Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Hlvtv-1INEUeWlw8qUEh8KopmN8.roa
File: Hlvtv-1INEUeWlw8qUEh8KopmN8.roa (raw, json)
Hash identifier: HcGYT6LnslxgHZP3DPOjStoGtwWSqrz6f+Omz+tbMvE=
Subject key identifier: 1E:5B:ED:BF:ED:48:34:45:1E:5A:5C:3C:A9:41:21:F0:AA:29:98:DF
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019EA81025EA54A33EED5343AC6F76AD25B6
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Hlvtv-1INEUeWlw8qUEh8KopmN8.roa
Signing time: Mon 08 Jun 2026 16:28:11 +0000
ROA not before: Mon 08 Jun 2026 16:28:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207461
IP address blocks: 2.27.64.0/22 maxlen: 24
2.27.68.0/24 maxlen: 24
2.27.69.0/24 maxlen: 24
2.27.70.0/24 maxlen: 24
2.27.71.0/24 maxlen: 24
2.27.72.0/23 maxlen: 24
2.27.74.0/23 maxlen: 24
2.27.76.0/24 maxlen: 24
2.27.77.0/24 maxlen: 24
2.27.80.0/24 maxlen: 24
2.27.81.0/24 maxlen: 24
2.27.87.0/24 maxlen: 24
2.27.89.0/24 maxlen: 24
2.27.90.0/24 maxlen: 24
2.27.91.0/24 maxlen: 24
31.77.0.0/22 maxlen: 24
31.77.4.0/22 maxlen: 24
31.77.8.0/22 maxlen: 24
31.77.12.0/22 maxlen: 24
31.77.16.0/22 maxlen: 24
31.77.20.0/22 maxlen: 24
31.77.24.0/22 maxlen: 24
31.77.28.0/22 maxlen: 24
31.77.32.0/23 maxlen: 24
31.77.34.0/23 maxlen: 24
31.77.36.0/23 maxlen: 24
31.77.38.0/23 maxlen: 24
31.77.40.0/23 maxlen: 24
31.77.42.0/23 maxlen: 24
31.77.44.0/23 maxlen: 24
31.77.46.0/23 maxlen: 24
31.77.58.0/23 maxlen: 24
31.77.60.0/23 maxlen: 24
31.77.64.0/23 maxlen: 24
31.77.68.0/23 maxlen: 24
31.77.70.0/23 maxlen: 24
31.77.74.0/23 maxlen: 24
31.77.164.0/23 maxlen: 24
31.77.166.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a8:10:25:ea:54:a3:3e:ed:53:43:ac:6f:76:ad:25:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 8 16:28:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1e5bedbfed4834451e5a5c3ca94121f0aa2998df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7b:61:c9:50:b3:0a:6d:8c:fb:dc:5e:38:64:
2a:bd:a6:0b:f6:45:de:29:fd:09:08:ac:82:ae:72:
c8:4b:41:f8:dd:aa:93:7b:56:94:76:5d:46:b0:68:
08:6d:89:c0:02:d8:c9:af:3d:38:2e:42:eb:28:fa:
35:28:a6:8f:10:1f:b4:97:90:38:fb:a5:63:02:f6:
b5:3a:1c:00:66:3f:a9:b5:52:88:0c:5a:30:bd:ca:
59:21:2e:fe:1b:fb:2e:c6:21:e1:c0:da:6a:fa:ba:
8f:b2:89:95:9a:c6:60:d5:2f:de:a3:3d:28:b6:aa:
d3:a5:79:8c:9b:d5:c3:0a:4b:11:57:80:84:09:b4:
bf:45:39:d1:7a:d6:2f:06:ab:f6:fa:85:46:21:6f:
2b:ff:76:0b:5f:aa:81:e8:24:2b:b1:89:5a:e1:97:
2d:e7:06:f7:75:f7:94:99:c8:b4:d4:8f:3d:0d:61:
96:4a:f5:41:24:d5:3e:b4:84:03:4c:95:a6:01:a0:
26:41:e2:34:7d:38:70:25:55:65:cf:bd:e6:83:b8:
f7:c2:ff:32:30:39:a7:1c:c4:b6:f9:a5:73:e8:15:
58:e1:a7:d5:12:e6:f8:ba:b2:17:20:42:bc:cb:2a:
10:6c:0d:bf:3b:0c:6c:75:88:f5:a7:b2:b6:04:14:
