Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/2CH1yaQ_eXiPAdqn_FnubsmDwoA.roa
File: 2CH1yaQ_eXiPAdqn_FnubsmDwoA.roa (raw, json)
Hash identifier: eQRoIHTrfOIBRUFDjRDIfNHFXocySbBg/8G2qKnN+nA=
Subject key identifier: D8:21:F5:C9:A4:3F:79:78:8F:01:DA:A7:FC:59:EE:6E:C9:83:C2:80
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019D4A9E5F330EE37319E16149069590B2F7
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/2CH1yaQ_eXiPAdqn_FnubsmDwoA.roa
Signing time: Wed 01 Apr 2026 19:56:26 +0000
ROA not before: Wed 01 Apr 2026 19:56:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397006
IP address blocks: 2a13:c3c0::/29 maxlen: 29
2a13:c3c4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 Apr 2026 22:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4a:9e:5f:33:0e:e3:73:19:e1:61:49:06:95:90:b2:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 1 19:56:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d821f5c9a43f79788f01daa7fc59ee6ec983c280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:41:b9:24:15:37:9c:54:d0:de:8a:ba:84:cc:
ca:a1:02:5a:f4:7b:83:ba:65:a8:2a:8d:98:d2:fd:
fd:9e:e6:e1:33:fc:31:90:a7:b9:9d:53:e5:2f:e1:
55:56:68:10:30:f1:3b:a5:7d:4e:d2:01:63:ae:e7:
f8:e1:7e:91:80:86:e0:20:25:38:51:a9:39:f6:d4:
ba:d9:d4:41:82:6a:a8:cf:45:df:58:41:61:06:f2:
e4:bc:53:11:96:4d:2c:51:07:15:6a:e9:e0:da:5f:
7e:6d:5e:40:17:46:f6:3e:a9:64:d0:97:30:a3:04:
83:84:38:0c:81:4c:f9:00:8a:16:99:83:db:f2:21:
c9:ac:bd:fa:20:33:83:50:12:cf:2a:f4:56:39:7a:
49:f4:b4:42:43:b6:7c:71:00:10:80:5b:c6:d8:b2:
e1:d4:48:04:85:d9:95:ab:3b:82:22:d2:68:92:bd:
37:e0:cc:55:02:78:73:07:27:a9:95:23:0c:4a:0d:
cb:fa:e6:bd:25:ea:bc:27:ef:23:e8:fa:64:2c:21:
7b:da:21:e9:c1:db:1b:2f:f0:4d:36:c3:da:11:51:
d3:44:10:b4:00:1d:ef:c8:12:63:3a:92:97:af:85:
c3:56:ae:61:4a:84:09:4d:cb:57:ad:9c:52:f3:b7:
85:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:21:F5:C9:A4:3F:79:78:8F:01:DA:A7:FC:59:EE:6E:C9:83:C2:80
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/2CH1yaQ_eXiPAdqn_FnubsmDwoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c3c0::/29
Signature Algorithm: sha256WithRSAEncryption
ca:b4:68:c7:7c:a2:07:2a:50:7a:25:b5:c5:a1:c6:e8:f0:27:
b1:7a:5f:03:60:d2:21:ea:67:a9:88:8f:20:db:d2:7c:35:c6:
9e:5c:76:c4:a9:c2:e7:a0:5b:a4:e1:8d:6c:75:ee:c0:84:ae:
ce:e2:18:f5:b4:78:d2:93:2f:38:a3:84:75:28:11:05:74:88:
69:3d:6e:d7:60:1c:3f:c1:e0:95:dd:fe:5a:17:66:20:71:4f:
64:97:de:a9:90:bf:51:57:9e:26:26:d7:93:9c:63:1c:42:d7:
92:71:3e:d1:ae:4c:d0:16:db:53:bc:0c:7d:92:d2:54:56:ff:
6c:b0:09:97:67:3c:66:a2:91:80:d8:d9:e0:0f:fc:c9:47:dd:
fb:8e:ad:ec:96:31:68:47:ef:cd:31:01:c8:55:06:5c:82:be:
21:1c:da:e7:02:2f:7f:c3:69:0e:fd:6d:6b:00:8f:32:e3:61:
7f:24:00:f4:e0:6b:65:6c:e5:04:fe:f7:36:6f:a2:8d:48:fe:
46:a6:46:9e:fe:21:7a:2b:80:c3:1a:3c:27:13:6b:6e:85:37:
cb:dd:49:cf:2b:8f:3d:32:d3:b3:24:83:d7:f0:27:d3:01:c0:
81:68:25:1d:42:ee:ff:a5:3f:12:3b:ed:bd:c8:86:1d:f6:1a:
f8:72:2d:cb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ1Knl8zDuNzGeFhSQaVkLL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNDAxMTk1NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODIxZjVjOWE0M2Y3OTc4OGYwMWRhYTdmYzU5ZWU2ZWM5ODNjMjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEG5JBU3nFTQ3oq6hMzKoQJa9HuD
umWoKo2Y0v39nubhM/wxkKe5nVPlL+FVVmgQMPE7pX1O0gFjruf44X6RgIbgICU4
Uak59tS62dRBgmqoz0XfWEFhBvLkvFMRlk0sUQcVaung2l9+bV5AF0b2Pqlk0Jcw
owSDhDgMgUz5AIoWmYPb8iHJrL36IDODUBLPKvRWOXpJ9LRCQ7Z8cQAQgFvG2LLh
1EgEhdmVqzuCItJokr034MxVAnhzByeplSMMSg3L+ua9Jeq8J+8j6PpkLCF72iHp
wdsbL/BNNsPaEVHTRBC0AB3vyBJjOpKXr4XDVq5hSoQJTctXrZxS87eFqQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNgh9cmkP3l4jwHap/xZ7m7Jg8KAMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvMkNIMXlhUV9lWGlQQWRxbl9GbnVic21Ed29BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPDwDAN
BgkqhkiG9w0BAQsFAAOCAQEAyrRox3yiBypQeiW1xaHG6PAnsXpfA2DSIepnqYiP
INvSfDXGnlx2xKnC56BbpOGNbHXuwISuzuIY9bR40pMvOKOEdSgRBXSIaT1u12Ac
P8Hgld3+WhdmIHFPZJfeqZC/UVeeJibXk5xjHELXknE+0a5M0BbbU7wMfZLSVFb/
bLAJl2c8ZqKRgNjZ4A/8yUfd+46t7JYxaEfvzTEByFUGXIK+IRza5wIvf8NpDv1t
awCPMuNhfyQA9OBrZWzlBP73Nm+ijUj+RqZGnv4heiuAwxo8JxNrboU3y91JzyuP
PTLTsySD1/An0wHAgWglHULu/6U/EjvtvciGHfYa+HItyw==
-----END CERTIFICATE-----
Generated at Fri Apr 3 02:49:17 2026 by rpki-client