0f:39:1b:1c:c6:83:1e:45:90:
89:69:61:f6:7b:f8:49:67:68:3e:f6:58:36:25:bd:
70:71:ed:4d:a9:ca:d8:b8:e7:e4:2e:bf:c2:78:6a:
9f:79:31:22:6b:1b:32:55:7e:b8:62:2d:10:8c:70:
65:5d:13:04:95:d5:0d:2f:38:81:29:2d:d6:69:c3:
20:a0:cb:d1:97:27:61:22:94:89:f9:b1:bc:57:2f:
a9:92:f6:1d:b4:3e:21:4c:18:ac:9f:6f:70:22:55:
cd:01:24:c3:6e:0f:22:ec:90:90:a7:88:c6:f7:d4:
a4:85:5b:1a:e3:3a:21:e3:9e:e4:41:03:a1:66:f2:
3e:4d:a8:6c:60:fe:70:48:d6:ee:61:e1:d1:a0:fd:
64:00:0f:4d:3c:3e:33:b1:94:91:f0:4b:6e:63:2f:
fb:26:8a:ed:70:17:7c:a8:33:a7:aa:a9:37:3a:2c:
08:c6:11:32:a5:8a:99:c5:c5:81:70:72:a6:94:8d:
6d:39:6f:dc:b8:83:2b:c3:5d:9a:16:bc:99:aa:d1:
dd:42:18:0e:19:74:b5:0c:d7:45:62:e7:c7:16:cf:
b1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:5D:A2:35:85:E8:59:4E:F6:8B:31:33:AF:42:B8:3F:6C:F9:A4:C5
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/xV2iNYXoWU72izEzr0K4P2z5pMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.77.132.0/22
144.31.154.0/23
144.31.180.0/22
144.31.188.0/23
Signature Algorithm: sha256WithRSAEncryption
15:37:cb:47:eb:8e:f2:9e:c5:6c:60:98:e1:a6:1f:22:d4:76:
cc:e3:0d:d6:72:f4:d9:df:20:95:b4:71:5d:d8:ce:ba:78:4b:
0c:cb:e0:97:56:25:cf:26:73:ff:31:bf:45:56:00:a7:13:40:
12:c1:63:12:ea:c5:6e:db:c4:ea:ca:fe:fe:eb:e4:ab:20:1b:
40:61:3c:55:5a:cd:de:de:9f:fb:2c:da:3d:38:50:48:4d:33:
88:e3:f4:5e:1d:fa:ee:3a:d1:57:aa:c6:3d:df:93:d9:bf:bc:
bc:3a:92:f6:b4:9b:29:3e:c2:fe:ac:1e:e7:f3:c8:de:90:f6:
57:39:b5:78:c1:55:ff:e1:19:15:74:89:30:e5:b5:26:c7:50:
60:90:78:3c:59:4b:a4:9b:8f:9b:de:8f:7e:01:5d:c3:a9:af:
3a:78:aa:cb:8d:4f:2a:81:04:1d:78:e6:87:0e:83:97:ba:07:
62:53:0f:3b:72:5d:57:dc:26:00:51:41:00:6e:24:3f:ac:88:
da:73:79:50:96:a0:70:90:88:09:a5:f3:f9:18:8d:27:6b:0f:
ed:a9:b6:d8:ae:bd:b9:c4:1f:31:c2:29:db:fb:d2:79:8f:5b:
99:26:c5:9d:eb:32:46:77:6a:0e:0f:ec:68:67:05:bc:b0:18:
88:21:49:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6YwMaA+MFqnBAfKvB66z8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjA1MTcwNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTVkYTIzNTg1ZTg1OTRlZjY4YjMxMzNhZjQyYjgzZjZjZjlhNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqusWqa+6gUH6zLifsVHDYsch0D5
F6XVmc7KvkRIX0u4rqoPORscxoMeRZCJaWH2e/hJZ2g+9lg2Jb1wce1NqcrYuOfk
Lr/CeGqfeTEiaxsyVX64Yi0QjHBlXRMEldUNLziBKS3WacMgoMvRlydhIpSJ+bG8
Vy+pkvYdtD4hTBisn29wIlXNASTDbg8i7JCQp4jG99SkhVsa4zoh457kQQOhZvI+
TahsYP5wSNbuYeHRoP1kAA9NPD4zsZSR8EtuYy/7JortcBd8qDOnqqk3OiwIxhEy
pYqZxcWBcHKmlI1tOW/cuIMrw12aFryZqtHdQhgOGXS1DNdFYufHFs+xZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMVdojWF6FlO9osxM69CuD9s+aTFMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEveFYyaU5ZWG9XVTcyaXpFenIwSzRQMno1cE1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH02EAwQB
kB+aAwQCkB+0AwQBkB+8MA0GCSqGSIb3DQEBCwUAA4IBAQAVN8tH647ynsVsYJjh
ph8i1HbM4w3WcvTZ3yCVtHFd2M66eEsMy+CXViXPJnP/Mb9FVgCnE0ASwWMS6sVu
28Tqyv7+6+SrIBtAYTxVWs3e3p/7LNo9OFBITTOI4/ReHfruOtFXqsY935PZv7y8
OpL2tJspPsL+rB7n88jekPZXObV4wVX/4RkVdIkw5bUmx1BgkHg8WUukm4+b3o9+
AV3Dqa86eKrLjU8qgQQdeOaHDoOXugdiUw87cl1X3CYAUUEAbiQ/rIjac3lQlqBw
kIgJpfP5GI0naw/tqbbYrr25xB8xwinb+9J5j1uZJsWd6zJGd2oOD+xoZwW8sBiI
IUlZ
-----END CERTIFICATE-----
Generated at Sat Jun 6 10:49:24 2026 by rpki-client