Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/PjcfmGvCF3Jo8bSPGEurQgZgvHI.roa
File: PjcfmGvCF3Jo8bSPGEurQgZgvHI.roa (raw, json)
Hash identifier: nN0nspQjOZYATjn1JnM2nPvB9KoYFsNTbycrrE1wEhQ=
Subject key identifier: 3E:37:1F:98:6B:C2:17:72:68:F1:B4:8F:18:4B:AB:42:06:60:BC:72
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 019DBF3DB9A306B5F69C0EE9D9F7469DD4AA
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/PjcfmGvCF3Jo8bSPGEurQgZgvHI.roa
Signing time: Fri 24 Apr 2026 11:26:26 +0000
ROA not before: Fri 24 Apr 2026 11:26:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214822
IP address blocks: 2a06:1301:4300::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 02:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bf:3d:b9:a3:06:b5:f6:9c:0e:e9:d9:f7:46:9d:d4:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Apr 24 11:26:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3e371f986bc2177268f1b48f184bab420660bc72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1e:ca:05:c9:ac:89:66:16:77:a8:71:9e:ac:
03:bf:d1:31:3a:7f:57:ad:53:ef:17:3e:15:de:53:
b4:3e:be:0e:e1:5c:f0:38:02:37:62:10:d1:25:c4:
d7:11:68:3e:e4:d1:2b:ac:14:f9:8e:04:ce:1b:ac:
50:eb:d9:6d:75:c9:96:c7:b4:8d:fc:3a:11:3b:6b:
a5:2c:16:c3:3e:e4:57:8b:64:10:60:f6:17:63:ee:
a5:ab:ce:ba:67:6b:05:f8:d2:43:e4:d8:65:56:a5:
41:2e:f7:8f:21:e8:c6:02:38:85:f0:24:5c:35:f6:
f8:1d:07:0d:2d:51:9a:55:2a:18:1e:df:c3:60:18:
f6:77:04:bd:87:fa:aa:12:1a:d0:a8:eb:8b:29:b1:
bd:36:0d:ec:9d:0f:12:c6:5a:86:c0:73:2c:07:26:
c2:48:ab:32:5b:63:ca:45:d2:b8:cb:9b:37:89:85:
69:ec:6c:19:f4:e2:06:d1:36:e7:f3:bf:97:80:6c:
d2:df:26:14:aa:31:6c:f3:0b:2a:b4:b7:bf:c6:d4:
db:35:5a:2b:fe:4f:20:fc:d0:c1:fb:8d:e1:fe:09:
b0:59:a5:36:fd:b9:2f:05:58:06:da:15:0a:07:e0:
42:ac:8b:23:5e:b6:5a:58:9e:d8:f4:28:04:ff:87:
7f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:37:1F:98:6B:C2:17:72:68:F1:B4:8F:18:4B:AB:42:06:60:BC:72
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/PjcfmGvCF3Jo8bSPGEurQgZgvHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1301:4300::/48
Signature Algorithm: sha256WithRSAEncryption
a0:df:f3:f4:3f:78:3f:d8:bf:31:1d:56:81:30:98:f4:5d:04:
a0:4b:5f:04:5c:1e:2f:b4:77:5f:81:d0:31:e6:10:78:43:7c:
47:26:46:40:cc:3c:b9:02:1f:80:05:65:93:c8:dd:83:93:0f:
65:d9:a8:f7:07:8b:67:19:5c:5e:64:c5:3c:76:1c:36:65:b5:
cd:51:cc:37:dd:9d:69:27:3d:07:13:c2:be:b8:77:ad:ab:51:
06:79:3b:d6:d7:96:e8:c7:55:09:91:a7:23:ac:54:8e:e6:39:
6b:6a:b7:8b:71:57:ab:9d:d0:f1:4f:73:80:cf:e8:93:da:62:
23:ca:a5:c4:82:72:95:3e:f9:3c:17:94:57:b1:48:d8:f2:20:
af:59:8e:61:c7:07:5d:5a:0b:a4:11:e2:56:aa:56:42:61:31:
0c:96:ae:ab:55:62:2a:cf:ea:84:0c:19:c1:ba:d1:b2:b2:03:
14:b0:8e:f6:68:17:8a:86:1c:32:6d:60:83:60:b9:71:ff:70:
31:6e:a4:0f:20:bf:8e:ae:c2:c7:ed:35:87:63:68:a4:4e:3c:
5b:77:db:56:8d:07:f9:23:d3:7a:eb:31:32:ab:0e:f2:64:80:
5e:ad:17:b6:aa:8e:fb:8c:d3:37:55:d7:d0:fe:f8:84:e7:ae:
04:78:4e:a8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ2/PbmjBrX2nA7p2fdGndSqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjYwNDI0MTEyNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTM3MWY5ODZiYzIxNzcyNjhmMWI0OGYxODRiYWI0MjA2NjBiYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB7KBcmsiWYWd6hxnqwDv9ExOn9X
rVPvFz4V3lO0Pr4O4VzwOAI3YhDRJcTXEWg+5NErrBT5jgTOG6xQ69ltdcmWx7SN
/DoRO2ulLBbDPuRXi2QQYPYXY+6lq866Z2sF+NJD5NhlVqVBLvePIejGAjiF8CRc
Nfb4HQcNLVGaVSoYHt/DYBj2dwS9h/qqEhrQqOuLKbG9Ng3snQ8SxlqGwHMsBybC
SKsyW2PKRdK4y5s3iYVp7GwZ9OIG0Tbn87+XgGzS3yYUqjFs8wsqtLe/xtTbNVor
/k8g/NDB+43h/gmwWaU2/bkvBVgG2hUKB+BCrIsjXrZaWJ7Y9CgE/4d/OwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD43H5hrwhdyaPG0jxhLq0IGYLxyMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvUGpjZm1HdkNGM0pvOGJTUEdFdXJRZ1pndkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgYTAUMA
MA0GCSqGSIb3DQEBCwUAA4IBAQCg3/P0P3g/2L8xHVaBMJj0XQSgS18EXB4vtHdf
gdAx5hB4Q3xHJkZAzDy5Ah+ABWWTyN2Dkw9l2aj3B4tnGVxeZMU8dhw2ZbXNUcw3
3Z1pJz0HE8K+uHetq1EGeTvW15box1UJkacjrFSO5jlrareLcVerndDxT3OAz+iT
2mIjyqXEgnKVPvk8F5RXsUjY8iCvWY5hxwddWgukEeJWqlZCYTEMlq6rVWIqz+qE
DBnButGysgMUsI72aBeKhhwybWCDYLlx/3AxbqQPIL+OrsLH7TWHY2ikTjxbd9tW
jQf5I9N66zEyqw7yZIBerRe2qo77jNM3VdfQ/viE564EeE6o
-----END CERTIFICATE-----
Generated at Mon Apr 27 13:13:42 2026 by rpki-client