Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/o5Rd2IOwwqz3QtJE5hJ4PaGNoB4.roa
File: o5Rd2IOwwqz3QtJE5hJ4PaGNoB4.roa (raw, json)
Hash identifier: g9fkJb9MNohyGJWuACiZw5bwweQSIfZNWlioWaweAi4=
Subject key identifier: A3:94:5D:D8:83:B0:C2:AC:F7:42:D2:44:E6:12:78:3D:A1:8D:A0:1E
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019C71EB9F5DEFBE42312FF498447977BC46
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/o5Rd2IOwwqz3QtJE5hJ4PaGNoB4.roa
Signing time: Wed 18 Feb 2026 18:03:13 +0000
ROA not before: Wed 18 Feb 2026 18:03:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215590
IP address blocks: 64.188.118.0/23 maxlen: 24
77.239.108.0/22 maxlen: 24
144.31.52.0/24 maxlen: 24
144.31.140.0/22 maxlen: 24
144.31.152.0/23 maxlen: 24
144.31.186.0/23 maxlen: 24
144.31.202.0/24 maxlen: 24
150.241.88.0/23 maxlen: 24
150.241.96.0/22 maxlen: 24
150.241.106.0/23 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:71:eb:9f:5d:ef:be:42:31:2f:f4:98:44:79:77:bc:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 18 18:03:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a3945dd883b0c2acf742d244e612783da18da01e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1f:4d:f1:37:1e:fb:f4:6b:e1:c3:60:57:69:
df:9b:7e:b9:eb:24:f2:51:c0:31:77:c7:f6:84:f7:
de:c1:9c:30:f8:b0:96:a2:0f:95:b7:02:1b:17:64:
31:94:c6:62:ba:2a:01:1a:44:59:4a:9c:94:fd:3d:
78:42:bf:7d:6e:3c:53:68:84:a2:19:e7:f8:86:1d:
bd:9b:16:49:83:48:a1:42:03:b7:cf:aa:bb:8f:98:
50:06:c1:db:7c:ff:d1:26:8a:60:bc:40:a7:f1:ec:
3e:1c:4c:16:ba:5d:cf:39:d2:01:98:a4:06:ab:ee:
a6:bc:ed:60:13:15:6d:68:3d:e2:a8:8d:8c:80:b4:
74:cf:b1:93:97:48:a3:e8:b1:e7:94:27:fd:6d:65:
ef:6b:60:50:33:b2:3e:99:92:7a:95:d8:36:a1:90:
89:41:ef:b6:3a:1f:5f:b0:92:cb:b7:c6:2c:a0:17:
fc:76:7a:96:93:4a:d4:ab:58:50:1c:63:f2:b9:70:
dd:1a:4a:16:e6:ea:6e:80:81:ab:f6:eb:c9:16:53:
c9:05:c8:56:51:36:61:6a:56:6b:13:2d:3e:33:ad:
53:a9:46:8c:c3:0b:3b:02:dd:8b:f6:32:9e:3c:94:
cd:6a:56:55:35:9a:15:2e:3a:c5:7a:62:45:ff:dc:
b3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:94:5D:D8:83:B0:C2:AC:F7:42:D2:44:E6:12:78:3D:A1:8D:A0:1E
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/o5Rd2IOwwqz3QtJE5hJ4PaGNoB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.118.0/23
77.239.108.0/22
144.31.52.0/24
144.31.140.0/22
144.31.152.0/23
144.31.186.0/23
144.31.202.0/24
150.241.88.0/23
