Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/194e97-e5db-4a6a-afb5-552e210354f4/1/fX47DA3aknJjMaNF3kpMk1RfVDY.roa
File: fX47DA3aknJjMaNF3kpMk1RfVDY.roa (raw, json)
Hash identifier: QnbSVkKJ1tgtZD036KjNU81Gb7v/2YPgVvv50U+eDiQ=
Subject key identifier: 7D:7E:3B:0C:0D:DA:92:72:63:31:A3:45:DE:4A:4C:93:54:5F:54:36
Certificate issuer: /CN=65f852cbd1cdf244a170edac2440d0d2f4bd5319
Certificate serial: 019DB532705B04159B8D05C2E0D2026AC1D6
Authority key identifier: 65:F8:52:CB:D1:CD:F2:44:A1:70:ED:AC:24:40:D0:D2:F4:BD:53:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZfhSy9HN8kShcO2sJEDQ0vS9Uxk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/194e97-e5db-4a6a-afb5-552e210354f4/1/fX47DA3aknJjMaNF3kpMk1RfVDY.roa
Signing time: Wed 22 Apr 2026 12:37:54 +0000
ROA not before: Wed 22 Apr 2026 12:37:54 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 1257
IP address blocks: 2001:67c:2650::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/194e97-e5db-4a6a-afb5-552e210354f4/1/ZfhSy9HN8kShcO2sJEDQ0vS9Uxk.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/194e97-e5db-4a6a-afb5-552e210354f4/1/ZfhSy9HN8kShcO2sJEDQ0vS9Uxk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZfhSy9HN8kShcO2sJEDQ0vS9Uxk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 20:17:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b5:32:70:5b:04:15:9b:8d:05:c2:e0:d2:02:6a:c1:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65f852cbd1cdf244a170edac2440d0d2f4bd5319
Validity
Not Before: Apr 22 12:37:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7d7e3b0c0dda92726331a345de4a4c93545f5436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:65:cf:e2:cf:43:d0:db:94:3f:e8:0b:3c:8b:
45:6f:ce:90:0b:3f:b8:45:06:e9:ed:53:99:b2:13:
07:99:1f:d7:77:00:da:32:27:17:10:20:8b:fd:11:
57:54:df:87:5e:4f:6f:0c:66:39:ac:d3:0d:c2:40:
88:f0:d9:b1:61:8f:04:7a:01:ca:70:5f:fd:6f:e2:
b2:03:33:98:cf:3f:c2:c2:1a:41:27:84:43:a4:5e:
35:fa:9f:09:94:96:15:54:56:69:84:46:ce:b5:e1:
bf:4f:58:ad:ad:0d:ac:00:bc:f3:fd:23:44:d0:fc:
28:8c:a8:4f:0b:ff:ed:b2:d5:9e:63:37:88:25:b9:
3e:09:88:62:e5:f0:44:18:70:40:0a:18:89:cb:e7:
00:ce:ca:15:92:67:b6:09:06:02:d9:7c:23:8e:6d:
5d:cb:7e:2a:81:bd:4b:33:7d:5d:b7:b2:86:0d:be:
9b:84:22:28:69:d6:34:d0:d2:bb:1d:72:3c:21:28:
c0:cb:01:c2:28:3f:05:3c:31:cd:a1:2e:48:e6:4e:
94:e5:20:e3:52:06:de:44:db:c3:ab:e5:8d:e8:68:
2d:a4:a1:7d:f1:6a:4f:f4:38:4f:7d:74:9d:7e:0f:
32:09:7d:cb:fc:bf:f6:da:27:92:2a:9a:f4:f3:e6:
78:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:7E:3B:0C:0D:DA:92:72:63:31:A3:45:DE:4A:4C:93:54:5F:54:36
X509v3 Authority Key Identifier:
