Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/nur3AmZVBY54uu6Z4uf53cXzKjU.roa
File: nur3AmZVBY54uu6Z4uf53cXzKjU.roa (raw, json)
Hash identifier: 5bRh1mga0P+dszxTpuydin2BZj9xqk/1aXm31OYdrp0=
Subject key identifier: 9E:EA:F7:02:66:55:05:8E:78:BA:EE:99:E2:E7:F9:DD:C5:F3:2A:35
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D9CC347E6592780BE994CF20C2F0A2FCD
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/nur3AmZVBY54uu6Z4uf53cXzKjU.roa
Signing time: Fri 17 Apr 2026 18:45:36 +0000
ROA not before: Fri 17 Apr 2026 18:45:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199785
IP address blocks: 2.26.64.0/22 maxlen: 24
2.26.72.0/23 maxlen: 24
2.26.121.0/24 maxlen: 24
2.27.1.0/24 maxlen: 24
2.27.48.0/23 maxlen: 24
2.27.50.0/23 maxlen: 24
37.46.16.0/24 maxlen: 24
37.46.17.0/24 maxlen: 24
37.46.18.0/24 maxlen: 24
37.46.19.0/24 maxlen: 24
64.188.72.0/24 maxlen: 24
64.188.99.0/24 maxlen: 24
77.239.106.0/24 maxlen: 24
144.31.80.0/23 maxlen: 24
144.31.132.0/23 maxlen: 24
144.31.184.0/23 maxlen: 24
144.31.194.0/23 maxlen: 24
150.241.76.0/23 maxlen: 24
150.241.113.0/24 maxlen: 24
150.241.114.0/24 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:c3:47:e6:59:27:80:be:99:4c:f2:0c:2f:0a:2f:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 17 18:45:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9eeaf7026655058e78baee99e2e7f9ddc5f32a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:31:f4:4a:b7:32:e0:00:f7:86:94:b9:57:6f:
a0:e1:67:50:45:51:19:61:8f:22:84:9f:73:bd:42:
25:ef:15:6f:e3:c7:47:90:f0:ee:ad:68:e2:7c:42:
ce:ce:ea:60:65:9c:2a:b6:a7:53:23:34:d5:f2:86:
14:f9:92:cc:2c:e0:6c:b0:be:8b:d2:46:41:c0:40:
ef:f9:11:0e:48:69:3b:a9:44:dd:9f:ee:3d:c9:33:
63:1b:95:d1:56:43:35:d1:24:23:bb:40:56:1e:5e:
ca:08:96:a4:a0:fa:0d:a1:0e:0d:9f:ce:80:1e:fa:
48:01:95:78:5d:10:5e:76:fe:13:d7:0a:0a:99:4d:
95:fb:e4:fd:84:4a:32:bb:3d:18:b4:5b:0d:6d:5b:
75:c5:e8:69:1a:1f:3a:6a:f9:84:a7:a7:91:a0:aa:
51:35:a4:2b:08:08:aa:e2:ba:bd:2c:67:3c:5f:c1:
48:95:ed:74:5d:bc:10:19:82:7e:d3:b2:f3:72:00:
75:3e:1d:63:b0:1d:7d:db:86:28:85:8f:92:82:a4:
cb:0e:57:49:17:67:68:b2:16:e7:11:c9:bf:86:7d:
25:f6:31:5c:01:63:74:92:71:ed:5e:c5:30:aa:8a:
ae:e3:80:ba:e9:52:c7:77:6e:a1:6b:9b:ca:d1:0b:
99:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:EA:F7:02:66:55:05:8E:78:BA:EE:99:E2:E7:F9:DD:C5:F3:2A:35
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/nur3AmZVBY54uu6Z4uf53cXzKjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.64.0/22
2.26.72.0/23
