Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7fSOtsKgMSBjpEwMnn3oENCerh0.roa
File: 7fSOtsKgMSBjpEwMnn3oENCerh0.roa (raw, json)
Hash identifier: ul0f2EWIJogjKJD8tAIWW8bQG+cYU97j4WvJVvFwxKM=
Subject key identifier: ED:F4:8E:B6:C2:A0:31:20:63:A4:4C:0C:9E:7D:E8:10:D0:9E:AE:1D
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019DFEAE8591030039E95F3C3EA08446783F
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7fSOtsKgMSBjpEwMnn3oENCerh0.roa
Signing time: Wed 06 May 2026 19:05:43 +0000
ROA not before: Wed 06 May 2026 19:05:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198550
IP address blocks: 2.26.124.0/23 maxlen: 24
2.26.254.0/24 maxlen: 24
2.26.255.0/24 maxlen: 24
2.27.12.0/22 maxlen: 24
31.76.120.0/24 maxlen: 24
31.76.240.0/23 maxlen: 24
144.31.215.0/24 maxlen: 24
150.241.65.0/24 maxlen: 24
150.241.68.0/24 maxlen: 24
150.241.92.0/24 maxlen: 24
193.23.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fe:ae:85:91:03:00:39:e9:5f:3c:3e:a0:84:46:78:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 6 19:05:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=edf48eb6c2a0312063a44c0c9e7de810d09eae1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5f:e7:ec:2b:b5:7c:d9:9a:22:84:a1:61:b0:
39:81:86:7c:4e:26:1f:be:c9:b5:06:96:5b:51:9f:
7c:a1:81:41:59:fa:c1:fb:58:11:10:14:7c:14:92:
84:b3:42:3f:87:fc:e3:c9:f6:5e:77:60:c8:4b:41:
91:c3:cc:52:28:cf:28:d5:64:2e:fd:fb:fb:27:e6:
d5:4c:38:02:0c:d1:da:27:3e:ed:fb:8d:5d:7e:d8:
f0:d3:09:e3:d5:29:86:34:b2:1e:a2:da:6a:34:f2:
f3:84:54:6b:00:c3:bb:57:e3:1b:5e:5a:3d:ec:13:
62:04:8c:9e:5c:69:fb:9c:8e:28:60:7c:e0:c9:28:
3a:4e:d7:bc:09:90:68:e2:51:10:4c:18:19:76:70:
35:db:ea:15:b3:c1:6d:75:d6:26:3c:db:d0:cc:52:
eb:00:8e:29:43:1f:80:46:5e:89:16:57:e4:5c:98:
88:52:d5:73:74:97:49:f6:00:ee:80:bc:f2:4e:e2:
25:29:9f:2c:cc:5f:d1:06:62:94:71:53:ac:2d:2e:
49:78:14:a9:95:36:e3:2d:c9:ee:78:ec:37:9d:2d:
91:ec:66:6e:37:2c:e0:3d:9b:08:5e:d6:bc:87:b5:
04:cb:43:0d:c2:26:ec:87:39:8c:5d:75:09:11:e2:
18:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:F4:8E:B6:C2:A0:31:20:63:A4:4C:0C:9E:7D:E8:10:D0:9E:AE:1D
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/7fSOtsKgMSBjpEwMnn3oENCerh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.124.0/23
2.26.254.0/23
2.27.12.0/22
31.76.120.0/24
31.76.240.0/23
144.31.215.0/24
150.241.65.0/24
150.241.68.0/24
150.241.92.0/24
193.23.222.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:e9:9d:c3:02:fe:17:bd:47:1b:41:11:ec:7d:cb:e0:b2:9b:
ad:9e:ed:75:59:3c:dc:86:9f:65:41:42:06:91:da:3b:f6:d0:
ef:39:e0:d4:c1:4b:14:1a:be:0d:cf:01:97:20:03:cf:3d:d1:
5a:3f:9d:93:a6:13:8c:9a:aa:93:07:ba:78:48:e7:a9:67:b6:
4d:d1:dd:78:16:37:b8:e0:ae:82:6e:df:13:d5:3f:4f:c4:2d:
8a:ee:b2:fa:04:89:b4:4d:5b:10:22:b6:85:8b:37:03:03:43:
20:02:e4:c6:64:a7:4b:0b:a4:a1:9d:00:30:dc:f7:eb:e8:4d:
e7:8f:4e:be:93:99:dd:2a:5e:bf:a5:07:91:e9:6b:30:30:b5:
c9:ac:0c:6c:5c:7f:63:8b:ba:0c:0f:1e:c1:c5:9b:90:40:ed:
7d:e5:33:bc:88:d4:04:9c:cd:6b:0c:2e:d1:f0:30:78:83:ac:
7f:3d:c0:c2:ac:a3:d3:5d:ef:cb:27:f5:b9:36:a3:8f:9e:c6:
fb:91:66:e0:2e:3f:88:24:64:d8:9c:4f:7b:9b:a3:a1:c6:f1:
ff:e8:a7:c8:66:70:f9:c8:10:49:c1:7c:9a:60:d5:56:28:c1:
27:7e:ee:7f:06:6c:8d:52:7c:f0:af:21:54:08:96:f3:e8:62:
ff:38:a2:a7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ3+roWRAwA56V88PqCERng/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNTA2MTkwNTQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGY0OGViNmMyYTAzMTIwNjNhNDRjMGM5ZTdkZTgxMGQwOWVhZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF/n7Cu1fNmaIoShYbA5gYZ8TiYf
vsm1BpZbUZ98oYFBWfrB+1gREBR8FJKEs0I/h/zjyfZed2DIS0GRw8xSKM8o1WQu
/fv7J+bVTDgCDNHaJz7t+41dftjw0wnj1SmGNLIeotpqNPLzhFRrAMO7V+MbXlo9
7BNiBIyeXGn7nI4oYHzgySg6Tte8CZBo4lEQTBgZdnA12+oVs8FtddYmPNvQzFLr
AI4pQx+ARl6JFlfkXJiIUtVzdJdJ9gDugLzyTuIlKZ8szF/RBmKUcVOsLS5JeBSp
lTbjLcnueOw3nS2R7GZuNyzgPZsIXta8h7UEy0MNwibshzmMXXUJEeIYSQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFO30jrbCoDEgY6RMDJ596BDQnq4dMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvN2ZTT3RzS2dNU0JqcEV3TW5uM29FTkNlcmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBAhp8AwQB
Ahr+AwQCAhsMAwQAH0x4AwQBH0zwAwQAkB/XAwQAlvFBAwQAlvFEAwQAlvFcAwQA
wRfeMA0GCSqGSIb3DQEBCwUAA4IBAQBq6Z3DAv4XvUcbQRHsfcvgsputnu11WTzc
hp9lQUIGkdo79tDvOeDUwUsUGr4NzwGXIAPPPdFaP52TphOMmqqTB7p4SOepZ7ZN
0d14Fje44K6Cbt8T1T9PxC2K7rL6BIm0TVsQIraFizcDA0MgAuTGZKdLC6ShnQAw
3Pfr6E3nj06+k5ndKl6/pQeR6WswMLXJrAxsXH9ji7oMDx7BxZuQQO195TO8iNQE
nM1rDC7R8DB4g6x/PcDCrKPTXe/LJ/W5NqOPnsb7kWbgLj+IJGTYnE97m6OhxvH/
6KfIZnD5yBBJwXyaYNVWKMEnfu5/BmyNUnzwryFUCJbz6GL/OKKn
-----END CERTIFICATE-----
Generated at Wed May 13 02:19:09 2026 by rpki-client