Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/cvyOonWa9akl4v6Pd6wFkPoi9B4.roa
File: cvyOonWa9akl4v6Pd6wFkPoi9B4.roa (raw, json)
Hash identifier: 4Uqs8Bh6zjEY2HP5bqquO4Cx1ega0it4VMWQ8RHRqrk=
Subject key identifier: 72:FC:8E:A2:75:9A:F5:A9:25:E2:FE:8F:77:AC:05:90:FA:22:F4:1E
Certificate issuer: /CN=ed624c590027a5a8c9eeb369726e4a630cdf414c
Certificate serial: 019D49444CD54E54DB103D062DAA1F49817D
Authority key identifier: ED:62:4C:59:00:27:A5:A8:C9:EE:B3:69:72:6E:4A:63:0C:DF:41:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/cvyOonWa9akl4v6Pd6wFkPoi9B4.roa
Signing time: Wed 01 Apr 2026 13:38:25 +0000
ROA not before: Wed 01 Apr 2026 13:38:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 45.89.128.0/22 maxlen: 22
2a0b:a200::/48 maxlen: 48
2a0b:a200:1::/48 maxlen: 48
2a0b:a200:2::/48 maxlen: 48
2a0b:a200:3::/48 maxlen: 48
2a0b:a200:4::/48 maxlen: 48
2a0b:a200:5::/48 maxlen: 48
2a0b:a200:6::/48 maxlen: 48
2a0b:a200:7::/48 maxlen: 48
2a0b:a200:8::/48 maxlen: 48
2a0b:a200:9::/48 maxlen: 48
2a0b:a200:a::/48 maxlen: 48
2a0b:a200:b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:49:44:4c:d5:4e:54:db:10:3d:06:2d:aa:1f:49:81:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed624c590027a5a8c9eeb369726e4a630cdf414c
Validity
Not Before: Apr 1 13:38:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=72fc8ea2759af5a925e2fe8f77ac0590fa22f41e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c6:54:fc:a5:8c:01:ba:e7:59:8f:26:e5:87:
bb:78:4f:0b:db:4a:75:3c:32:34:6b:73:fe:a4:25:
40:a0:77:32:c9:79:5a:2d:bf:df:f3:28:8c:d7:ab:
4c:e5:e9:ae:66:f5:14:a9:b8:53:91:46:21:83:ff:
f5:d1:b7:7a:b2:8d:d4:e0:d9:f9:f1:96:5d:7c:ad:
d6:e1:8b:7d:35:6f:87:fc:33:6d:93:af:29:cd:fe:
fe:54:3b:65:88:81:b6:60:94:8a:48:d6:00:ec:e4:
b0:f7:70:b9:86:75:b8:bf:d0:4c:58:05:63:7c:73:
88:7a:88:7b:18:f1:09:61:14:fe:0e:88:77:0a:c3:
08:54:4c:9f:fb:30:06:fc:8b:9e:65:94:10:56:54:
80:37:02:cf:bf:11:bf:f5:00:81:e8:22:de:13:80:
76:37:33:05:a8:27:cc:b0:d9:5b:62:ba:af:d0:49:
bd:d1:50:a4:5f:91:3a:78:f1:e3:93:9b:e7:bc:30:
23:96:43:0b:ab:d8:bb:3b:21:b9:c2:36:10:86:ec:
cd:1e:ec:6e:d2:77:f7:37:57:d4:64:25:e7:06:c7:
7e:f5:9f:ea:cf:32:9b:72:da:df:ac:54:fb:f0:80:
f4:33:8c:ba:eb:85:7c:10:71:70:57:97:3c:54:3b:
33:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:FC:8E:A2:75:9A:F5:A9:25:E2:FE:8F:77:AC:05:90:FA:22:F4:1E
X509v3 Authority Key Identifier:
keyid:ED:62:4C:59:00:27:A5:A8:C9:EE:B3:69:72:6E:4A:63:0C:DF:41:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/cvyOonWa9akl4v6Pd6wFkPoi9B4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.128.0/22
IPv6:
