Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/lyZSGMihLH9n5nOuvgl1LWbHh70.roa
File: lyZSGMihLH9n5nOuvgl1LWbHh70.roa (raw, json)
Hash identifier: ENr/ewnc2pT5Liei6xX2LPECGefyoIYl2aOmA8yuBLA=
Subject key identifier: 97:26:52:18:C8:A1:2C:7F:67:E6:73:AE:BE:09:75:2D:66:C7:87:BD
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019EBCB0EF3FC27E5E141CD8D3B6C6E9DFA2
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/lyZSGMihLH9n5nOuvgl1LWbHh70.roa
Signing time: Fri 12 Jun 2026 16:36:12 +0000
ROA not before: Fri 12 Jun 2026 16:36:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 2.26.170.0/24 maxlen: 24
2.27.115.0/24 maxlen: 24
31.77.176.0/23 maxlen: 24
144.31.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bc:b0:ef:3f:c2:7e:5e:14:1c:d8:d3:b6:c6:e9:df:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 12 16:36:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=97265218c8a12c7f67e673aebe09752d66c787bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:16:5b:05:20:a6:b3:1b:aa:be:d0:23:1c:96:
3f:ed:47:3a:6c:26:23:fc:9f:d0:3a:06:3c:2e:2c:
a8:50:54:f2:a3:f7:f6:9a:cb:c8:a7:30:b1:3c:25:
51:85:03:2e:12:b9:db:0c:f6:ed:21:eb:07:41:39:
bf:f2:a9:00:8c:07:86:a3:c2:72:db:9a:b4:bb:58:
12:f8:ea:e1:51:c4:89:15:7a:43:c2:b3:cc:b7:0a:
56:85:c6:fe:06:7e:04:9d:14:d8:74:73:f3:d8:81:
f9:2d:54:38:45:8b:2d:26:c1:ad:81:61:77:8a:6a:
e4:cb:d8:78:9c:2f:c9:a5:7a:51:f7:a0:80:ea:4d:
08:92:15:6b:1f:13:1e:71:11:81:ea:dc:37:2b:33:
a5:e5:22:1c:a2:59:53:4f:d7:e4:90:49:e9:2d:3f:
73:2c:05:02:9e:fe:d6:96:4c:39:0d:ba:52:dc:98:
9b:ab:83:4e:b7:47:54:c2:2f:26:f0:b8:8e:95:fa:
72:52:8d:95:76:5a:4a:fb:1f:46:a0:9b:4f:d3:a3:
21:ca:53:d9:44:52:1c:25:f7:7c:36:33:f9:37:ec:
f1:2b:23:e0:36:51:10:63:e9:49:9c:25:5a:9f:b6:
1a:f5:c9:dd:10:98:65:29:56:f9:85:a7:b4:08:8c:
22:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:26:52:18:C8:A1:2C:7F:67:E6:73:AE:BE:09:75:2D:66:C7:87:BD
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/lyZSGMihLH9n5nOuvgl1LWbHh70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.170.0/24
2.27.115.0/24
31.77.176.0/23
144.31.145.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:a6:ec:90:e9:a4:33:e7:c7:cd:5c:7d:4b:59:c1:0f:49:b4:
c4:41:99:71:62:78:cd:73:3e:77:fc:b9:2a:de:e7:0e:8c:7c:
0a:db:24:a9:fe:b9:b7:b7:d6:e3:75:9e:53:8f:c5:0a:88:67:
1d:96:f1:ce:ec:5d:b3:77:6b:50:00:22:71:2a:e1:dc:ea:9e:
84:9d:f7:2d:f1:a1:99:35:42:bc:b7:f3:13:74:35:9a:75:8f:
61:1d:1a:f1:79:c8:86:aa:f2:17:b7:bc:c7:26:c5:25:d5:cc:
49:22:b7:97:c5:7e:f0:3f:47:db:4f:ae:cc:ea:47:7c:31:b1:
2a:fe:dc:c3:31:e6:51:c6:2c:61:03:aa:61:f8:34:6a:fa:bf:
ee:f7:35:ae:79:bd:01:4b:2a:79:52:84:68:e8:7c:8c:6a:6e:
e5:fa:2f:ab:31:8f:ac:fe:8d:86:3f:f1:c9:fa:fa:f5:ef:e9:
8f:03:66:8b:45:e0:12:75:c8:a6:8f:bd:02:70:7a:b8:15:7a:
e4:25:40:aa:d1:8a:bb:f5:d5:08:3a:fa:9a:f9:4d:c1:ac:b1:
2b:01:68:2c:c4:8e:b8:4a:bc:b1:f7:4e:0d:72:b6:75:7b:08:
24:72:8c:2b:3e:4f:f9:47:f9:db:89:6d:cc:94:6a:66:a5:5d:
5e:5b:50:56
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ68sO8/wn5eFBzY07bG6d+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjEyMTYzNjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI2NTIxOGM4YTEyYzdmNjdlNjczYWViZTA5NzUyZDY2Yzc4N2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRZbBSCmsxuqvtAjHJY/7Uc6bCYj
/J/QOgY8LiyoUFTyo/f2msvIpzCxPCVRhQMuErnbDPbtIesHQTm/8qkAjAeGo8Jy
25q0u1gS+OrhUcSJFXpDwrPMtwpWhcb+Bn4EnRTYdHPz2IH5LVQ4RYstJsGtgWF3
imrky9h4nC/JpXpR96CA6k0IkhVrHxMecRGB6tw3KzOl5SIcollTT9fkkEnpLT9z
LAUCnv7Wlkw5DbpS3Jibq4NOt0dUwi8m8LiOlfpyUo2VdlpK+x9GoJtP06MhylPZ
RFIcJfd8NjP5N+zxKyPgNlEQY+lJnCVan7Ya9cndEJhlKVb5hae0CIwiSQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJcmUhjIoSx/Z+Zzrr4JdS1mx4e9MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvbHlaU0dNaWhMSDluNW5PdXZnbDFMV2JIaDcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAhqqAwQA
AhtzAwQBH02wAwQAkB+RMA0GCSqGSIb3DQEBCwUAA4IBAQClpuyQ6aQz58fNXH1L
WcEPSbTEQZlxYnjNcz53/Lkq3ucOjHwK2ySp/rm3t9bjdZ5Tj8UKiGcdlvHO7F2z
d2tQACJxKuHc6p6Enfct8aGZNUK8t/MTdDWadY9hHRrxeciGqvIXt7zHJsUl1cxJ
IreXxX7wP0fbT67M6kd8MbEq/tzDMeZRxixhA6ph+DRq+r/u9zWueb0BSyp5UoRo
6HyMam7l+i+rMY+s/o2GP/HJ+vr17+mPA2aLReASdcimj70CcHq4FXrkJUCq0Yq7
9dUIOvqa+U3BrLErAWgsxI64Sryx904NcrZ1ewgkcowrPk/5R/nbiW3MlGpmpV1e
W1BW
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:34:29 2026 by rpki-client