Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/N7TC-JBZKTcnVrXYMOXnDInex0Y.roa
File: N7TC-JBZKTcnVrXYMOXnDInex0Y.roa (raw, json)
Hash identifier: o8i30Ob2EYvr9oVDlIyb8/N+EYsEDEakQdonu5mNrTM=
Subject key identifier: 37:B4:C2:F8:90:59:29:37:27:56:B5:D8:30:E5:E7:0C:89:DE:C7:46
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019D46AD55A09F39117A8D60AA419414F7A2
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/N7TC-JBZKTcnVrXYMOXnDInex0Y.roa
Signing time: Wed 01 Apr 2026 01:34:17 +0000
ROA not before: Wed 01 Apr 2026 01:34:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20200
IP address blocks: 2a06:9801:274::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 23:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:46:ad:55:a0:9f:39:11:7a:8d:60:aa:41:94:14:f7:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: Apr 1 01:34:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=37b4c2f8905929372756b5d830e5e70c89dec746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2a:50:ab:f2:b0:f0:e1:dd:a1:ab:2a:ed:d4:
a5:70:2a:41:89:29:92:62:c6:20:31:14:a1:e6:39:
fe:00:d8:4e:18:b5:eb:9d:f4:73:b7:03:8b:bb:98:
fe:2b:48:e4:96:3e:3e:81:11:73:81:1d:bd:81:1d:
36:a2:77:74:20:56:bf:1a:be:31:c4:63:a3:1c:59:
f5:cc:01:3e:76:a8:33:5b:ec:44:e8:ec:33:1d:cf:
0a:c9:e2:8e:5e:b9:b5:a0:ca:00:e9:23:84:12:84:
77:87:d3:ee:25:de:38:4c:bb:ae:c5:d2:4b:08:9a:
73:c2:25:50:fb:ac:62:04:25:8e:a8:52:a2:61:c1:
1d:b2:db:61:9b:ef:95:57:86:38:b7:4f:13:86:d3:
bd:fd:4c:b0:d8:ac:f3:01:74:96:89:43:05:da:83:
28:f9:b6:38:75:78:53:51:a1:6d:7e:84:2a:a7:44:
85:8d:02:b2:38:93:22:09:a3:7c:c0:6a:32:00:91:
e0:57:2a:eb:42:03:fb:5b:80:fc:49:47:7f:92:21:
99:f8:3a:4b:8f:10:a9:60:28:64:50:d2:b1:41:c1:
88:68:73:50:25:16:a9:6d:07:e6:4d:90:2b:de:29:
66:7b:f9:73:b4:c6:ed:2a:7a:08:7b:02:52:8d:5c:
e1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:B4:C2:F8:90:59:29:37:27:56:B5:D8:30:E5:E7:0C:89:DE:C7:46
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/N7TC-JBZKTcnVrXYMOXnDInex0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:274::/48
Signature Algorithm: sha256WithRSAEncryption
41:29:9b:65:95:e1:fb:3f:5e:39:e5:fa:d5:33:cf:2d:d2:a1:
df:0e:e6:26:db:8a:88:fe:66:97:23:d0:19:f6:01:f9:a2:5d:
2b:7d:71:b2:24:c2:c3:2e:dc:7e:84:dc:fc:eb:d5:f7:1a:2c:
b9:58:5c:f4:34:5e:62:e7:09:a4:db:fa:4a:52:72:7d:c6:e2:
c7:53:04:30:b2:d5:45:17:d6:e9:2a:4a:ab:35:74:54:2f:7a:
8f:d6:c2:79:d9:50:c3:95:dd:61:7c:42:e3:7f:1b:8c:71:e2:
00:8b:72:14:cb:bf:56:23:17:cc:c2:18:63:e4:52:19:60:5b:
17:74:a6:4f:f4:8b:48:a6:78:85:04:0b:ff:c2:2a:27:bb:11:
0b:d5:e5:1f:cf:35:87:83:68:ce:6a:04:c9:34:6a:12:96:76:
e4:cc:4e:e0:be:a1:68:3c:e7:5d:a9:fd:7c:89:dc:f9:14:bd:
7e:90:51:31:cc:b0:ed:e4:2a:39:ee:d9:4d:0b:6e:cf:01:f5:
50:9f:b6:d8:9f:97:bb:ab:6b:fe:d0:38:e6:4c:7d:2e:74:fa:
6b:f8:4d:63:c3:7d:a7:ab:3e:c2:e8:5b:da:95:a8:99:60:6c:
20:aa:6f:5c:28:b9:8c:5d:be:71:f7:95:71:c6:38:63:b3:0e:
8d:02:10:ed
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ1GrVWgnzkReo1gqkGUFPeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwNDAxMDEzNDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2I0YzJmODkwNTkyOTM3Mjc1NmI1ZDgzMGU1ZTcwYzg5ZGVjNzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiypQq/Kw8OHdoasq7dSlcCpBiSmS
YsYgMRSh5jn+ANhOGLXrnfRztwOLu5j+K0jklj4+gRFzgR29gR02ond0IFa/Gr4x
xGOjHFn1zAE+dqgzW+xE6OwzHc8KyeKOXrm1oMoA6SOEEoR3h9PuJd44TLuuxdJL
CJpzwiVQ+6xiBCWOqFKiYcEdstthm++VV4Y4t08ThtO9/Uyw2KzzAXSWiUMF2oMo
+bY4dXhTUaFtfoQqp0SFjQKyOJMiCaN8wGoyAJHgVyrrQgP7W4D8SUd/kiGZ+DpL
jxCpYChkUNKxQcGIaHNQJRapbQfmTZAr3ilme/lztMbtKnoIewJSjVzh/QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDe0wviQWSk3J1a12DDl5wyJ3sdGMB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvTjdUQy1KQlpLVGNuVnJYWU1PWG5ESW5leDBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgaYAQJ0
MA0GCSqGSIb3DQEBCwUAA4IBAQBBKZtlleH7P1455frVM88t0qHfDuYm24qI/maX
I9AZ9gH5ol0rfXGyJMLDLtx+hNz869X3Giy5WFz0NF5i5wmk2/pKUnJ9xuLHUwQw
stVFF9bpKkqrNXRUL3qP1sJ52VDDld1hfELjfxuMceIAi3IUy79WIxfMwhhj5FIZ
YFsXdKZP9ItIpniFBAv/wionuxEL1eUfzzWHg2jOagTJNGoSlnbkzE7gvqFoPOdd
qf18idz5FL1+kFExzLDt5Co57tlNC27PAfVQn7bYn5e7q2v+0DjmTH0udPpr+E1j
w32nqz7C6FvalaiZYGwgqm9cKLmMXb5x95Vxxjhjsw6NAhDt
-----END CERTIFICATE-----
Generated at Wed Apr 8 07:39:37 2026 by rpki-client