2a0b:a200::-2a0b:a200:b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
40:8c:ed:50:40:ab:12:7f:31:f9:0f:bb:8e:21:53:a3:b2:4a:
3b:84:86:dd:d0:3e:e0:c0:8b:91:45:48:45:95:65:03:e1:3d:
b3:6c:38:ec:c7:04:d2:63:9b:a9:42:59:44:7f:90:32:22:c2:
38:3c:46:0c:cb:35:c2:c3:58:c8:23:d9:4f:24:5c:21:0e:4f:
95:f7:83:b2:ee:58:df:cf:34:94:c7:c4:d6:a5:5a:d2:95:2a:
c0:2a:ca:a3:fe:23:be:6f:b1:c7:3e:af:3b:8d:01:88:d3:67:
6e:cc:d4:e4:4c:36:1e:b2:13:49:bf:31:06:fc:b2:8f:69:e6:
db:09:b9:4e:b1:f6:1f:15:74:34:d1:ca:c0:99:35:2e:38:33:
2a:47:92:1b:4f:11:dd:7f:88:57:b6:a6:2f:f3:e5:60:c7:6d:
6e:ac:a9:2c:58:4e:84:48:9d:7a:88:45:6a:0c:4a:b5:d6:7b:
67:2a:35:bd:f7:8b:f8:df:e8:e5:71:df:fb:39:d4:1a:81:bd:
f2:b5:4e:23:40:8d:e0:cb:8b:40:d7:95:25:63:63:ad:92:da:
dc:67:95:0e:7d:d1:d4:83:5a:85:df:c1:e6:7d:04:f6:5a:74:
53:8f:ae:91:66:97:23:2e:e2:83:8e:bd:84:d8:4c:6e:02:ae:
67:82:0d:4e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ1JREzVTlTbED0GLaofSYF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNjI0YzU5MDAyN2E1YThjOWVlYjM2OTcyNmU0YTYzMGNk
ZjQxNGMwHhcNMjYwNDAxMTMzODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmZjOGVhMjc1OWFmNWE5MjVlMmZlOGY3N2FjMDU5MGZhMjJmNDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMZU/KWMAbrnWY8m5Ye7eE8L20p1
PDI0a3P+pCVAoHcyyXlaLb/f8yiM16tM5emuZvUUqbhTkUYhg//10bd6so3U4Nn5
8ZZdfK3W4Yt9NW+H/DNtk68pzf7+VDtliIG2YJSKSNYA7OSw93C5hnW4v9BMWAVj
fHOIeoh7GPEJYRT+Doh3CsMIVEyf+zAG/IueZZQQVlSANwLPvxG/9QCB6CLeE4B2
NzMFqCfMsNlbYrqv0Em90VCkX5E6ePHjk5vnvDAjlkMLq9i7OyG5wjYQhuzNHuxu
0nf3N1fUZCXnBsd+9Z/qzzKbctrfrFT78ID0M4y664V8EHFwV5c8VDszqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHL8jqJ1mvWpJeL+j3esBZD6IvQeMB8GA1UdIwQY
MBaAFO1iTFkAJ6Woye6zaXJuSmMM30FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1dKTVdRQW5wYWpKN3JOcGNtNUtZd3pmUVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy84ZGI2N2EtYzRmYy00YzJjLTk5Nzgt
YTdiZTVmYTBmZjY1LzEvY3Z5T29uV2E5YWtsNHY2UGQ2d0ZrUG9pOUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy84ZGI2N2EtYzRmYy00YzJjLTk5NzgtYTdiZTVmYTBmZjY1
LzEvN1dKTVdRQW5wYWpKN3JOcGNtNUtZd3pmUVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQCLVmAMBcE
AgACMBEwDwMEASoLogMHAioLogAACDANBgkqhkiG9w0BAQsFAAOCAQEAQIztUECr
En8x+Q+7jiFTo7JKO4SG3dA+4MCLkUVIRZVlA+E9s2w47McE0mObqUJZRH+QMiLC
ODxGDMs1wsNYyCPZTyRcIQ5PlfeDsu5Y3880lMfE1qVa0pUqwCrKo/4jvm+xxz6v
O40BiNNnbszU5Ew2HrITSb8xBvyyj2nm2wm5TrH2HxV0NNHKwJk1LjgzKkeSG08R
3X+IV7amL/PlYMdtbqypLFhOhEideohFagxKtdZ7Zyo1vfeL+N/o5XHf+znUGoG9
8rVOI0CN4MuLQNeVJWNjrZLa3GeVDn3R1INahd/B5n0E9lp0U4+ukWaXIy7ig469
hNhMbgKuZ4INTg==
-----END CERTIFICATE-----
Generated at Tue Apr 7 10:31:10 2026 by rpki-client