Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1-8lRKGjTjyfqolLrQlW2HAtkjhc.roa
File: 1-8lRKGjTjyfqolLrQlW2HAtkjhc.roa (raw, json)
Hash identifier: JGFcCg1I6yUERvM579UPG5GUqyvxE3nBnDLpckwp9kQ=
Subject key identifier: FB:C9:51:28:68:D3:8F:27:EA:A2:52:EB:42:55:B6:1C:0B:64:8E:17
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019EF5966959E879A63EDFFEC2305B74726A
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1-8lRKGjTjyfqolLrQlW2HAtkjhc.roa
Signing time: Tue 23 Jun 2026 17:45:35 +0000
ROA not before: Tue 23 Jun 2026 17:45:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25198
IP address blocks: 2a10:3c82::/32 maxlen: 32
2a10:3c83::/32 maxlen: 32
2a10:3c87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Jun 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f5:96:69:59:e8:79:a6:3e:df:fe:c2:30:5b:74:72:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jun 23 17:45:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fbc9512868d38f27eaa252eb4255b61c0b648e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b6:63:36:d4:ac:c4:53:2b:f5:aa:5a:7d:bf:
d3:a3:03:6b:68:53:5f:07:8d:76:50:88:da:bd:1c:
f0:e0:ae:72:6f:2a:64:d9:71:00:aa:5c:8f:9e:a4:
4b:ee:8c:4c:63:b4:b2:8c:fd:5c:c0:dc:94:8f:06:
df:8a:a3:ff:af:3d:e4:e6:d6:c4:9c:a9:82:49:9a:
5b:67:92:07:21:bd:f1:32:d4:6b:00:f2:d0:70:1a:
45:40:b8:3f:1e:9a:7a:f3:4b:b9:91:a4:b9:13:06:
2b:ae:c4:b2:a0:d4:b9:75:ba:98:ff:80:fe:3b:94:
25:e4:66:52:9b:ac:56:70:e5:5f:26:88:6e:84:bc:
cb:55:df:1b:44:14:aa:f7:ed:40:31:93:e4:22:6d:
58:59:0a:23:7e:16:26:e7:71:62:85:5b:43:57:3e:
74:9c:5a:d1:78:88:e2:06:a9:03:28:48:4e:f6:2d:
c9:c5:15:cf:b5:9c:48:c3:26:3f:05:92:9b:cf:66:
bd:47:17:8b:a1:70:f9:8e:80:dc:6a:61:90:93:8d:
5e:05:f8:7b:0b:1f:34:5b:10:1f:6f:c4:4d:c7:eb:
42:0f:c6:72:f3:bd:33:43:48:18:49:6a:78:9d:ee:
7c:6e:f5:a9:7e:10:14:c5:0f:d1:8c:53:69:21:ba:
79:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C9:51:28:68:D3:8F:27:EA:A2:52:EB:42:55:B6:1C:0B:64:8E:17
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/1-8lRKGjTjyfqolLrQlW2HAtkjhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:3c82::/31
2a10:3c87::/32
Signature Algorithm: sha256WithRSAEncryption
52:f3:8a:5c:8c:ef:a8:7f:29:73:80:61:25:84:c6:9e:bc:01:
e6:1e:65:0f:e9:bf:ee:9f:01:eb:61:d3:9a:36:c3:f8:d7:15:
bb:94:93:e5:91:f4:19:69:08:9c:58:a9:8a:e5:d3:ee:a1:ca:
8a:74:12:2f:b0:12:e4:93:49:49:72:93:5e:ed:ca:35:22:3c:
87:16:6e:9b:71:96:a4:ba:ce:b8:2b:04:49:97:e4:a1:5b:70:
6f:67:56:4d:cc:ec:9d:fe:de:7e:09:57:5d:35:90:73:bd:f8:
c7:05:ea:b8:4a:07:f9:5e:a4:57:e8:5c:91:57:f9:9b:2d:ec:
bf:80:c8:8e:10:19:dc:e2:6b:5e:a0:d1:fd:3c:84:24:a5:ea:
30:9a:f7:5f:95:b1:9d:31:73:ae:d8:34:e3:5a:78:af:3d:ce:
a3:9a:48:69:a4:fd:56:05:f2:91:03:e3:16:be:53:b7:46:89:
c5:eb:c4:11:be:2f:8e:a9:79:45:4d:f4:52:a9:95:98:92:da:
01:21:c8:50:6d:8b:21:4e:5a:1c:6e:89:55:bd:7a:f8:f2:7a:
62:7f:4e:a0:9d:f5:04:06:04:22:3f:84:47:f8:fb:ad:f3:66:
12:b9:cf:55:94:17:d7:1a:ed:2e:36:8f:66:92:ff:3f:86:50:
83:b3:01:05
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZ71lmlZ6HmmPt/+wjBbdHJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNjIzMTc0NTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmM5NTEyODY4ZDM4ZjI3ZWFhMjUyZWI0MjU1YjYxYzBiNjQ4ZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7ZjNtSsxFMr9apafb/TowNraFNf
B412UIjavRzw4K5ybypk2XEAqlyPnqRL7oxMY7SyjP1cwNyUjwbfiqP/rz3k5tbE
nKmCSZpbZ5IHIb3xMtRrAPLQcBpFQLg/Hpp680u5kaS5EwYrrsSyoNS5dbqY/4D+
O5Ql5GZSm6xWcOVfJohuhLzLVd8bRBSq9+1AMZPkIm1YWQojfhYm53FihVtDVz50
nFrReIjiBqkDKEhO9i3JxRXPtZxIwyY/BZKbz2a9RxeLoXD5joDcamGQk41eBfh7
Cx80WxAfb8RNx+tCD8Zy870zQ0gYSWp4ne58bvWpfhAUxQ/RjFNpIbp5XQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPvJUSho048n6qJS60JVthwLZI4XMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvMS04bFJLR2pUanlmcW9sTHJRbFcySEF0a2poYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWUvM2NhYTUxLTdhMjEtNDk5ZC1hNTQ1LWJhZmJkZmM4MTMy
YS8xL1R4UVJMUVhwMkhZVW5TZDQxSTdhcWpKTnNLVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAnBggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFASoQPIID
BQAqEDyHMA0GCSqGSIb3DQEBCwUAA4IBAQBS84pcjO+ofylzgGElhMaevAHmHmUP
6b/unwHrYdOaNsP41xW7lJPlkfQZaQicWKmK5dPuocqKdBIvsBLkk0lJcpNe7co1
IjyHFm6bcZakus64KwRJl+ShW3BvZ1ZNzOyd/t5+CVddNZBzvfjHBeq4Sgf5XqRX
6FyRV/mbLey/gMiOEBnc4mteoNH9PIQkpeowmvdflbGdMXOu2DTjWnivPc6jmkhp
pP1WBfKRA+MWvlO3RonF68QRvi+OqXlFTfRSqZWYktoBIchQbYshTlocbolVvXr4
8npif06gnfUEBgQiP4RH+Put82YSuc9VlBfXGu0uNo9mkv8/hlCDswEF
-----END CERTIFICATE-----
Generated at Fri Jun 26 04:24:15 2026 by rpki-client