Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/Ss4QcxW9GLd30msWJRP7ZtIIKUc.roa
File: Ss4QcxW9GLd30msWJRP7ZtIIKUc.roa (raw, json)
Hash identifier: UEX3kefvU1EXPSWdaiGH9DHdxd0BCQ1Yb5UH3q0++iY=
Subject key identifier: 4A:CE:10:73:15:BD:18:B7:77:D2:6B:16:25:13:FB:66:D2:08:29:47
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019D27D368512D004F40A12C4988E3F9451E
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/Ss4QcxW9GLd30msWJRP7ZtIIKUc.roa
Signing time: Thu 26 Mar 2026 01:47:39 +0000
ROA not before: Thu 26 Mar 2026 01:47:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199783
IP address blocks: 2a06:9801:222::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 20:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:d3:68:51:2d:00:4f:40:a1:2c:49:88:e3:f9:45:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: Mar 26 01:47:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4ace107315bd18b777d26b162513fb66d2082947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:82:63:01:e7:aa:24:10:18:aa:07:72:75:ab:
e5:44:2c:fb:44:b4:ac:58:ef:65:fb:fb:f5:66:f0:
69:ef:db:c8:b1:0e:0a:0f:41:24:ed:bc:18:31:73:
99:b2:be:ae:35:71:26:d8:32:98:f7:dc:8a:a3:8a:
a9:0c:62:fd:7e:fc:cb:f2:01:67:61:8c:b8:88:e2:
de:86:32:70:b5:6a:da:fa:ff:d6:4a:ad:30:f9:20:
ed:2a:1d:64:bd:cb:5f:f0:70:b8:5a:49:a7:14:17:
bd:e2:cf:86:86:01:d2:ce:8d:73:a1:1f:cc:94:e1:
71:c2:0d:93:b2:32:2f:c5:cc:19:55:19:b2:3f:17:
ed:ae:a2:09:b0:e3:f4:2a:25:ce:89:74:9e:e9:fc:
5c:d4:b5:3f:ce:4a:36:03:33:21:9a:b0:df:d4:88:
e6:90:b5:e9:64:58:91:ce:1b:a4:af:24:a9:a2:67:
ee:89:2b:61:01:fc:6e:ab:c9:9c:1a:ae:78:af:4f:
9a:9d:5d:c7:09:74:fa:96:fd:89:d8:a5:17:9f:70:
32:b5:e3:ac:d1:93:f8:9e:1a:07:29:b0:54:8b:d8:
dd:46:44:ab:9e:7d:b9:7c:de:3c:0c:5e:a3:1c:b1:
d4:0e:4c:8f:19:b5:bb:75:9d:14:be:b6:70:fe:18:
b0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:CE:10:73:15:BD:18:B7:77:D2:6B:16:25:13:FB:66:D2:08:29:47
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/Ss4QcxW9GLd30msWJRP7ZtIIKUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:222::/48
Signature Algorithm: sha256WithRSAEncryption
bf:55:9a:67:6c:0e:67:97:42:f1:14:32:87:d7:9a:59:17:ff:
9e:b8:81:27:54:0a:16:ef:f9:cb:2a:c0:e0:9b:46:2e:39:b2:
74:c6:ee:11:66:03:fb:c6:b6:11:4c:0d:24:aa:a2:09:fb:b8:
66:bf:1c:3f:6a:e9:17:f5:26:65:90:b4:68:b3:eb:f9:f2:b8:
65:16:d2:dd:a9:5c:8f:82:77:54:2b:50:0b:db:ff:a2:3d:4c:
c7:f9:db:2a:09:49:5c:39:57:74:61:02:12:af:d8:bd:78:d9:
6d:47:4b:f4:a4:5d:cd:0a:9c:26:40:58:ca:31:26:4d:3f:01:
90:ad:88:1f:6a:5e:df:e9:7b:2c:e2:1b:f6:47:d0:49:d5:8f:
aa:60:5b:98:06:3c:36:40:26:5f:ca:85:aa:ec:bc:26:7b:7d:
6a:c4:1b:d5:9b:44:82:b8:07:95:1d:59:71:f9:bd:bb:c8:3b:
77:b8:1b:8f:16:63:dd:23:5a:99:6b:80:9e:be:2a:ec:17:e8:
2c:eb:47:11:00:72:0a:b7:3b:98:51:3b:60:75:0d:d1:3f:b6:
bb:6e:e2:1f:b6:f8:c0:a6:e7:b7:e9:9e:96:5a:de:cb:a4:c2:
39:e7:59:ac:47:66:59:21:8a:b1:05:77:bb:c3:fd:0d:32:86:
ec:23:8a:d6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ0n02hRLQBPQKEsSYjj+UUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwMzI2MDE0NzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWNlMTA3MzE1YmQxOGI3NzdkMjZiMTYyNTEzZmI2NmQyMDgyOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoJjAeeqJBAYqgdydavlRCz7RLSs
WO9l+/v1ZvBp79vIsQ4KD0Ek7bwYMXOZsr6uNXEm2DKY99yKo4qpDGL9fvzL8gFn
YYy4iOLehjJwtWra+v/WSq0w+SDtKh1kvctf8HC4WkmnFBe94s+GhgHSzo1zoR/M
lOFxwg2TsjIvxcwZVRmyPxftrqIJsOP0KiXOiXSe6fxc1LU/zko2AzMhmrDf1Ijm
kLXpZFiRzhukrySpomfuiSthAfxuq8mcGq54r0+anV3HCXT6lv2J2KUXn3AyteOs
0ZP4nhoHKbBUi9jdRkSrnn25fN48DF6jHLHUDkyPGbW7dZ0UvrZw/hiwTQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFErOEHMVvRi3d9JrFiUT+2bSCClHMB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvU3M0UWN4VzlHTGQzMG1zV0pSUDdadElJS1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgaYAQIi
MA0GCSqGSIb3DQEBCwUAA4IBAQC/VZpnbA5nl0LxFDKH15pZF/+euIEnVAoW7/nL
KsDgm0YuObJ0xu4RZgP7xrYRTA0kqqIJ+7hmvxw/aukX9SZlkLRos+v58rhlFtLd
qVyPgndUK1AL2/+iPUzH+dsqCUlcOVd0YQISr9i9eNltR0v0pF3NCpwmQFjKMSZN
PwGQrYgfal7f6Xss4hv2R9BJ1Y+qYFuYBjw2QCZfyoWq7Lwme31qxBvVm0SCuAeV
HVlx+b27yDt3uBuPFmPdI1qZa4CevirsF+gs60cRAHIKtzuYUTtgdQ3RP7a7buIf
tvjApue36Z6WWt7LpMI551msR2ZZIYqxBXe7w/0NMobsI4rW
-----END CERTIFICATE-----
Generated at Sat Mar 28 06:08:39 2026 by rpki-client