Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/9-Io-oIh09ceu1jNtuZO9N6hdB0.roa
File: 9-Io-oIh09ceu1jNtuZO9N6hdB0.roa (raw, json)
Hash identifier: dyw7NRexSZrF9I2vM+ImoxYnLBPnls5IO7Au15dDJwU=
Subject key identifier: F7:E2:28:FA:82:21:D3:D7:1E:BB:58:CD:B6:E6:4E:F4:DE:A1:74:1D
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019C4DBB68A583E27DB5A7BFB0BCF2452BCB
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/9-Io-oIh09ceu1jNtuZO9N6hdB0.roa
Signing time: Wed 11 Feb 2026 17:24:13 +0000
ROA not before: Wed 11 Feb 2026 17:24:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210546
IP address blocks: 64.188.72.0/24 maxlen: 24
144.31.132.0/24 maxlen: 24
144.31.133.0/24 maxlen: 24
144.31.184.0/24 maxlen: 24
144.31.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4d:bb:68:a5:83:e2:7d:b5:a7:bf:b0:bc:f2:45:2b:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 11 17:24:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f7e228fa8221d3d71ebb58cdb6e64ef4dea1741d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:20:7b:aa:7f:4e:d9:0d:81:1b:86:e0:00:5e:
da:9b:2c:5a:2d:47:2b:64:bb:07:94:83:fb:43:77:
eb:9e:7d:89:5c:5a:f7:9c:6e:5e:14:d4:53:ab:e6:
ff:a9:e2:92:aa:e9:ca:0d:10:c8:94:37:60:a7:e5:
de:2c:79:31:21:48:22:a1:3d:a3:92:08:28:93:5b:
73:c2:70:9d:5e:7e:be:6c:6b:88:37:ed:04:49:41:
cc:51:32:e5:3b:d2:a6:76:c9:94:55:dc:5f:f1:50:
f2:06:ee:29:fb:b6:34:1c:54:1c:fc:6d:e1:b1:93:
40:48:3f:68:b3:e7:02:72:2e:e7:c3:7b:f0:66:4d:
44:11:bc:ef:c1:e3:c7:3b:c3:62:2d:4c:b2:8d:94:
f4:d4:23:09:35:c2:c7:b7:f6:63:f1:40:e6:5c:3a:
9d:75:46:c7:ec:bd:f3:33:5a:33:17:8e:6f:9f:37:
75:86:6d:35:14:76:83:89:89:ba:4c:e8:e4:fd:ac:
64:a3:85:dd:2e:0c:38:22:55:28:6a:df:e7:bf:37:
6d:ef:6b:cb:3d:89:5b:03:82:12:25:b1:52:e6:85:
28:75:57:30:56:f0:65:9e:fa:fc:93:83:c4:43:08:
5f:2b:f6:58:6b:95:e5:f8:bd:5f:8e:bc:8b:56:77:
26:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:E2:28:FA:82:21:D3:D7:1E:BB:58:CD:B6:E6:4E:F4:DE:A1:74:1D
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/9-Io-oIh09ceu1jNtuZO9N6hdB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.72.0/24
144.31.132.0/23
144.31.184.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:54:7b:0c:b1:4e:07:c7:fa:39:b4:e4:17:f9:61:2e:61:77:
4a:27:bb:76:de:84:8a:be:d9:40:c5:b2:49:a4:18:0b:df:52:
7c:eb:91:4d:c8:b1:07:94:31:c0:95:84:be:f8:0a:63:cf:36:
23:18:6b:47:a2:c8:17:17:83:8e:e8:4e:38:7c:83:22:65:ce:
82:ec:f6:54:26:e2:93:ec:13:f5:db:8c:46:67:8c:30:65:42:
3b:f8:c6:2b:3c:6c:cd:e0:94:25:98:01:4a:ce:9c:0f:8c:56:
e8:ee:a9:d0:81:52:fb:7a:26:59:5b:df:89:4f:c7:62:35:8d:
cf:9c:37:c1:a3:7d:d2:42:01:c0:4d:c9:24:16:ce:9a:d0:fb:
a4:39:7d:8b:82:c6:9b:7a:20:e8:3b:30:14:f0:54:58:87:c3:
49:ab:5c:8c:27:a6:8a:83:d2:ec:2c:c3:88:ef:e3:77:75:f1:
05:c6:34:ae:39:8d:e0:05:c8:2e:69:ab:36:2a:c4:91:e5:e0:
97:bc:ce:02:a2:c9:ef:c1:cb:ef:e0:14:01:34:66:44:80:51:
15:44:22:3a:e7:e1:2a:e8:c8:67:78:28:83:4a:e2:2f:74:60:
67:c4:66:c6:0d:0b:cd:ff:1b:79:bc:79:a8:3b:8c:fb:2d:bf:
51:e3:aa:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZxNu2ilg+J9tae/sLzyRSvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMjExMTcyNDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2UyMjhmYTgyMjFkM2Q3MWViYjU4Y2RiNmU2NGVmNGRlYTE3NDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SB7qn9O2Q2BG4bgAF7amyxaLUcr
ZLsHlIP7Q3frnn2JXFr3nG5eFNRTq+b/qeKSqunKDRDIlDdgp+XeLHkxIUgioT2j
kggok1tzwnCdXn6+bGuIN+0ESUHMUTLlO9KmdsmUVdxf8VDyBu4p+7Y0HFQc/G3h
sZNASD9os+cCci7nw3vwZk1EEbzvwePHO8NiLUyyjZT01CMJNcLHt/Zj8UDmXDqd
dUbH7L3zM1ozF45vnzd1hm01FHaDiYm6TOjk/axko4XdLgw4IlUoat/nvzdt72vL
PYlbA4ISJbFS5oUodVcwVvBlnvr8k4PEQwhfK/ZYa5Xl+L1fjryLVncmZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPfiKPqCIdPXHrtYzbbmTvTeoXQdMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvOS1Jby1vSWgwOWNldTFqTnR1Wk85TjZoZEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAQLxIAwQB
kB+EAwQBkB+4MA0GCSqGSIb3DQEBCwUAA4IBAQChVHsMsU4Hx/o5tOQX+WEuYXdK
J7t23oSKvtlAxbJJpBgL31J865FNyLEHlDHAlYS++ApjzzYjGGtHosgXF4OO6E44
fIMiZc6C7PZUJuKT7BP124xGZ4wwZUI7+MYrPGzN4JQlmAFKzpwPjFbo7qnQgVL7
eiZZW9+JT8diNY3PnDfBo33SQgHATckkFs6a0PukOX2LgsabeiDoOzAU8FRYh8NJ
q1yMJ6aKg9LsLMOI7+N3dfEFxjSuOY3gBcguaas2KsSR5eCXvM4Cosnvwcvv4BQB
NGZEgFEVRCI65+Eq6MhneCiDSuIvdGBnxGbGDQvN/xt5vHmoO4z7Lb9R46rX
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:59:03 2026 by rpki-client