Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Dugr6vVhOiP-bbI4-LJ9R0gcBpg.roa
File: Dugr6vVhOiP-bbI4-LJ9R0gcBpg.roa (raw, json)
Hash identifier: rvPna2HSqiEve6PkMZaxJhTJeHwZLKplMbkrFQp5pB4=
Subject key identifier: 0E:E8:2B:EA:F5:61:3A:23:FE:6D:B2:38:F8:B2:7D:47:48:1C:06:98
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019E08AC69A4F13166BBD5AA4FA7DB9EE091
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Dugr6vVhOiP-bbI4-LJ9R0gcBpg.roa
Signing time: Fri 08 May 2026 17:39:37 +0000
ROA not before: Fri 08 May 2026 17:39:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401152
IP address blocks: 2.26.95.0/24 maxlen: 24
31.76.128.0/21 maxlen: 24
31.76.168.0/21 maxlen: 24
31.76.192.0/22 maxlen: 24
31.76.200.0/22 maxlen: 24
31.76.208.0/22 maxlen: 24
31.76.216.0/22 maxlen: 24
31.76.228.0/23 maxlen: 24
31.76.232.0/23 maxlen: 24
31.76.236.0/23 maxlen: 24
31.76.242.0/23 maxlen: 24
144.31.8.0/23 maxlen: 24
144.31.110.0/24 maxlen: 24
144.31.160.0/22 maxlen: 24
144.31.235.0/24 maxlen: 24
150.241.69.0/24 maxlen: 24
185.207.135.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.192.0/24 maxlen: 24
193.23.198.0/24 maxlen: 24
193.23.204.0/22 maxlen: 22
193.23.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:35:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:08:ac:69:a4:f1:31:66:bb:d5:aa:4f:a7:db:9e:e0:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 8 17:39:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0ee82beaf5613a23fe6db238f8b27d47481c0698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c5:07:8a:27:c6:24:1a:87:6a:df:13:d8:b8:
8b:79:0f:04:b9:c9:dc:b5:3e:6f:f0:55:f9:40:b3:
2b:89:7e:89:d4:85:a6:a8:68:59:6e:3f:d0:c9:1a:
10:f5:0b:07:5a:7f:40:e6:9c:4a:92:4d:f9:a6:aa:
eb:2d:0f:91:e5:60:6c:e0:e0:19:97:6d:28:05:31:
bc:5d:1e:b0:42:5a:56:d1:e0:3d:55:5a:ef:7b:e8:
ca:5d:27:90:87:87:8c:ae:8e:71:00:c7:1a:95:85:
d3:d8:da:5b:58:d9:c6:fe:fa:01:cb:11:a5:7d:5e:
81:3f:e0:8f:1b:04:7d:48:92:b2:23:28:0e:5c:1e:
73:c8:04:89:9c:aa:c0:fd:2a:b0:bb:dd:da:ae:a2:
5b:75:02:95:9e:16:bb:ff:b1:1e:50:ef:62:d0:d8:
f7:77:44:94:cc:f8:e2:a5:70:18:5c:3d:3b:f5:6f:
41:58:cc:d4:b3:0f:b9:72:85:df:e4:53:94:2a:17:
b2:3f:b2:17:52:e8:bd:27:2a:a7:4c:52:b2:46:95:
4d:5d:67:da:e7:b4:f6:1e:96:52:d8:13:30:0a:32:
c4:33:6d:7c:58:b7:60:46:5c:2d:b6:10:3d:49:f9:
93:0e:8c:9e:64:cd:c7:af:6d:ae:3b:3b:57:c1:93:
c1:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E8:2B:EA:F5:61:3A:23:FE:6D:B2:38:F8:B2:7D:47:48:1C:06:98
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Dugr6vVhOiP-bbI4-LJ9R0gcBpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.95.0/24
31.76.128.0/21
31.76.168.0/21
