Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DJ6rcYCCTNhSXbB9eU3hWw90LYE.roa
File: DJ6rcYCCTNhSXbB9eU3hWw90LYE.roa (raw, json)
Hash identifier: 7YDnqHHp9UnB7lOGKxqzaINqCMRSFc6Ugi5nfhqUtd4=
Subject key identifier: 0C:9E:AB:71:80:82:4C:D8:52:5D:B0:7D:79:4D:E1:5B:0F:74:2D:81
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D796AE104C2DF0E73DC1B434F279FE9EE
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DJ6rcYCCTNhSXbB9eU3hWw90LYE.roa
Signing time: Fri 10 Apr 2026 22:02:20 +0000
ROA not before: Fri 10 Apr 2026 22:02:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49418
IP address blocks: 2.27.0.0/24 maxlen: 24
2.27.2.0/24 maxlen: 24
64.188.114.0/23 maxlen: 24
64.188.127.0/24 maxlen: 24
185.184.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:79:6a:e1:04:c2:df:0e:73:dc:1b:43:4f:27:9f:e9:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 10 22:02:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0c9eab7180824cd8525db07d794de15b0f742d81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7f:d9:1b:f4:55:44:85:53:2d:53:c5:17:d1:
c7:5f:60:19:a3:7c:d1:f1:4f:be:90:92:03:7a:d0:
4c:1a:19:4d:6c:21:f1:9f:d4:09:41:7d:53:28:ed:
dd:92:d0:58:11:2a:4d:5e:55:ae:40:29:f8:e6:83:
26:62:bc:3e:2d:17:b8:58:b5:65:1b:68:c9:9e:a1:
3a:58:78:0e:53:71:47:5f:54:c1:7d:e8:e6:c3:5c:
ec:e0:64:50:e4:b3:61:32:8d:58:d8:4d:96:7f:b7:
5e:e4:b6:ca:5a:71:94:67:80:f6:82:99:6a:fd:dc:
a1:7e:35:ea:47:68:07:20:69:f8:98:53:ee:09:a0:
95:ae:bb:53:5c:0c:6d:64:8c:cf:8c:57:d1:0a:1f:
e2:f0:a8:9d:48:ac:60:a7:c1:45:7d:f0:85:c5:50:
f0:11:bc:03:6a:da:f7:be:82:75:f1:9a:f8:57:38:
57:06:1e:97:a9:21:4b:24:12:36:77:5d:30:ab:f8:
38:df:40:31:81:12:e4:b0:7d:6b:0d:ae:fb:7c:b3:
6e:b9:78:84:5c:c5:34:ac:3e:06:2b:79:a9:c2:32:
f8:7f:9b:8e:ed:c8:af:56:b0:e1:b7:67:2d:76:af:
bf:c0:ae:1c:28:59:3c:b9:c7:42:ee:99:09:f4:cc:
36:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:9E:AB:71:80:82:4C:D8:52:5D:B0:7D:79:4D:E1:5B:0F:74:2D:81
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DJ6rcYCCTNhSXbB9eU3hWw90LYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.0.0/24
2.27.2.0/24
64.188.114.0/23
64.188.127.0/24
185.184.120.0/22
Signature Algorithm: sha256WithRSAEncryption
17:8a:9a:96:e6:4d:3e:eb:25:cc:d6:8f:7c:9b:1e:c9:4b:9e:
e9:bf:0c:b2:a0:b6:ef:81:a2:ea:78:ec:5d:61:51:ea:4b:9a:
bc:a5:57:d0:86:11:af:88:d2:ce:ad:3d:c6:04:a4:c5:d4:85:
c8:5a:14:86:27:b3:98:a9:b7:6d:d5:b4:95:bb:f1:d3:0e:7b:
a6:c7:d8:91:14:e5:9d:17:f3:16:ab:c9:ca:17:6e:66:4b:94:
4c:87:cf:f8:9a:4a:61:2f:3c:a7:ea:3a:8d:0f:02:4d:70:cc:
60:06:22:7a:52:0d:4c:61:76:e4:2a:c5:d4:37:45:f8:bf:85:
94:2c:74:73:b5:d4:34:4a:d0:cc:71:a6:25:da:05:28:09:88:
c1:0e:6b:68:23:cf:4e:51:ca:a0:ad:cb:80:14:a5:8d:b9:b5:
84:7b:a3:fe:f3:c5:f1:6d:27:6b:84:b0:26:c4:fb:ee:3f:4f:
7c:7a:de:e1:32:f5:83:e9:31:dd:55:b3:20:e3:7f:18:8b:b5:
77:24:69:6c:f8:52:41:cf:6c:ed:7f:3d:b2:81:68:c8:3e:bb:
6c:36:9c:10:cd:31:ad:cc:97:3c:65:7d:b9:02:f7:bd:df:bd:
0c:c5:81:4f:1b:ed:1d:7e:70:11:38:21:87:ff:88:a4:83:ec:
d8:c3:2b:30
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ15auEEwt8Oc9wbQ08nn+nuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDEwMjIwMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzllYWI3MTgwODI0Y2Q4NTI1ZGIwN2Q3OTRkZTE1YjBmNzQyZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH/ZG/RVRIVTLVPFF9HHX2AZo3zR
8U++kJIDetBMGhlNbCHxn9QJQX1TKO3dktBYESpNXlWuQCn45oMmYrw+LRe4WLVl
G2jJnqE6WHgOU3FHX1TBfejmw1zs4GRQ5LNhMo1Y2E2Wf7de5LbKWnGUZ4D2gplq
/dyhfjXqR2gHIGn4mFPuCaCVrrtTXAxtZIzPjFfRCh/i8KidSKxgp8FFffCFxVDw
EbwDatr3voJ18Zr4VzhXBh6XqSFLJBI2d10wq/g430AxgRLksH1rDa77fLNuuXiE
XMU0rD4GK3mpwjL4f5uO7civVrDht2ctdq+/wK4cKFk8ucdC7pkJ9Mw2+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAyeq3GAgkzYUl2wfXlN4VsPdC2BMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvREo2cmNZQ0NUTmhTWGJCOWVVM2hXdzkwTFlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAhsAAwQA
AhsCAwQBQLxyAwQAQLx/AwQCubh4MA0GCSqGSIb3DQEBCwUAA4IBAQAXipqW5k0+
6yXM1o98mx7JS57pvwyyoLbvgaLqeOxdYVHqS5q8pVfQhhGviNLOrT3GBKTF1IXI
WhSGJ7OYqbdt1bSVu/HTDnumx9iRFOWdF/MWq8nKF25mS5RMh8/4mkphLzyn6jqN
DwJNcMxgBiJ6Ug1MYXbkKsXUN0X4v4WULHRztdQ0StDMcaYl2gUoCYjBDmtoI89O
UcqgrcuAFKWNubWEe6P+88XxbSdrhLAmxPvuP098et7hMvWD6THdVbMg438Yi7V3
JGls+FJBz2ztfz2ygWjIPrtsNpwQzTGtzJc8ZX25Ave9370MxYFPG+0dfnAROCGH
/4ikg+zYwysw
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:35:43 2026 by rpki-client