Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/2cB1ndvl4UOk2gCoa6-EiGD_32g.roa
File: 2cB1ndvl4UOk2gCoa6-EiGD_32g.roa (raw, json)
Hash identifier: ueqZZEOa4YULJ+VDx8ymffsfuhfR6wf24YvgU2prwUE=
Subject key identifier: D9:C0:75:9D:DB:E5:E1:43:A4:DA:00:A8:6B:AF:84:88:60:FF:DF:68
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019DFE1EC8FAF50BCA2F77B6A3DD65ABDE02
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/2cB1ndvl4UOk2gCoa6-EiGD_32g.roa
Signing time: Wed 06 May 2026 16:28:43 +0000
ROA not before: Wed 06 May 2026 16:28:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 2.27.98.0/24 maxlen: 24
2.27.155.0/24 maxlen: 24
2.27.214.0/23 maxlen: 24
2.27.241.0/24 maxlen: 24
2.27.243.0/24 maxlen: 24
31.77.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:35:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fe:1e:c8:fa:f5:0b:ca:2f:77:b6:a3:dd:65:ab:de:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 6 16:28:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d9c0759ddbe5e143a4da00a86baf848860ffdf68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ed:5c:8b:74:f4:0e:ee:df:c2:9a:9c:70:5b:
bb:90:74:e7:dc:d9:b8:29:99:e0:f0:8a:2d:68:26:
82:f5:0e:c1:d5:a0:1b:ea:59:a3:04:fc:2c:d0:1c:
0b:d2:a5:26:02:8a:47:04:86:64:75:84:6b:02:fd:
2c:f9:0b:53:c0:54:ff:0b:73:9b:e4:61:f1:80:85:
c9:30:a9:c6:ad:77:9d:48:36:29:ef:10:ee:9a:3e:
e5:02:3c:88:17:86:73:a3:2c:9c:6f:9f:64:b1:6c:
7f:3d:93:ed:7c:8b:e4:2b:30:fe:0a:cb:34:3b:d2:
b9:b2:db:cd:c0:65:68:70:fb:53:78:0f:1c:b2:ed:
0d:ae:ac:66:d0:f8:22:3e:1c:43:94:96:5c:de:de:
b9:3e:1d:2a:99:cc:7c:da:26:3d:ec:a6:37:7a:65:
5c:cc:0f:38:96:6d:05:fc:d0:77:15:c7:4f:24:45:
fb:1c:12:1d:17:32:bc:ec:a2:d1:d4:4b:10:a5:4c:
08:d5:60:18:c9:27:a0:af:07:6e:2f:a4:d4:99:48:
0d:0b:50:71:67:b7:43:80:f0:61:79:8f:bc:ee:00:
4b:e4:72:82:1f:e5:ad:fc:81:81:5d:05:8b:08:b8:
7f:b3:a2:2a:ce:a6:08:5e:ae:a7:6b:b5:d3:68:d9:
74:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C0:75:9D:DB:E5:E1:43:A4:DA:00:A8:6B:AF:84:88:60:FF:DF:68
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/2cB1ndvl4UOk2gCoa6-EiGD_32g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.98.0/24
2.27.155.0/24
2.27.214.0/23
2.27.241.0/24
2.27.243.0/24
31.77.217.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:4c:ce:aa:17:ef:66:01:49:f6:b7:ed:fe:64:50:38:e8:75:
ed:45:1e:7e:45:af:ba:e4:ab:aa:66:02:2e:5b:3c:c3:61:56:
2d:75:5a:2a:a1:8c:6c:60:62:82:88:78:b3:8b:1d:82:42:37:
d5:05:09:4e:26:74:9e:1d:5d:44:6b:f1:d3:fe:c2:fb:41:d5:
04:6d:d4:67:e1:21:a1:84:18:5c:29:79:cc:fd:0b:ce:a5:34:
24:79:4c:d4:30:46:5b:c6:b9:0d:8a:d2:dc:3f:ae:e7:8a:e3:
9a:e7:2e:54:2a:a5:1d:3d:e9:6e:ae:a2:7a:df:36:33:30:3c:
90:3f:49:ce:27:c8:93:24:28:8b:2f:a9:ce:4a:04:24:f7:63:
d3:93:8b:cc:d8:f6:75:13:48:e9:13:f3:8b:e4:a2:b3:34:86:
f5:5a:ad:47:ba:e7:9d:fe:9b:d0:ac:fc:d4:84:81:29:e1:68:
d2:84:88:aa:9f:05:b0:60:53:66:01:b2:e6:04:e5:df:85:4b:
f7:c7:22:a8:2b:67:7e:d1:19:cc:e4:f9:12:9c:9a:c2:71:83:
e2:0c:47:4f:70:4f:79:a7:7b:1f:42:81:df:a9:86:bc:7e:6b:
ee:ce:95:9a:50:5f:9c:e3:fd:96:11:5f:cb:9f:7f:7e:18:0a:
f7:d1:bf:af
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ3+Hsj69QvKL3e2o91lq94CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNTA2MTYyODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWMwNzU5ZGRiZTVlMTQzYTRkYTAwYTg2YmFmODQ4ODYwZmZkZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsu1ci3T0Du7fwpqccFu7kHTn3Nm4
KZng8IotaCaC9Q7B1aAb6lmjBPws0BwL0qUmAopHBIZkdYRrAv0s+QtTwFT/C3Ob
5GHxgIXJMKnGrXedSDYp7xDumj7lAjyIF4Zzoyycb59ksWx/PZPtfIvkKzD+Css0
O9K5stvNwGVocPtTeA8csu0Nrqxm0PgiPhxDlJZc3t65Ph0qmcx82iY97KY3emVc
zA84lm0F/NB3FcdPJEX7HBIdFzK87KLR1EsQpUwI1WAYySegrwduL6TUmUgNC1Bx
Z7dDgPBheY+87gBL5HKCH+Wt/IGBXQWLCLh/s6IqzqYIXq6na7XTaNl0ywIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNnAdZ3b5eFDpNoAqGuvhIhg/99oMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvMmNCMW5kdmw0VU9rMmdDb2E2LUVpR0RfMzJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAhtiAwQA
AhubAwQBAhvWAwQAAhvxAwQAAhvzAwQAH03ZMA0GCSqGSIb3DQEBCwUAA4IBAQAe
TM6qF+9mAUn2t+3+ZFA46HXtRR5+Ra+65KuqZgIuWzzDYVYtdVoqoYxsYGKCiHiz
ix2CQjfVBQlOJnSeHV1Ea/HT/sL7QdUEbdRn4SGhhBhcKXnM/QvOpTQkeUzUMEZb
xrkNitLcP67niuOa5y5UKqUdPelurqJ63zYzMDyQP0nOJ8iTJCiLL6nOSgQk92PT
k4vM2PZ1E0jpE/OL5KKzNIb1Wq1Huued/pvQrPzUhIEp4WjShIiqnwWwYFNmAbLm
BOXfhUv3xyKoK2d+0RnM5PkSnJrCcYPiDEdPcE95p3sfQoHfqYa8fmvuzpWaUF+c
4/2WEV/Ln39+GAr30b+v
-----END CERTIFICATE-----
Generated at Wed May 13 05:44:19 2026 by rpki-client