Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/OXxOdHmlKzgd37lY_iDZVhptNvU.roa
File: OXxOdHmlKzgd37lY_iDZVhptNvU.roa (raw, json)
Hash identifier: 27HUvaWF0OHkFpr9Jt6gH0SZHNusQ7QnfVFo4c1cx+c=
Subject key identifier: 39:7C:4E:74:79:A5:2B:38:1D:DF:B9:58:FE:20:D9:56:1A:6D:36:F5
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019CA1113D527823EFD8312556A5CA81FE7C
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/OXxOdHmlKzgd37lY_iDZVhptNvU.roa
Signing time: Fri 27 Feb 2026 21:46:27 +0000
ROA not before: Fri 27 Feb 2026 21:46:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207957
IP address blocks: 64.188.89.0/24 maxlen: 24
64.188.90.0/24 maxlen: 24
64.188.98.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
77.239.107.0/24 maxlen: 24
144.31.15.0/24 maxlen: 24
144.31.49.0/24 maxlen: 24
144.31.50.0/24 maxlen: 24
144.31.51.0/24 maxlen: 24
144.31.82.0/24 maxlen: 24
144.31.83.0/24 maxlen: 24
144.31.93.0/24 maxlen: 24
144.31.103.0/24 maxlen: 24
144.31.107.0/24 maxlen: 24
144.31.108.0/24 maxlen: 24
144.31.109.0/24 maxlen: 24
144.31.213.0/24 maxlen: 24
144.31.214.0/24 maxlen: 24
144.31.216.0/24 maxlen: 24
144.31.217.0/24 maxlen: 24
144.31.218.0/24 maxlen: 24
144.31.219.0/24 maxlen: 24
144.31.239.0/24 maxlen: 24
144.31.240.0/24 maxlen: 24
144.31.241.0/24 maxlen: 24
144.31.242.0/24 maxlen: 24
144.31.243.0/24 maxlen: 24
150.241.72.0/24 maxlen: 24
150.241.73.0/24 maxlen: 24
150.241.74.0/24 maxlen: 24
150.241.75.0/24 maxlen: 24
150.241.82.0/24 maxlen: 24
150.241.83.0/24 maxlen: 24
185.170.153.0/24 maxlen: 24
185.170.154.0/24 maxlen: 24
193.23.195.0/24 maxlen: 24
193.23.200.0/24 maxlen: 24
193.23.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 03:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a1:11:3d:52:78:23:ef:d8:31:25:56:a5:ca:81:fe:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 27 21:46:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=397c4e7479a52b381ddfb958fe20d9561a6d36f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d2:c2:b6:9e:a9:39:05:e7:51:b4:aa:62:df:
1f:01:63:15:bd:7b:ac:ce:41:82:7d:18:9b:01:bf:
ef:0c:66:96:72:83:24:ca:66:f6:6b:41:4e:d8:50:
44:96:4a:40:3f:80:86:44:25:65:b1:b0:a2:4e:30:
c1:43:ce:4a:8c:4c:68:1a:10:47:5c:10:84:f8:56:
a0:49:24:e2:d3:9b:60:45:4f:6d:76:de:e2:0a:53:
06:26:de:6f:49:a5:8c:d4:04:de:81:2f:88:f5:96:
4b:cd:7d:d7:6e:bc:66:db:99:fc:d3:a9:30:fa:f9:
84:38:68:af:9f:65:3c:80:24:95:6b:c5:f0:d7:89:
f5:70:70:a8:77:07:4c:81:7c:09:1d:fd:9b:b4:b1:
b3:56:5b:55:05:fb:d5:11:3c:a3:e8:b0:f2:7d:fb:
9b:d2:70:b5:20:b7:1a:1d:1f:40:c9:ed:bf:fd:ae:
9c:cb:65:bb:9a:85:31:d0:a1:5e:76:1b:56:e9:9b:
19:cd:b9:82:c9:df:4a:1b:9e:79:54:28:18:67:97:
86:ce:8c:1c:12:f0:72:bf:85:b6:fa:70:47:38:28:
dd:f4:3d:30:44:a2:15:f5:3c:79:41:de:bc:a6:86:
ec:02:bd:c3:ec:93:2e:16:3b:11:5b:92:92:66:80:
30:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:7C:4E:74:79:A5:2B:38:1D:DF:B9:58:FE:20:D9:56:1A:6D:36:F5
