Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/twwCHZ0OSzPadWgh_ZW6tQXfJUk.roa
File: twwCHZ0OSzPadWgh_ZW6tQXfJUk.roa (raw, json)
Hash identifier: jQHngFhrAaOqlWNft+vBvjSH43j/uxY4FLMmgtMULL8=
Subject key identifier: B7:0C:02:1D:9D:0E:4B:33:DA:75:68:21:FD:95:BA:B5:05:DF:25:49
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019EB7BA2CFCCC4C75BEDF5259C955E39EE8
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/twwCHZ0OSzPadWgh_ZW6tQXfJUk.roa
Signing time: Thu 11 Jun 2026 17:28:12 +0000
ROA not before: Thu 11 Jun 2026 17:28:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203154
IP address blocks: 2.26.4.0/24 maxlen: 24
2.26.5.0/24 maxlen: 24
2.26.6.0/24 maxlen: 24
2.27.56.0/24 maxlen: 24
2.27.136.0/24 maxlen: 24
31.76.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b7:ba:2c:fc:cc:4c:75:be:df:52:59:c9:55:e3:9e:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 11 17:28:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b70c021d9d0e4b33da756821fd95bab505df2549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0f:6f:86:98:e7:d4:b0:da:78:4c:5b:16:bf:
00:c4:d5:2a:b3:6a:e8:9a:0e:6e:9b:a2:0b:6b:03:
bc:1d:83:bc:13:ac:2b:5f:e4:4f:12:43:4b:bc:c8:
0e:56:45:84:fb:81:71:82:7b:8a:79:1a:2d:70:ac:
05:51:21:6b:d4:76:ca:ff:29:e2:a6:04:cd:cf:9d:
1a:61:54:94:64:08:19:f4:96:40:1b:d0:d5:25:14:
93:02:88:b4:37:3c:54:4e:f8:63:11:a8:76:d0:c1:
7c:66:90:81:3e:5c:c2:52:6d:36:10:d0:dd:95:84:
66:ce:64:16:10:b4:bd:13:b5:b5:38:fa:5b:52:63:
2b:af:ef:5f:b5:ce:be:65:53:ef:b5:a7:4f:cd:b5:
6d:2e:54:11:2b:50:57:df:1f:8f:a2:f5:42:e7:7a:
fd:cb:3d:0f:bb:25:b7:30:56:83:be:12:98:ce:47:
32:64:eb:3e:3b:40:ba:fe:20:eb:d9:28:90:c9:30:
46:90:4d:cb:14:c0:4b:a7:25:80:04:e7:9c:ba:65:
eb:d2:57:b7:73:23:e3:3c:1c:2a:2e:4d:2d:b3:06:
7d:06:5e:53:8f:9c:e5:ff:36:91:ad:34:72:01:e0:
f3:d3:0d:77:8b:ea:f5:59:73:20:58:87:8d:ec:7d:
31:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:0C:02:1D:9D:0E:4B:33:DA:75:68:21:FD:95:BA:B5:05:DF:25:49
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/twwCHZ0OSzPadWgh_ZW6tQXfJUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.4.0-2.26.6.255
2.27.56.0/24
2.27.136.0/24
31.76.25.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:7c:d4:a9:5c:ba:5c:1c:1c:62:49:8c:cb:bc:73:bd:02:76:
ce:47:4e:1f:71:e3:11:77:ec:95:c5:ff:82:c7:0f:2b:b3:da:
8b:28:4c:f7:1d:6c:b3:b7:c8:19:b0:ac:7e:2c:c7:2f:df:9a:
63:95:8e:cc:78:0d:a7:23:ba:4b:a5:fb:95:6b:b4:f3:1b:8d:
95:f1:85:2e:f9:83:eb:02:65:12:f8:c3:6a:46:3f:e1:ec:03:
a6:c1:46:d9:89:bd:fd:c7:f5:05:03:0d:5d:49:1c:ac:74:1e:
34:f6:9d:90:52:ce:e2:65:6a:6d:96:51:b4:f9:c4:a1:27:74:
95:19:14:86:da:43:fd:eb:07:b4:e0:77:a5:ae:45:8b:05:cf:
32:fb:54:1c:4a:5e:13:76:d3:af:1a:08:6f:7d:5c:06:86:a4:
54:ff:d5:31:62:dc:6a:c1:21:16:50:c3:3c:db:2e:46:a0:43:
7a:1e:54:d9:aa:d1:84:41:10:fc:40:69:99:61:ba:78:03:bd:
43:89:64:82:ed:2f:b0:68:e7:49:d0:43:48:49:f1:ab:fa:b9:
e6:d6:40:d0:8b:fd:7a:4d:ef:df:6f:75:d2:66:ee:00:02:d5:
41:8d:6a:95:f2:e3:b3:00:a3:23:ad:f7:aa:53:b3:0b:10:a0:
5b:52:f7:09
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ63uiz8zEx1vt9SWclV457oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjExMTcyODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzBjMDIxZDlkMGU0YjMzZGE3NTY4MjFmZDk1YmFiNTA1ZGYyNTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA9vhpjn1LDaeExbFr8AxNUqs2ro
mg5um6ILawO8HYO8E6wrX+RPEkNLvMgOVkWE+4FxgnuKeRotcKwFUSFr1HbK/yni
pgTNz50aYVSUZAgZ9JZAG9DVJRSTAoi0NzxUTvhjEah20MF8ZpCBPlzCUm02ENDd
lYRmzmQWELS9E7W1OPpbUmMrr+9ftc6+ZVPvtadPzbVtLlQRK1BX3x+PovVC53r9
yz0PuyW3MFaDvhKYzkcyZOs+O0C6/iDr2SiQyTBGkE3LFMBLpyWABOecumXr0le3
cyPjPBwqLk0tswZ9Bl5Tj5zl/zaRrTRyAeDz0w13i+r1WXMgWIeN7H0xUwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLcMAh2dDksz2nVoIf2VurUF3yVJMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvdHd3Q0haME9TelBhZFdnaF9aVzZ0UVhmSlVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAICGgQD
BAACGgYDBAACGzgDBAACG4gDBAAfTBkwDQYJKoZIhvcNAQELBQADggEBAA581Klc
ulwcHGJJjMu8c70Cds5HTh9x4xF37JXF/4LHDyuz2osoTPcdbLO3yBmwrH4sxy/f
mmOVjsx4Dacjukul+5VrtPMbjZXxhS75g+sCZRL4w2pGP+HsA6bBRtmJvf3H9QUD
DV1JHKx0HjT2nZBSzuJlam2WUbT5xKEndJUZFIbaQ/3rB7Tgd6WuRYsFzzL7VBxK
XhN2068aCG99XAaGpFT/1TFi3GrBIRZQwzzbLkagQ3oeVNmq0YRBEPxAaZlhungD
vUOJZILtL7Bo50nQQ0hJ8av6uebWQNCL/XpN799vddJm7gAC1UGNapXy47MAoyOt
96pTswsQoFtS9wk=
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:08:40 2026 by rpki-client