Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/1-05R9dzUyf8_aEPxxMhC7TZ_-pw.roa
File: 1-05R9dzUyf8_aEPxxMhC7TZ_-pw.roa (raw, json)
Hash identifier: ZcwMcQXkTw7ZNHEmqiA9XCy7u1p9GneeBlWgZq99b/s=
Subject key identifier: FB:4E:51:F5:DC:D4:C9:FF:3F:68:43:F1:C4:C8:42:ED:36:7F:FA:9C
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D3002B9B766F7AB96086371A1456B53FB
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/1-05R9dzUyf8_aEPxxMhC7TZ_-pw.roa
Signing time: Fri 27 Mar 2026 15:56:18 +0000
ROA not before: Fri 27 Mar 2026 15:56:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214578
IP address blocks: 2.27.85.0/24 maxlen: 24
2.27.97.0/24 maxlen: 24
2.27.113.0/24 maxlen: 24
2.27.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:30:02:b9:b7:66:f7:ab:96:08:63:71:a1:45:6b:53:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Mar 27 15:56:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fb4e51f5dcd4c9ff3f6843f1c4c842ed367ffa9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7d:d5:a4:f2:60:aa:07:23:1a:bf:e5:f0:39:
4e:54:5d:12:8d:4b:3b:8b:e7:69:76:35:99:b4:42:
68:95:1e:bb:17:be:05:14:fb:f8:81:ff:7a:29:a6:
54:60:8f:00:47:78:d5:d8:53:55:70:fc:77:9c:ae:
5c:1a:2f:51:ce:ad:75:cd:d2:c5:21:e8:8d:b7:12:
93:80:c7:b3:43:9f:c3:98:11:38:a5:96:d4:9b:2d:
84:95:7d:64:6c:41:ba:be:72:c9:a2:5c:76:78:f0:
28:2d:d3:c8:11:bd:d7:6c:56:55:db:92:27:11:2a:
e6:44:89:a7:48:fa:0b:73:2b:ba:71:e9:bf:59:69:
39:9f:c3:d4:e5:23:fa:e9:e8:9c:41:c2:13:8d:d5:
ef:c0:29:74:42:2e:1c:f5:02:e4:68:d8:5b:e5:bf:
b7:a6:33:c2:dd:36:fe:5e:c6:55:c3:61:db:2c:e1:
a1:2e:7c:0d:47:34:25:6d:5b:46:b2:c2:06:3c:1d:
06:19:37:52:7a:a4:f4:1c:e1:fc:0c:2f:4c:8a:59:
b4:2b:dd:bf:ae:28:1a:75:eb:59:83:ab:c8:f8:ed:
0b:93:fc:b0:70:92:74:b2:5a:36:71:64:1f:a8:0e:
e0:e8:5e:4d:16:75:23:a4:07:a1:04:d0:32:8b:b1:
b7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:4E:51:F5:DC:D4:C9:FF:3F:68:43:F1:C4:C8:42:ED:36:7F:FA:9C
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/1-05R9dzUyf8_aEPxxMhC7TZ_-pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.85.0/24
2.27.97.0/24
2.27.113.0/24
2.27.126.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:ca:d5:b9:f7:b1:ec:fa:47:24:2b:5d:28:65:91:1e:91:90:
10:1b:36:5c:74:e2:fb:3e:82:ae:80:62:2f:a7:91:87:e7:1f:
9b:41:a7:cf:2d:82:6c:5b:9c:5a:0b:05:01:ab:37:59:c5:aa:
a1:85:a1:c6:e9:88:8a:1c:18:28:14:28:0a:58:da:73:29:75:
be:0a:bf:67:e3:e0:e5:d9:01:97:d6:cc:b6:a3:55:d2:54:75:
07:1c:85:4d:1e:9a:51:ad:7d:35:07:9f:c8:e6:62:d1:7d:67:
0b:eb:f5:f5:15:76:8c:a6:d5:55:1f:fd:9b:8e:71:21:de:c2:
a5:1b:c3:d4:b9:ec:ee:5b:be:dc:0e:ca:6e:6b:3c:45:ea:60:
2b:81:0d:bc:d0:16:8a:3a:70:f7:89:91:77:44:b9:dc:43:5b:
24:bc:3b:53:61:ea:59:26:0f:18:f8:f6:6c:1a:0e:9a:86:3c:
2b:0b:e3:57:ce:e4:16:8f:01:9c:30:82:25:7a:ef:8a:a0:2a:
10:e4:05:c2:69:cb:d7:e4:92:af:ad:1c:3b:82:ab:00:26:12:
21:a1:22:8f:c1:75:b8:d7:01:b4:5f:72:72:1d:8a:c0:42:95:
72:a9:90:32:8c:c9:32:4a:98:f2:8e:f5:23:41:70:98:12:85:
78:c5:46:a6
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZ0wArm3ZverlghjcaFFa1P7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMzI3MTU1NjE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjRlNTFmNWRjZDRjOWZmM2Y2ODQzZjFjNGM4NDJlZDM2N2ZmYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiX3VpPJgqgcjGr/l8DlOVF0SjUs7
i+dpdjWZtEJolR67F74FFPv4gf96KaZUYI8AR3jV2FNVcPx3nK5cGi9Rzq11zdLF
IeiNtxKTgMezQ5/DmBE4pZbUmy2ElX1kbEG6vnLJolx2ePAoLdPIEb3XbFZV25In
ESrmRImnSPoLcyu6cem/WWk5n8PU5SP66eicQcITjdXvwCl0Qi4c9QLkaNhb5b+3
pjPC3Tb+XsZVw2HbLOGhLnwNRzQlbVtGssIGPB0GGTdSeqT0HOH8DC9Milm0K92/
rigadetZg6vI+O0Lk/ywcJJ0slo2cWQfqA7g6F5NFnUjpAehBNAyi7G3DwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPtOUfXc1Mn/P2hD8cTIQu02f/qcMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvMS0wNVI5ZHpVeWY4X2FFUHh4TWhDN1RaXy1wdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvMzhmMTI4LWVhODItNDU1NS1iNTE0LTE0Mzk2N2E4ZmUw
OC8xL0hKWS1QU0tFZlVac0ppd2doNHduZ05pRUFBTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAAIbVQME
AAIbYQMEAAIbcQMEAAIbfjANBgkqhkiG9w0BAQsFAAOCAQEAn8rVufex7PpHJCtd
KGWRHpGQEBs2XHTi+z6CroBiL6eRh+cfm0Gnzy2CbFucWgsFAas3WcWqoYWhxumI
ihwYKBQoCljacyl1vgq/Z+Pg5dkBl9bMtqNV0lR1BxyFTR6aUa19NQefyOZi0X1n
C+v19RV2jKbVVR/9m45xId7CpRvD1Lns7lu+3A7Kbms8RepgK4ENvNAWijpw94mR
d0S53ENbJLw7U2HqWSYPGPj2bBoOmoY8KwvjV87kFo8BnDCCJXrviqAqEOQFwmnL
1+SSr60cO4KrACYSIaEij8F1uNcBtF9ych2KwEKVcqmQMozJMkqY8o71I0FwmBKF
eMVGpg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:01:23 2026 by rpki-client