Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/SHAhi0y2UAHFGYtCTI1OghpEyBk.roa
File: SHAhi0y2UAHFGYtCTI1OghpEyBk.roa (raw, json)
Hash identifier: /5li9vBX1E3noMy0ObeepzCkNEGi5r5eGHHJ9gB4Cxo=
Subject key identifier: 48:70:21:8B:4C:B6:50:01:C5:19:8B:42:4C:8D:4E:82:1A:44:C8:19
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D97D48871AF27D65EC563ED9239AC510A
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/SHAhi0y2UAHFGYtCTI1OghpEyBk.roa
Signing time: Thu 16 Apr 2026 19:46:21 +0000
ROA not before: Thu 16 Apr 2026 19:46:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202226
IP address blocks: 2.26.74.0/24 maxlen: 24
2.27.5.0/24 maxlen: 24
144.31.236.0/24 maxlen: 24
150.241.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:d4:88:71:af:27:d6:5e:c5:63:ed:92:39:ac:51:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 16 19:46:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4870218b4cb65001c5198b424c8d4e821a44c819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7a:13:2e:21:63:1b:6d:56:c0:84:a5:bf:47:
26:0a:f6:b0:e9:36:ee:1b:be:f5:d2:ee:e2:a4:ca:
eb:db:1b:32:61:c2:4a:2c:c2:db:17:80:2a:7c:f3:
13:c4:7e:cf:7a:76:3f:03:57:c4:33:93:ab:7e:ba:
a1:40:b0:20:e1:50:ea:c4:99:21:a7:78:e6:b7:53:
f9:81:07:c1:59:c8:0b:c8:e7:5d:a4:57:f7:63:9a:
65:11:49:0e:fa:c8:73:06:09:5e:28:97:ba:3b:da:
ab:f8:e2:4c:aa:1f:9a:fb:b1:31:9b:62:e5:5f:32:
23:76:42:15:da:41:92:29:36:60:2a:a7:24:fc:2e:
5f:12:05:2a:a2:87:5c:ae:db:4e:e8:a7:e7:10:cf:
22:05:5d:19:e1:ec:e9:41:88:a0:f7:e9:f9:67:cc:
45:d1:71:39:14:3f:b7:77:a7:12:8e:15:3f:1c:e0:
48:85:8b:fa:38:90:05:6d:fc:a1:11:6e:58:0a:4c:
54:99:9b:a4:e1:fb:b5:cf:87:15:ce:46:53:13:68:
00:5f:48:9e:bd:ec:9f:4c:7c:9d:08:5e:67:a9:ef:
0a:5c:61:6a:15:f1:64:36:6b:49:cf:d0:17:6a:bc:
dd:d9:27:39:00:dd:6e:be:58:ee:f2:30:94:08:b5:
05:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:70:21:8B:4C:B6:50:01:C5:19:8B:42:4C:8D:4E:82:1A:44:C8:19
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/SHAhi0y2UAHFGYtCTI1OghpEyBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.74.0/24
2.27.5.0/24
144.31.236.0/24
150.241.81.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:82:b8:48:08:22:ef:00:34:19:8f:a1:fd:50:d7:23:73:4f:
01:ec:4e:ab:aa:e7:e1:50:e2:ca:4b:aa:e4:2d:70:89:ed:e5:
4c:65:25:a2:7a:ff:33:ce:8b:06:1d:cb:85:78:4c:33:8e:57:
b4:be:c9:ab:44:7c:49:4f:13:08:9f:e6:40:fc:45:62:7e:aa:
2e:3f:78:7d:06:15:53:85:17:3b:2b:57:f4:e0:0f:ba:80:5e:
68:42:15:e4:1e:32:56:bf:40:cc:1f:d9:00:23:86:cb:9f:33:
f2:ac:3b:cc:49:f1:f4:57:9a:18:93:c7:60:ce:4a:f6:54:ec:
58:2e:ce:0b:80:c3:c8:6c:75:ca:78:2d:6d:4b:69:5b:d4:8f:
c5:15:d1:1b:a4:11:64:09:a4:87:85:95:c0:ae:14:0b:12:0f:
3a:3a:04:d2:3f:9a:8c:b5:b2:58:c3:8e:ff:0f:9b:98:b6:26:
3a:7e:2e:cf:63:de:0b:74:2a:02:1b:6d:fd:56:85:0f:87:fd:
2a:29:5c:ca:cf:c0:1c:c0:7c:c3:6e:03:eb:c4:56:e4:bb:3e:
a8:ee:1f:bc:28:45:3f:01:59:82:b9:49:c0:c6:90:9d:1a:5c:
f2:bf:52:99:8f:46:ab:80:26:d1:2e:58:fe:9c:ca:8e:5f:91:
23:42:17:0d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2X1IhxryfWXsVj7ZI5rFEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDE2MTk0NjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODcwMjE4YjRjYjY1MDAxYzUxOThiNDI0YzhkNGU4MjFhNDRjODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHoTLiFjG21WwISlv0cmCvaw6Tbu
G7710u7ipMrr2xsyYcJKLMLbF4AqfPMTxH7PenY/A1fEM5OrfrqhQLAg4VDqxJkh
p3jmt1P5gQfBWcgLyOddpFf3Y5plEUkO+shzBgleKJe6O9qr+OJMqh+a+7Exm2Ll
XzIjdkIV2kGSKTZgKqck/C5fEgUqoodcrttO6KfnEM8iBV0Z4ezpQYig9+n5Z8xF
0XE5FD+3d6cSjhU/HOBIhYv6OJAFbfyhEW5YCkxUmZuk4fu1z4cVzkZTE2gAX0ie
veyfTHydCF5nqe8KXGFqFfFkNmtJz9AXarzd2Sc5AN1uvlju8jCUCLUFPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEhwIYtMtlABxRmLQkyNToIaRMgZMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvU0hBaGkweTJVQUhGR1l0Q1RJMU9naHBFeUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAhpKAwQA
AhsFAwQAkB/sAwQAlvFRMA0GCSqGSIb3DQEBCwUAA4IBAQCzgrhICCLvADQZj6H9
UNcjc08B7E6rqufhUOLKS6rkLXCJ7eVMZSWiev8zzosGHcuFeEwzjle0vsmrRHxJ
TxMIn+ZA/EVifqouP3h9BhVThRc7K1f04A+6gF5oQhXkHjJWv0DMH9kAI4bLnzPy
rDvMSfH0V5oYk8dgzkr2VOxYLs4LgMPIbHXKeC1tS2lb1I/FFdEbpBFkCaSHhZXA
rhQLEg86OgTSP5qMtbJYw47/D5uYtiY6fi7PY94LdCoCG239VoUPh/0qKVzKz8Ac
wHzDbgPrxFbkuz6o7h+8KEU/AVmCuUnAxpCdGlzyv1KZj0argCbRLlj+nMqOX5Ej
QhcN
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:09:23 2026 by rpki-client