Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/FS5PG8ao5Ij5m8ZdewolVcZsRG0.roa
File: FS5PG8ao5Ij5m8ZdewolVcZsRG0.roa (raw, json)
Hash identifier: lkykWwVUimxqWztKAh3Fxu8TUi+gfvb01Bzqv0k0sWU=
Subject key identifier: 15:2E:4F:1B:C6:A8:E4:88:F9:9B:C6:5D:7B:0A:25:55:C6:6C:44:6D
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019C9CA68F5C962D10FEFE3175A94154C260
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/FS5PG8ao5Ij5m8ZdewolVcZsRG0.roa
Signing time: Fri 27 Feb 2026 01:11:27 +0000
ROA not before: Fri 27 Feb 2026 01:11:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207567
IP address blocks: 77.239.112.0/24 maxlen: 24
77.239.114.0/24 maxlen: 24
144.31.215.0/24 maxlen: 24
150.241.65.0/24 maxlen: 24
150.241.68.0/24 maxlen: 24
193.23.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9c:a6:8f:5c:96:2d:10:fe:fe:31:75:a9:41:54:c2:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 27 01:11:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=152e4f1bc6a8e488f99bc65d7b0a2555c66c446d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d9:d9:01:b2:99:c7:f8:b9:9a:44:34:7b:e7:
9d:e8:5c:02:d8:be:c6:d4:4d:3f:cb:75:42:5f:ef:
ca:5b:fb:61:16:cb:03:94:39:b4:4b:3d:86:cf:95:
2a:76:ee:e8:ba:3b:44:b8:ad:b7:6f:88:17:dd:2f:
18:b0:4e:5d:ec:4e:f3:6c:f7:ec:54:36:82:53:51:
50:2d:64:28:18:19:09:48:3d:6f:b3:02:94:17:87:
10:7c:ac:bb:36:a9:ea:dd:b5:e5:14:b2:00:cf:04:
af:65:02:50:46:f2:8b:e7:9b:3a:9a:84:df:49:13:
fa:7d:39:35:51:3c:21:44:9a:c0:89:4a:69:6a:4e:
97:fc:3d:68:00:58:ea:1d:06:84:8e:ee:9e:ff:1e:
46:83:ca:c6:de:3d:fe:54:ea:cc:35:2a:51:12:e8:
85:d7:83:63:ba:22:59:3a:1a:77:e7:86:ad:02:09:
7e:bc:da:34:84:27:3a:2f:ee:ad:5e:71:18:b6:a8:
8b:2c:52:25:2d:6c:5a:50:9c:49:1e:6a:80:6e:4f:
40:7f:4a:ac:05:d5:41:58:16:61:88:b9:9e:51:db:
c6:d6:fa:0d:ff:f2:1d:49:c7:c5:27:48:27:f2:ef:
a8:2b:af:66:d4:63:d4:e1:71:19:04:82:ed:56:bc:
dd:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:2E:4F:1B:C6:A8:E4:88:F9:9B:C6:5D:7B:0A:25:55:C6:6C:44:6D
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/FS5PG8ao5Ij5m8ZdewolVcZsRG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.239.112.0/24
77.239.114.0/24
144.31.215.0/24
150.241.65.0/24
150.241.68.0/24
193.23.222.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:fc:07:e6:d1:7c:bc:d9:47:f9:17:dd:af:9a:9c:72:bd:bc:
1e:2a:8a:18:01:08:43:25:6f:55:16:9d:73:95:7f:a7:6f:58:
99:7b:1a:a6:04:69:f4:f0:cb:25:dc:6b:35:bd:59:be:af:6a:
c8:40:67:ac:3c:a1:b3:8c:a8:40:d7:1e:a3:7b:bc:ef:be:14:
f8:a8:ac:69:8d:c6:42:f9:f2:f4:18:9f:4a:5c:59:b8:69:2e:
1f:b5:10:ee:45:93:ce:60:a9:09:ef:63:34:dc:e9:79:47:e1:
3d:a8:e4:c2:c8:71:41:42:b2:ed:0c:28:59:17:53:9e:97:a6:
cd:36:73:49:73:32:d1:99:e3:95:e3:d0:d6:c4:66:82:fe:9a:
84:16:15:b9:81:23:d1:7e:ad:eb:a9:5f:bb:4d:90:6c:13:71:
69:9a:65:db:23:28:d0:02:48:ea:0d:e7:10:a5:9f:28:2f:99:
02:88:75:b7:1d:9f:54:62:5b:67:85:7b:f6:8c:f9:1b:87:f0:
25:82:62:86:55:68:80:24:82:7f:49:37:b7:97:83:a5:39:a2:
ba:c3:d9:c7:a8:4d:ff:89:74:85:11:e0:34:19:41:a5:28:32:
fa:bd:a0:9a:b9:28:8a:1f:93:e0:25:c3:a1:4c:6b:18:d1:98:
c4:db:04:44
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZycpo9cli0Q/v4xdalBVMJgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMjI3MDExMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTJlNGYxYmM2YThlNDg4Zjk5YmM2NWQ3YjBhMjU1NWM2NmM0NDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdnZAbKZx/i5mkQ0e+ed6FwC2L7G
1E0/y3VCX+/KW/thFssDlDm0Sz2Gz5Uqdu7oujtEuK23b4gX3S8YsE5d7E7zbPfs
VDaCU1FQLWQoGBkJSD1vswKUF4cQfKy7Nqnq3bXlFLIAzwSvZQJQRvKL55s6moTf
SRP6fTk1UTwhRJrAiUppak6X/D1oAFjqHQaEju6e/x5Gg8rG3j3+VOrMNSpREuiF
14NjuiJZOhp354atAgl+vNo0hCc6L+6tXnEYtqiLLFIlLWxaUJxJHmqAbk9Af0qs
BdVBWBZhiLmeUdvG1voN//IdScfFJ0gn8u+oK69m1GPU4XEZBILtVrzdPwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBUuTxvGqOSI+ZvGXXsKJVXGbERtMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvRlM1UEc4YW81SWo1bThaZGV3b2xWY1pzUkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATe9wAwQA
Te9yAwQAkB/XAwQAlvFBAwQAlvFEAwQAwRfeMA0GCSqGSIb3DQEBCwUAA4IBAQAP
/Afm0Xy82Uf5F92vmpxyvbweKooYAQhDJW9VFp1zlX+nb1iZexqmBGn08Msl3Gs1
vVm+r2rIQGesPKGzjKhA1x6je7zvvhT4qKxpjcZC+fL0GJ9KXFm4aS4ftRDuRZPO
YKkJ72M03Ol5R+E9qOTCyHFBQrLtDChZF1Oel6bNNnNJczLRmeOV49DWxGaC/pqE
FhW5gSPRfq3rqV+7TZBsE3FpmmXbIyjQAkjqDecQpZ8oL5kCiHW3HZ9UYltnhXv2
jPkbh/AlgmKGVWiAJIJ/STe3l4OlOaK6w9nHqE3/iXSFEeA0GUGlKDL6vaCauSiK
H5PgJcOhTGsY0ZjE2wRE
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:18:27 2026 by rpki-client