Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Wwp0L-InCagkT06QuqlMlsHyZjA.roa
File: Wwp0L-InCagkT06QuqlMlsHyZjA.roa (raw, json)
Hash identifier: 01OG6f0hVfZ+ETcgjjDvn0d9YSGVqoNXqxURTkqxyto=
Subject key identifier: 5B:0A:74:2F:E2:27:09:A8:24:4F:4E:90:BA:A9:4C:96:C1:F2:66:30
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019D1B96782008134A85FF8B45F202255849
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Wwp0L-InCagkT06QuqlMlsHyZjA.roa
Signing time: Mon 23 Mar 2026 16:45:39 +0000
ROA not before: Mon 23 Mar 2026 16:45:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215730
IP address blocks: 2.27.26.0/23 maxlen: 24
64.188.91.0/24 maxlen: 24
144.31.0.0/21 maxlen: 24
144.31.11.0/24 maxlen: 24
144.31.90.0/24 maxlen: 24
144.31.94.0/24 maxlen: 24
144.31.125.0/24 maxlen: 24
144.31.128.0/23 maxlen: 24
144.31.130.0/23 maxlen: 24
193.23.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1b:96:78:20:08:13:4a:85:ff:8b:45:f2:02:25:58:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Mar 23 16:45:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5b0a742fe22709a8244f4e90baa94c96c1f26630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:65:f7:f6:1f:b5:78:da:6e:38:a0:46:5e:9a:
66:47:52:4b:01:e2:3e:52:48:a2:aa:48:a9:10:d1:
40:ec:35:a3:4e:95:21:ca:ce:79:df:1e:2e:e2:ca:
9c:81:5b:f2:ef:1a:38:9a:18:7f:50:ef:c8:6c:96:
72:ec:26:ac:68:01:bd:6c:68:f3:ea:ce:2f:c8:f9:
9c:6a:9a:11:c6:b7:61:ed:2f:58:96:5e:9e:b0:97:
56:59:bb:b5:00:2a:37:c7:d7:0e:db:fb:d5:6b:76:
3a:33:e7:23:30:56:55:aa:e7:91:71:fe:b0:78:39:
b5:12:be:9f:c1:bd:29:25:8c:82:74:c7:55:0d:04:
12:8a:05:24:ee:34:99:3a:a0:af:53:c0:89:90:5e:
39:74:80:0f:83:ed:37:a6:5d:75:cf:79:1c:34:86:
a7:4a:e0:f0:65:c1:e3:31:59:58:a9:7a:9e:1d:d7:
8d:2e:a7:d8:b6:db:e0:dc:7d:f5:48:ad:15:a1:0e:
6c:fb:92:01:6d:23:ed:26:75:0f:c9:6c:f4:28:ca:
47:96:32:8e:24:b6:2d:2d:a0:12:42:e5:5d:1a:13:
ad:f6:7a:6f:66:2c:65:a0:09:a1:f4:57:03:a7:a4:
fa:92:f1:4c:7e:7a:ce:d0:ad:20:7d:cf:19:bf:95:
c8:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:0A:74:2F:E2:27:09:A8:24:4F:4E:90:BA:A9:4C:96:C1:F2:66:30
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Wwp0L-InCagkT06QuqlMlsHyZjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.26.0/23
64.188.91.0/24
144.31.0.0/21
144.31.11.0/24
144.31.90.0/24
144.31.94.0/24
144.31.125.0/24
144.31.128.0/22
193.23.193.0/24
Signature Algorithm: sha256WithRSAEncryption
89:75:26:29:fe:07:1c:23:0d:e6:a1:39:45:4d:3d:1e:f7:40:
02:26:ab:a2:ba:5b:a8:a7:02:48:b9:a9:96:7b:fe:50:e1:ab:
dc:99:53:d0:ae:8b:f6:44:fc:bd:95:d0:e1:fa:98:d7:26:fa:
5a:97:61:08:25:4c:ff:d9:3b:c8:48:e3:43:0e:c1:da:37:5a:
6c:8e:58:3e:98:83:b1:55:56:4b:b3:64:55:a2:8c:2a:35:28:
d4:d5:7c:8f:5c:60:43:2f:e2:d1:b1:fe:8a:9b:f1:71:9a:73:
c4:58:ad:3a:98:a7:f8:96:13:9a:fc:ca:59:62:bf:b2:b0:5b:
11:fb:6e:42:14:4d:39:64:7b:46:0c:b9:a8:40:46:7d:af:92:
83:2a:fc:a0:bf:dc:13:9b:af:0a:b4:2c:6f:0b:ed:06:c5:de:
9a:3e:33:72:85:81:e0:6f:1b:65:b5:14:df:e0:91:16:19:fd:
06:32:a9:14:c7:40:51:bb:7c:33:ea:f2:a3:a0:1d:b0:f5:29:
d4:16:23:eb:d3:57:ad:06:6d:36:4f:52:e9:49:94:32:19:20:
8c:c2:4c:bb:47:f1:3e:bd:b1:4e:cc:5e:17:f2:4e:33:04:cd:
d0:c4:3a:5c:51:9f:0b:5f:13:7c:a2:17:7b:cf:f8:35:cb:d6:
74:f4:3e:c2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ0blnggCBNKhf+LRfICJVhJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMzIzMTY0NTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjBhNzQyZmUyMjcwOWE4MjQ0ZjRlOTBiYWE5NGM5NmMxZjI2NjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWX39h+1eNpuOKBGXppmR1JLAeI+
UkiiqkipENFA7DWjTpUhys553x4u4sqcgVvy7xo4mhh/UO/IbJZy7CasaAG9bGjz
6s4vyPmcapoRxrdh7S9Yll6esJdWWbu1ACo3x9cO2/vVa3Y6M+cjMFZVqueRcf6w
eDm1Er6fwb0pJYyCdMdVDQQSigUk7jSZOqCvU8CJkF45dIAPg+03pl11z3kcNIan
SuDwZcHjMVlYqXqeHdeNLqfYttvg3H31SK0VoQ5s+5IBbSPtJnUPyWz0KMpHljKO
JLYtLaASQuVdGhOt9npvZixloAmh9FcDp6T6kvFMfnrO0K0gfc8Zv5XIkwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFsKdC/iJwmoJE9OkLqpTJbB8mYwMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvV3dwMEwtSW5DYWdrVDA2UXVxbE1sc0h5WmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBAhsaAwQA
QLxbAwQDkB8AAwQAkB8LAwQAkB9aAwQAkB9eAwQAkB99AwQCkB+AAwQAwRfBMA0G
CSqGSIb3DQEBCwUAA4IBAQCJdSYp/gccIw3moTlFTT0e90ACJquiuluopwJIuamW
e/5Q4avcmVPQrov2RPy9ldDh+pjXJvpal2EIJUz/2TvISONDDsHaN1psjlg+mIOx
VVZLs2RVoowqNSjU1XyPXGBDL+LRsf6Km/FxmnPEWK06mKf4lhOa/MpZYr+ysFsR
+25CFE05ZHtGDLmoQEZ9r5KDKvygv9wTm68KtCxvC+0Gxd6aPjNyhYHgbxtltRTf
4JEWGf0GMqkUx0BRu3wz6vKjoB2w9SnUFiPr01etBm02T1LpSZQyGSCMwky7R/E+
vbFOzF4X8k4zBM3QxDpcUZ8LXxN8ohd7z/g1y9Z09D7C
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:18:36 2026 by rpki-client