Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4vEbwSBR5113RCOKr86s9Qow2jg.roa
File: 4vEbwSBR5113RCOKr86s9Qow2jg.roa (raw, json)
Hash identifier: 9VregVRmSZ9d3ZDU5YTZyo+O5AeUqEYOufE9uRrVnA0=
Subject key identifier: E2:F1:1B:C1:20:51:E7:5D:77:44:23:8A:AF:CE:AC:F5:0A:30:DA:38
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019EA5510678FF7A8BC6572FB1473D643C3A
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4vEbwSBR5113RCOKr86s9Qow2jg.roa
Signing time: Mon 08 Jun 2026 03:40:11 +0000
ROA not before: Mon 08 Jun 2026 03:40:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 2.26.133.0/24 maxlen: 24
2.26.134.0/24 maxlen: 24
2.26.136.0/24 maxlen: 24
2.26.137.0/24 maxlen: 24
2.26.141.0/24 maxlen: 24
2.26.142.0/24 maxlen: 24
31.77.76.0/24 maxlen: 24
31.77.77.0/24 maxlen: 24
31.77.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a5:51:06:78:ff:7a:8b:c6:57:2f:b1:47:3d:64:3c:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 8 03:40:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e2f11bc12051e75d7744238aafceacf50a30da38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:97:87:09:9b:61:5b:7c:5b:20:cc:fb:35:4a:
88:6a:90:78:b0:f6:2d:27:b9:74:89:6e:0f:e7:bd:
15:f4:81:a8:79:45:fb:89:b7:25:ba:b2:16:65:44:
36:ad:72:7a:66:38:71:45:51:b5:06:af:e8:a6:4d:
43:bf:27:fa:f5:7f:62:58:8a:3c:29:b3:8b:03:10:
7d:da:15:fd:0d:53:21:6f:ed:31:b8:f5:52:8b:ae:
3e:f5:89:a7:e0:b7:fa:55:53:f4:da:0f:db:8b:6f:
fd:e9:b6:bd:f2:37:19:54:8c:cf:34:7e:45:83:aa:
5f:4b:2b:55:20:e8:01:28:5e:5e:79:f3:46:52:20:
c2:6a:4c:61:90:ca:76:fc:8e:fc:8e:24:57:24:d0:
99:07:d8:63:97:d2:16:93:9d:c1:00:1a:5f:04:bb:
8b:fd:83:d6:8e:81:b3:b6:4b:f6:24:5c:28:c1:e9:
f6:57:b0:3d:6d:90:05:bb:97:26:0a:be:95:b8:ca:
f8:7e:3a:72:a1:50:8d:0b:68:d4:1b:d0:51:48:67:
57:9e:87:0a:b5:eb:db:19:f8:d5:4f:8e:b1:99:ea:
02:52:3b:2e:68:27:11:a2:74:39:0f:85:15:31:be:
b2:61:95:fb:2a:e2:76:98:ed:34:4b:17:db:db:56:
e0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:F1:1B:C1:20:51:E7:5D:77:44:23:8A:AF:CE:AC:F5:0A:30:DA:38
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4vEbwSBR5113RCOKr86s9Qow2jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.133.0-2.26.134.255
2.26.136.0/23
2.26.141.0-2.26.142.255
31.77.76.0/23
31.77.79.0/24
Signature Algorithm: sha256WithRSAEncryption
23:28:2a:47:e1:f3:cf:89:4e:ff:d6:dd:1c:00:ed:2f:2e:1a:
82:bc:f6:53:91:90:8f:35:c0:b1:9a:08:fd:4f:83:b5:22:77:
9b:2a:12:27:6c:90:13:88:67:95:65:d7:0f:bf:5d:d7:39:94:
c3:53:d9:29:0f:1e:53:79:e3:9b:3e:80:1d:79:4e:d3:5c:4d:
4a:17:a5:b4:06:60:37:77:e7:a2:c7:c1:fc:a0:55:0c:0a:aa:
8b:84:75:16:98:df:08:0d:ed:78:69:43:c5:70:6f:9c:41:42:
fa:93:9c:fd:7c:cd:da:d2:a2:f8:58:de:fb:9b:06:37:d5:cc:
a7:31:74:5d:29:c2:69:8a:33:cc:04:ec:9b:3a:af:fa:0a:cb:
83:06:78:8f:7a:70:5f:60:1b:fd:18:89:35:ef:15:29:ff:a8:
99:5c:22:79:2b:5a:e2:09:71:ba:61:50:3b:b1:30:75:8f:73:
c0:3a:4c:18:d5:e4:f3:92:4d:a5:95:ff:37:10:65:81:1e:b0:
0f:33:f5:f0:df:49:78:67:52:9a:a5:b7:48:59:a2:80:6b:a7:
6f:f5:e2:93:82:a0:ab:6b:0a:a6:7e:68:56:47:76:f5:87:bd:
c7:b1:05:a5:0e:1d:66:ad:c3:83:10:6e:a0:98:88:67:11:c6:
39:68:85:05
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZ6lUQZ4/3qLxlcvsUc9ZDw6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjA4MDM0MDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmYxMWJjMTIwNTFlNzVkNzc0NDIzOGFhZmNlYWNmNTBhMzBkYTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZeHCZthW3xbIMz7NUqIapB4sPYt
J7l0iW4P570V9IGoeUX7ibclurIWZUQ2rXJ6ZjhxRVG1Bq/opk1Dvyf69X9iWIo8
KbOLAxB92hX9DVMhb+0xuPVSi64+9Ymn4Lf6VVP02g/bi2/96ba98jcZVIzPNH5F
g6pfSytVIOgBKF5eefNGUiDCakxhkMp2/I78jiRXJNCZB9hjl9IWk53BABpfBLuL
/YPWjoGztkv2JFwowen2V7A9bZAFu5cmCr6VuMr4fjpyoVCNC2jUG9BRSGdXnocK
tevbGfjVT46xmeoCUjsuaCcRonQ5D4UVMb6yYZX7KuJ2mO00Sxfb21bgywIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFOLxG8EgUeddd0Qjiq/OrPUKMNo4MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvNHZFYndTQlI1MTEzUkNPS3I4NnM5UW93MmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAACGoUD
BAACGoYDBAECGogwDAMEAAIajQMEAAIajgMEAR9NTAMEAB9NTzANBgkqhkiG9w0B
AQsFAAOCAQEAIygqR+Hzz4lO/9bdHADtLy4agrz2U5GQjzXAsZoI/U+DtSJ3myoS
J2yQE4hnlWXXD79d1zmUw1PZKQ8eU3njmz6AHXlO01xNSheltAZgN3fnosfB/KBV
DAqqi4R1FpjfCA3teGlDxXBvnEFC+pOc/XzN2tKi+Fje+5sGN9XMpzF0XSnCaYoz
zATsmzqv+grLgwZ4j3pwX2Ab/RiJNe8VKf+omVwieSta4glxumFQO7EwdY9zwDpM
GNXk85JNpZX/NxBlgR6wDzP18N9JeGdSmqW3SFmigGunb/Xik4Kgq2sKpn5oVkd2
9Ye9x7EFpQ4dZq3DgxBuoJiIZxHGOWiFBQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:45:28 2026 by rpki-client