31.76.192.0/22
31.76.200.0/22
31.76.208.0/22
31.76.216.0/22
31.76.228.0/23
31.76.232.0/23
31.76.236.0/23
31.76.242.0/23
144.31.8.0/23
144.31.110.0/24
144.31.160.0/22
144.31.235.0/24
150.241.69.0/24
185.207.135.0/24
185.216.104.0/22
193.23.192.0/24
193.23.198.0/24
193.23.204.0/22
193.23.212.0/22
Signature Algorithm: sha256WithRSAEncryption
00:da:68:39:f2:e6:f8:ec:ac:f0:54:1b:2b:49:83:1c:9c:53:
f7:92:64:c4:b6:2e:71:70:cd:70:29:58:bb:4c:3b:fc:a2:6e:
f5:fa:0d:00:36:28:78:2a:80:c0:e2:cd:d6:18:18:c7:0c:99:
de:03:b5:7c:86:74:2e:30:67:54:0c:38:bd:24:65:7a:0b:ea:
e3:ff:e9:6a:47:1d:df:c3:e4:4d:19:7f:15:f9:fd:42:eb:83:
58:15:18:96:24:f0:44:36:31:37:e1:8d:46:8a:f8:b9:f1:ea:
e3:02:44:c2:11:ed:2f:e7:56:b6:60:b1:dd:48:56:d1:7e:23:
a3:18:2e:0b:d3:eb:86:a1:67:80:34:ea:b3:b3:b4:c5:73:4c:
29:3e:61:4a:f2:e4:8d:82:b8:49:f6:78:b4:bd:fc:70:b5:5e:
13:13:22:ab:de:9c:f2:8c:72:1f:c0:c3:ee:ad:04:d0:07:1e:
8e:0c:0e:0b:e8:cf:9b:cf:e2:f1:6c:e3:13:b6:93:0f:ab:c4:
3c:4a:4d:54:e4:ba:80:46:3f:ac:6a:cc:90:9f:7f:0b:e5:7c:
5f:77:b1:9b:71:4c:94:5c:69:42:2d:3a:79:7b:51:9c:9d:df:
0f:f2:45:2c:a9:6f:7c:f9:2d:44:bf:96:92:ce:58:09:3c:49:
6d:a9:7d:66
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZ4IrGmk8TFmu9WqT6fbnuCRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNTA4MTczOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWU4MmJlYWY1NjEzYTIzZmU2ZGIyMzhmOGIyN2Q0NzQ4MWMwNjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMUHiifGJBqHat8T2LiLeQ8Eucnc
tT5v8FX5QLMriX6J1IWmqGhZbj/QyRoQ9QsHWn9A5pxKkk35pqrrLQ+R5WBs4OAZ
l20oBTG8XR6wQlpW0eA9VVrve+jKXSeQh4eMro5xAMcalYXT2NpbWNnG/voByxGl
fV6BP+CPGwR9SJKyIygOXB5zyASJnKrA/Sqwu93arqJbdQKVnha7/7EeUO9i0Nj3
d0SUzPjipXAYXD079W9BWMzUsw+5coXf5FOUKheyP7IXUui9JyqnTFKyRpVNXWfa
57T2HpZS2BMwCjLEM218WLdgRlwtthA9SfmTDoyeZM3Hr22uOztXwZPBLQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFA7oK+r1YToj/m2yOPiyfUdIHAaYMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvRHVncjZ2VmhPaVAtYmJJNC1MSjlSMGdjQnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAC
Gl8DBAMfTIADBAMfTKgDBAIfTMADBAIfTMgDBAIfTNADBAIfTNgDBAEfTOQDBAEf
TOgDBAEfTOwDBAEfTPIDBAGQHwgDBACQH24DBAKQH6ADBACQH+sDBACW8UUDBAC5
z4cDBAK52GgDBADBF8ADBADBF8YDBALBF8wDBALBF9QwDQYJKoZIhvcNAQELBQAD
ggEBAADaaDny5vjsrPBUGytJgxycU/eSZMS2LnFwzXApWLtMO/yibvX6DQA2KHgq
gMDizdYYGMcMmd4DtXyGdC4wZ1QMOL0kZXoL6uP/6WpHHd/D5E0ZfxX5/ULrg1gV
GJYk8EQ2MTfhjUaK+Lnx6uMCRMIR7S/nVrZgsd1IVtF+I6MYLgvT64ahZ4A06rOz
tMVzTCk+YUry5I2CuEn2eLS9/HC1XhMTIqvenPKMch/Aw+6tBNAHHo4MDgvoz5vP
4vFs4xO2kw+rxDxKTVTkuoBGP6xqzJCffwvlfF93sZtxTJRcaUItOnl7UZyd3w/y
RSypb3z5LUS/lpLOWAk8SW2pfWY=
-----END CERTIFICATE-----
Generated at Wed May 13 06:27:12 2026 by rpki-client