Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/ff34bb-10f9-4593-9caf-1d8b9a1aa4ad/1/oNyVV9F-UayJsBNMERK1JiJ0D7o.roa
File: oNyVV9F-UayJsBNMERK1JiJ0D7o.roa (raw, json)
Hash identifier: k7jOjhLjlTb4tvt1HZS9xHgB6yHXR3vwiFuwHTGcB/0=
Subject key identifier: A0:DC:95:57:D1:7E:51:AC:89:B0:13:4C:11:12:B5:26:22:74:0F:BA
Certificate issuer: /CN=7b69efe6016f72d4592f1b0bab9186476ff3a29d
Certificate serial: 019D4713DEBF6784B15D31004095FCBD6572
Authority key identifier: 7B:69:EF:E6:01:6F:72:D4:59:2F:1B:0B:AB:91:86:47:6F:F3:A2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e2nv5gFvctRZLxsLq5GGR2_zop0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/ff34bb-10f9-4593-9caf-1d8b9a1aa4ad/1/oNyVV9F-UayJsBNMERK1JiJ0D7o.roa
Signing time: Wed 01 Apr 2026 03:26:17 +0000
ROA not before: Wed 01 Apr 2026 03:26:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 2a0b:71c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/ff34bb-10f9-4593-9caf-1d8b9a1aa4ad/1/e2nv5gFvctRZLxsLq5GGR2_zop0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/ff34bb-10f9-4593-9caf-1d8b9a1aa4ad/1/e2nv5gFvctRZLxsLq5GGR2_zop0.mft
rsync://rpki.ripe.net/repository/DEFAULT/e2nv5gFvctRZLxsLq5GGR2_zop0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 03:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:47:13:de:bf:67:84:b1:5d:31:00:40:95:fc:bd:65:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b69efe6016f72d4592f1b0bab9186476ff3a29d
Validity
Not Before: Apr 1 03:26:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a0dc9557d17e51ac89b0134c1112b52622740fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:98:fa:b6:12:0e:b7:97:4c:10:d4:5b:50:c0:
6b:94:8b:06:9f:c3:71:a1:49:b9:4c:26:14:e0:31:
14:5d:80:a4:d9:34:fc:bd:74:dc:d3:49:17:65:04:
68:6c:c9:a8:8f:be:e6:b3:ac:61:05:a7:47:0a:b7:
00:1e:c4:f2:19:0c:d9:c9:13:27:d3:42:56:6b:19:
bb:30:9b:b4:b6:60:a8:5a:3d:33:bd:e4:ff:f4:cb:
73:87:af:d0:f9:83:e7:50:9f:f8:4b:8d:21:5f:1d:
43:89:10:9b:8d:87:38:ed:e9:40:cf:0a:97:29:cc:
94:fb:0b:a5:51:88:4a:13:1f:c9:9f:87:69:b5:88:
6e:ff:19:48:a8:dc:b9:b9:24:44:02:cf:92:e5:b8:
7d:e3:bd:e9:4a:6c:92:51:4a:c3:13:4e:ba:b7:0f:
35:a0:9c:d1:90:31:c1:ad:b8:e1:9c:db:01:ef:47:
7a:a3:f2:c7:d2:00:df:37:d4:f2:47:25:d8:be:a4:
14:1a:54:d0:e1:06:4b:6c:72:60:2b:e4:0c:59:24:
39:be:08:df:01:e0:73:57:4a:58:6f:52:f7:f1:6e:
38:32:30:1a:f0:e8:fa:90:c5:99:f7:29:f7:8f:59:
6a:a0:1f:95:e1:d5:b7:d3:0e:f0:d7:94:d3:bd:cf:
99:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DC:95:57:D1:7E:51:AC:89:B0:13:4C:11:12:B5:26:22:74:0F:BA
X509v3 Authority Key Identifier:
