Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/23303fOyR7OfofM_CwsfVzjqRJI.roa
File: 23303fOyR7OfofM_CwsfVzjqRJI.roa (raw, json)
Hash identifier: R/8qZQA3ZkzkzS8y/m9or4oTIP8lcVkS96nXwB3reqg=
Subject key identifier: DB:7D:F4:DD:F3:B2:47:B3:9F:A1:F3:3F:0B:0B:1F:57:38:EA:44:92
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019C4DF5FF72B460D44BBF63BBBC6A88A4B5
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/23303fOyR7OfofM_CwsfVzjqRJI.roa
Signing time: Wed 11 Feb 2026 18:28:13 +0000
ROA not before: Wed 11 Feb 2026 18:28:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210457
IP address blocks: 144.31.12.0/24 maxlen: 24
144.31.25.0/24 maxlen: 24
144.31.106.0/24 maxlen: 24
144.31.126.0/24 maxlen: 24
144.31.136.0/24 maxlen: 24
144.31.169.0/24 maxlen: 24
144.31.221.0/24 maxlen: 24
144.31.230.0/24 maxlen: 24
144.31.249.0/24 maxlen: 24
150.241.64.0/24 maxlen: 24
150.241.66.0/24 maxlen: 24
193.23.194.0/24 maxlen: 24
193.23.199.0/24 maxlen: 24
193.23.201.0/24 maxlen: 24
193.23.209.0/24 maxlen: 24
193.23.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4d:f5:ff:72:b4:60:d4:4b:bf:63:bb:bc:6a:88:a4:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 11 18:28:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=db7df4ddf3b247b39fa1f33f0b0b1f5738ea4492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a7:76:c3:86:3a:2b:73:8e:63:aa:cf:12:0f:
87:1b:d7:a8:e3:2f:ec:2f:2d:47:09:d0:84:b1:1b:
ab:d8:b7:f6:36:f5:c1:24:8f:e6:ed:3b:32:d9:28:
ec:d8:f3:1a:33:93:2b:84:94:8a:74:00:ed:6f:fc:
da:91:8c:29:c9:fd:fb:63:bf:b1:e1:67:f7:dc:15:
fa:b8:7e:98:c6:9c:76:52:d5:1f:33:98:03:48:4a:
e3:d0:29:63:fc:08:39:79:8a:38:a4:68:db:b5:87:
49:86:e7:76:83:6d:05:61:fe:6f:1f:aa:8c:2e:ab:
e7:69:d7:4d:a3:a6:9c:74:a5:10:0b:05:1b:e4:9c:
e1:65:36:73:67:af:2b:66:0f:59:7b:da:b2:fa:e6:
bf:e5:a3:0d:ee:36:25:b0:ad:78:eb:16:dd:51:55:
88:9f:37:90:96:69:1a:ed:a2:28:4c:f0:98:c0:2a:
95:15:2f:ef:d0:2e:4f:93:b9:8d:bc:ad:1a:3d:f5:
db:1d:89:f2:38:15:98:76:f6:21:ad:6f:46:d5:55:
a8:60:08:7b:21:ae:67:44:0a:d1:3b:4b:51:be:c3:
65:4b:b8:b7:5b:2f:7b:fc:2f:b2:cd:95:ef:25:02:
fb:9c:7a:ef:02:59:5e:91:e7:5b:d3:d7:90:70:0d:
6b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:7D:F4:DD:F3:B2:47:B3:9F:A1:F3:3F:0B:0B:1F:57:38:EA:44:92
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/23303fOyR7OfofM_CwsfVzjqRJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.31.12.0/24
144.31.25.0/24
144.31.106.0/24
144.31.126.0/24
144.31.136.0/24
