Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/5e61d8-d1bf-4f2a-a32e-f5d6b752ae34/1/cwmNk6bauKUzUIBHxMYj4Ucw8iM.roa
File: cwmNk6bauKUzUIBHxMYj4Ucw8iM.roa (raw, json)
Hash identifier: h5yQVWC+XIfRSSbHYLwBKmXd6G/qYJCUqPZaJnYQNT8=
Subject key identifier: 73:09:8D:93:A6:DA:B8:A5:33:50:80:47:C4:C6:23:E1:47:30:F2:23
Certificate issuer: /CN=b5189d9ea82d5fbb66d6c11f187633476034e0de
Certificate serial: 019D065C0006163D8EB239946BE1E9089AE3
Authority key identifier: B5:18:9D:9E:A8:2D:5F:BB:66:D6:C1:1F:18:76:33:47:60:34:E0:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tRidnqgtX7tm1sEfGHYzR2A04N4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/5e61d8-d1bf-4f2a-a32e-f5d6b752ae34/1/cwmNk6bauKUzUIBHxMYj4Ucw8iM.roa
Signing time: Thu 19 Mar 2026 13:49:45 +0000
ROA not before: Thu 19 Mar 2026 13:49:45 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47516
IP address blocks: 2a11:5dc0:52::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/5e61d8-d1bf-4f2a-a32e-f5d6b752ae34/1/tRidnqgtX7tm1sEfGHYzR2A04N4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/5e61d8-d1bf-4f2a-a32e-f5d6b752ae34/1/tRidnqgtX7tm1sEfGHYzR2A04N4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tRidnqgtX7tm1sEfGHYzR2A04N4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Mar 2026 16:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:5c:00:06:16:3d:8e:b2:39:94:6b:e1:e9:08:9a:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5189d9ea82d5fbb66d6c11f187633476034e0de
Validity
Not Before: Mar 19 13:49:45 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=73098d93a6dab8a533508047c4c623e14730f223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:65:f0:31:f8:e8:ee:44:09:8a:60:b7:c9:04:
54:0c:42:96:6b:ae:30:98:e3:18:9a:14:f4:a9:2c:
f6:2e:52:4c:36:2a:84:82:c5:6e:b4:0a:e8:7f:da:
f3:79:7f:cf:e7:41:31:7b:64:5d:f5:c0:02:0b:db:
bf:97:5c:84:39:13:17:a5:b6:96:77:cb:27:f5:c3:
53:07:77:45:ad:79:63:80:4c:4a:44:ce:95:29:52:
1f:1a:9d:58:02:bf:02:2a:5c:93:01:1d:ab:ec:4b:
4a:f0:0a:b8:81:b1:f9:4c:6c:fd:a2:dc:b4:b8:75:
2b:c4:05:51:0a:6c:e2:61:44:a9:fa:36:b3:52:fd:
28:b2:4a:c3:4e:04:55:db:c4:51:1f:fb:2f:67:14:
3b:ff:3a:cd:de:76:7e:38:cc:50:27:97:2a:bb:9b:
ef:a2:33:2c:b5:f9:84:48:aa:9f:28:9b:28:fc:cf:
ae:a1:8d:3f:a4:dd:41:d8:44:3d:6c:10:45:e7:c2:
a2:8a:52:16:7b:bf:93:d9:85:bb:2f:11:e7:d3:ef:
f1:6a:88:1f:4f:11:64:bd:ea:97:e3:16:ca:5f:82:
c1:66:f9:9a:65:86:d8:84:2e:d7:9f:d8:06:af:bc:
05:f6:ab:0a:16:a0:45:ba:1b:f0:e2:b6:d0:97:87:
97:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:09:8D:93:A6:DA:B8:A5:33:50:80:47:C4:C6:23:E1:47:30:F2:23
X509v3 Authority Key Identifier:
