Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/0-RTvBVd8DsRJ38yhJ8xAsZ5yyg.roa
File: 0-RTvBVd8DsRJ38yhJ8xAsZ5yyg.roa (raw, json)
Hash identifier: Oa148oTYYrir7u2GGigEgyvSMprY6lBB6gkPHqg8BY8=
Subject key identifier: D3:E4:53:BC:15:5D:F0:3B:11:27:7F:32:84:9F:31:02:C6:79:CB:28
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019DBF1AF055839F7BD9988CD247C4FFF984
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/0-RTvBVd8DsRJ38yhJ8xAsZ5yyg.roa
Signing time: Fri 24 Apr 2026 10:48:26 +0000
ROA not before: Fri 24 Apr 2026 10:48:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401776
IP address blocks: 2a10:b40::/29 maxlen: 29
2a13:bb40::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
2a14:42c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Apr 2026 17:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bf:1a:f0:55:83:9f:7b:d9:98:8c:d2:47:c4:ff:f9:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 24 10:48:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d3e453bc155df03b11277f32849f3102c679cb28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:35:f5:1d:5e:2d:09:e6:05:dd:83:9b:f5:f7:
c2:70:c5:3a:20:02:a3:4b:28:cc:17:f3:3b:aa:ac:
aa:47:e0:04:f3:cf:92:01:b6:e5:da:a5:b6:53:cb:
23:6a:01:83:dd:99:72:25:95:57:68:62:90:fb:d9:
3f:4f:b1:df:f8:3a:13:c9:57:6a:ca:1a:2e:12:10:
11:dc:03:98:01:39:48:0a:95:4c:dc:ad:ec:94:ab:
42:87:9e:5f:ba:4d:af:55:44:9a:c1:d6:25:38:9d:
d8:5e:7e:14:a2:57:32:40:d3:f0:71:77:78:37:7c:
b0:4c:c6:2d:1c:cc:1e:9f:85:c8:1e:c4:b8:54:3e:
d6:37:e3:69:c4:ad:ec:21:63:10:b4:54:b7:9c:54:
05:9e:cd:a3:89:99:c7:c0:53:43:9d:b0:ef:cf:5b:
a6:fa:7a:c2:5b:72:70:e7:81:23:f5:ef:a9:c4:79:
9d:32:f6:14:5c:5a:c9:cb:8b:12:9e:0c:e3:4f:9e:
98:69:51:b5:b2:bf:7f:cf:d4:85:24:24:54:fa:28:
b5:f5:bd:b1:9e:fa:57:16:ad:b5:fb:2c:5c:bf:25:
c5:71:b9:20:6c:45:b7:42:e7:dd:28:bc:3c:4e:09:
2e:70:6b:71:24:fe:95:94:4b:61:18:5b:5f:f9:94:
08:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E4:53:BC:15:5D:F0:3B:11:27:7F:32:84:9F:31:02:C6:79:CB:28
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/0-RTvBVd8DsRJ38yhJ8xAsZ5yyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:b40::/29
2a13:bb40::/29
2a13:c240::/29
2a14:42c0::/29
Signature Algorithm: sha256WithRSAEncryption
b4:a4:5e:1a:93:01:30:5e:53:20:e8:2c:2e:2b:a3:0b:f2:0f:
2e:6c:08:da:ff:60:01:f6:8c:72:df:44:f7:b9:f8:59:2a:5c:
93:ef:09:5e:5e:1c:50:2d:1a:ac:c3:47:8b:64:e2:4b:8a:13:
c9:f9:4b:2d:5d:e5:e0:20:dc:3d:66:1b:95:79:09:7c:7d:c8:
4b:c3:29:0d:c0:b5:a9:6e:6f:cd:88:46:58:10:e7:f3:44:97:
5c:02:25:1b:17:5f:fd:9c:98:43:c3:9a:bd:e4:ed:8b:1d:09:
55:63:75:5f:d8:13:bb:ff:04:a3:7c:fe:5f:80:81:7b:60:c7:
c6:c9:b8:a1:2e:6a:12:94:8a:81:ce:a9:2e:cc:80:cc:d8:26:
8e:ea:92:ed:ec:6e:bc:81:16:8b:5b:16:3c:e0:ec:16:68:14:
bd:bd:3d:8c:ed:0d:d6:b2:8c:45:d4:97:e3:09:28:5a:31:2b:
99:02:47:c3:85:88:bc:ec:60:16:21:90:f7:d1:c4:0f:dc:84:
6f:b9:a4:b5:7a:a0:15:a5:72:5a:13:8e:b5:ec:d0:53:56:8b:
52:16:20:8a:b7:38:19:13:98:74:9d:9f:90:7e:31:b9:ac:77:
31:34:5f:31:7b:dc:d6:84:ae:6d:b0:25:1d:09:f3:41:38:32:
37:2a:b9:b3
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZ2/GvBVg5972ZiM0kfE//mEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNDI0MTA0ODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2U0NTNiYzE1NWRmMDNiMTEyNzdmMzI4NDlmMzEwMmM2NzljYjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzX1HV4tCeYF3YOb9ffCcMU6IAKj
SyjMF/M7qqyqR+AE88+SAbbl2qW2U8sjagGD3ZlyJZVXaGKQ+9k/T7Hf+DoTyVdq
yhouEhAR3AOYATlICpVM3K3slKtCh55fuk2vVUSawdYlOJ3YXn4UolcyQNPwcXd4
N3ywTMYtHMwen4XIHsS4VD7WN+NpxK3sIWMQtFS3nFQFns2jiZnHwFNDnbDvz1um
+nrCW3Jw54Ej9e+pxHmdMvYUXFrJy4sSngzjT56YaVG1sr9/z9SFJCRU+ii19b2x
nvpXFq21+yxcvyXFcbkgbEW3QufdKLw8TgkucGtxJP6VlEthGFtf+ZQInwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNPkU7wVXfA7ESd/MoSfMQLGecsoMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvMC1SVHZCVmQ4RHNSSjM4eWhKOHhBc1o1eXlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhALQAMF
AyoTu0ADBQMqE8JAAwUDKhRCwDANBgkqhkiG9w0BAQsFAAOCAQEAtKReGpMBMF5T
IOgsLiujC/IPLmwI2v9gAfaMct9E97n4WSpck+8JXl4cUC0arMNHi2TiS4oTyflL
LV3l4CDcPWYblXkJfH3IS8MpDcC1qW5vzYhGWBDn80SXXAIlGxdf/ZyYQ8OaveTt
ix0JVWN1X9gTu/8Eo3z+X4CBe2DHxsm4oS5qEpSKgc6pLsyAzNgmjuqS7exuvIEW
i1sWPODsFmgUvb09jO0N1rKMRdSX4wkoWjErmQJHw4WIvOxgFiGQ99HED9yEb7mk
tXqgFaVyWhOOtezQU1aLUhYgirc4GROYdJ2fkH4xuax3MTRfMXvc1oSubbAlHQnz
QTgyNyq5sw==
-----END CERTIFICATE-----
Generated at Sat Apr 25 03:39:53 2026 by rpki-client