Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/zQnleYqNV83PyzoJcEtckUzzEp0.roa
File: zQnleYqNV83PyzoJcEtckUzzEp0.roa (raw, json)
Hash identifier: wJ65WQ4WSylAkCsIIaRzRB/DQM3aQPSFG3VdvmKFcnQ=
Subject key identifier: CD:09:E5:79:8A:8D:57:CD:CF:CB:3A:09:70:4B:5C:91:4C:F3:12:9D
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019F070777C75DA732E0D05A68C001F74C94
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/zQnleYqNV83PyzoJcEtckUzzEp0.roa
Signing time: Sat 27 Jun 2026 03:02:37 +0000
ROA not before: Sat 27 Jun 2026 03:02:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 10753
IP address blocks: 2.27.134.0/23 maxlen: 24
13.143.118.0/23 maxlen: 24
31.76.190.0/23 maxlen: 24
31.77.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 12:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:07:07:77:c7:5d:a7:32:e0:d0:5a:68:c0:01:f7:4c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 27 03:02:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cd09e5798a8d57cdcfcb3a09704b5c914cf3129d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c4:2e:32:dd:1b:3c:64:99:4e:d8:a3:62:9c:
b7:2c:ef:66:68:63:f1:8b:57:fd:bc:67:1c:dd:bf:
62:ef:60:63:a5:46:be:aa:0b:e7:1c:0b:7c:48:f4:
a3:fa:dd:33:e9:3b:92:c3:bf:77:c2:3b:b4:56:fb:
0d:ee:fc:e1:b4:4e:83:1c:09:8b:cf:5c:9a:24:60:
ea:6d:dd:4b:a3:42:f3:39:66:8f:f4:db:f6:30:34:
8b:54:e5:54:00:4e:a4:cd:81:0d:00:f6:21:4a:53:
f9:33:0d:6e:9d:4d:9f:b2:bf:86:24:fe:b9:d3:b9:
83:a5:90:e9:9b:bf:20:e7:44:7b:99:cc:49:6d:ff:
f7:04:dc:5b:e0:65:63:56:25:e1:41:41:6c:03:94:
98:e6:b0:10:a5:f5:6e:5d:61:75:8c:25:5e:43:65:
cf:cc:a5:33:4c:ac:ca:24:3e:91:d6:80:6e:49:8f:
29:14:2b:08:17:4e:a8:6d:2b:39:41:93:4b:05:5b:
ae:07:d0:ec:c9:83:0c:11:f4:79:00:2b:da:82:bb:
d4:c0:a0:51:f4:aa:4d:2d:18:26:57:eb:44:08:99:
8c:29:ee:15:ec:cc:09:8a:51:fa:4a:39:46:6a:43:
eb:da:a2:00:53:25:4e:6a:4c:0f:69:6c:67:f1:0a:
9e:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:09:E5:79:8A:8D:57:CD:CF:CB:3A:09:70:4B:5C:91:4C:F3:12:9D
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/zQnleYqNV83PyzoJcEtckUzzEp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.134.0/23
13.143.118.0/23
31.76.190.0/23
31.77.234.0/23
Signature Algorithm: sha256WithRSAEncryption
42:eb:f2:3f:40:eb:75:99:46:fa:06:c5:fd:1b:01:08:f3:e3:
79:70:5a:32:66:54:fc:8a:d0:e1:b0:8f:67:34:83:23:2a:38:
f1:a1:72:ff:07:d6:b9:dd:23:01:8c:94:d7:9e:ba:ea:39:32:
29:d5:6b:11:85:88:20:0b:08:8c:f8:3f:90:07:cd:ee:e4:0c:
8d:07:68:1d:f8:a9:25:4e:07:64:1d:9d:8b:53:f9:c7:f8:68:
6b:b7:89:85:5b:9f:84:db:39:a0:7e:63:1e:d7:a0:a5:c1:56:
44:d9:0b:8c:19:ab:b4:fb:08:1f:4c:1f:2e:59:bf:45:cf:43:
98:e7:e9:26:b8:5b:5d:13:28:d9:e8:51:6c:d1:3a:29:83:6d:
03:e8:8d:82:fb:48:33:e9:7f:56:93:2b:42:c3:46:6b:b7:3e:
5d:72:3f:44:f5:84:5b:e3:80:1c:40:82:bf:3f:0d:33:74:d2:
98:fe:18:ab:7a:4a:dd:8d:7e:bf:ae:ff:89:7b:f5:3e:87:ea:
e7:6a:ff:e8:27:b3:04:2c:3b:aa:26:7c:8c:c2:17:8c:03:2b:
8e:f8:6f:eb:e1:ef:7c:d1:c3:d3:ea:4c:ac:d7:19:ad:ad:c3:
1e:fe:bc:b5:77:32:13:2e:81:74:ee:5d:68:99:d2:78:d7:05:
3b:6f:fd:d8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ8HB3fHXacy4NBaaMAB90yUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjI3MDMwMjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDA5ZTU3OThhOGQ1N2NkY2ZjYjNhMDk3MDRiNWM5MTRjZjMxMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcQuMt0bPGSZTtijYpy3LO9maGPx
i1f9vGcc3b9i72BjpUa+qgvnHAt8SPSj+t0z6TuSw793wju0VvsN7vzhtE6DHAmL
z1yaJGDqbd1Lo0LzOWaP9Nv2MDSLVOVUAE6kzYENAPYhSlP5Mw1unU2fsr+GJP65
07mDpZDpm78g50R7mcxJbf/3BNxb4GVjViXhQUFsA5SY5rAQpfVuXWF1jCVeQ2XP
zKUzTKzKJD6R1oBuSY8pFCsIF06obSs5QZNLBVuuB9DsyYMMEfR5ACvagrvUwKBR
9KpNLRgmV+tECJmMKe4V7MwJilH6SjlGakPr2qIAUyVOakwPaWxn8QqeUwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM0J5XmKjVfNz8s6CXBLXJFM8xKdMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvelFubGVZcU5WODNQeXpvSmNFdGNrVXp6RXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBAhuGAwQB
DY92AwQBH0y+AwQBH03qMA0GCSqGSIb3DQEBCwUAA4IBAQBC6/I/QOt1mUb6BsX9
GwEI8+N5cFoyZlT8itDhsI9nNIMjKjjxoXL/B9a53SMBjJTXnrrqOTIp1WsRhYgg
CwiM+D+QB83u5AyNB2gd+KklTgdkHZ2LU/nH+Ghrt4mFW5+E2zmgfmMe16ClwVZE
2QuMGau0+wgfTB8uWb9Fz0OY5+kmuFtdEyjZ6FFs0Topg20D6I2C+0gz6X9WkytC
w0Zrtz5dcj9E9YRb44AcQIK/Pw0zdNKY/hirekrdjX6/rv+Je/U+h+rnav/oJ7ME
LDuqJnyMwheMAyuO+G/r4e980cPT6kys1xmtrcMe/ry1dzITLoF07l1omdJ41wU7
b/3Y
-----END CERTIFICATE-----
Generated at Sat Jun 27 17:40:32 2026 by rpki-client