Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/ThlPrsRthtnimWTIVhsTwa1u0N4.roa
File: ThlPrsRthtnimWTIVhsTwa1u0N4.roa (raw, json)
Hash identifier: u1qiwHJSuDmTVsoIdIp0S5kNqTXGoFQfsKr8YJs4+b4=
Subject key identifier: 4E:19:4F:AE:C4:6D:86:D9:E2:99:64:C8:56:1B:13:C1:AD:6E:D0:DE
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D6ED6C17B7BE37A9600F86A143A69CAD6
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/ThlPrsRthtnimWTIVhsTwa1u0N4.roa
Signing time: Wed 08 Apr 2026 20:44:21 +0000
ROA not before: Wed 08 Apr 2026 20:44:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210457
IP address blocks: 2.27.4.0/24 maxlen: 24
2.27.59.0/24 maxlen: 24
2.27.60.0/24 maxlen: 24
2.27.62.0/24 maxlen: 24
2.27.63.0/24 maxlen: 24
144.31.12.0/24 maxlen: 24
144.31.25.0/24 maxlen: 24
144.31.106.0/24 maxlen: 24
144.31.136.0/24 maxlen: 24
144.31.151.0/24 maxlen: 24
144.31.169.0/24 maxlen: 24
144.31.221.0/24 maxlen: 24
150.241.66.0/24 maxlen: 24
193.23.199.0/24 maxlen: 24
193.23.209.0/24 maxlen: 24
193.23.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6e:d6:c1:7b:7b:e3:7a:96:00:f8:6a:14:3a:69:ca:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 8 20:44:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e194faec46d86d9e29964c8561b13c1ad6ed0de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4d:50:61:f5:8c:b7:7f:20:79:4f:6e:cb:f4:
9b:fd:21:bc:ab:fa:f5:c0:d7:8e:af:5f:4c:42:c2:
14:9a:70:74:33:06:dc:4f:d3:12:2c:bf:58:7a:79:
e9:8c:78:88:fe:77:fc:e9:84:ef:c2:5a:61:a6:b6:
53:53:15:c2:85:11:55:c5:8d:f6:15:56:62:e8:57:
48:8d:36:21:66:1f:26:8f:c4:22:f5:fc:a6:25:89:
86:fc:f2:ba:0e:75:52:3b:9c:3e:b6:59:38:04:86:
f0:59:cf:f3:00:b6:8b:b9:2c:c4:a5:20:a5:83:34:
1f:4c:b5:4a:da:c0:64:c2:fd:65:ae:5e:20:1a:5e:
58:d1:a5:88:c4:4b:a8:16:2d:ad:98:8f:d3:e2:93:
8b:34:37:a6:b4:fc:bb:d7:ca:8b:ab:b8:db:8b:30:
1a:9d:f2:4d:3c:57:fe:a8:1b:5c:d7:6b:af:8e:b8:
b9:34:27:9b:eb:71:f3:b5:ef:cf:4d:09:ae:58:00:
af:8e:db:df:26:ab:45:bc:b3:a5:57:8b:81:e1:60:
38:64:fc:80:d5:66:da:dd:80:9b:69:a1:b7:46:81:
07:8b:d9:51:d7:3d:4b:a0:dc:7b:41:30:78:87:5f:
e2:3e:bf:4a:8d:fd:fc:ab:60:38:c4:3d:8a:ca:83:
c4:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:19:4F:AE:C4:6D:86:D9:E2:99:64:C8:56:1B:13:C1:AD:6E:D0:DE
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/ThlPrsRthtnimWTIVhsTwa1u0N4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.4.0/24
2.27.59.0-2.27.60.255
2.27.62.0/23
144.31.12.0/24
144.31.25.0/24