keyid:65:F8:52:CB:D1:CD:F2:44:A1:70:ED:AC:24:40:D0:D2:F4:BD:53:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZfhSy9HN8kShcO2sJEDQ0vS9Uxk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/194e97-e5db-4a6a-afb5-552e210354f4/1/fX47DA3aknJjMaNF3kpMk1RfVDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/194e97-e5db-4a6a-afb5-552e210354f4/1/ZfhSy9HN8kShcO2sJEDQ0vS9Uxk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2650::/48
Signature Algorithm: sha256WithRSAEncryption
12:c4:b7:3f:10:27:b1:d4:01:31:ce:31:aa:13:02:54:39:ab:
63:fe:76:95:b0:43:2e:f0:70:5e:d7:7c:77:b2:e3:c0:f7:8b:
31:83:54:ea:72:25:53:b5:15:64:f2:40:d3:65:5b:80:0d:dc:
aa:aa:2c:54:98:f2:19:79:41:b8:98:92:40:14:d5:2a:2d:5e:
a5:c5:1e:4d:36:32:0c:fd:90:dc:6a:25:22:7e:ba:9f:4b:60:
f7:70:74:6c:ff:f3:a3:b4:dc:60:0e:8f:ad:f2:f6:1c:55:7c:
6b:63:e1:d1:a3:9f:82:9f:3c:6c:57:5f:b0:42:00:0d:a1:38:
e6:ed:77:30:07:ce:f9:4b:89:fe:c9:f4:6c:0a:74:19:30:68:
af:67:f5:5c:55:4d:f4:01:a1:2b:60:b3:6f:41:38:f4:a6:93:
96:13:f3:88:38:7b:f3:66:eb:f9:66:79:49:17:75:04:90:67:
34:e3:82:19:00:a6:66:fa:e3:ee:ba:eb:47:6d:87:3f:f7:92:
95:f7:29:29:15:b9:40:88:6c:26:6f:5a:de:73:b0:56:21:d7:
09:eb:77:29:a3:95:c5:f2:a3:3f:79:7c:27:ac:be:19:ba:8c:
c1:27:20:f8:cc:70:05:a4:37:c1:d0:70:f9:c9:da:40:80:10:
b0:a9:00:f0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ21MnBbBBWbjQXC4NICasHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1Zjg1MmNiZDFjZGYyNDRhMTcwZWRhYzI0NDBkMGQyZjRi
ZDUzMTkwHhcNMjYwNDIyMTIzNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDdlM2IwYzBkZGE5MjcyNjMzMWEzNDVkZTRhNGM5MzU0NWY1NDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2XP4s9D0NuUP+gLPItFb86QCz+4
RQbp7VOZshMHmR/XdwDaMicXECCL/RFXVN+HXk9vDGY5rNMNwkCI8NmxYY8EegHK
cF/9b+KyAzOYzz/CwhpBJ4RDpF41+p8JlJYVVFZphEbOteG/T1itrQ2sALzz/SNE
0PwojKhPC//tstWeYzeIJbk+CYhi5fBEGHBAChiJy+cAzsoVkme2CQYC2Xwjjm1d
y34qgb1LM31dt7KGDb6bhCIoadY00NK7HXI8ISjAywHCKD8FPDHNoS5I5k6U5SDj
UgbeRNvDq+WN6GgtpKF98WpP9DhPfXSdfg8yCX3L/L/22ieSKpr08+Z4/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH1+OwwN2pJyYzGjRd5KTJNUX1Q2MB8GA1UdIwQY
MBaAFGX4UsvRzfJEoXDtrCRA0NL0vVMZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmZoU3k5SE44a1NoY08yc0pFRFEwdlM5VXhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8xOTRlOTctZTVkYi00YTZhLWFmYjUt
NTUyZTIxMDM1NGY0LzEvZlg0N0RBM2FrbkpqTWFORjNrcE1rMVJmVkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8xOTRlOTctZTVkYi00YTZhLWFmYjUtNTUyZTIxMDM1NGY0
LzEvWmZoU3k5SE44a1NoY08yc0pFRFEwdlM5VXhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfCZQ
MA0GCSqGSIb3DQEBCwUAA4IBAQASxLc/ECex1AExzjGqEwJUOatj/naVsEMu8HBe
13x3suPA94sxg1TqciVTtRVk8kDTZVuADdyqqixUmPIZeUG4mJJAFNUqLV6lxR5N
NjIM/ZDcaiUifrqfS2D3cHRs//OjtNxgDo+t8vYcVXxrY+HRo5+CnzxsV1+wQgAN
oTjm7XcwB875S4n+yfRsCnQZMGivZ/VcVU30AaErYLNvQTj0ppOWE/OIOHvzZuv5
ZnlJF3UEkGc044IZAKZm+uPuuutHbYc/95KV9ykpFblAiGwmb1rec7BWIdcJ63cp
o5XF8qM/eXwnrL4ZuozBJyD4zHAFpDfB0HD5ydpAgBCwqQDw
-----END CERTIFICATE-----
Generated at Mon Apr 27 03:10:51 2026 by rpki-client