Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/0itmcI8i8eh8W2s7skOfPCAXCQg.roa
File: 0itmcI8i8eh8W2s7skOfPCAXCQg.roa (raw, json)
Hash identifier: wKF8psY6EVFXj3R//W8+O8QSbxAKzXyYDmlJ+AV93aY=
Subject key identifier: D2:2B:66:70:8F:22:F1:E8:7C:5B:6B:3B:B2:43:9F:3C:20:17:09:08
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019EBCAC5D640DE3163DF781C982DD644011
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/0itmcI8i8eh8W2s7skOfPCAXCQg.roa
Signing time: Fri 12 Jun 2026 16:31:12 +0000
ROA not before: Fri 12 Jun 2026 16:31:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214432
IP address blocks: 2.26.177.0/24 maxlen: 24
2.26.178.0/24 maxlen: 24
2.26.179.0/24 maxlen: 24
2.26.180.0/24 maxlen: 24
2.26.181.0/24 maxlen: 24
2.26.184.0/24 maxlen: 24
2.26.187.0/24 maxlen: 24
2.27.108.0/24 maxlen: 24
2.27.142.0/23 maxlen: 24
2.27.146.0/23 maxlen: 24
2.27.249.0/24 maxlen: 24
31.77.220.0/24 maxlen: 24
144.31.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bc:ac:5d:64:0d:e3:16:3d:f7:81:c9:82:dd:64:40:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 12 16:31:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d22b66708f22f1e87c5b6b3bb2439f3c20170908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9b:bf:9e:6a:d9:37:fa:e2:65:83:9e:e2:12:
b1:09:06:b4:31:c2:04:75:5f:ab:8a:5b:ab:40:d5:
c6:f2:0d:8c:0c:1e:37:e3:e8:e2:b0:2e:1e:55:8e:
fd:cc:e6:03:d7:ca:7c:9d:ef:3b:c4:92:54:43:a8:
1d:c2:e8:ec:bb:97:e3:54:8f:ab:64:fa:1b:f3:74:
dd:fb:3a:9a:8f:55:74:b0:f1:92:2c:cc:6a:07:3d:
b2:ce:0a:f4:93:e9:83:87:a0:05:2c:d2:a5:de:55:
9a:f4:bb:06:6c:02:a1:f4:17:1c:b5:8b:f0:14:ac:
c9:79:a7:0a:3e:d1:e3:ae:f6:5b:b4:57:35:98:f7:
a7:0f:bd:2a:58:e3:55:f3:80:e6:18:d6:cb:b6:73:
9f:52:5c:90:cb:e8:a2:b4:4f:d2:09:a3:39:23:9f:
e9:4a:69:36:b4:0e:91:c7:f2:0e:a4:e2:6c:1f:13:
03:4f:29:10:6c:75:bf:53:4a:82:03:c8:33:38:c9:
47:88:fc:51:00:65:8b:9d:bc:4a:cb:c9:0f:2e:78:
2c:ca:0b:72:d9:6f:1c:a2:fe:85:18:12:e7:bf:f7:
d4:19:7e:cd:68:62:7e:53:ef:26:71:b5:81:8c:71:
35:fa:8e:dd:91:99:f3:3a:38:28:09:a2:60:48:0f:
e8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:2B:66:70:8F:22:F1:E8:7C:5B:6B:3B:B2:43:9F:3C:20:17:09:08
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/0itmcI8i8eh8W2s7skOfPCAXCQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.177.0-2.26.181.255
2.26.184.0/24
2.26.187.0/24
2.27.108.0/24
2.27.142.0/23
2.27.146.0/23
2.27.249.0/24
31.77.220.0/24
144.31.43.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:34:4f:05:78:34:ad:55:be:42:15:5d:a7:67:34:18:ee:38:
16:a7:86:de:12:96:25:59:a4:05:63:21:51:16:94:9e:cb:b9:
87:09:34:4f:e3:9d:c4:98:08:c9:88:22:ef:67:74:4d:fe:ff:
00:94:19:7f:35:fc:b7:7b:b8:65:84:68:6c:15:67:82:c3:f0:
c9:90:9b:5f:b2:27:74:5f:8b:28:48:55:79:ac:5b:d1:c3:89:
c7:9a:55:3a:46:ea:74:99:f1:78:83:23:d4:1e:c3:80:c6:cc:
d7:81:4b:a2:65:9f:43:8b:7f:ef:0f:6e:28:32:08:fd:23:92:
18:ba:19:d0:83:a8:20:58:bf:db:57:9f:40:48:7f:ee:af:82:
34:49:88:cb:c4:9a:e3:7a:e3:32:6c:e8:00:d0:50:5f:f6:96:
b1:3c:47:08:03:be:1b:4d:12:2c:f7:de:d0:17:ce:fb:ba:f5:
fe:2d:61:ff:d7:d1:81:2a:42:fd:a0:aa:bf:8d:2f:d6:75:ff:
c3:0f:a7:42:ca:c8:fa:41:ea:4c:90:f6:33:a4:6c:3f:b4:f1:
9a:10:9a:d2:ae:6b:4b:16:a5:93:6e:c7:e5:ab:12:bd:1b:eb:
1a:50:5a:6b:c5:f2:5f:0f:13:09:96:48:e5:86:19:0a:2e:91:
36:63:e0:e0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZ68rF1kDeMWPfeByYLdZEARMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjEyMTYzMTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjJiNjY3MDhmMjJmMWU4N2M1YjZiM2JiMjQzOWYzYzIwMTcwOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupu/nmrZN/riZYOe4hKxCQa0McIE
dV+rilurQNXG8g2MDB434+jisC4eVY79zOYD18p8ne87xJJUQ6gdwujsu5fjVI+r
ZPob83Td+zqaj1V0sPGSLMxqBz2yzgr0k+mDh6AFLNKl3lWa9LsGbAKh9BcctYvw
FKzJeacKPtHjrvZbtFc1mPenD70qWONV84DmGNbLtnOfUlyQy+iitE/SCaM5I5/p
Smk2tA6Rx/IOpOJsHxMDTykQbHW/U0qCA8gzOMlHiPxRAGWLnbxKy8kPLngsygty
2W8cov6FGBLnv/fUGX7NaGJ+U+8mcbWBjHE1+o7dkZnzOjgoCaJgSA/ojQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFNIrZnCPIvHofFtrO7JDnzwgFwkIMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvMGl0bWNJOGk4ZWg4VzJzN3NrT2ZQQ0FYQ1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBAACGrED
BAECGrQDBAACGrgDBAACGrsDBAACG2wDBAECG44DBAECG5IDBAACG/kDBAAfTdwD
BACQHyswDQYJKoZIhvcNAQELBQADggEBAFw0TwV4NK1VvkIVXadnNBjuOBanht4S
liVZpAVjIVEWlJ7LuYcJNE/jncSYCMmIIu9ndE3+/wCUGX81/Ld7uGWEaGwVZ4LD
8MmQm1+yJ3RfiyhIVXmsW9HDiceaVTpG6nSZ8XiDI9Qew4DGzNeBS6Jln0OLf+8P
bigyCP0jkhi6GdCDqCBYv9tXn0BIf+6vgjRJiMvEmuN64zJs6ADQUF/2lrE8RwgD
vhtNEiz33tAXzvu69f4tYf/X0YEqQv2gqr+NL9Z1/8MPp0LKyPpB6kyQ9jOkbD+0
8ZoQmtKua0sWpZNux+WrEr0b6xpQWmvF8l8PEwmWSOWGGQoukTZj4OA=
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:28:17 2026 by rpki-client