Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/63qCzwk0u4w0a8YRWUrt00lYEc4.roa
File: 63qCzwk0u4w0a8YRWUrt00lYEc4.roa (raw, json)
Hash identifier: TF0lpVPsqnu0KUS0H5JCPO4nHbCPhX3UAVf+LOGPdWU=
Subject key identifier: EB:7A:82:CF:09:34:BB:8C:34:6B:C6:11:59:4A:ED:D3:49:58:11:CE
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019DEC3A7D7B731C7ED5812DC251C2EE165B
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/63qCzwk0u4w0a8YRWUrt00lYEc4.roa
Signing time: Sun 03 May 2026 05:05:49 +0000
ROA not before: Sun 03 May 2026 05:05:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63023
IP address blocks: 2a05:9a40::/29 maxlen: 29
2a10:b40::/29 maxlen: 29
2a14:1101::/32 maxlen: 32
2a14:1102::/32 maxlen: 32
2a14:1103::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 02:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ec:3a:7d:7b:73:1c:7e:d5:81:2d:c2:51:c2:ee:16:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 3 05:05:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eb7a82cf0934bb8c346bc611594aedd3495811ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:bf:61:00:a1:02:1c:c6:be:7d:c4:a2:fb:c7:
cc:e7:6b:25:44:f6:97:82:1f:39:ec:70:84:c4:a9:
a2:b2:11:5b:4c:dd:fe:87:8d:d2:89:52:49:90:0d:
3a:27:c4:73:3d:73:83:46:48:12:da:88:ed:91:af:
17:71:36:1d:16:ec:2a:eb:46:60:98:50:cd:db:d8:
86:61:e7:fd:98:0b:d5:88:ca:eb:4b:2c:69:63:83:
ce:38:e1:c2:86:d5:a8:99:29:e8:70:eb:89:be:cc:
ea:37:cd:27:72:7a:b5:6c:10:f2:4b:9f:80:3b:f8:
30:1b:e0:3a:fb:f9:41:89:79:6c:1c:00:84:98:27:
88:b4:00:14:3d:db:34:2c:2d:62:f0:87:7d:b2:4d:
22:c9:4d:2a:b6:fb:11:d9:c7:e0:b7:a1:cf:11:1c:
b4:f5:64:1e:c6:d1:52:cf:80:85:52:a7:5f:c6:55:
aa:e0:2d:f4:5c:3a:7e:cb:65:19:a7:12:1f:01:18:
36:88:d2:07:72:43:80:64:fd:af:70:5c:cc:9e:ce:
f8:9c:d8:8c:34:06:07:92:11:35:3c:3e:6f:f3:75:
0a:ce:fa:7b:42:55:d6:3b:22:99:3d:22:64:d0:61:
19:22:e2:5f:53:5e:d1:bd:b0:e6:6d:87:de:30:57:
97:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:7A:82:CF:09:34:BB:8C:34:6B:C6:11:59:4A:ED:D3:49:58:11:CE
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/63qCzwk0u4w0a8YRWUrt00lYEc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/29
2a10:b40::/29
2a14:1101::-2a14:1103:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c4:36:d3:7e:92:cd:e6:11:4b:45:f2:32:11:27:57:8d:cc:7e:
00:16:89:62:00:87:06:f1:9f:02:79:45:57:04:38:8c:37:be:
f5:a6:f1:2f:6a:ac:03:a5:8d:8f:57:a9:09:69:77:95:76:28:
c7:c7:de:e6:ee:8e:00:1f:9e:33:9b:66:c1:9b:72:5e:75:b6:
66:7b:7d:08:7b:c4:a0:18:03:42:00:99:f7:91:4b:48:b2:d7:
5e:1c:b9:9f:1f:d9:5b:75:20:7a:c6:d1:5a:93:bd:f0:17:2f:
21:d2:2a:3a:ec:3f:33:38:c0:46:ef:09:da:6f:48:b4:14:a0:
62:78:4f:68:a1:58:10:7d:c8:31:15:65:1c:e0:62:be:65:60:
dd:e2:54:79:3b:15:62:2d:ba:4e:bc:20:e6:24:4f:ce:6a:82:
e5:0f:cc:ef:61:19:75:60:94:df:59:c3:4c:7d:05:67:b8:f5:
5a:af:e4:8a:db:34:41:b6:41:10:35:a9:79:6d:8a:16:bc:7d:
75:7e:5d:ae:3d:a7:84:c3:17:bb:2b:39:46:28:6d:80:58:97:
b2:a6:b5:44:f5:5a:40:89:1b:59:3b:94:ec:ce:9a:56:c0:06:
a9:64:de:d2:5e:eb:e6:47:9e:a1:25:af:d9:27:06:49:3d:59:
10:62:30:d8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ3sOn17cxx+1YEtwlHC7hZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNTAzMDUwNTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjdhODJjZjA5MzRiYjhjMzQ2YmM2MTE1OTRhZWRkMzQ5NTgxMWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnL9hAKECHMa+fcSi+8fM52slRPaX
gh857HCExKmishFbTN3+h43SiVJJkA06J8RzPXODRkgS2ojtka8XcTYdFuwq60Zg
mFDN29iGYef9mAvViMrrSyxpY4POOOHChtWomSnocOuJvszqN80ncnq1bBDyS5+A
O/gwG+A6+/lBiXlsHACEmCeItAAUPds0LC1i8Id9sk0iyU0qtvsR2cfgt6HPERy0
9WQextFSz4CFUqdfxlWq4C30XDp+y2UZpxIfARg2iNIHckOAZP2vcFzMns74nNiM
NAYHkhE1PD5v83UKzvp7QlXWOyKZPSJk0GEZIuJfU17RvbDmbYfeMFeX6wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOt6gs8JNLuMNGvGEVlK7dNJWBHOMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvNjNxQ3p3azB1NHcwYThZUldVcnQwMGxZRWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwUDKgWaQAMF
AyoQC0AwDgMFACoUEQEDBQIqFBEAMA0GCSqGSIb3DQEBCwUAA4IBAQDENtN+ks3m
EUtF8jIRJ1eNzH4AFoliAIcG8Z8CeUVXBDiMN771pvEvaqwDpY2PV6kJaXeVdijH
x97m7o4AH54zm2bBm3JedbZme30Ie8SgGANCAJn3kUtIstdeHLmfH9lbdSB6xtFa
k73wFy8h0io67D8zOMBG7wnab0i0FKBieE9ooVgQfcgxFWUc4GK+ZWDd4lR5OxVi
LbpOvCDmJE/OaoLlD8zvYRl1YJTfWcNMfQVnuPVar+SK2zRBtkEQNal5bYoWvH11
fl2uPaeEwxe7KzlGKG2AWJeyprVE9VpAiRtZO5TszppWwAapZN7SXuvmR56hJa/Z
JwZJPVkQYjDY
-----END CERTIFICATE-----
Generated at Sun May 3 09:28:52 2026 by rpki-client