Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/77jEIeIprCc6VFlwIN-6bOutIfo.roa
File: 77jEIeIprCc6VFlwIN-6bOutIfo.roa (raw, json)
Hash identifier: W4rllVvpriGDXgZPfs/Vvop6aWWUSGCUdIDOVb1g59U=
Subject key identifier: EF:B8:C4:21:E2:29:AC:27:3A:54:59:70:20:DF:BA:6C:EB:AD:21:FA
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D971C82F2259362B0C3C360A532A75747
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/77jEIeIprCc6VFlwIN-6bOutIfo.roa
Signing time: Thu 16 Apr 2026 16:25:21 +0000
ROA not before: Thu 16 Apr 2026 16:25:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210546
IP address blocks: 2.26.64.0/22 maxlen: 24
2.26.72.0/23 maxlen: 24
2.27.1.0/24 maxlen: 24
2.27.48.0/23 maxlen: 24
2.27.50.0/23 maxlen: 24
64.188.72.0/24 maxlen: 24
144.31.132.0/24 maxlen: 24
144.31.133.0/24 maxlen: 24
144.31.184.0/24 maxlen: 24
144.31.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:1c:82:f2:25:93:62:b0:c3:c3:60:a5:32:a7:57:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 16 16:25:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=efb8c421e229ac273a54597020dfba6cebad21fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:59:07:7b:30:0b:68:2d:8f:2d:30:14:11:55:
ba:be:08:28:52:25:fb:a7:98:98:29:7f:52:9a:b8:
8d:ab:25:27:43:c5:6b:a1:77:cf:e2:ea:f1:2e:4e:
20:ad:65:33:a2:cf:09:62:74:5c:09:db:f6:c4:f2:
c0:f9:49:d9:17:2b:05:a2:3c:a6:b4:8c:f9:56:e2:
80:c0:9b:87:23:7c:c9:4e:00:65:98:af:00:a2:79:
1f:09:81:b2:26:2c:ff:4c:d9:a4:8c:a7:49:21:a5:
e3:18:2c:c4:eb:7a:2a:db:90:3c:8d:74:51:98:d3:
31:6c:b8:91:b3:35:c5:71:de:f3:8f:5a:66:c7:cb:
6d:9c:f7:86:a5:9a:df:02:23:3d:e8:ca:7e:8e:7f:
2d:5b:67:31:cc:d5:5a:4c:7c:35:26:7f:84:cf:c3:
cc:d3:cf:97:fb:60:ff:15:2b:b4:76:c3:8f:f9:6d:
4c:04:22:95:da:a7:f8:a9:74:c3:95:1e:b8:ff:8c:
44:7e:2c:7e:00:4a:0a:7c:58:10:23:09:72:10:ca:
4a:2f:fa:0e:8a:4d:84:67:45:ae:0b:65:d6:d4:41:
fe:ae:0e:81:fe:07:07:32:12:db:3f:af:10:d3:fe:
02:5c:4a:3e:a4:7c:c4:2d:6d:c1:32:55:db:68:ed:
82:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:B8:C4:21:E2:29:AC:27:3A:54:59:70:20:DF:BA:6C:EB:AD:21:FA
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/77jEIeIprCc6VFlwIN-6bOutIfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.64.0/22
2.26.72.0/23
2.27.1.0/24
2.27.48.0/22
64.188.72.0/24
144.31.132.0/23
144.31.184.0/23
Signature Algorithm: sha256WithRSAEncryption
09:db:98:bf:af:b3:bf:9f:9a:75:f7:38:5b:92:79:f6:93:c8:
f0:e8:c3:d5:dd:26:01:e0:86:bb:07:82:c8:eb:2e:dc:fa:3e:
ef:da:8f:6e:4e:58:85:ea:df:6b:bb:c0:c0:93:26:9b:92:f7:
06:30:c9:02:2f:3e:0d:83:fc:3a:9f:10:35:e5:58:21:3a:73:
e0:14:29:ee:70:6f:ef:aa:6d:fb:99:2c:33:f1:26:f4:a3:31:
45:81:84:aa:45:0c:7e:53:09:cf:d3:af:7a:fc:dc:98:62:8d:
e6:dc:b4:05:39:9f:98:68:54:05:db:a9:c6:6a:76:d9:3d:1b:
aa:67:22:78:6f:b5:5f:7c:42:f0:17:6b:16:a7:49:fb:c2:04:
36:1c:a6:27:df:b4:97:b4:19:90:eb:45:61:cb:8e:7c:00:c9:
aa:12:7e:a2:86:88:3d:f2:72:bb:55:99:2f:f4:0e:13:8d:92:
72:da:39:bb:21:bd:ea:b7:b0:66:47:ac:04:ef:15:49:8a:f0:
9e:4d:6a:b4:ab:64:d8:67:74:c2:90:84:59:14:a6:2e:a5:8f:
e1:aa:d8:5e:76:cc:e6:63:a8:40:19:46:6e:00:fc:72:b8:04:
e8:54:87:19:b7:3e:1a:d1:6c:28:c9:b7:a5:05:80:32:92:39:
38:70:1f:f0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ2XHILyJZNisMPDYKUyp1dHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDE2MTYyNTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmI4YzQyMWUyMjlhYzI3M2E1NDU5NzAyMGRmYmE2Y2ViYWQyMWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFkHezALaC2PLTAUEVW6vggoUiX7
p5iYKX9SmriNqyUnQ8VroXfP4urxLk4grWUzos8JYnRcCdv2xPLA+UnZFysFojym
tIz5VuKAwJuHI3zJTgBlmK8AonkfCYGyJiz/TNmkjKdJIaXjGCzE63oq25A8jXRR
mNMxbLiRszXFcd7zj1pmx8ttnPeGpZrfAiM96Mp+jn8tW2cxzNVaTHw1Jn+Ez8PM
08+X+2D/FSu0dsOP+W1MBCKV2qf4qXTDlR64/4xEfix+AEoKfFgQIwlyEMpKL/oO
ik2EZ0WuC2XW1EH+rg6B/gcHMhLbP68Q0/4CXEo+pHzELW3BMlXbaO2CsQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFO+4xCHiKawnOlRZcCDfumzrrSH6MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvNzdqRUllSXByQ2M2VkZsd0lOLTZiT3V0SWZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCAhpAAwQB
AhpIAwQAAhsBAwQCAhswAwQAQLxIAwQBkB+EAwQBkB+4MA0GCSqGSIb3DQEBCwUA
A4IBAQAJ25i/r7O/n5p19zhbknn2k8jw6MPV3SYB4Ia7B4LI6y7c+j7v2o9uTliF
6t9ru8DAkyabkvcGMMkCLz4Ng/w6nxA15VghOnPgFCnucG/vqm37mSwz8Sb0ozFF
gYSqRQx+UwnP0696/NyYYo3m3LQFOZ+YaFQF26nGanbZPRuqZyJ4b7VffELwF2sW
p0n7wgQ2HKYn37SXtBmQ60Vhy458AMmqEn6ihog98nK7VZkv9A4TjZJy2jm7Ib3q
t7BmR6wE7xVJivCeTWq0q2TYZ3TCkIRZFKYupY/hqthedszmY6hAGUZuAPxyuATo
VIcZtz4a0WwoybelBYAykjk4cB/w
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:52:20 2026 by rpki-client