Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/KUNwwH6rTsn_Y6AsnU-0_69z4so.roa
File: KUNwwH6rTsn_Y6AsnU-0_69z4so.roa (raw, json)
Hash identifier: z7A7dwa+fxdLJQvFJ/ou7q0oMEmjyskvOeN9sIcWL6Q=
Subject key identifier: 29:43:70:C0:7E:AB:4E:C9:FF:63:A0:2C:9D:4F:B4:FF:AF:73:E2:CA
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019EADA2916E6198A3A179A5A42D5511B5C2
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/KUNwwH6rTsn_Y6AsnU-0_69z4so.roa
Signing time: Tue 09 Jun 2026 18:26:12 +0000
ROA not before: Tue 09 Jun 2026 18:26:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213702
IP address blocks: 31.77.56.0/24 maxlen: 24
31.77.57.0/24 maxlen: 24
31.77.138.0/24 maxlen: 24
31.77.168.0/24 maxlen: 24
31.77.170.0/24 maxlen: 24
150.241.93.0/24 maxlen: 24
150.241.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ad:a2:91:6e:61:98:a3:a1:79:a5:a4:2d:55:11:b5:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 9 18:26:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=294370c07eab4ec9ff63a02c9d4fb4ffaf73e2ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:87:04:f4:95:05:10:1e:4d:48:5e:61:8f:b6:
b8:c4:85:a1:b8:ae:3c:95:6b:13:4a:01:82:99:cb:
58:6c:55:14:64:19:25:aa:33:b1:b2:e5:50:ec:c9:
b3:d4:40:2c:a4:81:8b:07:82:89:24:e3:f1:4a:79:
9d:91:c8:3b:a5:81:6f:66:52:f8:e7:39:1e:de:cf:
06:56:ab:a5:d4:68:a1:3b:2a:77:d8:d0:6a:17:0f:
3d:aa:c1:a6:5b:9b:ec:f0:03:c8:77:9f:4f:0f:8e:
6e:04:a7:ed:8a:09:fb:0b:7c:fd:05:19:c4:97:4e:
d2:46:5c:f3:fa:3f:c6:6e:dc:0a:dc:ca:0b:f1:a0:
a5:cf:15:c2:c8:9b:31:d4:c7:17:e7:26:ea:c9:0f:
b4:11:d2:7f:6d:78:cc:e2:10:c8:3b:ef:a5:7e:79:
0d:b6:58:a2:39:f0:3a:25:e6:56:b9:76:b6:7c:c0:
70:0e:35:e9:95:2d:9d:91:8e:41:e0:65:34:3e:e5:
08:59:61:94:fc:d2:b1:02:c6:98:b9:9a:ec:ce:62:
02:a3:8d:1e:d6:28:3e:63:23:0a:11:03:ac:23:99:
13:fa:ec:1f:b3:cb:b7:63:32:b1:cd:92:19:19:ac:
69:d6:6a:21:7f:55:28:7c:de:03:b1:43:2c:a5:1b:
cd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:43:70:C0:7E:AB:4E:C9:FF:63:A0:2C:9D:4F:B4:FF:AF:73:E2:CA
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/KUNwwH6rTsn_Y6AsnU-0_69z4so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.77.56.0/23
31.77.138.0/24
31.77.168.0/24
31.77.170.0/24
150.241.93.0/24
150.241.124.0/24
Signature Algorithm: sha256WithRSAEncryption
32:df:0c:74:96:a3:f2:95:96:79:b3:ed:ea:9e:dc:33:56:4f:
e0:9a:30:91:62:1e:d4:86:f5:1c:f4:c3:be:cb:ee:c7:72:88:
02:19:ae:db:f1:e3:00:36:1d:f8:65:60:db:ec:5a:73:34:35:
db:73:72:cd:2f:2c:c3:eb:4c:71:e1:9f:43:85:de:c5:40:81:
80:e8:19:1d:a2:9e:88:2f:8b:e8:da:2c:a6:de:ef:e3:97:e0:
98:9b:c3:d2:c8:b2:e1:76:a5:6f:8f:ee:24:00:ab:5f:7c:60:
83:d5:d2:86:b5:8f:fa:59:e3:c1:1a:02:ef:fc:bd:6e:b3:17:
f7:d3:a1:f5:ad:8f:cf:a5:b4:ad:76:04:d7:e1:8a:76:c9:28:
65:c4:6e:0d:f5:28:2c:29:02:92:ad:82:ae:e3:97:98:35:c3:
7d:5d:2d:d7:56:0c:57:6b:19:51:b0:51:7c:35:20:b0:e7:02:
99:35:0a:0c:b3:4c:0b:07:03:26:8f:09:d1:aa:4d:19:73:f8:
0f:50:21:37:dd:e2:70:bf:41:e9:4a:a7:15:e7:79:1a:a1:55:
4d:15:7f:a7:91:18:d1:c7:fb:49:d8:56:57:f4:78:be:cc:0a:
fa:44:74:19:ef:18:12:bd:ec:25:20:d9:2b:4e:93:1a:18:71:
b1:9a:da:94
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ6topFuYZijoXmlpC1VEbXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjA5MTgyNjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQzNzBjMDdlYWI0ZWM5ZmY2M2EwMmM5ZDRmYjRmZmFmNzNlMmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlocE9JUFEB5NSF5hj7a4xIWhuK48
lWsTSgGCmctYbFUUZBklqjOxsuVQ7Mmz1EAspIGLB4KJJOPxSnmdkcg7pYFvZlL4
5zke3s8GVqul1GihOyp32NBqFw89qsGmW5vs8APId59PD45uBKftign7C3z9BRnE
l07SRlzz+j/GbtwK3MoL8aClzxXCyJsx1McX5ybqyQ+0EdJ/bXjM4hDIO++lfnkN
tliiOfA6JeZWuXa2fMBwDjXplS2dkY5B4GU0PuUIWWGU/NKxAsaYuZrszmICo40e
1ig+YyMKEQOsI5kT+uwfs8u3YzKxzZIZGaxp1mohf1UofN4DsUMspRvN9QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFClDcMB+q07J/2OgLJ1PtP+vc+LKMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvS1VOd3dINnJUc25fWTZBc25VLTBfNjl6NHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBH004AwQA
H02KAwQAH02oAwQAH02qAwQAlvFdAwQAlvF8MA0GCSqGSIb3DQEBCwUAA4IBAQAy
3wx0lqPylZZ5s+3qntwzVk/gmjCRYh7UhvUc9MO+y+7HcogCGa7b8eMANh34ZWDb
7FpzNDXbc3LNLyzD60xx4Z9Dhd7FQIGA6Bkdop6IL4vo2iym3u/jl+CYm8PSyLLh
dqVvj+4kAKtffGCD1dKGtY/6WePBGgLv/L1usxf306H1rY/PpbStdgTX4Yp2yShl
xG4N9SgsKQKSrYKu45eYNcN9XS3XVgxXaxlRsFF8NSCw5wKZNQoMs0wLBwMmjwnR
qk0Zc/gPUCE33eJwv0HpSqcV53kaoVVNFX+nkRjRx/tJ2FZX9Hi+zAr6RHQZ7xgS
vewlINkrTpMaGHGxmtqU
-----END CERTIFICATE-----
Generated at Sat Jun 13 20:17:53 2026 by rpki-client