Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/c-KZaw3UumwWkGCg1_3weGS8B-U.roa
File: c-KZaw3UumwWkGCg1_3weGS8B-U.roa (raw, json)
Hash identifier: 2AcxA0Jqp/dgXDEXPcxhpKLcjp+xB4KSRrsphLc65kw=
Subject key identifier: 73:E2:99:6B:0D:D4:BA:6C:16:90:60:A0:D7:FD:F0:78:64:BC:07:E5
Certificate issuer: /CN=42512561fc4ee54b799c5af428fffbcbafd454ef
Certificate serial: 019DA9CB4E7B7BD936AFFDF6BC67EFFAE802
Authority key identifier: 42:51:25:61:FC:4E:E5:4B:79:9C:5A:F4:28:FF:FB:CB:AF:D4:54:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QlElYfxO5Ut5nFr0KP_7y6_UVO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/c-KZaw3UumwWkGCg1_3weGS8B-U.roa
Signing time: Mon 20 Apr 2026 07:29:26 +0000
ROA not before: Mon 20 Apr 2026 07:29:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203968
IP address blocks: 2a06:71c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/QlElYfxO5Ut5nFr0KP_7y6_UVO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/QlElYfxO5Ut5nFr0KP_7y6_UVO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/QlElYfxO5Ut5nFr0KP_7y6_UVO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Apr 2026 07:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a9:cb:4e:7b:7b:d9:36:af:fd:f6:bc:67:ef:fa:e8:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42512561fc4ee54b799c5af428fffbcbafd454ef
Validity
Not Before: Apr 20 07:29:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=73e2996b0dd4ba6c169060a0d7fdf07864bc07e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:14:04:69:6e:4b:b9:60:f3:ff:dd:6b:52:97:
71:08:72:22:e1:b7:08:a3:9e:1f:db:36:7b:58:e7:
e6:e9:9b:14:9f:d2:1e:07:e4:e2:93:c8:9c:95:54:
0c:b3:c9:47:b1:ee:fd:d5:6e:f3:fc:ac:e1:dc:df:
4e:bb:c3:e2:00:79:24:9c:4c:3a:e9:a2:fb:0d:08:
ab:29:df:2a:2c:fa:ad:b2:a4:e7:a3:81:2a:1c:14:
f9:05:54:a1:af:38:cb:2e:5d:9b:60:e9:c9:5b:1a:
f6:3a:f0:17:87:cc:a1:dd:63:11:e7:92:9e:d9:c0:
d8:dd:63:a7:a4:3d:48:5b:09:80:ae:65:4e:ac:75:
0b:bb:c1:7f:b7:a2:cf:d0:b0:44:7e:40:56:f0:11:
b9:b6:11:d2:78:3a:69:98:92:c6:f9:2a:75:61:0d:
3b:c0:9d:e1:30:60:6a:d9:e1:d8:21:bb:8e:b0:c5:
60:e7:98:6b:b7:0f:fe:7b:35:98:10:b9:b7:8a:c1:
09:bc:98:28:03:c2:14:b8:b9:02:14:c8:43:e0:c2:
15:55:20:79:12:86:69:c0:4c:88:46:bd:78:5e:7e:
95:29:96:08:2b:45:5f:2f:ef:0b:bd:69:b8:ba:bc:
ef:3e:32:a3:6c:dc:eb:6f:47:a4:57:00:7f:3c:1e:
24:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E2:99:6B:0D:D4:BA:6C:16:90:60:A0:D7:FD:F0:78:64:BC:07:E5
X509v3 Authority Key Identifier:
keyid:42:51:25:61:FC:4E:E5:4B:79:9C:5A:F4:28:FF:FB:CB:AF:D4:54:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QlElYfxO5Ut5nFr0KP_7y6_UVO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/c-KZaw3UumwWkGCg1_3weGS8B-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/b88c86-9629-43c6-821e-7a72e26c8918/1/QlElYfxO5Ut5nFr0KP_7y6_UVO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:71c0::/29
