Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/jJMoHIQbpBFqJT2PZlm9asjMUaM.roa
File: jJMoHIQbpBFqJT2PZlm9asjMUaM.roa (raw, json)
Hash identifier: x1U8SDgVebsl1kfNwc38BzvQElHjkMfJLNKBWPB8uS8=
Subject key identifier: 8C:93:28:1C:84:1B:A4:11:6A:25:3D:8F:66:59:BD:6A:C8:CC:51:A3
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D4EF89173398AAE6787D0C3AD61C29DCD
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/jJMoHIQbpBFqJT2PZlm9asjMUaM.roa
Signing time: Thu 02 Apr 2026 16:13:26 +0000
ROA not before: Thu 02 Apr 2026 16:13:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200341
IP address blocks: 2.27.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:47:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4e:f8:91:73:39:8a:ae:67:87:d0:c3:ad:61:c2:9d:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 2 16:13:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8c93281c841ba4116a253d8f6659bd6ac8cc51a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:60:12:c7:b9:bb:56:85:bd:5b:77:49:2b:2d:
b2:67:e9:8c:c0:fa:2e:de:24:a1:01:6e:e6:9f:e6:
88:d1:f2:90:67:0e:6b:51:6a:d5:18:28:0f:9b:c4:
00:44:00:ec:c3:e7:ab:8a:6a:68:fd:b0:b4:b3:8e:
a7:52:07:e7:12:cc:d5:20:a5:6a:88:84:17:b1:47:
0e:24:1d:00:fc:da:a8:47:06:14:af:6a:e2:a3:5d:
cf:c2:ee:28:d8:e2:cb:61:59:3a:20:07:d9:c8:55:
54:a6:5d:a3:2d:17:7b:0c:1f:60:c1:90:bd:40:0b:
fd:d8:a3:cf:3c:96:e4:71:95:5a:1c:d5:00:e9:37:
55:7a:31:9a:88:1a:82:e1:02:e9:18:4a:6c:a8:31:
4f:6b:36:a3:c7:70:5b:5d:a8:f7:84:a6:a5:94:8b:
f7:0a:4e:8b:c9:a3:9d:b3:28:b4:c1:92:14:20:ba:
77:ad:49:1e:31:be:6a:21:c4:19:79:b5:85:b9:49:
4b:87:ed:03:87:45:4e:2f:0f:25:5c:0e:15:76:b7:
ed:6b:22:db:a9:9b:8a:2f:e9:36:24:dc:7c:46:05:
bd:bc:04:48:cf:80:26:75:2e:3e:73:30:0c:9d:01:
8e:99:67:3d:40:19:36:54:02:92:77:5d:e1:1c:b1:
d6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:93:28:1C:84:1B:A4:11:6A:25:3D:8F:66:59:BD:6A:C8:CC:51:A3
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/jJMoHIQbpBFqJT2PZlm9asjMUaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.94.0/24
Signature Algorithm: sha256WithRSAEncryption
81:9a:f9:9a:a1:06:4a:e8:d7:f6:d1:de:d8:af:94:31:cf:d9:
4f:16:16:15:8e:48:65:f0:06:b2:ab:5c:df:83:9b:3a:88:55:
5a:61:26:1f:c7:0e:89:d1:f9:2f:22:5a:7c:70:0e:30:a2:98:
2a:b1:53:ac:78:9a:0a:3f:0f:73:1f:aa:d9:a0:5f:22:e2:37:
cb:26:70:61:1f:29:a5:ec:3a:bd:0a:8a:42:97:1b:aa:27:ea:
22:51:de:92:96:42:41:c0:3d:92:4d:66:59:e1:82:58:80:82:
81:c9:c4:b3:ed:30:b7:9e:e4:f0:8a:ca:b9:6e:cf:78:fe:29:
e1:5b:cf:20:d8:8a:81:4c:80:0f:c2:3d:75:0b:52:55:ab:f5:
95:0b:58:cb:4b:26:1a:cf:61:46:46:e9:4d:4b:89:bf:9f:dd:
80:2e:34:52:e6:0a:a2:cd:17:d0:87:ca:98:b6:f0:17:21:14:
17:69:1e:ca:36:a7:6e:48:34:33:10:0f:cd:14:a8:cf:d8:69:
41:c0:75:ea:98:47:d9:d9:96:8a:50:0e:ef:40:38:79:ab:a7:
b6:0e:34:b4:5f:1b:e8:e4:e9:83:ed:78:69:92:00:b4:78:e1:
be:4a:d1:11:3d:a8:51:41:70:48:77:ec:c4:64:2a:8a:7b:7b:
73:0b:a8:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1O+JFzOYquZ4fQw61hwp3NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDAyMTYxMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzkzMjgxYzg0MWJhNDExNmEyNTNkOGY2NjU5YmQ2YWM4Y2M1MWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWASx7m7VoW9W3dJKy2yZ+mMwPou
3iShAW7mn+aI0fKQZw5rUWrVGCgPm8QARADsw+erimpo/bC0s46nUgfnEszVIKVq
iIQXsUcOJB0A/NqoRwYUr2rio13Pwu4o2OLLYVk6IAfZyFVUpl2jLRd7DB9gwZC9
QAv92KPPPJbkcZVaHNUA6TdVejGaiBqC4QLpGEpsqDFPazajx3BbXaj3hKallIv3
Ck6LyaOdsyi0wZIUILp3rUkeMb5qIcQZebWFuUlLh+0Dh0VOLw8lXA4VdrftayLb
qZuKL+k2JNx8RgW9vARIz4AmdS4+czAMnQGOmWc9QBk2VAKSd13hHLHW2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIyTKByEG6QRaiU9j2ZZvWrIzFGjMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvakpNb0hJUWJwQkZxSlQyUFpsbTlhc2pNVWFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAhteMA0G
CSqGSIb3DQEBCwUAA4IBAQCBmvmaoQZK6Nf20d7Yr5Qxz9lPFhYVjkhl8Aayq1zf
g5s6iFVaYSYfxw6J0fkvIlp8cA4wopgqsVOseJoKPw9zH6rZoF8i4jfLJnBhHyml
7Dq9CopClxuqJ+oiUd6SlkJBwD2STWZZ4YJYgIKBycSz7TC3nuTwisq5bs94/inh
W88g2IqBTIAPwj11C1JVq/WVC1jLSyYaz2FGRulNS4m/n92ALjRS5gqizRfQh8qY
tvAXIRQXaR7KNqduSDQzEA/NFKjP2GlBwHXqmEfZ2ZaKUA7vQDh5q6e2DjS0Xxvo
5OmD7XhpkgC0eOG+StERPahRQXBId+zEZCqKe3tzC6jO
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:58:35 2026 by rpki-client