Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/YrBPFxSWzm4usthSqWrnkG5KRho.roa
File: YrBPFxSWzm4usthSqWrnkG5KRho.roa (raw, json)
Hash identifier: saxG4aIctufcBa8EUm2m4aTvCBOai1so4zjP4G6w7q8=
Subject key identifier: 62:B0:4F:17:14:96:CE:6E:2E:B2:D8:52:A9:6A:E7:90:6E:4A:46:1A
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D926C3E9F58362E16DB13EE5336946B3B
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/YrBPFxSWzm4usthSqWrnkG5KRho.roa
Signing time: Wed 15 Apr 2026 18:34:20 +0000
ROA not before: Wed 15 Apr 2026 18:34:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216127
IP address blocks: 2.26.16.0/22 maxlen: 24
2.26.28.0/22 maxlen: 24
2.26.116.0/22 maxlen: 24
2.27.18.0/24 maxlen: 24
2.27.19.0/24 maxlen: 24
77.239.96.0/22 maxlen: 24
144.31.96.0/22 maxlen: 24
144.31.154.0/23 maxlen: 24
144.31.180.0/22 maxlen: 24
144.31.188.0/23 maxlen: 24
144.31.200.0/23 maxlen: 24
144.31.204.0/23 maxlen: 24
144.31.250.0/23 maxlen: 24
150.241.90.0/23 maxlen: 24
185.184.120.0/24 maxlen: 24
185.184.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:92:6c:3e:9f:58:36:2e:16:db:13:ee:53:36:94:6b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 15 18:34:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=62b04f171496ce6e2eb2d852a96ae7906e4a461a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e5:68:43:b0:24:32:ca:19:fc:61:0a:28:6f:
91:30:49:d3:b9:bd:78:5b:36:d3:b2:d5:09:2c:3a:
5a:ac:be:06:a8:22:cd:b4:54:94:5a:36:bc:26:72:
38:6f:b1:4f:ea:c1:ff:49:7d:22:4b:7e:30:fc:60:
e3:2e:04:22:b7:27:f9:5f:9a:ab:b6:ab:86:f9:0c:
6e:8f:68:37:31:0b:22:0d:82:c2:69:7d:16:be:c7:
4a:82:90:f4:03:68:05:b8:97:b4:22:bf:81:9d:e7:
b8:90:7b:ea:83:0d:2b:f1:0b:42:c6:92:f0:70:ae:
a1:1b:f2:b6:42:bd:d8:d2:7d:70:aa:d8:00:af:bb:
a8:e8:8c:d8:0c:52:5d:e1:15:67:91:44:af:66:fb:
1f:c6:f6:4f:af:e7:42:46:0b:49:27:75:a1:e3:a8:
d6:59:80:da:15:82:8e:67:e3:c0:06:2b:52:7f:ac:
66:e1:ea:df:19:36:34:e8:9e:75:83:6c:98:4c:d9:
64:c3:8a:e4:20:2e:aa:a6:55:dd:d6:df:57:da:b9:
7c:83:bc:cc:f3:b0:27:f0:3b:99:91:35:7a:1c:49:
f2:d1:c9:44:16:f5:89:11:a8:5e:6b:c9:54:05:4e:
9d:e6:17:e4:0a:bc:62:91:2b:34:2d:72:6c:6c:1b:
54:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B0:4F:17:14:96:CE:6E:2E:B2:D8:52:A9:6A:E7:90:6E:4A:46:1A
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/YrBPFxSWzm4usthSqWrnkG5KRho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.16.0/22
2.26.28.0/22
2.26.116.0/22
2.27.18.0/23
77.239.96.0/22
