Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/d-2Q67VKd475coEcTGUi_-otrbA.roa
File: d-2Q67VKd475coEcTGUi_-otrbA.roa (raw, json)
Hash identifier: uUPAfsw2F6nU+mVXv7yn2V5ug4hxIZWBpXSVVDWGfzo=
Subject key identifier: 77:ED:90:EB:B5:4A:77:8E:F9:72:81:1C:4C:65:22:FF:EA:2D:AD:B0
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019E938CAF91370405F39A7700D1B0605253
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/d-2Q67VKd475coEcTGUi_-otrbA.roa
Signing time: Thu 04 Jun 2026 16:52:11 +0000
ROA not before: Thu 04 Jun 2026 16:52:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213520
IP address blocks: 2.26.24.0/22 maxlen: 24
2.26.76.0/23 maxlen: 24
2.27.24.0/23 maxlen: 24
2.27.28.0/22 maxlen: 24
31.77.160.0/22 maxlen: 24
64.188.68.0/22 maxlen: 24
64.188.74.0/24 maxlen: 24
64.188.104.0/22 maxlen: 24
77.239.120.0/23 maxlen: 24
144.31.16.0/23 maxlen: 24
144.31.18.0/23 maxlen: 24
144.31.62.0/23 maxlen: 24
144.31.84.0/23 maxlen: 24
144.31.116.0/23 maxlen: 24
144.31.118.0/23 maxlen: 24
144.31.122.0/23 maxlen: 24
144.31.134.0/23 maxlen: 24
144.31.138.0/23 maxlen: 24
144.31.196.0/23 maxlen: 24
144.31.232.0/24 maxlen: 24
144.31.233.0/24 maxlen: 24
150.241.64.0/24 maxlen: 24
150.241.78.0/23 maxlen: 24
193.23.197.0/24 maxlen: 24
193.23.210.0/23 maxlen: 24
193.23.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:93:8c:af:91:37:04:05:f3:9a:77:00:d1:b0:60:52:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 4 16:52:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=77ed90ebb54a778ef972811c4c6522ffea2dadb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:97:5a:44:9a:48:ec:28:77:5b:fa:f9:29:ec:
14:5a:60:09:8e:c1:89:a4:39:4a:9b:a4:06:1e:86:
49:ed:e5:ce:de:cc:f7:08:cb:8a:d5:0d:ad:4c:41:
8d:1d:55:a8:0a:a2:26:09:43:9a:fc:a8:e9:c9:da:
e0:af:d0:30:46:0f:59:a8:f3:f1:df:45:b5:25:73:
50:95:9c:60:ca:22:83:63:0e:19:41:bd:6f:8e:07:
28:b9:e6:11:d3:c7:c7:ff:e5:9a:71:a1:ba:ba:cb:
8c:0a:3b:21:ce:eb:21:6c:81:cd:03:f0:48:09:d1:
ef:3b:4b:75:e2:5b:37:63:0c:1d:ec:34:ea:a1:06:
ee:b6:81:9e:b2:93:ea:f1:06:03:d2:de:d5:c9:77:
32:39:bd:5a:57:43:72:56:ce:88:b0:e2:3d:5d:b4:
63:ae:99:bc:8d:a7:b0:96:7d:dc:e4:0b:45:a2:6b:
e8:6e:85:5a:75:6d:7a:8c:ae:39:6b:c2:94:02:4b:
ba:78:19:c2:0f:22:52:c2:6a:87:79:5a:43:48:3b:
17:8e:ba:cd:d9:82:1e:68:75:54:6d:15:84:09:bb:
92:10:43:48:cd:f0:5b:6a:30:62:7b:ec:60:58:b3:
44:84:5d:e5:15:c3:52:ce:16:95:45:fc:02:7e:92:
54:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:ED:90:EB:B5:4A:77:8E:F9:72:81:1C:4C:65:22:FF:EA:2D:AD:B0
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/d-2Q67VKd475coEcTGUi_-otrbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.24.0/22
2.26.76.0/23
2.27.24.0/23