keyid:7B:69:EF:E6:01:6F:72:D4:59:2F:1B:0B:AB:91:86:47:6F:F3:A2:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2nv5gFvctRZLxsLq5GGR2_zop0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ff34bb-10f9-4593-9caf-1d8b9a1aa4ad/1/oNyVV9F-UayJsBNMERK1JiJ0D7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/ff34bb-10f9-4593-9caf-1d8b9a1aa4ad/1/e2nv5gFvctRZLxsLq5GGR2_zop0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:71c0::/29
Signature Algorithm: sha256WithRSAEncryption
17:d6:4b:da:86:b8:a9:11:70:db:d7:13:5f:4b:4b:dc:e7:c9:
b5:9d:66:a7:10:1e:1e:fd:ed:ab:3a:aa:86:7e:4e:17:e1:29:
fe:b6:59:97:1a:e5:0d:c7:21:fd:9d:14:c7:bb:e8:7d:db:22:
96:c0:5f:8d:4b:94:20:b2:9c:ea:b0:2d:64:1f:09:75:1a:05:
cb:87:86:a4:18:52:0c:87:b9:70:75:f5:8c:15:8b:e5:73:6c:
7f:25:8d:cf:32:e1:b4:9f:e9:a4:08:4b:e5:30:04:27:fd:30:
a7:33:ec:2a:ac:f9:a7:29:23:e4:3b:ec:c0:83:fb:21:1a:32:
90:b3:4e:45:22:04:3b:b3:3c:54:65:73:27:ba:dc:3a:77:d7:
f1:82:66:98:86:7e:50:d9:6a:f1:45:ec:9d:3a:c3:f5:39:97:
22:4b:6c:64:b7:e8:0a:a7:c8:df:f4:62:ad:f5:39:1e:1a:92:
e4:c5:1c:d4:f1:6e:fd:09:96:a7:b2:2b:80:4f:e1:10:17:ca:
83:3d:7c:22:f4:15:6c:e3:01:7b:b9:79:af:54:d5:3d:5d:ad:
85:58:6b:19:ff:a5:f3:22:c5:ac:ca:3d:4e:16:85:2d:de:1c:
69:aa:bd:8d:5a:98:d5:29:eb:05:ce:29:7c:51:50:da:98:b6:
7b:3e:00:29
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ1HE96/Z4SxXTEAQJX8vWVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNjllZmU2MDE2ZjcyZDQ1OTJmMWIwYmFiOTE4NjQ3NmZm
M2EyOWQwHhcNMjYwNDAxMDMyNjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGRjOTU1N2QxN2U1MWFjODliMDEzNGMxMTEyYjUyNjIyNzQwZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZj6thIOt5dMENRbUMBrlIsGn8Nx
oUm5TCYU4DEUXYCk2TT8vXTc00kXZQRobMmoj77ms6xhBadHCrcAHsTyGQzZyRMn
00JWaxm7MJu0tmCoWj0zveT/9Mtzh6/Q+YPnUJ/4S40hXx1DiRCbjYc47elAzwqX
KcyU+wulUYhKEx/Jn4dptYhu/xlIqNy5uSREAs+S5bh9473pSmySUUrDE066tw81
oJzRkDHBrbjhnNsB70d6o/LH0gDfN9TyRyXYvqQUGlTQ4QZLbHJgK+QMWSQ5vgjf
AeBzV0pYb1L38W44MjAa8Oj6kMWZ9yn3j1lqoB+V4dW30w7w15TTvc+ZNwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKDclVfRflGsibATTBEStSYidA+6MB8GA1UdIwQY
MBaAFHtp7+YBb3LUWS8bC6uRhkdv86KdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTJudjVnRnZjdFJaTHhzTHE1R0dSMl96b3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9mZjM0YmItMTBmOS00NTkzLTljYWYt
MWQ4YjlhMWFhNGFkLzEvb055VlY5Ri1VYXlKc0JOTUVSSzFKaUowRDdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9mZjM0YmItMTBmOS00NTkzLTljYWYtMWQ4YjlhMWFhNGFk
LzEvZTJudjVnRnZjdFJaTHhzTHE1R0dSMl96b3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgtxwDAN
BgkqhkiG9w0BAQsFAAOCAQEAF9ZL2oa4qRFw29cTX0tL3OfJtZ1mpxAeHv3tqzqq
hn5OF+Ep/rZZlxrlDcch/Z0Ux7vofdsilsBfjUuUILKc6rAtZB8JdRoFy4eGpBhS
DIe5cHX1jBWL5XNsfyWNzzLhtJ/ppAhL5TAEJ/0wpzPsKqz5pykj5DvswIP7IRoy
kLNORSIEO7M8VGVzJ7rcOnfX8YJmmIZ+UNlq8UXsnTrD9TmXIktsZLfoCqfI3/Ri
rfU5HhqS5MUc1PFu/QmWp7IrgE/hEBfKgz18IvQVbOMBe7l5r1TVPV2thVhrGf+l
8yLFrMo9ThaFLd4caaq9jVqY1SnrBc4pfFFQ2pi2ez4AKQ==
-----END CERTIFICATE-----
Generated at Tue Apr 7 10:30:56 2026 by rpki-client