144.31.96.0/22
144.31.154.0/23
144.31.180.0/22
144.31.188.0/23
144.31.200.0/23
144.31.204.0/23
144.31.250.0/23
150.241.90.0/23
185.184.120.0/23
Signature Algorithm: sha256WithRSAEncryption
68:b5:5f:3f:63:35:31:67:87:c2:00:96:b1:ad:4a:4f:19:2a:
9f:10:9b:2f:ad:c6:07:8e:df:0f:63:92:d3:63:38:66:eb:ad:
9a:05:36:5a:49:59:bd:8c:38:59:8a:83:11:ef:b4:fa:c3:bb:
1e:a5:a9:69:64:d2:3d:35:51:56:31:ea:56:d1:8e:71:ea:73:
ee:d5:6a:1f:fe:c1:67:8a:41:d4:b1:93:54:0a:09:fb:41:b8:
34:c9:25:f3:34:80:f7:7a:4c:92:17:ea:c0:27:32:72:07:60:
41:b2:ba:c3:ba:9b:f5:40:58:49:21:4d:f4:2e:d6:a1:e5:80:
8c:4c:97:5c:c5:91:ac:84:df:1b:55:60:5f:c8:cb:be:04:a8:
52:38:c5:88:05:29:7f:ad:2d:19:44:e9:53:2f:d0:54:e4:be:
22:a0:eb:77:f3:3a:6c:0b:2f:9e:82:12:4e:95:fa:bd:dc:fb:
03:7e:f8:5b:ff:d1:24:64:ba:a6:0b:db:76:9c:55:ce:c2:6d:
e6:52:cc:01:4f:fb:63:28:0e:c6:4b:d9:ed:f2:1e:6f:d5:07:
8f:72:d7:bd:49:3d:44:56:f2:ab:fd:b2:4a:49:46:46:11:30:
86:96:26:22:b2:68:4a:ff:9f:16:7b:3b:2f:1a:77:f3:8b:bd:
3f:cc:ac:1f
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZ2SbD6fWDYuFtsT7lM2lGs7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDE1MTgzNDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmIwNGYxNzE0OTZjZTZlMmViMmQ4NTJhOTZhZTc5MDZlNGE0NjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreVoQ7AkMsoZ/GEKKG+RMEnTub14
WzbTstUJLDparL4GqCLNtFSUWja8JnI4b7FP6sH/SX0iS34w/GDjLgQityf5X5qr
tquG+Qxuj2g3MQsiDYLCaX0WvsdKgpD0A2gFuJe0Ir+Bnee4kHvqgw0r8QtCxpLw
cK6hG/K2Qr3Y0n1wqtgAr7uo6IzYDFJd4RVnkUSvZvsfxvZPr+dCRgtJJ3Wh46jW
WYDaFYKOZ+PABitSf6xm4erfGTY06J51g2yYTNlkw4rkIC6qplXd1t9X2rl8g7zM
87An8DuZkTV6HEny0clEFvWJEahea8lUBU6d5hfkCrxikSs0LXJsbBtUtwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFGKwTxcUls5uLrLYUqlq55BuSkYaMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvWXJCUEZ4U1d6bTR1c3RoU3FXcm5rRzVLUmhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQCAhoQAwQC
AhocAwQCAhp0AwQBAhsSAwQCTe9gAwQCkB9gAwQBkB+aAwQCkB+0AwQBkB+8AwQB
kB/IAwQBkB/MAwQBkB/6AwQBlvFaAwQBubh4MA0GCSqGSIb3DQEBCwUAA4IBAQBo
tV8/YzUxZ4fCAJaxrUpPGSqfEJsvrcYHjt8PY5LTYzhm662aBTZaSVm9jDhZioMR
77T6w7sepalpZNI9NVFWMepW0Y5x6nPu1Wof/sFnikHUsZNUCgn7Qbg0ySXzNID3
ekySF+rAJzJyB2BBsrrDupv1QFhJIU30Ltah5YCMTJdcxZGshN8bVWBfyMu+BKhS
OMWIBSl/rS0ZROlTL9BU5L4ioOt38zpsCy+eghJOlfq93PsDfvhb/9EkZLqmC9t2
nFXOwm3mUswBT/tjKA7GS9nt8h5v1QePcte9ST1EVvKr/bJKSUZGETCGliYismhK
/58WezsvGnfzi70/zKwf
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:54:21 2026 by rpki-client