144.31.169.0/24
144.31.221.0/24
144.31.230.0/24
144.31.249.0/24
150.241.64.0/24
150.241.66.0/24
193.23.194.0/24
193.23.199.0/24
193.23.201.0/24
193.23.209.0/24
193.23.221.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:40:ab:16:22:93:54:4c:ab:f3:a0:27:42:bb:50:40:2f:db:
e3:a7:52:44:31:9a:2c:4c:5d:f0:71:4c:b7:cc:6b:17:f9:25:
98:d8:c8:30:03:88:30:4c:bd:8a:94:09:34:b0:2a:15:a4:0c:
0a:c6:01:de:7e:08:57:fe:1d:c0:67:2b:9d:cf:76:1c:dc:77:
80:19:ab:ec:29:1f:48:45:6c:64:03:aa:b4:32:3e:9a:01:5f:
2b:05:22:34:68:fb:3d:9d:67:39:58:41:a7:08:a6:00:cb:97:
2b:66:6f:1a:16:d6:7f:50:df:a3:5f:7f:cb:4e:b8:af:1d:93:
c4:3d:f7:66:d9:35:d9:37:98:14:7d:1b:ed:a2:1f:cf:78:75:
1c:fb:19:41:a1:8a:20:28:9a:6b:d1:72:58:8e:47:92:a4:8c:
9d:2d:e7:23:04:bd:41:e7:26:cd:47:1a:ab:fa:dd:26:76:f1:
2e:bf:6c:45:0f:08:fc:60:60:7d:9c:c5:ac:00:58:7f:9b:93:
5a:9f:d7:91:00:12:59:6f:7b:7d:22:81:20:75:a5:39:8c:f1:
73:38:91:53:a2:42:ab:b4:7d:de:8b:55:59:0c:04:7c:83:23:
1f:7d:60:0a:d9:f7:d2:55:57:0b:b4:26:01:7d:0d:7e:26:59:
96:a5:23:64
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZxN9f9ytGDUS79ju7xqiKS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMjExMTgyODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjdkZjRkZGYzYjI0N2IzOWZhMWYzM2YwYjBiMWY1NzM4ZWE0NDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqd2w4Y6K3OOY6rPEg+HG9eo4y/s
Ly1HCdCEsRur2Lf2NvXBJI/m7Tsy2Sjs2PMaM5MrhJSKdADtb/zakYwpyf37Y7+x
4Wf33BX6uH6Yxpx2UtUfM5gDSErj0Clj/Ag5eYo4pGjbtYdJhud2g20FYf5vH6qM
LqvnaddNo6acdKUQCwUb5JzhZTZzZ68rZg9Ze9qy+ua/5aMN7jYlsK146xbdUVWI
nzeQlmka7aIoTPCYwCqVFS/v0C5Pk7mNvK0aPfXbHYnyOBWYdvYhrW9G1VWoYAh7
Ia5nRArRO0tRvsNlS7i3Wy97/C+yzZXvJQL7nHrvAllekedb09eQcA1rEwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFNt99N3zskezn6HzPwsLH1c46kSSMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvMjMzMDNmT3lSN09mb2ZNX0N3c2ZWempxUkpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAkB8MAwQA
kB8ZAwQAkB9qAwQAkB9+AwQAkB+IAwQAkB+pAwQAkB/dAwQAkB/mAwQAkB/5AwQA
lvFAAwQAlvFCAwQAwRfCAwQAwRfHAwQAwRfJAwQAwRfRAwQAwRfdMA0GCSqGSIb3
DQEBCwUAA4IBAQCPQKsWIpNUTKvzoCdCu1BAL9vjp1JEMZosTF3wcUy3zGsX+SWY
2MgwA4gwTL2KlAk0sCoVpAwKxgHefghX/h3AZyudz3Yc3HeAGavsKR9IRWxkA6q0
Mj6aAV8rBSI0aPs9nWc5WEGnCKYAy5crZm8aFtZ/UN+jX3/LTrivHZPEPfdm2TXZ
N5gUfRvtoh/PeHUc+xlBoYogKJpr0XJYjkeSpIydLecjBL1B5ybNRxqr+t0mdvEu
v2xFDwj8YGB9nMWsAFh/m5Nan9eRABJZb3t9IoEgdaU5jPFzOJFTokKrtH3ei1VZ
DAR8gyMffWAK2ffSVVcLtCYBfQ1+JlmWpSNk
-----END CERTIFICATE-----
Generated at Sun Mar 1 16:25:00 2026 by rpki-client