Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/xyTYeSmfq2Ypz8WC2-fXcuPoHok.roa
File: xyTYeSmfq2Ypz8WC2-fXcuPoHok.roa (raw, json)
Hash identifier: uR7eNdVKbn+jdrTpyZoRi1sxBjErZcvfqSmoMHUUhvg=
Subject key identifier: C7:24:D8:79:29:9F:AB:66:29:CF:C5:82:DB:E7:D7:72:E3:E8:1E:89
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019EAE516E8BDBDD8D14EDF3A4529F43CF0E
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/xyTYeSmfq2Ypz8WC2-fXcuPoHok.roa
Signing time: Tue 09 Jun 2026 21:37:12 +0000
ROA not before: Tue 09 Jun 2026 21:37:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216127
IP address blocks: 2.26.16.0/22 maxlen: 24
2.26.28.0/22 maxlen: 24
2.26.116.0/22 maxlen: 24
2.26.158.0/24 maxlen: 24
2.26.248.0/22 maxlen: 24
2.27.18.0/24 maxlen: 24
2.27.19.0/24 maxlen: 24
31.76.16.0/22 maxlen: 24
31.76.44.0/22 maxlen: 24
31.76.72.0/22 maxlen: 24
31.76.96.0/22 maxlen: 24
31.76.224.0/22 maxlen: 24
31.77.132.0/22 maxlen: 24
31.77.174.0/23 maxlen: 24
31.77.218.0/24 maxlen: 24
31.77.223.0/24 maxlen: 24
77.239.96.0/22 maxlen: 24
144.31.96.0/22 maxlen: 24
144.31.154.0/23 maxlen: 24
144.31.180.0/22 maxlen: 24
144.31.188.0/23 maxlen: 24
144.31.200.0/23 maxlen: 24
144.31.204.0/23 maxlen: 24
144.31.250.0/23 maxlen: 24
150.241.90.0/23 maxlen: 24
185.184.120.0/24 maxlen: 24
185.184.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ae:51:6e:8b:db:dd:8d:14:ed:f3:a4:52:9f:43:cf:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 9 21:37:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c724d879299fab6629cfc582dbe7d772e3e81e89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:8e:d6:c8:63:d6:50:76:38:6a:a5:e5:66:18:
66:a0:86:8b:6c:63:2b:f4:50:b8:3d:75:ea:fd:07:
3c:d3:15:d2:fb:07:70:8e:6f:83:9a:09:94:6a:a6:
d9:00:44:63:29:57:a9:0d:c1:82:18:24:27:88:2c:
4d:b5:95:1d:78:b7:45:83:4f:e4:ae:bc:cd:f3:bb:
b7:cb:ae:10:c5:e1:fc:75:1f:4a:7e:ff:ec:45:60:
05:f1:35:ef:b0:be:a1:4f:1a:ba:ea:22:c9:95:09:
87:44:01:9a:23:b8:99:6f:ca:37:70:d1:a5:78:a7:
f1:e5:74:08:fc:f4:a0:96:91:71:c7:3f:d7:48:74:
b3:12:14:0e:30:41:58:15:69:02:9e:09:7b:ac:e5:
08:e7:c8:b0:44:d5:95:e8:bc:35:f6:4c:43:94:12:
43:c6:c3:9a:97:3c:4b:29:b3:f7:b2:eb:3a:f9:f8:
a5:16:f2:70:c7:97:a9:81:0b:bc:e7:ff:56:c7:03:
03:bb:2b:fa:05:80:d6:1e:48:39:c8:7f:ba:4f:c5:
8c:27:2c:e8:f2:d8:49:dc:2f:65:f3:cd:63:bb:b1:
f4:73:a6:47:fb:96:5b:cf:a6:15:6f:de:a8:aa:3e:
e8:88:43:27:93:6b:f0:77:0c:6f:54:77:3d:c8:66:
94:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:24:D8:79:29:9F:AB:66:29:CF:C5:82:DB:E7:D7:72:E3:E8:1E:89
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/xyTYeSmfq2Ypz8WC2-fXcuPoHok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.16.0/22
2.26.28.0/22
2.26.116.0/22
