Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/pWOTSlCv6xFilNs3fTaQ9lwNJnA.roa
File: pWOTSlCv6xFilNs3fTaQ9lwNJnA.roa (raw, json)
Hash identifier: k1/trPiepAkVmISs3Je/XAphwodhI0Pn1+FoNv6dtoY=
Subject key identifier: A5:63:93:4A:50:AF:EB:11:62:94:DB:37:7D:36:90:F6:5C:0D:26:70
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019DFE453C65512CACD11A4E5FCDA7B616C1
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/pWOTSlCv6xFilNs3fTaQ9lwNJnA.roa
Signing time: Wed 06 May 2026 17:10:43 +0000
ROA not before: Wed 06 May 2026 17:10:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30058
IP address blocks: 2.27.242.0/24 maxlen: 24
31.76.234.0/23 maxlen: 24
31.76.247.0/24 maxlen: 24
193.23.196.0/24 maxlen: 24
193.23.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:35:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fe:45:3c:65:51:2c:ac:d1:1a:4e:5f:cd:a7:b6:16:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 6 17:10:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a563934a50afeb116294db377d3690f65c0d2670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:77:7d:81:22:45:d7:73:3a:65:a9:09:14:62:
4c:80:81:f8:42:ce:01:f8:40:77:ac:23:72:fa:6e:
02:18:ad:55:8f:d3:c8:25:d2:2e:32:d9:c6:97:f3:
fb:6c:bb:00:34:68:80:43:bf:72:1e:81:0b:b0:cc:
0e:35:d0:fc:90:73:e6:cc:da:32:51:ff:77:49:8b:
6a:d4:74:9f:2b:66:34:72:2d:11:3b:8c:e3:cc:97:
08:ee:fb:9b:07:a3:7b:ce:f4:72:3e:ef:8e:9b:b2:
85:8d:61:f1:93:2b:eb:8c:91:4d:da:18:91:0d:53:
1c:97:cd:59:33:9a:8a:50:d4:51:d7:91:0b:b5:0a:
25:e9:31:e7:a3:ab:33:4d:20:85:b4:29:32:3b:e7:
ff:af:aa:0f:72:88:d9:0d:bb:03:e4:92:f3:e5:79:
8e:97:b8:1a:7c:35:e5:8e:70:38:70:02:6e:1a:55:
41:2a:ef:e3:3f:e0:d2:02:99:be:c2:a9:35:71:a1:
7b:58:08:d2:30:b5:7c:1f:a7:11:df:85:e2:05:ac:
d5:fa:76:bf:eb:ee:73:d7:0e:15:2c:8c:a5:17:c2:
66:aa:69:12:5d:f6:16:ee:c0:f1:29:16:0a:49:44:
f7:39:20:d3:ea:f5:d1:26:9f:5d:05:43:8e:bc:59:
9f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:63:93:4A:50:AF:EB:11:62:94:DB:37:7D:36:90:F6:5C:0D:26:70
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/pWOTSlCv6xFilNs3fTaQ9lwNJnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.27.242.0/24
31.76.234.0/23
31.76.247.0/24
193.23.196.0/24
193.23.223.0/24
Signature Algorithm: sha256WithRSAEncryption
75:b8:d7:a1:7f:5d:7a:f0:67:63:9f:95:bf:e8:0a:c1:2e:0c:
b5:06:88:55:ca:97:61:9f:34:f2:28:89:75:16:bc:59:c3:c4:
73:cd:1c:cc:ea:f9:df:5a:23:bb:a6:4a:72:09:d4:ae:69:19:
e3:63:df:1a:7d:dc:c9:66:da:9c:07:6f:ba:8e:2c:71:81:10:
fa:1d:15:cb:0d:2b:bb:11:89:96:77:8c:70:7f:7e:7b:f5:ab:
2e:2e:e8:ab:81:bb:8e:42:53:8b:e1:be:30:29:e9:6b:1e:96:
7d:53:65:6b:22:94:b4:c7:d2:4b:0e:67:4f:17:4a:de:e1:59:
d1:eb:42:b5:04:72:53:36:a9:16:fc:51:b4:68:d2:fe:4e:9f:
ef:b0:0a:ce:b1:89:ef:94:ff:18:7b:cb:a6:57:dc:61:0c:77:
2d:bc:4e:a2:82:cd:6a:05:aa:c5:2f:be:ef:b3:de:b6:51:2a:
dc:f1:3e:68:fd:3d:94:05:29:d2:c8:bc:b7:ed:cb:ad:da:ad:
cc:bd:52:9a:a0:9e:92:9b:1c:c7:0e:23:76:b4:be:50:f7:4f:
60:21:2f:e1:86:0e:6a:7c:61:a3:f0:2c:44:c1:7a:8c:b9:34:
f7:45:2e:c4:87:8b:e9:9d:db:cd:67:99:82:07:0e:52:74:31:
3f:b2:5c:f4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ3+RTxlUSys0RpOX82nthbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNTA2MTcxMDQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTYzOTM0YTUwYWZlYjExNjI5NGRiMzc3ZDM2OTBmNjVjMGQyNjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHd9gSJF13M6ZakJFGJMgIH4Qs4B
+EB3rCNy+m4CGK1Vj9PIJdIuMtnGl/P7bLsANGiAQ79yHoELsMwONdD8kHPmzNoy
Uf93SYtq1HSfK2Y0ci0RO4zjzJcI7vubB6N7zvRyPu+Om7KFjWHxkyvrjJFN2hiR
DVMcl81ZM5qKUNRR15ELtQol6THno6szTSCFtCkyO+f/r6oPcojZDbsD5JLz5XmO
l7gafDXljnA4cAJuGlVBKu/jP+DSApm+wqk1caF7WAjSMLV8H6cR34XiBazV+na/
6+5z1w4VLIylF8JmqmkSXfYW7sDxKRYKSUT3OSDT6vXRJp9dBUOOvFmfVwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKVjk0pQr+sRYpTbN302kPZcDSZwMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvcFdPVFNsQ3Y2eEZpbE5zM2ZUYVE5bHdOSm5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAhvyAwQB
H0zqAwQAH0z3AwQAwRfEAwQAwRffMA0GCSqGSIb3DQEBCwUAA4IBAQB1uNehf116
8Gdjn5W/6ArBLgy1BohVypdhnzTyKIl1FrxZw8RzzRzM6vnfWiO7pkpyCdSuaRnj
Y98afdzJZtqcB2+6jixxgRD6HRXLDSu7EYmWd4xwf3579asuLuirgbuOQlOL4b4w
KelrHpZ9U2VrIpS0x9JLDmdPF0re4VnR60K1BHJTNqkW/FG0aNL+Tp/vsArOsYnv
lP8Ye8umV9xhDHctvE6igs1qBarFL77vs962USrc8T5o/T2UBSnSyLy37cut2q3M
vVKaoJ6SmxzHDiN2tL5Q909gIS/hhg5qfGGj8CxEwXqMuTT3RS7Eh4vpndvNZ5mC
Bw5SdDE/slz0
-----END CERTIFICATE-----
Generated at Wed May 13 03:55:41 2026 by rpki-client