Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/uKq-QUlcRHLiLcuL9dccFJVNuS8.roa
File: uKq-QUlcRHLiLcuL9dccFJVNuS8.roa (raw, json)
Hash identifier: fNf9XkxETKFbZrEiPWCPkWz8HWrzFlXi1M2lcMhoHZQ=
Subject key identifier: B8:AA:BE:41:49:5C:44:72:E2:2D:CB:8B:F5:D7:1C:14:95:4D:B9:2F
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019E1D0045423A6D29133F62F3065C6C0E9B
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/uKq-QUlcRHLiLcuL9dccFJVNuS8.roa
Signing time: Tue 12 May 2026 16:23:37 +0000
ROA not before: Tue 12 May 2026 16:23:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200566
IP address blocks: 2.26.131.0/24 maxlen: 24
31.77.49.0/24 maxlen: 24
31.77.50.0/24 maxlen: 24
31.77.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:35:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1d:00:45:42:3a:6d:29:13:3f:62:f3:06:5c:6c:0e:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 12 16:23:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b8aabe41495c4472e22dcb8bf5d71c14954db92f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a9:95:7f:b8:ab:a2:df:04:c8:7f:e6:7c:2e:
19:f0:46:90:02:ca:e6:8f:4a:2c:4a:0a:55:8a:61:
72:d9:f0:fb:b9:9f:27:1a:cb:bd:c9:21:c9:a6:ea:
9b:b5:14:66:5f:aa:89:45:08:10:b3:8a:1d:96:5f:
e9:d2:b7:c4:fe:3a:03:a3:3d:3e:29:7d:cf:0b:05:
59:6b:b4:b2:25:6d:54:82:83:2e:b8:01:7e:89:c3:
3d:14:65:65:50:7b:70:e0:46:9e:0b:f5:7a:aa:68:
3b:a7:d7:e6:7d:30:df:7d:8c:a4:dc:0c:18:63:7c:
e8:b0:05:2c:37:04:bd:56:9d:40:53:ba:67:4c:ff:
ab:5c:e7:29:1b:a7:f2:11:7f:9e:d5:e6:58:bb:27:
2d:8b:17:a3:40:b6:0b:a0:4c:d5:ab:67:26:46:12:
30:5b:96:d1:0c:1e:e0:4b:90:d6:e3:b4:2d:2d:00:
51:9d:9d:67:07:70:91:f2:c5:e9:ae:1f:3d:1e:33:
c3:10:99:60:e6:cc:ab:6f:cc:4c:c1:11:1f:04:82:
73:23:04:31:a9:24:be:19:42:0d:de:07:c4:f8:13:
8f:ad:27:15:2a:5c:34:29:8a:57:74:e2:53:50:a6:
4d:aa:a1:f1:3b:10:90:e0:d8:d3:3d:3d:96:3c:3a:
2e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:AA:BE:41:49:5C:44:72:E2:2D:CB:8B:F5:D7:1C:14:95:4D:B9:2F
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/uKq-QUlcRHLiLcuL9dccFJVNuS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.131.0/24
31.77.49.0-31.77.51.255
Signature Algorithm: sha256WithRSAEncryption
b5:92:c0:4d:3f:89:b2:c9:4e:50:8a:55:c7:a6:71:d8:55:bc:
c9:5c:db:ee:7e:6e:d3:67:b6:59:c2:60:bd:07:68:53:2e:a1:
b5:d7:9d:3f:d0:af:04:23:d7:12:91:d3:9a:b4:97:2e:3c:2a:
06:8d:89:fa:51:d4:95:d8:64:80:b8:ca:17:c2:0e:46:7e:4b:
b2:57:47:1b:11:2a:c1:4d:f9:dc:50:7e:4f:7f:92:1b:64:7c:
dd:d1:0e:d7:58:00:e9:43:e6:fe:31:05:52:ad:70:de:d7:70:
ae:ec:3a:31:dc:06:a9:b4:cd:90:dd:92:01:42:e3:a8:8b:42:
36:13:35:50:72:71:9d:04:14:00:a8:7d:22:9a:de:79:84:5b:
60:05:d8:76:e3:bc:b1:b0:40:ef:71:91:0d:da:a4:f1:a0:3d:
87:41:48:40:11:e7:70:d4:7c:d3:68:99:9f:60:ba:7f:12:c3:
1a:1b:c5:30:2c:a9:cb:c1:59:d3:88:b1:ef:f6:d7:db:0a:d5:
f5:3d:34:e6:51:08:bf:7f:06:e0:9c:42:1c:1d:23:5f:90:c8:
8c:07:b9:60:b8:d5:ca:82:f4:91:1d:6d:1e:7b:12:12:75:02:
70:69:42:71:cd:8a:d2:b6:b1:1d:8f:1c:d2:10:62:e1:db:a5:
bc:34:15:9d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ4dAEVCOm0pEz9i8wZcbA6bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNTEyMTYyMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGFhYmU0MTQ5NWM0NDcyZTIyZGNiOGJmNWQ3MWMxNDk1NGRiOTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKmVf7irot8EyH/mfC4Z8EaQAsrm
j0osSgpVimFy2fD7uZ8nGsu9ySHJpuqbtRRmX6qJRQgQs4odll/p0rfE/joDoz0+
KX3PCwVZa7SyJW1UgoMuuAF+icM9FGVlUHtw4EaeC/V6qmg7p9fmfTDffYyk3AwY
Y3zosAUsNwS9Vp1AU7pnTP+rXOcpG6fyEX+e1eZYuyctixejQLYLoEzVq2cmRhIw
W5bRDB7gS5DW47QtLQBRnZ1nB3CR8sXprh89HjPDEJlg5syrb8xMwREfBIJzIwQx
qSS+GUIN3gfE+BOPrScVKlw0KYpXdOJTUKZNqqHxOxCQ4NjTPT2WPDouHQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLiqvkFJXERy4i3Li/XXHBSVTbkvMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvdUtxLVFVbGNSSExpTGN1TDlkY2NGSlZOdVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAAhqDMAwD
BAAfTTEDBAIfTTAwDQYJKoZIhvcNAQELBQADggEBALWSwE0/ibLJTlCKVcemcdhV
vMlc2+5+btNntlnCYL0HaFMuobXXnT/QrwQj1xKR05q0ly48KgaNifpR1JXYZIC4
yhfCDkZ+S7JXRxsRKsFN+dxQfk9/khtkfN3RDtdYAOlD5v4xBVKtcN7XcK7sOjHc
Bqm0zZDdkgFC46iLQjYTNVBycZ0EFACofSKa3nmEW2AF2HbjvLGwQO9xkQ3apPGg
PYdBSEAR53DUfNNomZ9gun8SwxobxTAsqcvBWdOIse/219sK1fU9NOZRCL9/BuCc
QhwdI1+QyIwHuWC41cqC9JEdbR57EhJ1AnBpQnHNitK2sR2PHNIQYuHbpbw0FZ0=
-----END CERTIFICATE-----
Generated at Wed May 13 07:14:14 2026 by rpki-client