6b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:5B:ED:BF:ED:48:34:45:1E:5A:5C:3C:A9:41:21:F0:AA:29:98:DF
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Hlvtv-1INEUeWlw8qUEh8KopmN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.64.0-2.27.77.255
2.27.80.0/23
2.27.87.0/24
2.27.89.0-2.27.91.255
31.77.0.0-31.77.47.255
31.77.58.0-31.77.61.255
31.77.64.0/23
31.77.68.0/22
31.77.74.0/23
31.77.164.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:db:27:62:51:99:c9:63:f6:4f:bc:57:30:3e:71:f1:d6:92:
bb:32:ae:ed:6f:28:5a:e7:cf:bf:e2:9c:6b:29:19:09:f3:74:
ca:de:40:20:ff:0b:a8:d5:1d:ea:5a:62:b9:fa:60:39:ce:3c:
6a:57:8e:97:dc:eb:98:fc:81:21:54:ba:92:a5:24:85:1d:b7:
60:21:cf:bf:9b:5b:79:85:26:d2:f2:2c:e9:65:d8:2f:70:e5:
72:32:1e:b5:a3:0e:e0:91:0f:5a:2c:d7:1f:1c:fd:d1:3b:b3:
0b:c4:8b:dc:5e:be:19:14:9a:69:55:a6:85:33:b8:f0:f4:c3:
33:9e:28:34:64:e0:ae:cc:8c:c1:f6:24:7e:d5:e6:c0:c5:83:
48:b6:b1:00:cb:8b:8c:dd:c0:77:ba:2c:ba:00:be:51:92:24:
2e:aa:52:02:ca:45:13:a5:88:1c:f3:6b:67:9e:0a:ff:74:7d:
93:10:07:94:99:bd:0a:b9:cd:eb:a7:19:c2:e8:65:72:73:d8:
9c:a2:20:24:2d:23:dc:c8:61:c5:91:23:24:4b:5c:68:c7:29:
4a:10:14:2c:98:44:69:ca:74:04:ea:cf:e8:82:e7:79:45:6b:
aa:c3:68:cf:1e:11:b0:03:a2:78:3b:2f:1d:a5:96:9e:c0:9a:
28:59:1b:7d
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZ6oECXqVKM+7VNDrG92rSW2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjA4MTYyODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTViZWRiZmVkNDgzNDQ1MWU1YTVjM2NhOTQxMjFmMGFhMjk5OGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHthyVCzCm2M+9xeOGQqvaYL9kXe
Kf0JCKyCrnLIS0H43aqTe1aUdl1GsGgIbYnAAtjJrz04LkLrKPo1KKaPEB+0l5A4
+6VjAva1OhwAZj+ptVKIDFowvcpZIS7+G/suxiHhwNpq+rqPsomVmsZg1S/eoz0o
tqrTpXmMm9XDCksRV4CECbS/RTnRetYvBqv2+oVGIW8r/3YLX6qB6CQrsYla4Zct
5wb3dfeUmci01I89DWGWSvVBJNU+tIQDTJWmAaAmQeI0fThwJVVlz73mg7j3wv8y
MDmnHMS2+aVz6BVY4afVEub4urIXIEK8yyoQbA2/OwxsdYj1p7K2BBRrWQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFB5b7b/tSDRFHlpcPKlBIfCqKZjfMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvSGx2dHYtMUlORVVlV2x3OHFVRWg4S29wbU44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBhBAIAATBbMAwDBAYCG0AD
BAECG0wDBAECG1ADBAACG1cwDAMEAAIbWQMEAgIbWDALAwMAH00DBAQfTSAwDAME
AR9NOgMEAR9NPAMEAR9NQAMEAh9NRAMEAR9NSgMEAh9NpDANBgkqhkiG9w0BAQsF
AAOCAQEAStsnYlGZyWP2T7xXMD5x8daSuzKu7W8oWufPv+KcaykZCfN0yt5AIP8L
qNUd6lpiufpgOc48aleOl9zrmPyBIVS6kqUkhR23YCHPv5tbeYUm0vIs6WXYL3Dl
cjIetaMO4JEPWizXHxz90TuzC8SL3F6+GRSaaVWmhTO48PTDM54oNGTgrsyMwfYk
ftXmwMWDSLaxAMuLjN3Ad7osugC+UZIkLqpSAspFE6WIHPNrZ54K/3R9kxAHlJm9
CrnN66cZwuhlcnPYnKIgJC0j3MhhxZEjJEtcaMcpShAULJhEacp0BOrP6ILneUVr
qsNozx4RsAOieDsvHaWWnsCaKFkbfQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:54:30 2026 by rpki-client