150.241.96.0/22
150.241.106.0/23
150.241.115.0-150.241.116.255
150.241.123.0/24
Signature Algorithm: sha256WithRSAEncryption
05:d6:3c:38:c8:58:6d:bd:1d:4f:85:17:0e:e6:99:59:5a:06:
1c:fd:0f:66:f6:5e:fd:48:83:f4:02:61:c9:b7:4e:3f:dc:ed:
7f:c6:80:99:9c:83:a2:da:44:88:72:99:63:69:d3:79:4e:99:
a9:47:12:dc:1d:58:a7:6c:7d:50:11:4b:9b:c7:db:54:a1:d3:
4e:e6:bf:a2:47:39:cc:17:da:96:81:0d:1f:6d:d8:92:a2:89:
e8:b4:38:8b:dc:a1:09:73:c9:ad:3f:dc:0c:25:33:73:c9:26:
1c:99:e4:d1:1d:d7:d4:12:b8:e3:c4:94:b4:7a:b0:a5:3c:4b:
a2:12:16:0a:7a:a0:e2:09:cb:f4:5e:f4:d0:d2:bc:bd:ad:88:
0c:5b:42:17:5e:54:6c:74:90:fb:0e:56:c1:31:d8:3c:e6:9f:
50:56:51:d2:a8:65:87:ea:13:43:bf:93:54:6b:74:18:48:ea:
9f:c2:fa:0f:3a:ed:ff:68:7b:a0:19:27:e1:62:9c:05:d0:e4:
2e:fe:e8:45:53:53:57:02:53:1a:64:16:f4:35:55:2b:d1:4f:
e0:e5:89:0c:fb:64:23:fe:4d:84:7a:30:ac:8a:f8:00:89:e7:
ab:03:c2:c0:60:4d:f7:81:1e:42:86:f4:89:31:3e:23:95:85:
1d:e8:a4:24
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZxx659d775CMS/0mER5d7xGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMjE4MTgwMzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzk0NWRkODgzYjBjMmFjZjc0MmQyNDRlNjEyNzgzZGExOGRhMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmx9N8Tce+/Rr4cNgV2nfm3656yTy
UcAxd8f2hPfewZww+LCWog+VtwIbF2QxlMZiuioBGkRZSpyU/T14Qr99bjxTaISi
Gef4hh29mxZJg0ihQgO3z6q7j5hQBsHbfP/RJopgvECn8ew+HEwWul3POdIBmKQG
q+6mvO1gExVtaD3iqI2MgLR0z7GTl0ij6LHnlCf9bWXva2BQM7I+mZJ6ldg2oZCJ
Qe+2Oh9fsJLLt8YsoBf8dnqWk0rUq1hQHGPyuXDdGkoW5upugIGr9uvJFlPJBchW
UTZhalZrEy0+M61TqUaMwws7At2L9jKePJTNalZVNZoVLjrFemJF/9yzAQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFKOUXdiDsMKs90LSROYSeD2hjaAeMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvbzVSZDJJT3d3cXozUXRKRTVoSjRQYUdOb0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQBQLx2AwQC
Te9sAwQAkB80AwQCkB+MAwQBkB+YAwQBkB+6AwQAkB/KAwQBlvFYAwQClvFgAwQB
lvFqMAwDBACW8XMDBACW8XQDBACW8XswDQYJKoZIhvcNAQELBQADggEBAAXWPDjI
WG29HU+FFw7mmVlaBhz9D2b2Xv1Ig/QCYcm3Tj/c7X/GgJmcg6LaRIhymWNp03lO
malHEtwdWKdsfVARS5vH21Sh007mv6JHOcwX2paBDR9t2JKiiei0OIvcoQlzya0/
3AwlM3PJJhyZ5NEd19QSuOPElLR6sKU8S6ISFgp6oOIJy/Re9NDSvL2tiAxbQhde
VGx0kPsOVsEx2Dzmn1BWUdKoZYfqE0O/k1RrdBhI6p/C+g867f9oe6AZJ+FinAXQ
5C7+6EVTU1cCUxpkFvQ1VSvRT+DliQz7ZCP+TYR6MKyK+ACJ56sDwsBgTfeBHkKG
9IkxPiOVhR3opCQ=
-----END CERTIFICATE-----
Generated at Sun Mar 1 14:55:15 2026 by rpki-client