Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4VAAZZul-2TxQEOVbG1GEyH5_NA.roa
File: 4VAAZZul-2TxQEOVbG1GEyH5_NA.roa (raw, json)
Hash identifier: cmtmRKJE/vCA+XD8jBrFUulr5oRM06ESewPArSNT5N4=
Subject key identifier: E1:50:00:65:9B:A5:FB:64:F1:40:43:95:6C:6D:46:13:21:F9:FC:D0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019DAFFFC7179F7FECA094B1F97D0ABFE156
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4VAAZZul-2TxQEOVbG1GEyH5_NA.roa
Signing time: Tue 21 Apr 2026 12:24:28 +0000
ROA not before: Tue 21 Apr 2026 12:24:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205175
IP address blocks: 2a00:1728:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 21:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:af:ff:c7:17:9f:7f:ec:a0:94:b1:f9:7d:0a:bf:e1:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 21 12:24:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e15000659ba5fb64f14043956c6d461321f9fcd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4d:d4:8f:34:1f:b9:dc:cc:42:cf:56:0f:a6:
1d:ce:1c:f6:8e:fa:44:d4:e3:b1:d9:8d:17:c1:95:
36:52:83:2a:14:ef:f8:1c:88:fd:f3:e6:02:31:29:
aa:59:a7:07:de:f5:a8:da:1e:1f:72:d6:c9:ec:b6:
fa:59:6f:c4:84:8b:88:f9:c9:61:dd:2e:e1:9a:3e:
8e:55:04:a7:d6:4c:13:0c:c8:86:d0:f4:a1:2e:73:
6d:94:d8:7c:d4:34:58:15:dc:65:e1:65:ee:6d:9c:
ba:46:f5:80:f4:54:a1:f1:fe:03:e4:6e:fb:e8:73:
ad:c2:c7:f0:9b:ab:e5:97:5a:45:02:34:72:52:c5:
c1:cf:a4:3d:aa:cf:fd:e2:e4:ab:04:fc:84:8a:c6:
3d:84:8b:6c:db:ea:a2:94:57:4f:72:df:47:c6:fb:
c3:1e:87:ac:05:fe:ea:c5:02:a7:de:ae:77:21:f7:
b7:03:dc:26:c3:bb:2e:51:71:a6:9b:a6:23:31:36:
9a:b8:d1:bf:fc:41:d6:72:53:02:a4:9e:1d:b7:20:
49:99:05:fd:9f:31:2d:59:14:a2:ea:d8:8c:ca:a9:
ec:8d:53:12:ba:cd:6b:75:7b:06:f4:ac:a9:82:c0:
3c:15:9e:ad:5d:98:d8:38:ab:49:e0:df:c8:17:30:
b5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:50:00:65:9B:A5:FB:64:F1:40:43:95:6C:6D:46:13:21:F9:FC:D0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4VAAZZul-2TxQEOVbG1GEyH5_NA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1728:31::/48
Signature Algorithm: sha256WithRSAEncryption
83:83:a2:06:66:ee:82:e5:28:0f:c9:41:46:c2:32:8c:83:98:
63:f5:04:7a:9d:35:fc:e5:80:2c:e7:a5:85:3d:c6:bb:78:69:
55:6d:d6:6e:e0:6c:ed:ba:63:f7:e6:c3:d1:10:ca:a9:3f:85:
7a:e8:2d:cf:15:c0:8f:ff:22:68:b1:fc:15:5a:ae:57:85:25:
82:f5:6d:da:49:80:47:20:e2:e5:88:37:5e:13:fc:74:e9:f2:
80:42:a8:b0:15:c9:1e:31:74:0e:c6:a1:ee:6e:29:71:e5:85:
29:ec:e9:12:11:71:c6:a2:88:c9:c2:69:dd:2a:c7:11:a1:89:
67:ea:9c:40:c0:e7:86:c5:b9:85:19:27:71:2a:a1:59:4e:7c:
67:e2:d0:ac:9a:1a:b5:1b:dd:27:29:ea:30:2f:21:06:2c:96:
68:d5:27:a1:79:10:c4:ed:3e:9b:da:9d:ad:b1:79:5c:b5:0e:
cb:5b:31:ed:1f:32:81:bf:83:08:17:c0:70:09:33:c8:7e:3f:
13:3e:fc:ea:3b:0e:47:19:87:6c:99:cf:aa:f1:c2:ea:74:00:
32:9c:27:6e:30:79:27:72:42:89:19:cc:ae:6a:ae:ba:bb:15:
d8:93:9d:a2:39:ac:dc:3f:04:40:21:07:a8:55:83:5d:ce:8e:
59:f6:5b:c4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ2v/8cXn3/soJSx+X0Kv+FWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNDIxMTIyNDI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTUwMDA2NTliYTVmYjY0ZjE0MDQzOTU2YzZkNDYxMzIxZjlmY2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA203UjzQfudzMQs9WD6Ydzhz2jvpE
1OOx2Y0XwZU2UoMqFO/4HIj98+YCMSmqWacH3vWo2h4fctbJ7Lb6WW/EhIuI+clh
3S7hmj6OVQSn1kwTDMiG0PShLnNtlNh81DRYFdxl4WXubZy6RvWA9FSh8f4D5G77
6HOtwsfwm6vll1pFAjRyUsXBz6Q9qs/94uSrBPyEisY9hIts2+qilFdPct9HxvvD
HoesBf7qxQKn3q53Ife3A9wmw7suUXGmm6YjMTaauNG//EHWclMCpJ4dtyBJmQX9
nzEtWRSi6tiMyqnsjVMSus1rdXsG9KypgsA8FZ6tXZjYOKtJ4N/IFzC1mQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOFQAGWbpftk8UBDlWxtRhMh+fzQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNFZBQVpadWwtMlR4UUVPVmJHMUdFeUg1X05BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAXKAAx
MA0GCSqGSIb3DQEBCwUAA4IBAQCDg6IGZu6C5SgPyUFGwjKMg5hj9QR6nTX85YAs
56WFPca7eGlVbdZu4GztumP35sPREMqpP4V66C3PFcCP/yJosfwVWq5XhSWC9W3a
SYBHIOLliDdeE/x06fKAQqiwFckeMXQOxqHubilx5YUp7OkSEXHGoojJwmndKscR
oYln6pxAwOeGxbmFGSdxKqFZTnxn4tCsmhq1G90nKeowLyEGLJZo1SeheRDE7T6b
2p2tsXlctQ7LWzHtHzKBv4MIF8BwCTPIfj8TPvzqOw5HGYdsmc+q8cLqdAAynCdu
MHknckKJGcyuaq66uxXYk52iOazcPwRAIQeoVYNdzo5Z9lvE
-----END CERTIFICATE-----
Generated at Wed Apr 22 07:04:11 2026 by rpki-client