Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/oT6ek9CKwJ1n0lD0-ML7WcQETJM.roa
File: oT6ek9CKwJ1n0lD0-ML7WcQETJM.roa (raw, json)
Hash identifier: MeQCnF2s+lihYg/6c4BQ2N82ZCahbI6SYlat8vHQMmI=
Subject key identifier: A1:3E:9E:93:D0:8A:C0:9D:67:D2:50:F4:F8:C2:FB:59:C4:04:4C:93
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019C33D39D1C44C561DCD20222F5683F19FF
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/oT6ek9CKwJ1n0lD0-ML7WcQETJM.roa
Signing time: Fri 06 Feb 2026 16:40:32 +0000
ROA not before: Fri 06 Feb 2026 16:40:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57043
IP address blocks: 144.31.55.0/24 maxlen: 24
144.31.56.0/24 maxlen: 24
144.31.58.0/24 maxlen: 24
144.31.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:33:d3:9d:1c:44:c5:61:dc:d2:02:22:f5:68:3f:19:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 6 16:40:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a13e9e93d08ac09d67d250f4f8c2fb59c4044c93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:99:5b:92:ee:c6:93:f9:82:ea:33:9e:88:74:
23:00:70:7e:08:93:43:3e:84:4b:6c:17:5b:9a:6f:
a0:a5:3b:56:51:cc:2c:16:70:b5:7b:0e:37:3c:15:
76:ac:f5:b0:55:f6:ce:4d:0f:98:53:47:12:cf:f0:
2f:23:0d:59:4c:ba:23:00:b5:7d:7b:1d:61:a9:62:
12:01:e6:e3:62:53:16:03:ae:55:76:c5:ae:80:8a:
f6:a7:ac:e4:18:52:65:54:60:a4:cf:f3:8e:6a:1b:
e8:b8:95:80:13:74:35:e8:48:5a:9d:46:c0:b8:66:
da:84:cf:a9:c6:c4:ed:c6:32:12:c9:cd:de:bc:e1:
73:50:a3:e6:bf:7b:36:a3:63:0c:ec:c4:33:35:c0:
16:35:83:63:af:d5:a2:97:f9:5b:67:1a:25:26:7e:
16:53:9c:58:ef:9b:ad:26:6b:21:a6:45:00:ef:6e:
cf:5a:2e:7c:f3:21:5f:61:0b:04:9e:47:51:9e:34:
88:bb:62:38:04:ad:d0:36:a1:b7:dc:f1:ed:e0:da:
dc:bb:fb:c2:b0:5a:92:a7:42:74:62:9f:6e:5e:ab:
12:73:b3:0a:41:57:f7:5e:08:8e:b1:37:4f:4e:6a:
b4:1a:e7:dd:ca:54:5e:0d:db:79:45:02:41:62:61:
7c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:3E:9E:93:D0:8A:C0:9D:67:D2:50:F4:F8:C2:FB:59:C4:04:4C:93
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/oT6ek9CKwJ1n0lD0-ML7WcQETJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.31.55.0-144.31.56.255
144.31.58.0/24
144.31.60.0/24
Signature Algorithm: sha256WithRSAEncryption
83:ad:10:22:5e:f2:a0:12:8a:af:0c:a6:8f:7d:92:36:41:31:
b9:fc:0f:6d:1e:61:8f:b0:54:dd:28:d9:e0:c3:41:98:86:39:
ee:dd:1a:09:23:fd:c9:88:89:11:2b:d9:ca:f2:4c:ce:ef:b7:
21:39:cf:29:bb:d1:c1:5c:11:5b:ce:42:b2:54:94:25:db:37:
04:d4:fc:b8:c9:66:2d:ce:57:06:5e:20:59:04:d1:58:7f:a3:
ca:df:f6:73:61:f4:81:4c:d1:2f:f2:85:35:7a:63:c8:c4:ee:
54:ca:d5:77:b9:a5:21:c3:a5:3e:fa:ed:4a:81:22:a4:41:0e:
08:0f:42:81:cb:55:aa:e8:5a:75:a8:bb:26:8c:b2:d0:ec:ea:
11:79:6b:15:90:af:73:3d:4d:97:68:f1:45:71:24:67:43:67:
0b:af:6e:3d:36:91:57:57:9b:1e:89:01:c9:1f:89:9a:be:ac:
bd:76:f7:b2:fd:bf:92:de:0b:09:cb:f3:5d:d1:81:bb:02:93:
5e:97:c8:7d:fa:c0:dc:2d:c2:b5:b2:47:a7:ce:7b:15:2c:4c:
b8:96:00:5b:5f:46:47:2f:92:95:e2:5d:ba:07:a1:f4:d1:68:
56:1c:3e:c6:d6:76:90:e5:e4:f9:8e:0b:04:4a:53:17:72:fd:
b0:d0:8e:82
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZwz050cRMVh3NICIvVoPxn/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMjA2MTY0MDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTNlOWU5M2QwOGFjMDlkNjdkMjUwZjRmOGMyZmI1OWM0MDQ0YzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5lbku7Gk/mC6jOeiHQjAHB+CJND
PoRLbBdbmm+gpTtWUcwsFnC1ew43PBV2rPWwVfbOTQ+YU0cSz/AvIw1ZTLojALV9
ex1hqWISAebjYlMWA65VdsWugIr2p6zkGFJlVGCkz/OOahvouJWAE3Q16EhanUbA
uGbahM+pxsTtxjISyc3evOFzUKPmv3s2o2MM7MQzNcAWNYNjr9Wil/lbZxolJn4W
U5xY75utJmshpkUA727PWi588yFfYQsEnkdRnjSIu2I4BK3QNqG33PHt4Nrcu/vC
sFqSp0J0Yp9uXqsSc7MKQVf3XgiOsTdPTmq0GufdylReDdt5RQJBYmF8/QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKE+npPQisCdZ9JQ9PjC+1nEBEyTMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvb1Q2ZWs5Q0t3SjFuMGxEMC1NTDdXY1FFVEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACQHzcD
BACQHzgDBACQHzoDBACQHzwwDQYJKoZIhvcNAQELBQADggEBAIOtECJe8qASiq8M
po99kjZBMbn8D20eYY+wVN0o2eDDQZiGOe7dGgkj/cmIiREr2cryTM7vtyE5zym7
0cFcEVvOQrJUlCXbNwTU/LjJZi3OVwZeIFkE0Vh/o8rf9nNh9IFM0S/yhTV6Y8jE
7lTK1Xe5pSHDpT767UqBIqRBDggPQoHLVaroWnWouyaMstDs6hF5axWQr3M9TZdo
8UVxJGdDZwuvbj02kVdXmx6JAckfiZq+rL1297L9v5LeCwnL813RgbsCk16XyH36
wNwtwrWyR6fOexUsTLiWAFtfRkcvkpXiXboHofTRaFYcPsbWdpDl5PmOCwRKUxdy
/bDQjoI=
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:05:26 2026 by rpki-client