Signature Algorithm: sha256WithRSAEncryption
88:7d:78:7d:e0:07:ac:ff:e3:db:4d:45:0e:ac:dc:1f:21:21:
4a:c3:67:15:74:74:29:d4:cf:19:50:76:5e:e8:eb:24:ea:e6:
12:14:f9:39:63:8c:64:91:35:e9:ff:a0:85:3f:e6:af:b0:9c:
10:fd:fe:85:b7:75:90:ab:77:86:ee:65:37:49:85:20:44:0d:
75:03:69:5a:e5:ca:9d:5f:e0:e6:6a:84:d7:6b:75:6c:90:87:
cd:6c:14:26:28:01:51:b1:7c:b7:29:0c:4e:ba:33:19:9e:09:
6b:34:89:ba:79:a6:83:b9:73:da:40:ce:b3:a0:b9:3b:e1:99:
2b:c0:76:19:a9:c8:22:6f:54:61:a6:ae:29:95:51:6c:e1:31:
9e:70:32:07:59:37:9d:05:a3:41:4b:00:e9:f1:59:fb:c5:95:
a8:fc:0b:52:c7:88:54:d1:e1:90:e8:8a:6d:a1:22:db:c2:c7:
dd:3d:dd:12:f0:67:8e:0c:db:3d:37:90:3c:ca:a5:cb:bb:70:
7d:76:c9:0f:57:91:cb:83:15:bc:d8:8b:73:0a:79:b4:78:2f:
cf:fa:fa:b5:af:61:fa:89:b3:42:9b:61:f7:e0:3b:93:71:90:
5c:90:8d:28:12:d4:89:13:cc:4d:3b:b0:cd:31:80:e4:12:6e:
5b:de:b5:35
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ2py057e9k2r/32vGfv+ugCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNTEyNTYxZmM0ZWU1NGI3OTljNWFmNDI4ZmZmYmNiYWZk
NDU0ZWYwHhcNMjYwNDIwMDcyOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2UyOTk2YjBkZDRiYTZjMTY5MDYwYTBkN2ZkZjA3ODY0YmMwN2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRQEaW5LuWDz/91rUpdxCHIi4bcI
o54f2zZ7WOfm6ZsUn9IeB+Tik8iclVQMs8lHse791W7z/Kzh3N9Ou8PiAHkknEw6
6aL7DQirKd8qLPqtsqTno4EqHBT5BVShrzjLLl2bYOnJWxr2OvAXh8yh3WMR55Ke
2cDY3WOnpD1IWwmArmVOrHULu8F/t6LP0LBEfkBW8BG5thHSeDppmJLG+Sp1YQ07
wJ3hMGBq2eHYIbuOsMVg55hrtw/+ezWYELm3isEJvJgoA8IUuLkCFMhD4MIVVSB5
EoZpwEyIRr14Xn6VKZYIK0VfL+8LvWm4urzvPjKjbNzrb0ekVwB/PB4k/QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFHPimWsN1LpsFpBgoNf98HhkvAflMB8GA1UdIwQY
MBaAFEJRJWH8TuVLeZxa9Cj/+8uv1FTvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWxFbFlmeE81VXQ1bkZyMEtQXzd5Nl9VVk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9iODhjODYtOTYyOS00M2M2LTgyMWUt
N2E3MmUyNmM4OTE4LzEvYy1LWmF3M1V1bXdXa0dDZzFfM3dlR1M4Qi1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9iODhjODYtOTYyOS00M2M2LTgyMWUtN2E3MmUyNmM4OTE4
LzEvUWxFbFlmeE81VXQ1bkZyMEtQXzd5Nl9VVk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgZxwDAN
BgkqhkiG9w0BAQsFAAOCAQEAiH14feAHrP/j201FDqzcHyEhSsNnFXR0KdTPGVB2
XujrJOrmEhT5OWOMZJE16f+ghT/mr7CcEP3+hbd1kKt3hu5lN0mFIEQNdQNpWuXK
nV/g5mqE12t1bJCHzWwUJigBUbF8tykMTrozGZ4JazSJunmmg7lz2kDOs6C5O+GZ
K8B2GanIIm9UYaauKZVRbOExnnAyB1k3nQWjQUsA6fFZ+8WVqPwLUseIVNHhkOiK
baEi28LH3T3dEvBnjgzbPTeQPMqly7twfXbJD1eRy4MVvNiLcwp5tHgvz/r6ta9h
+omzQpth9+A7k3GQXJCNKBLUiRPMTTuwzTGA5BJuW961NQ==
-----END CERTIFICATE-----
Generated at Wed Apr 29 10:21:11 2026 by rpki-client