2.26.121.0/24
2.27.1.0/24
2.27.48.0/22
37.46.16.0/22
64.188.72.0/24
64.188.99.0/24
77.239.106.0/24
144.31.80.0/23
144.31.132.0/23
144.31.184.0/23
144.31.194.0/23
150.241.76.0/23
150.241.113.0-150.241.116.255
Signature Algorithm: sha256WithRSAEncryption
a8:d4:b9:d4:14:73:20:5f:60:c1:62:76:54:7b:31:9f:d4:ce:
27:71:be:54:49:d5:95:fb:09:17:f0:c3:80:10:f5:66:d0:d0:
ae:4d:5d:2d:29:ac:61:36:94:06:27:a4:99:92:0d:3f:7f:98:
75:e0:e0:40:89:ce:7a:9a:84:3a:8c:b5:6f:c5:2d:50:bd:a6:
f4:31:78:c6:8f:dc:70:19:a8:7d:56:a7:11:e5:0f:47:ef:d8:
44:61:3a:f1:a6:ff:9c:b7:83:ad:72:8c:73:df:8e:f9:a1:99:
ce:22:1a:33:d3:4d:52:7c:d3:2f:45:72:b0:07:2e:8b:85:a6:
b3:c1:37:7c:af:db:be:7e:62:8f:c1:da:33:22:ec:54:76:29:
1f:04:7c:be:a4:79:62:65:ad:e9:45:0e:2c:d5:04:b3:46:a5:
08:7f:59:cf:38:04:d9:a0:39:94:0c:a2:16:a4:89:8d:42:61:
b5:78:78:2a:4e:b1:b9:2c:34:a0:e7:34:8c:7e:a9:49:49:b2:
1c:6a:13:e5:44:69:80:db:bc:53:b3:71:22:eb:42:05:a4:ac:
db:5a:51:16:aa:ec:71:be:a9:6a:bf:7f:d8:39:7e:78:2f:fd:
41:90:16:d2:5b:64:60:c5:0b:57:b2:2b:f7:00:0e:cb:06:43:
37:4b:c9:20
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZ2cw0fmWSeAvplM8gwvCi/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNDE3MTg0NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWVhZjcwMjY2NTUwNThlNzhiYWVlOTllMmU3ZjlkZGM1ZjMyYTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jH0Srcy4AD3hpS5V2+g4WdQRVEZ
YY8ihJ9zvUIl7xVv48dHkPDurWjifELOzupgZZwqtqdTIzTV8oYU+ZLMLOBssL6L
0kZBwEDv+REOSGk7qUTdn+49yTNjG5XRVkM10SQju0BWHl7KCJakoPoNoQ4Nn86A
HvpIAZV4XRBedv4T1woKmU2V++T9hEoyuz0YtFsNbVt1xehpGh86avmEp6eRoKpR
NaQrCAiq4rq9LGc8X8FIle10XbwQGYJ+07LzcgB1Ph1jsB1924YohY+SgqTLDldJ
F2doshbnEcm/hn0l9jFcAWN0knHtXsUwqoqu44C66VLHd26ha5vK0QuZcQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFJ7q9wJmVQWOeLrumeLn+d3F8yo1MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvbnVyM0FtWlZCWTU0dXU2WjR1ZjUzY1h6S2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQCAhpAAwQB
AhpIAwQAAhp5AwQAAhsBAwQCAhswAwQCJS4QAwQAQLxIAwQAQLxjAwQATe9qAwQB
kB9QAwQBkB+EAwQBkB+4AwQBkB/CAwQBlvFMMAwDBACW8XEDBACW8XQwDQYJKoZI
hvcNAQELBQADggEBAKjUudQUcyBfYMFidlR7MZ/UzidxvlRJ1ZX7CRfww4AQ9WbQ
0K5NXS0prGE2lAYnpJmSDT9/mHXg4ECJznqahDqMtW/FLVC9pvQxeMaP3HAZqH1W
pxHlD0fv2ERhOvGm/5y3g61yjHPfjvmhmc4iGjPTTVJ80y9FcrAHLouFprPBN3yv
275+Yo/B2jMi7FR2KR8EfL6keWJlrelFDizVBLNGpQh/Wc84BNmgOZQMohakiY1C
YbV4eCpOsbksNKDnNIx+qUlJshxqE+VEaYDbvFOzcSLrQgWkrNtaURaq7HG+qWq/
f9g5fngv/UGQFtJbZGDFC1eyK/cADssGQzdLySA=
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:50:47 2026 by rpki-client