Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/0hzCTmRg16jicTFcMH8V429vbs8.roa
File: 0hzCTmRg16jicTFcMH8V429vbs8.roa (raw, json)
Hash identifier: 3CuvTJ1hRAQFt+PN4RFdoUwehoJDb1vc8yxmhbnpj8s=
Subject key identifier: D2:1C:C2:4E:64:60:D7:A8:E2:71:31:5C:30:7F:15:E3:6F:6F:6E:CF
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019CD94395B2E55631D451615D3284967A63
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/0hzCTmRg16jicTFcMH8V429vbs8.roa
Signing time: Tue 10 Mar 2026 19:40:10 +0000
ROA not before: Tue 10 Mar 2026 19:40:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6517
IP address blocks: 2a10:3c81::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 15:04:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d9:43:95:b2:e5:56:31:d4:51:61:5d:32:84:96:7a:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 10 19:40:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d21cc24e6460d7a8e271315c307f15e36f6f6ecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:27:cf:78:39:dc:0a:36:4f:7d:83:7a:c2:e1:
94:df:4a:f0:e0:11:5f:e7:e6:03:84:a8:c8:eb:07:
01:bc:60:88:fc:0b:23:a1:9e:cb:60:f2:11:6d:29:
44:fe:4d:df:b3:51:ed:1a:b0:f9:08:52:0a:16:c9:
88:4b:8b:66:59:16:27:65:53:79:7e:bf:a1:ba:aa:
5b:47:25:a8:ef:64:f7:cc:8d:0a:94:51:e8:8b:44:
7e:a5:be:fa:a3:af:84:4b:34:03:dc:cd:0e:f4:f4:
59:e0:6a:37:1b:83:45:49:b1:81:da:75:c2:87:d8:
f4:42:2d:cf:75:57:a5:49:2d:35:4e:89:c2:d6:81:
f2:80:47:d1:d8:47:d0:5d:c4:e2:95:cb:a0:25:f6:
60:cc:8a:70:a8:5a:32:83:e5:85:3a:67:5d:ea:c3:
ca:6e:72:14:ab:7a:20:01:6d:5f:05:5d:b6:9c:fe:
bb:86:9d:de:bd:da:22:c3:0a:15:2c:94:49:53:76:
5b:3e:d6:64:15:d3:2d:4e:0a:a0:2b:45:b9:89:69:
ff:99:24:92:66:3d:cb:7d:c8:4f:85:6c:fb:09:98:
e6:da:0a:41:a6:ad:ea:08:e8:7c:a9:d3:d8:61:22:
7e:43:5d:16:0b:ec:cf:2d:e9:65:37:91:81:1e:84:
da:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:1C:C2:4E:64:60:D7:A8:E2:71:31:5C:30:7F:15:E3:6F:6F:6E:CF
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/0hzCTmRg16jicTFcMH8V429vbs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3c81::/32
Signature Algorithm: sha256WithRSAEncryption
32:63:8a:0f:d3:c2:ce:c0:29:1e:8a:46:5d:72:cb:17:4a:68:
1d:81:a0:68:58:36:e8:9b:16:f6:89:6c:00:fc:60:35:ef:3f:
8b:c6:9f:08:7e:80:78:f2:2d:36:c2:e9:1b:96:7d:0f:43:77:
88:8c:df:75:7a:8d:9d:e0:b8:45:62:0e:93:b6:78:3d:a1:73:
d7:18:57:a1:88:14:eb:e4:eb:d7:ce:ef:6f:08:6a:7c:a4:d3:
2d:50:e5:f8:d5:f2:c9:4e:b1:e5:5e:93:a6:43:db:91:2d:35:
00:6c:de:3e:88:4e:dd:af:ef:c9:5f:89:6d:49:2b:e9:63:42:
f3:ef:80:6c:0a:88:6d:97:3a:3d:10:b0:53:36:62:db:10:60:
92:f4:97:2c:42:0e:c8:63:97:a7:1a:b9:f5:0e:69:76:f8:97:
27:24:d9:96:18:b6:90:40:b4:b7:b2:3c:0f:6b:8a:02:3f:12:
24:fe:c9:73:51:f5:93:49:e1:11:4e:7c:cd:2d:ca:e6:3d:dc:
a6:5f:81:da:99:57:c7:83:3b:dc:26:4a:13:67:7d:5d:d1:cc:
12:fb:da:b1:55:e7:34:42:d7:6b:f5:95:b3:ed:6e:a5:55:24:
98:a3:bf:c6:96:2f:87:78:87:8b:29:04:3c:29:a4:69:12:69:
7a:de:05:7d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZzZQ5Wy5VYx1FFhXTKElnpjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwMzEwMTk0MDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjFjYzI0ZTY0NjBkN2E4ZTI3MTMxNWMzMDdmMTVlMzZmNmY2ZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmifPeDncCjZPfYN6wuGU30rw4BFf
5+YDhKjI6wcBvGCI/AsjoZ7LYPIRbSlE/k3fs1HtGrD5CFIKFsmIS4tmWRYnZVN5
fr+huqpbRyWo72T3zI0KlFHoi0R+pb76o6+ESzQD3M0O9PRZ4Go3G4NFSbGB2nXC
h9j0Qi3PdVelSS01TonC1oHygEfR2EfQXcTilcugJfZgzIpwqFoyg+WFOmdd6sPK
bnIUq3ogAW1fBV22nP67hp3evdoiwwoVLJRJU3ZbPtZkFdMtTgqgK0W5iWn/mSSS
Zj3LfchPhWz7CZjm2gpBpq3qCOh8qdPYYSJ+Q10WC+zPLellN5GBHoTa4wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNIcwk5kYNeo4nExXDB/FeNvb27PMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvMGh6Q1RtUmcxNmppY1RGY01IOFY0Mjl2YnM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhA8gTAN
BgkqhkiG9w0BAQsFAAOCAQEAMmOKD9PCzsApHopGXXLLF0poHYGgaFg26JsW9ols
APxgNe8/i8afCH6AePItNsLpG5Z9D0N3iIzfdXqNneC4RWIOk7Z4PaFz1xhXoYgU
6+Tr187vbwhqfKTTLVDl+NXyyU6x5V6TpkPbkS01AGzePohO3a/vyV+JbUkr6WNC
8++AbAqIbZc6PRCwUzZi2xBgkvSXLEIOyGOXpxq59Q5pdviXJyTZlhi2kEC0t7I8
D2uKAj8SJP7Jc1H1k0nhEU58zS3K5j3cpl+B2plXx4M73CZKE2d9XdHMEvvasVXn
NELXa/WVs+1upVUkmKO/xpYvh3iHiykEPCmkaRJpet4FfQ==
-----END CERTIFICATE-----
Generated at Thu Mar 12 22:53:01 2026 by rpki-client