Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/W81UiNPY0r7AmYypxLUzfg6KtZ8.roa
File: W81UiNPY0r7AmYypxLUzfg6KtZ8.roa (raw, json)
Hash identifier: rB++gURABYJve0zxtvruYqRRJUFPj/lfBoaxu8ASThQ=
Subject key identifier: 5B:CD:54:88:D3:D8:D2:BE:C0:99:8C:A9:C4:B5:33:7E:0E:8A:B5:9F
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D5E9B41A8C21D50BAAECF449E1D138BB2
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/W81UiNPY0r7AmYypxLUzfg6KtZ8.roa
Signing time: Sun 05 Apr 2026 17:05:26 +0000
ROA not before: Sun 05 Apr 2026 17:05:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207461
IP address blocks: 2.27.64.0/22 maxlen: 24
2.27.68.0/24 maxlen: 24
2.27.69.0/24 maxlen: 24
2.27.70.0/24 maxlen: 24
2.27.71.0/24 maxlen: 24
2.27.72.0/23 maxlen: 24
2.27.74.0/23 maxlen: 24
2.27.76.0/24 maxlen: 24
2.27.77.0/24 maxlen: 24
2.27.80.0/24 maxlen: 24
2.27.81.0/24 maxlen: 24
2.27.87.0/24 maxlen: 24
2.27.89.0/24 maxlen: 24
2.27.90.0/24 maxlen: 24
2.27.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:47:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:5e:9b:41:a8:c2:1d:50:ba:ae:cf:44:9e:1d:13:8b:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 5 17:05:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5bcd5488d3d8d2bec0998ca9c4b5337e0e8ab59f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6b:03:9c:06:d6:d2:0b:38:fc:61:a2:7f:03:
9a:b2:29:f0:d3:42:12:af:c1:e5:d4:0f:b5:78:21:
d4:82:00:69:a3:42:5d:59:7e:67:f8:b1:d4:7e:1a:
44:4f:b7:cd:7c:ea:65:e0:75:27:b3:f7:9a:47:c3:
0a:31:ec:50:93:4b:12:73:39:cd:6a:94:c1:e7:b7:
f5:83:97:a3:fe:49:c0:8c:67:0a:b3:7a:f9:d5:1a:
45:0c:6a:60:86:7d:4a:35:75:1f:54:59:fb:dc:b0:
c0:2d:8c:06:46:25:c5:c0:59:5f:69:44:2a:40:b6:
d5:a4:90:95:b0:9b:f5:6c:55:02:94:d7:38:75:e2:
40:9c:f6:f5:20:2f:2c:36:d6:be:16:26:60:d3:66:
27:30:4e:ba:9b:d6:05:64:81:d1:65:c3:2d:20:d0:
38:d5:85:73:6f:4b:42:07:f4:0e:df:79:90:eb:5a:
d9:96:9b:e8:88:4e:47:2e:51:61:4a:19:1a:c5:85:
35:4b:e8:a0:93:17:8a:e9:33:2c:10:ca:e7:57:2d:
6f:46:e0:10:90:2c:37:4e:48:55:b8:d8:0e:a2:c0:
65:65:98:32:7f:2f:dd:6c:eb:2b:1b:bd:ad:ee:ab:
c9:59:e6:0d:33:46:40:1e:cd:c3:ab:9c:85:12:34:
71:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:CD:54:88:D3:D8:D2:BE:C0:99:8C:A9:C4:B5:33:7E:0E:8A:B5:9F
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/W81UiNPY0r7AmYypxLUzfg6KtZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.64.0-2.27.77.255
2.27.80.0/23
2.27.87.0/24
2.27.89.0-2.27.91.255
Signature Algorithm: sha256WithRSAEncryption
4d:38:da:e5:c0:fa:da:2f:16:23:50:83:86:d3:91:b4:45:05:
9e:14:66:cf:9c:02:4f:8f:f3:e7:2c:a8:07:b0:6f:83:2e:8c:
df:c4:cb:59:de:e9:3d:d3:7d:1d:e9:f5:6d:66:22:d2:eb:9d:
08:8b:34:94:6a:56:1e:e0:63:52:74:69:60:a6:ed:d6:92:79:
ef:f5:86:5d:f1:16:01:53:d9:ac:bf:e3:08:65:10:1e:3d:07:
3f:80:55:da:4e:05:a7:be:75:aa:8b:3c:de:42:bd:e5:22:a0:
22:35:d4:a8:64:44:ca:57:ea:a6:21:5f:f7:9e:69:dc:51:d1:
89:86:30:62:2e:17:b1:a2:4a:14:24:f4:d4:5d:e6:e5:cb:bd:
97:62:4e:27:fe:bd:5e:f5:0c:ac:ec:4d:3e:d7:09:4a:16:ed:
df:f3:e7:aa:25:e2:0a:8e:88:fb:3f:50:02:4e:17:f1:5a:a3:
30:ec:e4:35:f3:3b:38:6a:92:52:8f:c0:d4:93:4d:38:01:08:
d1:e9:cc:0a:91:89:5f:32:10:bb:b8:8d:fa:e8:10:1b:fc:9c:
7f:fe:07:5f:e9:54:86:5e:75:42:a5:e8:b4:7c:09:8d:74:7d:
0b:0f:f3:f6:7f:cd:fa:57:75:f4:6d:f5:bb:1d:8e:77:d4:d2:
42:b5:6c:d7
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZ1em0Gowh1Quq7PRJ4dE4uyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDA1MTcwNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmNkNTQ4OGQzZDhkMmJlYzA5OThjYTljNGI1MzM3ZTBlOGFiNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02sDnAbW0gs4/GGifwOasinw00IS
r8Hl1A+1eCHUggBpo0JdWX5n+LHUfhpET7fNfOpl4HUns/eaR8MKMexQk0sScznN
apTB57f1g5ej/knAjGcKs3r51RpFDGpghn1KNXUfVFn73LDALYwGRiXFwFlfaUQq
QLbVpJCVsJv1bFUClNc4deJAnPb1IC8sNta+FiZg02YnME66m9YFZIHRZcMtINA4
1YVzb0tCB/QO33mQ61rZlpvoiE5HLlFhShkaxYU1S+igkxeK6TMsEMrnVy1vRuAQ
kCw3TkhVuNgOosBlZZgyfy/dbOsrG72t7qvJWeYNM0ZAHs3Dq5yFEjRxIwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFvNVIjT2NK+wJmMqcS1M34OirWfMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvVzgxVWlOUFkwcjdBbVl5cHhMVXpmZzZLdFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAYCG0AD
BAECG0wDBAECG1ADBAACG1cwDAMEAAIbWQMEAgIbWDANBgkqhkiG9w0BAQsFAAOC
AQEATTja5cD62i8WI1CDhtORtEUFnhRmz5wCT4/z5yyoB7Bvgy6M38TLWd7pPdN9
Hen1bWYi0uudCIs0lGpWHuBjUnRpYKbt1pJ57/WGXfEWAVPZrL/jCGUQHj0HP4BV
2k4Fp751qos83kK95SKgIjXUqGREylfqpiFf955p3FHRiYYwYi4XsaJKFCT01F3m
5cu9l2JOJ/69XvUMrOxNPtcJShbt3/PnqiXiCo6I+z9QAk4X8VqjMOzkNfM7OGqS
Uo/A1JNNOAEI0enMCpGJXzIQu7iN+ugQG/ycf/4HX+lUhl51QqXotHwJjXR9Cw/z
9n/N+ld19G31ux2Od9TSQrVs1w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:59:29 2026 by rpki-client