Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/u5saFDBIxLntbXc9Gvx2MgwCs5c.roa
File: u5saFDBIxLntbXc9Gvx2MgwCs5c.roa (raw, json)
Hash identifier: wVgmutV5D6IJdZJv10t5u1vjek+LrHxwV5Q3s6JucV8=
Subject key identifier: BB:9B:1A:14:30:48:C4:B9:ED:6D:77:3D:1A:FC:76:32:0C:02:B3:97
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019C679FD22A045C2C878F122AFAA64E3071
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/u5saFDBIxLntbXc9Gvx2MgwCs5c.roa
Signing time: Mon 16 Feb 2026 18:04:13 +0000
ROA not before: Mon 16 Feb 2026 18:04:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201988
IP address blocks: 144.31.53.0/24 maxlen: 24
144.31.169.0/24 maxlen: 24
144.31.223.0/24 maxlen: 24
144.31.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:67:9f:d2:2a:04:5c:2c:87:8f:12:2a:fa:a6:4e:30:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 16 18:04:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bb9b1a143048c4b9ed6d773d1afc76320c02b397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f0:06:60:be:fc:e2:46:01:17:d2:de:23:e5:
85:de:a2:22:a0:44:15:7c:77:16:50:92:9b:e9:dc:
69:8a:bd:63:ff:9f:b2:6c:22:d3:32:66:f1:2f:6a:
18:01:e4:29:b2:88:dd:96:6d:27:8d:8f:ed:f0:23:
1d:f6:da:bd:74:7d:92:f9:90:d2:e0:40:fb:21:21:
fa:51:bd:d4:c3:16:41:de:3c:70:b4:64:2a:76:8d:
e6:0d:8b:07:35:43:03:c9:5f:72:e0:a1:0d:10:88:
ab:9b:df:e4:06:fa:ee:9d:52:a9:ff:e1:8c:f5:1c:
87:c7:ac:de:74:8f:a0:ac:e0:01:c7:0c:d0:15:ce:
70:48:05:b0:94:41:b3:c4:27:0a:7a:77:26:39:b7:
41:76:47:da:62:03:80:b3:57:42:c6:a0:0f:59:d4:
18:18:28:e1:eb:57:d8:7c:09:a8:63:46:65:c8:7f:
1e:9c:2c:08:77:54:c6:ce:8d:6d:d8:63:dc:60:1c:
f8:ff:37:32:30:3a:13:1f:0c:d6:f4:91:a1:ae:97:
b8:98:17:3c:f3:67:b1:47:4c:13:f3:75:99:ed:12:
bc:5a:b7:94:2d:58:f7:74:a6:9a:06:bb:5a:34:a7:
2f:9f:ee:b4:98:79:4b:0a:06:82:08:32:34:27:77:
f6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:9B:1A:14:30:48:C4:B9:ED:6D:77:3D:1A:FC:76:32:0C:02:B3:97
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/u5saFDBIxLntbXc9Gvx2MgwCs5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.31.53.0/24
144.31.169.0/24
144.31.223.0/24
144.31.238.0/24
Signature Algorithm: sha256WithRSAEncryption
91:db:a7:56:0e:f8:57:e9:e0:ce:53:bd:b4:be:6e:28:33:f4:
cd:c2:23:0d:5b:c6:f7:53:bc:9c:98:70:c5:df:af:ee:a4:85:
f8:c4:b2:24:1c:c6:32:fb:1d:26:67:bd:8f:7f:5a:aa:8c:78:
f9:2b:1e:79:ed:a8:21:d3:55:32:a9:2a:bb:30:9e:fb:41:d4:
10:8d:ba:a7:57:dd:d1:2d:82:9a:01:bb:33:d6:75:7a:b7:d4:
e4:b6:bf:f4:6f:4d:66:54:e7:e0:9a:3f:16:99:b9:2d:fd:fc:
81:14:b2:d9:34:c7:7e:1f:af:0d:b7:19:0d:d9:ca:a4:14:b6:
69:ba:95:41:7c:06:09:16:6b:5f:8b:a6:c1:6a:d2:20:02:6e:
64:d4:a9:91:3b:d4:91:af:13:2f:36:2f:b6:b9:80:58:52:81:
f7:c5:34:da:9d:4c:97:87:ed:e5:35:51:ae:65:25:58:15:46:
51:29:52:03:a5:a2:7e:6f:0e:d3:9a:bf:61:1d:ee:a1:cb:d8:
04:bf:aa:63:34:a8:cc:03:27:be:40:c0:91:8f:d3:1a:ab:3e:
35:ea:d5:7f:d0:9e:c9:ca:25:bb:ae:7a:2c:f2:4a:7a:4e:b6:
06:b9:70:c8:ab:0e:c2:a9:3a:35:51:b9:8c:b1:3d:eb:30:9c:
98:af:ed:c9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZxnn9IqBFwsh48SKvqmTjBxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMjE2MTgwNDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjliMWExNDMwNDhjNGI5ZWQ2ZDc3M2QxYWZjNzYzMjBjMDJiMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPAGYL784kYBF9LeI+WF3qIioEQV
fHcWUJKb6dxpir1j/5+ybCLTMmbxL2oYAeQpsojdlm0njY/t8CMd9tq9dH2S+ZDS
4ED7ISH6Ub3UwxZB3jxwtGQqdo3mDYsHNUMDyV9y4KENEIirm9/kBvrunVKp/+GM
9RyHx6zedI+grOABxwzQFc5wSAWwlEGzxCcKencmObdBdkfaYgOAs1dCxqAPWdQY
GCjh61fYfAmoY0ZlyH8enCwId1TGzo1t2GPcYBz4/zcyMDoTHwzW9JGhrpe4mBc8
82exR0wT83WZ7RK8WreULVj3dKaaBrtaNKcvn+60mHlLCgaCCDI0J3f2DwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLubGhQwSMS57W13PRr8djIMArOXMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvdTVzYUZEQkl4TG50YlhjOUd2eDJNZ3dDczVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAkB81AwQA
kB+pAwQAkB/fAwQAkB/uMA0GCSqGSIb3DQEBCwUAA4IBAQCR26dWDvhX6eDOU720
vm4oM/TNwiMNW8b3U7ycmHDF36/upIX4xLIkHMYy+x0mZ72Pf1qqjHj5Kx557agh
01UyqSq7MJ77QdQQjbqnV93RLYKaAbsz1nV6t9Tktr/0b01mVOfgmj8Wmbkt/fyB
FLLZNMd+H68NtxkN2cqkFLZpupVBfAYJFmtfi6bBatIgAm5k1KmRO9SRrxMvNi+2
uYBYUoH3xTTanUyXh+3lNVGuZSVYFUZRKVIDpaJ+bw7Tmr9hHe6hy9gEv6pjNKjM
Aye+QMCRj9Maqz416tV/0J7JyiW7rnos8kp6TrYGuXDIqw7CqTo1UbmMsT3rMJyY
r+3J
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:05:31 2026 by rpki-client