144.31.106.0/24
144.31.136.0/24
144.31.151.0/24
144.31.169.0/24
144.31.221.0/24
150.241.66.0/24
193.23.199.0/24
193.23.209.0/24
193.23.221.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:39:52:4f:dd:41:92:57:70:95:50:4e:96:06:4a:4e:2b:27:
ce:fd:ad:4d:0e:f7:fd:99:88:52:48:52:56:bb:ae:49:b3:47:
53:49:38:c5:fb:40:fe:3a:6b:22:e6:86:5a:06:3a:ea:e6:0c:
a6:6f:cc:f0:ec:05:b5:1a:f6:68:c0:0e:99:37:c1:51:05:51:
96:dd:de:b3:e7:2c:9a:44:d4:e0:01:e7:b8:47:03:8e:b4:be:
c9:08:fe:cb:09:bb:49:65:b7:89:45:02:ff:c3:bc:49:b5:db:
48:ae:b6:62:c1:ed:fe:d6:ef:de:b0:b1:61:97:5b:70:a1:26:
21:b3:18:4e:7f:76:3c:82:37:e3:be:50:14:ac:59:08:e4:67:
c8:bc:ad:f5:3a:25:95:0e:20:1c:b9:ed:fc:b4:ba:df:10:97:
0d:b5:f4:49:1f:c6:11:2c:5f:11:47:04:77:61:a4:ef:0a:39:
2c:a8:40:63:72:ed:4c:b8:6e:7c:53:43:66:fc:d1:2c:6c:89:
88:c7:6d:66:21:d0:22:2e:99:30:d3:31:7a:33:36:b8:e4:6d:
39:8f:83:e4:cf:d1:5c:91:7c:54:05:9d:03:17:1b:b2:a7:c8:
ff:5d:dc:20:ff:8d:b3:8f:af:e0:b9:db:5e:d2:60:46:e7:44:
8a:3d:57:c1
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZ1u1sF7e+N6lgD4ahQ6acrWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDA4MjA0NDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTE5NGZhZWM0NmQ4NmQ5ZTI5OTY0Yzg1NjFiMTNjMWFkNmVkMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1E1QYfWMt38geU9uy/Sb/SG8q/r1
wNeOr19MQsIUmnB0MwbcT9MSLL9YennpjHiI/nf86YTvwlphprZTUxXChRFVxY32
FVZi6FdIjTYhZh8mj8Qi9fymJYmG/PK6DnVSO5w+tlk4BIbwWc/zALaLuSzEpSCl
gzQfTLVK2sBkwv1lrl4gGl5Y0aWIxEuoFi2tmI/T4pOLNDemtPy718qLq7jbizAa
nfJNPFf+qBtc12uvjri5NCeb63Hzte/PTQmuWACvjtvfJqtFvLOlV4uB4WA4ZPyA
1Wba3YCbaaG3RoEHi9lR1z1LoNx7QTB4h1/iPr9Kjf38q2A4xD2KyoPEywIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFE4ZT67EbYbZ4plkyFYbE8GtbtDeMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvVGhsUHJzUnRodG5pbVdUSVZoc1R3YTF1ME40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAAhsEMAwD
BAACGzsDBAACGzwDBAECGz4DBACQHwwDBACQHxkDBACQH2oDBACQH4gDBACQH5cD
BACQH6kDBACQH90DBACW8UIDBADBF8cDBADBF9EDBADBF90wDQYJKoZIhvcNAQEL
BQADggEBAE85Uk/dQZJXcJVQTpYGSk4rJ879rU0O9/2ZiFJIUla7rkmzR1NJOMX7
QP46ayLmhloGOurmDKZvzPDsBbUa9mjADpk3wVEFUZbd3rPnLJpE1OAB57hHA460
vskI/ssJu0llt4lFAv/DvEm120iutmLB7f7W796wsWGXW3ChJiGzGE5/djyCN+O+
UBSsWQjkZ8i8rfU6JZUOIBy57fy0ut8Qlw219EkfxhEsXxFHBHdhpO8KOSyoQGNy
7Uy4bnxTQ2b80SxsiYjHbWYh0CIumTDTMXozNrjkbTmPg+TP0VyRfFQFnQMXG7Kn
yP9d3CD/jbOPr+C5217SYEbnRIo9V8E=
-----END CERTIFICATE-----
Generated at Fri Apr 17 20:23:15 2026 by rpki-client