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/OXxOdHmlKzgd37lY_iDZVhptNvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.89.0-64.188.90.255
64.188.98.0/24
64.188.127.0/24
77.239.107.0/24
144.31.15.0/24
144.31.49.0-144.31.51.255
144.31.82.0/23
144.31.93.0/24
144.31.103.0/24
144.31.107.0-144.31.109.255
144.31.213.0-144.31.214.255
144.31.216.0/22
144.31.239.0-144.31.243.255
150.241.72.0/22
150.241.82.0/23
185.170.153.0-185.170.154.255
193.23.195.0/24
193.23.200.0/24
193.23.202.0/24
Signature Algorithm: sha256WithRSAEncryption
77:e9:8f:86:d1:e2:c5:a5:96:36:ef:e5:e9:62:0d:c4:d3:37:
99:20:cf:ba:86:07:f1:19:6b:f9:62:c7:0e:87:86:95:9f:15:
68:2d:56:fd:62:63:97:31:17:21:25:23:f5:f5:78:25:1d:f8:
e1:80:28:8e:73:13:3c:07:16:c8:ca:b2:3f:0e:a3:0e:7e:70:
e1:02:41:20:64:b4:1b:09:e1:b1:0d:7f:7a:1c:d8:82:47:ab:
e2:a4:30:ee:0d:05:71:00:0f:c9:45:83:9a:57:ad:ce:fb:b9:
57:c6:94:15:8c:d3:de:bd:80:42:f4:c3:e8:cc:38:91:9e:12:
be:f9:5a:c4:21:3b:23:35:7d:2c:1a:1c:b4:3d:97:66:d5:65:
69:33:a7:79:1d:14:8e:21:4f:db:ab:67:76:71:88:4b:26:d2:
43:a2:89:54:59:6c:f9:b5:59:5a:4f:99:7c:75:f1:ca:51:16:
39:00:07:da:67:67:d5:61:cc:37:c0:c1:90:8e:7d:8b:1c:99:
27:e1:52:61:3a:09:2b:b2:69:7a:28:fa:ac:f4:e8:a1:f2:81:
44:02:ce:61:27:bf:98:2e:73:4e:56:9a:da:cb:48:98:e1:10:
60:49:41:2f:77:60:a6:86:46:62:48:76:5b:da:3e:c1:7a:1d:
00:2f:40:63
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZyhET1SeCPv2DElVqXKgf58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMjI3MjE0NjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTdjNGU3NDc5YTUyYjM4MWRkZmI5NThmZTIwZDk1NjFhNmQzNmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtLCtp6pOQXnUbSqYt8fAWMVvXus
zkGCfRibAb/vDGaWcoMkymb2a0FO2FBElkpAP4CGRCVlsbCiTjDBQ85KjExoGhBH
XBCE+FagSSTi05tgRU9tdt7iClMGJt5vSaWM1ATegS+I9ZZLzX3Xbrxm25n806kw
+vmEOGivn2U8gCSVa8Xw14n1cHCodwdMgXwJHf2btLGzVltVBfvVETyj6LDyffub
0nC1ILcaHR9Aye2//a6cy2W7moUx0KFedhtW6ZsZzbmCyd9KG555VCgYZ5eGzowc
EvByv4W2+nBHOCjd9D0wRKIV9Tx5Qd68pobsAr3D7JMuFjsRW5KSZoAwnQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFDl8TnR5pSs4Hd+5WP4g2VYabTb1MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvT1h4T2RIbWxLemdkMzdsWV9pRFpWaHB0TnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIwDAME
AEC8WQMEAEC8WgMEAEC8YgMEAEC8fwMEAE3vawMEAJAfDzAMAwQAkB8xAwQCkB8w
AwQBkB9SAwQAkB9dAwQAkB9nMAwDBACQH2sDBAGQH2wwDAMEAJAf1QMEAJAf1gME
ApAf2DAMAwQAkB/vAwQCkB/wAwQClvFIAwQBlvFSMAwDBAC5qpkDBAC5qpoDBADB
F8MDBADBF8gDBADBF8owDQYJKoZIhvcNAQELBQADggEBAHfpj4bR4sWlljbv5eli
DcTTN5kgz7qGB/EZa/lixw6HhpWfFWgtVv1iY5cxFyElI/X1eCUd+OGAKI5zEzwH
FsjKsj8Oow5+cOECQSBktBsJ4bENf3oc2IJHq+KkMO4NBXEAD8lFg5pXrc77uVfG
lBWM0969gEL0w+jMOJGeEr75WsQhOyM1fSwaHLQ9l2bVZWkzp3kdFI4hT9urZ3Zx
iEsm0kOiiVRZbPm1WVpPmXx18cpRFjkAB9pnZ9VhzDfAwZCOfYscmSfhUmE6CSuy
aXoo+qz06KHygUQCzmEnv5guc05WmtrLSJjhEGBJQS93YKaGRmJIdlvaPsF6HQAv
QGM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:28:17 2026 by rpki-client