Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1-TCsSbWUgeweiHj6K7uiWKCB1pQ.roa
File: 1-TCsSbWUgeweiHj6K7uiWKCB1pQ.roa (raw, json)
Hash identifier: RHWKZHvriYM3Pg0y123u0iU5H48z0m6jgfAjjnux3P0=
Subject key identifier: F9:30:AC:49:B5:94:81:EC:1E:88:78:FA:2B:BB:A2:58:A0:81:D6:94
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 019DAF7F92F8776BD99CAEF1649F7E479579
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1-TCsSbWUgeweiHj6K7uiWKCB1pQ.roa
Signing time: Tue 21 Apr 2026 10:04:26 +0000
ROA not before: Tue 21 Apr 2026 10:04:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199529
IP address blocks: 2a0d:d940:130::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 21:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:af:7f:92:f8:77:6b:d9:9c:ae:f1:64:9f:7e:47:95:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Apr 21 10:04:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f930ac49b59481ec1e8878fa2bbba258a081d694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5e:7a:bc:c1:41:97:7f:2e:5f:22:8a:a2:cf:
f8:e9:d8:f9:29:76:9e:fb:64:17:da:17:95:24:6a:
5e:20:b6:b3:14:cd:1b:51:ad:05:74:d6:3a:2b:d2:
d8:3d:9c:ee:21:c4:d5:c4:72:75:35:5e:e9:87:14:
fe:51:2f:ef:5d:a2:51:cc:0a:23:a0:3d:a5:cd:a7:
61:c1:12:ef:74:63:21:f9:ed:6f:2e:6d:0b:3b:31:
c2:fd:10:82:af:e3:da:8e:59:09:8e:51:8c:92:c6:
4d:8a:fd:62:d1:c2:e3:86:33:2a:91:90:00:38:18:
7d:51:61:38:0a:30:22:85:5e:a5:f6:e2:c9:b7:80:
d6:8d:2a:27:34:a2:88:6f:22:2d:12:93:8a:9d:21:
e1:bb:46:3d:f6:e7:db:fb:a5:83:1f:16:5c:18:5f:
ac:3e:e3:9c:b8:cb:3a:ef:da:37:a3:5a:92:66:ee:
1c:f3:f5:22:7a:27:9a:50:1a:51:b9:12:10:66:0d:
43:04:c3:b6:e7:4b:41:b5:6a:00:de:95:73:78:a5:
4e:09:f1:a1:7b:b2:f8:45:f2:4d:f1:2e:3c:d1:67:
0b:ab:a6:06:9d:89:56:db:91:72:9b:bb:5f:e6:5b:
9e:be:59:04:32:19:2b:09:e9:2b:8e:c0:3d:a6:98:
61:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:30:AC:49:B5:94:81:EC:1E:88:78:FA:2B:BB:A2:58:A0:81:D6:94
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1-TCsSbWUgeweiHj6K7uiWKCB1pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:130::/44
Signature Algorithm: sha256WithRSAEncryption
26:94:58:0e:73:c5:21:fb:3b:a0:d2:89:56:b1:c6:bd:1b:c6:
c9:0a:41:ba:2c:0b:58:12:a7:a5:ce:34:8e:6a:7f:99:24:ab:
8c:65:cb:c8:32:f3:c1:f9:9d:c0:23:db:cb:bc:98:d3:fe:ef:
d2:58:fd:d0:e1:a1:84:2f:af:04:61:dd:bf:8e:06:25:e6:0c:
aa:ec:14:7d:cf:10:8b:da:2c:8a:d5:50:78:22:4f:97:d7:ad:
21:d0:47:0d:c6:90:af:ed:28:27:60:0a:b6:74:39:ae:2d:de:
d4:b0:60:1f:69:98:40:60:63:4a:cf:31:ca:43:8e:01:a3:be:
74:b6:45:7d:53:f1:d8:84:07:35:7a:d2:af:a9:a4:fc:50:99:
cc:89:89:40:f5:a1:6c:8e:9f:06:75:71:72:0a:db:c8:5b:5c:
bb:6c:48:1e:74:fc:ee:c9:74:a7:1c:1a:dd:fd:bc:d0:d8:53:
56:b7:38:2c:76:7e:fb:01:c4:64:93:58:20:d9:c2:08:01:61:
e4:dc:c7:e5:d9:6f:99:e1:cd:74:e0:c8:a8:5d:23:d5:7d:7d:
b7:a6:e7:12:98:9b:0c:b7:14:cd:8d:d7:4d:a6:5d:22:80:86:
a0:e8:5f:03:45:de:83:f8:41:d8:ab:50:cb:7a:56:cd:b9:14:
c0:00:b0:ef
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZ2vf5L4d2vZnK7xZJ9+R5V5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjYwNDIxMTAwNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTMwYWM0OWI1OTQ4MWVjMWU4ODc4ZmEyYmJiYTI1OGEwODFkNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl56vMFBl38uXyKKos/46dj5KXae
+2QX2heVJGpeILazFM0bUa0FdNY6K9LYPZzuIcTVxHJ1NV7phxT+US/vXaJRzAoj
oD2lzadhwRLvdGMh+e1vLm0LOzHC/RCCr+PajlkJjlGMksZNiv1i0cLjhjMqkZAA
OBh9UWE4CjAihV6l9uLJt4DWjSonNKKIbyItEpOKnSHhu0Y99ufb+6WDHxZcGF+s
PuOcuMs679o3o1qSZu4c8/UieieaUBpRuRIQZg1DBMO250tBtWoA3pVzeKVOCfGh
e7L4RfJN8S480WcLq6YGnYlW25Fym7tf5luevlkEMhkrCekrjsA9pphhLwIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPkwrEm1lIHsHoh4+iu7oliggdaUMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvMS1UQ3NTYldVZ2V3ZWlIajZLN3VpV0tDQjFwUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDkvN2JhMWIxLTU1NjItNGEzMi05ZjVkLTE0ZDIzODUyNzgz
NS8xL0MwNDdPNFFrSWxpR01VTHRPaGw1TFpmTHZIUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoN2UAB
MDANBgkqhkiG9w0BAQsFAAOCAQEAJpRYDnPFIfs7oNKJVrHGvRvGyQpBuiwLWBKn
pc40jmp/mSSrjGXLyDLzwfmdwCPby7yY0/7v0lj90OGhhC+vBGHdv44GJeYMquwU
fc8Qi9ositVQeCJPl9etIdBHDcaQr+0oJ2AKtnQ5ri3e1LBgH2mYQGBjSs8xykOO
AaO+dLZFfVPx2IQHNXrSr6mk/FCZzImJQPWhbI6fBnVxcgrbyFtcu2xIHnT87sl0
pxwa3f280NhTVrc4LHZ++wHEZJNYINnCCAFh5NzH5dlvmeHNdODIqF0j1X19t6bn
EpibDLcUzY3XTaZdIoCGoOhfA0Xeg/hB2KtQy3pWzbkUwACw7w==
-----END CERTIFICATE-----
Generated at Wed Apr 22 06:47:43 2026 by rpki-client