2.27.28.0/22
31.77.160.0/22
64.188.68.0/22
64.188.74.0/24
64.188.104.0/22
77.239.120.0/23
144.31.16.0/22
144.31.62.0/23
144.31.84.0/23
144.31.116.0/22
144.31.122.0/23
144.31.134.0/23
144.31.138.0/23
144.31.196.0/23
144.31.232.0/23
150.241.64.0/24
150.241.78.0/23
193.23.197.0/24
193.23.210.0/23
193.23.218.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:bc:55:e9:ea:d5:c7:c4:cd:38:1d:5b:d4:87:14:da:0b:9c:
1a:c4:f2:5d:0d:42:2a:70:59:3b:4f:a1:bd:d9:30:19:82:ff:
76:8d:b8:ba:f0:76:2e:72:a9:3d:45:46:d5:3f:08:19:19:bc:
10:67:0e:e9:42:92:bf:8a:b4:50:68:92:77:41:69:94:c7:29:
e3:48:d6:66:25:4a:b5:9b:38:73:73:49:f6:3f:89:24:9f:70:
33:be:21:e5:c1:7e:43:56:70:9c:8b:e8:5b:9d:b4:76:71:c6:
8e:bd:29:99:ec:10:ab:c8:b5:60:73:b4:a5:3d:18:81:d1:26:
82:e0:ab:43:14:fe:1c:bc:8e:6b:5f:84:59:75:16:19:f5:e5:
41:6c:ea:20:ca:bb:9d:ce:d0:80:d2:2b:65:bd:e4:8c:ce:b9:
f6:6a:51:09:7b:57:be:41:f1:11:94:8d:b0:b0:fd:56:af:da:
14:3d:11:3b:17:a0:3d:56:d2:03:e3:9a:1c:d1:c4:9d:57:73:
42:c3:11:ea:37:f2:5f:35:4a:99:db:78:45:7a:67:c4:75:a4:
00:80:fc:5f:23:76:3e:c8:43:bb:9c:7b:1e:ab:35:f9:3b:9a:
d4:60:8b:6f:9b:40:dc:e9:1a:e0:13:ae:67:53:11:5d:a0:fc:
ff:8a:cd:be
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZ6TjK+RNwQF85p3ANGwYFJTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjA0MTY1MjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2VkOTBlYmI1NGE3NzhlZjk3MjgxMWM0YzY1MjJmZmVhMmRhZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JdaRJpI7Ch3W/r5KewUWmAJjsGJ
pDlKm6QGHoZJ7eXO3sz3CMuK1Q2tTEGNHVWoCqImCUOa/Kjpydrgr9AwRg9ZqPPx
30W1JXNQlZxgyiKDYw4ZQb1vjgcoueYR08fH/+WacaG6usuMCjshzushbIHNA/BI
CdHvO0t14ls3Ywwd7DTqoQbutoGespPq8QYD0t7VyXcyOb1aV0NyVs6IsOI9XbRj
rpm8jaewln3c5AtFomvoboVadW16jK45a8KUAku6eBnCDyJSwmqHeVpDSDsXjrrN
2YIeaHVUbRWECbuSEENIzfBbajBie+xgWLNEhF3lFcNSzhaVRfwCfpJUAQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFHftkOu1SneO+XKBHExlIv/qLa2wMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvZC0yUTY3VktkNDc1Y29FY1RHVWlfLW90cmJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIC
GhgDBAECGkwDBAECGxgDBAICGxwDBAIfTaADBAJAvEQDBABAvEoDBAJAvGgDBAFN
73gDBAKQHxADBAGQHz4DBAGQH1QDBAKQH3QDBAGQH3oDBAGQH4YDBAGQH4oDBAGQ
H8QDBAGQH+gDBACW8UADBAGW8U4DBADBF8UDBAHBF9IDBAHBF9owDQYJKoZIhvcN
AQELBQADggEBAGy8Venq1cfEzTgdW9SHFNoLnBrE8l0NQipwWTtPob3ZMBmC/3aN
uLrwdi5yqT1FRtU/CBkZvBBnDulCkr+KtFBokndBaZTHKeNI1mYlSrWbOHNzSfY/
iSSfcDO+IeXBfkNWcJyL6FudtHZxxo69KZnsEKvItWBztKU9GIHRJoLgq0MU/hy8
jmtfhFl1Fhn15UFs6iDKu53O0IDSK2W95IzOufZqUQl7V75B8RGUjbCw/Vav2hQ9
ETsXoD1W0gPjmhzRxJ1Xc0LDEeo38l81SpnbeEV6Z8R1pACA/F8jdj7IQ7ucex6r
Nfk7mtRgi2+bQNzpGuATrmdTEV2g/P+Kzb4=
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:53:24 2026 by rpki-client