keyid:B5:18:9D:9E:A8:2D:5F:BB:66:D6:C1:1F:18:76:33:47:60:34:E0:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRidnqgtX7tm1sEfGHYzR2A04N4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5e61d8-d1bf-4f2a-a32e-f5d6b752ae34/1/cwmNk6bauKUzUIBHxMYj4Ucw8iM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5e61d8-d1bf-4f2a-a32e-f5d6b752ae34/1/tRidnqgtX7tm1sEfGHYzR2A04N4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:5dc0:52::/48
Signature Algorithm: sha256WithRSAEncryption
11:47:6e:4d:2a:d8:86:51:88:b9:95:77:a5:db:77:11:0b:55:
8e:dc:0d:60:41:33:96:31:a0:b0:1d:d4:bb:1a:ae:29:f1:b5:
d5:73:57:35:56:34:55:0c:be:b7:25:2f:aa:4d:d6:33:d5:98:
07:21:04:23:c2:d4:3d:c7:10:4e:6d:c3:4d:0a:a8:09:bc:7b:
52:a7:7f:bd:38:55:e6:ff:bb:e2:00:d8:53:ee:37:94:6d:e2:
85:b0:1e:c5:23:5a:5f:ad:bb:2e:80:40:9d:9c:ae:9c:e9:5e:
0e:42:f8:ba:af:92:15:ac:c5:37:4e:49:65:1a:7e:a3:b7:c4:
96:22:33:a5:58:5f:61:ea:5b:ea:d0:13:8b:6a:d9:32:5b:05:
8d:cd:8a:86:18:40:50:6b:1d:c3:65:5a:6b:dc:b5:b6:ab:49:
d0:f0:91:86:41:a7:d9:60:f2:7e:f6:25:7a:71:07:1c:e3:18:
01:71:0c:28:be:4b:e0:a9:d8:25:bd:a7:0e:aa:61:0b:ae:eb:
d4:80:07:0d:10:0f:08:00:f4:2c:f0:8c:72:2b:3e:33:50:99:
18:80:2b:23:6f:01:24:5b:94:1c:cc:66:ba:4b:d3:e3:ab:40:
98:7c:4f:8d:14:ab:7e:cc:4d:97:d0:3e:ec:48:c9:b8:f8:ae:
f7:19:9d:f4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ0GXAAGFj2OsjmUa+HpCJrjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MTg5ZDllYTgyZDVmYmI2NmQ2YzExZjE4NzYzMzQ3NjAz
NGUwZGUwHhcNMjYwMzE5MTM0OTQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzA5OGQ5M2E2ZGFiOGE1MzM1MDgwNDdjNGM2MjNlMTQ3MzBmMjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6WXwMfjo7kQJimC3yQRUDEKWa64w
mOMYmhT0qSz2LlJMNiqEgsVutArof9rzeX/P50Exe2Rd9cACC9u/l1yEORMXpbaW
d8sn9cNTB3dFrXljgExKRM6VKVIfGp1YAr8CKlyTAR2r7EtK8Aq4gbH5TGz9oty0
uHUrxAVRCmziYUSp+jazUv0oskrDTgRV28RRH/svZxQ7/zrN3nZ+OMxQJ5cqu5vv
ojMstfmESKqfKJso/M+uoY0/pN1B2EQ9bBBF58KiilIWe7+T2YW7LxHn0+/xaogf
TxFkveqX4xbKX4LBZvmaZYbYhC7Xn9gGr7wF9qsKFqBFuhvw4rbQl4eXMQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHMJjZOm2rilM1CAR8TGI+FHMPIjMB8GA1UdIwQY
MBaAFLUYnZ6oLV+7ZtbBHxh2M0dgNODeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFJpZG5xZ3RYN3RtMXNFZkdIWXpSMkEwNE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi81ZTYxZDgtZDFiZi00ZjJhLWEzMmUt
ZjVkNmI3NTJhZTM0LzEvY3dtTms2YmF1S1V6VUlCSHhNWWo0VWN3OGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi81ZTYxZDgtZDFiZi00ZjJhLWEzMmUtZjVkNmI3NTJhZTM0
LzEvdFJpZG5xZ3RYN3RtMXNFZkdIWXpSMkEwNE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhFdwABS
MA0GCSqGSIb3DQEBCwUAA4IBAQARR25NKtiGUYi5lXel23cRC1WO3A1gQTOWMaCw
HdS7Gq4p8bXVc1c1VjRVDL63JS+qTdYz1ZgHIQQjwtQ9xxBObcNNCqgJvHtSp3+9
OFXm/7viANhT7jeUbeKFsB7FI1pfrbsugECdnK6c6V4OQvi6r5IVrMU3TkllGn6j
t8SWIjOlWF9h6lvq0BOLatkyWwWNzYqGGEBQax3DZVpr3LW2q0nQ8JGGQafZYPJ+
9iV6cQcc4xgBcQwovkvgqdglvacOqmELruvUgAcNEA8IAPQs8IxyKz4zUJkYgCsj
bwEkW5QczGa6S9Pjq0CYfE+NFKt+zE2X0D7sSMm4+K73GZ30
-----END CERTIFICATE-----
Generated at Fri Mar 20 22:47:35 2026 by rpki-client