Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/3n0PtqdNor_IyvL_lU2F4LUcgzw.roa
File: 3n0PtqdNor_IyvL_lU2F4LUcgzw.roa (raw, json)
Hash identifier: Cpp1VID6SrCz64yQzsoXc5es03or+xvvARa4yWhEKvU=
Subject key identifier: DE:7D:0F:B6:A7:4D:A2:BF:C8:CA:F2:FF:95:4D:85:E0:B5:1C:83:3C
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D54E1EFD219BE4AF15AAA12FAAAF7B633
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/3n0PtqdNor_IyvL_lU2F4LUcgzw.roa
Signing time: Fri 03 Apr 2026 19:46:26 +0000
ROA not before: Fri 03 Apr 2026 19:46:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202413
IP address blocks: 2.27.59.0/24 maxlen: 24
2.27.61.0/24 maxlen: 24
144.31.12.0/24 maxlen: 24
144.31.191.0/24 maxlen: 24
144.31.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:47:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:54:e1:ef:d2:19:be:4a:f1:5a:aa:12:fa:aa:f7:b6:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 3 19:46:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=de7d0fb6a74da2bfc8caf2ff954d85e0b51c833c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e6:c7:aa:7a:31:ad:94:cd:8f:94:96:05:e8:
b3:66:87:72:6c:99:ae:82:bb:e4:f3:ab:8e:21:4f:
b6:e1:23:cc:de:f7:86:65:d9:34:92:bf:e7:17:ea:
a8:5a:f1:32:da:e1:01:f9:0e:f8:db:cc:31:8f:44:
ea:d6:98:5f:ca:44:42:4f:fb:ea:8d:69:7d:95:d5:
15:95:43:6d:f8:81:bd:be:a4:37:ae:4e:7b:47:f1:
0d:e8:34:9c:0c:02:4c:ae:fc:65:73:ec:1e:84:91:
86:9e:1a:d0:91:e4:6f:11:0e:b9:64:ff:48:86:3b:
cb:04:ae:69:28:4c:44:8e:9f:4c:83:b5:f0:3a:49:
4c:b7:75:39:d9:40:70:d4:08:45:66:80:0f:dd:5b:
a7:0a:68:82:78:97:ee:3a:d4:83:3f:af:e1:91:3e:
00:81:e4:0e:0a:d3:09:9a:ea:a7:a9:31:08:96:ee:
80:1a:fa:39:57:0b:d2:eb:41:d1:f8:f2:12:d0:5f:
ce:bf:e4:44:73:ad:0c:cf:4d:11:be:37:99:48:53:
a8:7b:4f:44:59:57:00:4c:ab:aa:b6:99:5e:39:57:
34:74:07:11:da:47:e7:2f:1b:e9:81:23:99:49:58:
aa:1c:75:e6:22:2a:3f:ea:60:c5:85:c1:a6:90:60:
f4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7D:0F:B6:A7:4D:A2:BF:C8:CA:F2:FF:95:4D:85:E0:B5:1C:83:3C
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/3n0PtqdNor_IyvL_lU2F4LUcgzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.59.0/24
2.27.61.0/24
144.31.12.0/24
144.31.191.0/24
144.31.237.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:0d:82:f5:e7:bf:73:1a:2a:38:31:02:11:3f:94:ac:28:ac:
2b:4f:f2:31:55:af:7d:14:3d:76:eb:d3:74:fb:6b:ce:b6:38:
2d:a8:d6:99:a4:0b:53:f8:04:92:56:c9:a3:7a:b7:d0:7e:83:
8e:fa:bd:c0:13:7a:b2:06:d9:dd:db:73:9b:53:e2:a6:20:09:
a4:02:66:8c:5b:15:0b:99:4a:e1:be:4f:13:18:c4:b0:dc:c2:
97:bf:c5:f4:1d:37:00:bf:e7:69:d1:a5:c3:22:6d:8b:96:6f:
5a:37:47:d9:a7:26:c9:5d:f3:a5:94:91:e7:a5:b2:1c:4d:96:
e6:97:bd:63:a3:6e:dd:ff:df:4e:32:ed:7a:a4:b8:ba:68:0d:
13:9c:55:6b:2f:33:76:fe:56:c6:bd:4b:13:77:43:d6:48:65:
69:24:56:cf:8f:0b:3b:a0:6b:bf:c9:e4:e6:4a:95:0c:1b:32:
0a:76:df:2f:47:34:21:dc:67:9b:cb:42:4f:56:c7:71:e8:4a:
4a:e2:26:fb:73:13:2e:a3:99:08:75:f9:04:48:0e:a6:f3:cb:
fe:2d:02:2a:1f:cd:60:a5:97:93:eb:d0:c6:47:87:f1:e2:7c:
a7:38:8a:4c:6f:4d:08:ec:5b:05:92:aa:93:d5:3c:26:71:18:
9b:5b:7a:11
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ1U4e/SGb5K8VqqEvqq97YzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDAzMTk0NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTdkMGZiNmE3NGRhMmJmYzhjYWYyZmY5NTRkODVlMGI1MWM4MzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArebHqnoxrZTNj5SWBeizZodybJmu
grvk86uOIU+24SPM3veGZdk0kr/nF+qoWvEy2uEB+Q7428wxj0Tq1phfykRCT/vq
jWl9ldUVlUNt+IG9vqQ3rk57R/EN6DScDAJMrvxlc+wehJGGnhrQkeRvEQ65ZP9I
hjvLBK5pKExEjp9Mg7XwOklMt3U52UBw1AhFZoAP3VunCmiCeJfuOtSDP6/hkT4A
geQOCtMJmuqnqTEIlu6AGvo5VwvS60HR+PIS0F/Ov+REc60Mz00RvjeZSFOoe09E
WVcATKuqtpleOVc0dAcR2kfnLxvpgSOZSViqHHXmIio/6mDFhcGmkGD0VQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN59D7anTaK/yMry/5VNheC1HIM8MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvM24wUHRxZE5vcl9JeXZMX2xVMkY0TFVjZ3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAhs7AwQA
Ahs9AwQAkB8MAwQAkB+/AwQAkB/tMA0GCSqGSIb3DQEBCwUAA4IBAQAuDYL1579z
Gio4MQIRP5SsKKwrT/IxVa99FD1269N0+2vOtjgtqNaZpAtT+ASSVsmjerfQfoOO
+r3AE3qyBtnd23ObU+KmIAmkAmaMWxULmUrhvk8TGMSw3MKXv8X0HTcAv+dp0aXD
Im2Llm9aN0fZpybJXfOllJHnpbIcTZbml71jo27d/99OMu16pLi6aA0TnFVrLzN2
/lbGvUsTd0PWSGVpJFbPjws7oGu/yeTmSpUMGzIKdt8vRzQh3Geby0JPVsdx6EpK
4ib7cxMuo5kIdfkESA6m88v+LQIqH81gpZeT69DGR4fx4nynOIpMb00I7FsFkqqT
1TwmcRibW3oR
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:59:12 2026 by rpki-client