Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/jVkY66lW4gpJC1aOhGnArOPHaPI.roa
File: jVkY66lW4gpJC1aOhGnArOPHaPI.roa (raw, json)
Hash identifier: B6X42xTyxBm8P22F3JiQ7PSzobnbX+Pmts388rGOs+o=
Subject key identifier: 8D:59:18:EB:A9:56:E2:0A:49:0B:56:8E:84:69:C0:AC:E3:C7:68:F2
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D972694BF34DFDF0A911D887641AA2AE2
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/jVkY66lW4gpJC1aOhGnArOPHaPI.roa
Signing time: Thu 16 Apr 2026 16:36:21 +0000
ROA not before: Thu 16 Apr 2026 16:36:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 2.27.107.0/24 maxlen: 24
2.27.236.0/24 maxlen: 24
2.27.250.0/24 maxlen: 24
144.31.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:26:94:bf:34:df:df:0a:91:1d:88:76:41:aa:2a:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 16 16:36:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8d5918eba956e20a490b568e8469c0ace3c768f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:55:56:50:2f:66:f9:dd:3c:42:25:00:c2:9d:
30:ef:b9:fa:60:8d:08:70:fa:60:99:f5:3a:de:a9:
e1:f6:d4:80:12:a2:6c:c6:4b:ab:f9:7e:63:63:8e:
5b:4d:14:ea:16:90:26:ff:14:1f:39:80:b6:28:06:
b4:72:47:ce:f9:b0:3c:60:97:0b:04:d7:fd:e7:3b:
d5:b4:e3:0c:67:71:eb:5e:cf:6c:4b:07:17:06:a4:
0a:eb:f4:3a:97:66:85:bf:7f:5f:d6:36:df:21:9b:
67:16:66:b9:df:37:88:c9:30:1a:cf:a2:8a:bc:e7:
f0:bf:03:2c:8e:87:fa:4e:da:44:be:75:05:54:5d:
35:17:0b:0a:7f:5e:e9:53:66:11:21:7f:52:d4:5c:
ab:d3:b0:ab:c3:e4:f7:0a:95:4e:bf:dd:df:43:fc:
7d:47:1c:31:8a:65:71:a9:3a:53:95:95:c4:c7:10:
a2:23:39:51:81:b0:e4:1e:bb:da:0b:a8:6b:b0:4a:
12:32:2b:f4:22:ef:b0:7d:79:ab:25:4a:7a:76:31:
8c:3b:a9:8b:0b:20:fe:85:90:03:60:a1:bf:ce:c4:
e4:63:60:ba:c1:2a:62:a6:98:bc:3d:86:10:b2:ff:
ed:06:26:f2:66:85:e0:39:b9:de:db:f5:0c:69:5a:
9f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:59:18:EB:A9:56:E2:0A:49:0B:56:8E:84:69:C0:AC:E3:C7:68:F2
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/jVkY66lW4gpJC1aOhGnArOPHaPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.107.0/24
2.27.236.0/24
2.27.250.0/24
144.31.145.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:8e:78:b7:d4:7a:86:89:e8:a6:c0:36:dd:a7:35:53:ec:d2:
5c:6f:a3:f2:bf:af:54:90:ea:d4:24:61:7f:96:ae:2b:a8:1c:
99:93:48:e4:28:51:30:c1:b5:31:f5:13:d6:11:2a:81:72:3f:
9e:84:12:0b:50:cf:2e:30:27:cc:56:1e:2a:ad:d3:2d:fd:c2:
ef:12:20:4a:a5:6f:c5:29:ab:f1:49:fe:d6:5e:92:70:b9:87:
f2:91:5a:a4:8b:b4:e5:9d:85:b0:8e:3a:81:58:ed:f0:ea:2c:
e0:f2:74:7f:d5:89:b7:36:19:fc:8c:96:d3:ce:f5:e4:0f:8b:
26:87:11:b6:c9:4e:c6:95:85:cc:8f:a2:f2:fa:1b:54:97:ae:
11:86:26:f6:e9:7b:61:2d:01:b7:de:23:df:7e:d2:e7:a7:1e:
63:8c:33:67:d8:af:50:f9:72:3d:8a:65:eb:d6:b6:a0:22:a2:
e5:1a:7b:11:31:45:c5:71:d1:de:34:64:5e:ad:b3:d6:01:b1:
5c:88:0a:06:8c:7f:b6:f1:fe:0b:23:42:82:35:e5:20:c4:56:
c0:1c:6d:48:16:dd:60:fe:21:b3:38:65:78:a3:22:29:e5:2c:
8d:dd:21:eb:2b:f0:1d:97:fd:67:ef:ef:83:34:9d:16:24:11:
87:5d:f1:87
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2XJpS/NN/fCpEdiHZBqiriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDE2MTYzNjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDU5MThlYmE5NTZlMjBhNDkwYjU2OGU4NDY5YzBhY2UzYzc2OGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11VWUC9m+d08QiUAwp0w77n6YI0I
cPpgmfU63qnh9tSAEqJsxkur+X5jY45bTRTqFpAm/xQfOYC2KAa0ckfO+bA8YJcL
BNf95zvVtOMMZ3HrXs9sSwcXBqQK6/Q6l2aFv39f1jbfIZtnFma53zeIyTAaz6KK
vOfwvwMsjof6TtpEvnUFVF01FwsKf17pU2YRIX9S1Fyr07Crw+T3CpVOv93fQ/x9
RxwximVxqTpTlZXExxCiIzlRgbDkHrvaC6hrsEoSMiv0Iu+wfXmrJUp6djGMO6mL
CyD+hZADYKG/zsTkY2C6wSpippi8PYYQsv/tBibyZoXgObne2/UMaVqfHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI1ZGOupVuIKSQtWjoRpwKzjx2jyMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvalZrWTY2bFc0Z3BKQzFhT2hHbkFyT1BIYVBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAhtrAwQA
AhvsAwQAAhv6AwQAkB+RMA0GCSqGSIb3DQEBCwUAA4IBAQAajni31HqGieimwDbd
pzVT7NJcb6Pyv69UkOrUJGF/lq4rqByZk0jkKFEwwbUx9RPWESqBcj+ehBILUM8u
MCfMVh4qrdMt/cLvEiBKpW/FKavxSf7WXpJwuYfykVqki7TlnYWwjjqBWO3w6izg
8nR/1Ym3Nhn8jJbTzvXkD4smhxG2yU7GlYXMj6Ly+htUl64Rhib26XthLQG33iPf
ftLnpx5jjDNn2K9Q+XI9imXr1ragIqLlGnsRMUXFcdHeNGRerbPWAbFciAoGjH+2
8f4LI0KCNeUgxFbAHG1IFt1g/iGzOGV4oyIp5SyN3SHrK/Adl/1n7++DNJ0WJBGH
XfGH
-----END CERTIFICATE-----
Generated at Fri Apr 17 04:35:06 2026 by rpki-client