2.26.158.0/24
2.26.248.0/22
2.27.18.0/23
31.76.16.0/22
31.76.44.0/22
31.76.72.0/22
31.76.96.0/22
31.76.224.0/22
31.77.132.0/22
31.77.174.0/23
31.77.218.0/24
31.77.223.0/24
77.239.96.0/22
144.31.96.0/22
144.31.154.0/23
144.31.180.0/22
144.31.188.0/23
144.31.200.0/23
144.31.204.0/23
144.31.250.0/23
150.241.90.0/23
185.184.120.0/23
Signature Algorithm: sha256WithRSAEncryption
10:55:6b:35:01:d1:fe:fa:2f:7d:97:42:14:7b:8b:51:cb:d5:
c8:90:eb:dc:49:93:3a:96:5a:2e:06:da:06:57:64:34:00:10:
39:18:b8:0b:0e:70:33:1c:26:6d:d9:cd:30:fd:56:d8:84:2c:
88:13:7e:0a:63:88:d9:67:73:83:8d:52:4d:77:86:2c:53:ee:
01:7e:f4:fd:93:d3:fb:2e:07:c2:e8:16:bf:70:a5:1e:ed:e9:
7c:95:e7:4f:e0:1b:a9:5d:24:23:11:9d:7f:4a:84:96:c2:1e:
bd:33:78:52:7a:1d:50:28:b3:fa:ab:4b:5e:80:01:fc:fb:6a:
c0:13:69:23:e0:b4:0f:89:88:95:28:04:36:9e:36:8d:87:b3:
b3:5f:bc:96:d2:36:f9:f9:f2:23:ca:18:b7:ab:fd:df:ed:47:
1a:a3:3b:51:13:ab:bb:1a:81:c9:13:c0:dc:26:a0:df:7f:e5:
25:7d:51:25:f2:98:1f:93:c4:b7:02:e6:41:da:be:7e:ad:c8:
0b:3e:30:74:ee:73:c4:eb:45:51:9c:55:7b:23:6c:d3:66:00:
4c:6f:8d:03:fa:a4:3b:26:2c:bd:9d:d2:bd:c9:a9:34:d2:df:
b1:aa:ff:9a:38:8c:cd:e7:28:c7:2e:4c:dd:a5:5f:9d:62:c6:
b9:3f:1c:5b
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZ6uUW6L292NFO3zpFKfQ88OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjA5MjEzNzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzI0ZDg3OTI5OWZhYjY2MjljZmM1ODJkYmU3ZDc3MmUzZTgxZTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA647WyGPWUHY4aqXlZhhmoIaLbGMr
9FC4PXXq/Qc80xXS+wdwjm+DmgmUaqbZAERjKVepDcGCGCQniCxNtZUdeLdFg0/k
rrzN87u3y64QxeH8dR9Kfv/sRWAF8TXvsL6hTxq66iLJlQmHRAGaI7iZb8o3cNGl
eKfx5XQI/PSglpFxxz/XSHSzEhQOMEFYFWkCngl7rOUI58iwRNWV6Lw19kxDlBJD
xsOalzxLKbP3sus6+filFvJwx5epgQu85/9WxwMDuyv6BYDWHkg5yH+6T8WMJyzo
8thJ3C9l881ju7H0c6ZH+5Zbz6YVb96oqj7oiEMnk2vwdwxvVHc9yGaUjwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFMck2Hkpn6tmKc/Fgtvn13Lj6B6JMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEveHlUWWVTbWZxMllwejhXQzItZlhjdVBvSG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAIC
GhADBAICGhwDBAICGnQDBAACGp4DBAICGvgDBAECGxIDBAIfTBADBAIfTCwDBAIf
TEgDBAIfTGADBAIfTOADBAIfTYQDBAEfTa4DBAAfTdoDBAAfTd8DBAJN72ADBAKQ
H2ADBAGQH5oDBAKQH7QDBAGQH7wDBAGQH8gDBAGQH8wDBAGQH/oDBAGW8VoDBAG5
uHgwDQYJKoZIhvcNAQELBQADggEBABBVazUB0f76L32XQhR7i1HL1ciQ69xJkzqW
Wi4G2gZXZDQAEDkYuAsOcDMcJm3ZzTD9VtiELIgTfgpjiNlnc4ONUk13hixT7gF+
9P2T0/suB8LoFr9wpR7t6XyV50/gG6ldJCMRnX9KhJbCHr0zeFJ6HVAos/qrS16A
Afz7asATaSPgtA+JiJUoBDaeNo2Hs7NfvJbSNvn58iPKGLer/d/tRxqjO1ETq7sa
gckTwNwmoN9/5SV9USXymB+TxLcC5kHavn6tyAs+MHTuc8TrRVGcVXsjbNNmAExv
jQP6pDsmLL2d0r3JqTTS37Gq/5o4jM3nKMcuTN2lX51ixrk/HFs=
-----END CERTIFICATE-----
Generated at Thu Jun 11 22:52:04 2026 by rpki-client