Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/iX2GjLjlcMC4dAenmiFhoIUGAL4.roa
File: iX2GjLjlcMC4dAenmiFhoIUGAL4.roa (raw, json)
Hash identifier: vmVzL0Jp0U9NPvmKBVrJhVBit3hKnmDpQ+Gzns9PsCQ=
Subject key identifier: 89:7D:86:8C:B8:E5:70:C0:B8:74:07:A7:9A:21:61:A0:85:06:00:BE
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019DD159F64BDA3B94DB950ADE1072843F7A
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/iX2GjLjlcMC4dAenmiFhoIUGAL4.roa
Signing time: Mon 27 Apr 2026 23:50:26 +0000
ROA not before: Mon 27 Apr 2026 23:50:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198586
IP address blocks: 2a06:9801:2b1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 13:57:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d1:59:f6:4b:da:3b:94:db:95:0a:de:10:72:84:3f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: Apr 27 23:50:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=897d868cb8e570c0b87407a79a2161a0850600be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5a:65:22:46:e8:f8:18:99:04:23:f4:a0:27:
58:ee:fa:f7:0d:0f:47:a6:4a:63:7b:bb:db:d0:26:
d2:20:40:c7:d4:63:27:54:dd:4a:f3:de:d2:aa:4f:
83:41:3e:eb:64:23:a3:da:2e:6a:d3:ee:54:d4:6c:
d2:93:c0:40:4f:73:2f:88:ad:62:aa:8b:00:80:7e:
6d:a8:d6:b1:d0:d8:ca:38:d3:e3:f2:94:5a:71:c3:
1b:89:39:cf:74:cb:38:62:94:20:3a:fd:69:45:ec:
02:5e:ea:ca:ac:a8:7a:c1:dd:66:93:73:48:bb:f1:
a4:42:c5:fe:5b:e5:74:0b:b5:a7:80:34:bd:5b:e0:
3a:c1:15:93:e1:f4:5a:dc:42:e9:16:10:59:39:16:
be:b0:2a:24:a0:cd:e1:45:79:4e:f3:f1:41:12:d0:
a8:4f:50:a8:34:65:4e:78:5b:78:50:9b:cd:96:d5:
92:be:4f:3f:66:39:ab:93:a7:60:32:c4:8b:52:71:
c7:7f:f3:28:57:4b:09:b1:1c:79:42:33:de:9d:dc:
8e:53:9f:51:9b:97:cc:b7:11:c4:88:3b:86:f2:bc:
d6:0b:d5:7a:ca:5a:82:22:78:3c:8d:68:8c:55:eb:
e3:0a:07:5c:f4:1f:df:66:5b:2b:20:43:0a:5f:e4:
7b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:7D:86:8C:B8:E5:70:C0:B8:74:07:A7:9A:21:61:A0:85:06:00:BE
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/iX2GjLjlcMC4dAenmiFhoIUGAL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:2b1::/48
Signature Algorithm: sha256WithRSAEncryption
31:9b:be:b2:69:49:ff:d0:58:bb:57:5f:45:c6:9e:d3:aa:b3:
72:7d:e8:83:e3:c4:c5:e5:19:55:6e:02:27:46:01:ac:3e:3b:
90:5a:4a:c8:48:c3:12:74:bd:4f:39:08:37:6f:06:cf:07:ab:
8a:fd:30:58:06:c9:71:df:b7:29:e0:85:eb:a0:cf:64:88:78:
e9:db:da:cb:4f:bd:aa:d7:75:66:07:7d:b0:47:48:13:59:a0:
d8:e4:96:bf:8f:96:fb:72:68:a4:5f:2f:26:9c:9a:f0:3e:17:
34:ca:ab:09:f2:62:0a:5a:6c:f7:f8:d4:0e:40:91:48:de:bc:
c2:03:b6:4d:27:db:1f:04:0f:dc:55:26:5f:d1:43:7c:cf:53:
c4:7e:5b:74:2e:4c:06:07:44:59:8a:aa:0f:c9:4b:fe:28:4b:
02:5b:2e:ec:84:d0:d1:9a:35:09:3c:05:ca:d3:d6:92:54:86:
75:73:2f:eb:4d:70:fa:aa:12:a5:15:70:bb:66:fe:c3:cb:be:
60:f4:22:a4:86:ad:ec:f8:ff:a6:46:1e:6c:7b:3f:d8:73:a8:
12:6c:8b:d0:ac:1b:a2:e4:71:0b:22:12:e5:7a:22:f4:14:57:
96:db:64:b7:de:a5:4d:45:ff:d4:ef:c2:93:d7:f6:33:d3:d0:
7b:e7:de:32
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ3RWfZL2juU25UK3hByhD96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwNDI3MjM1MDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTdkODY4Y2I4ZTU3MGMwYjg3NDA3YTc5YTIxNjFhMDg1MDYwMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFplIkbo+BiZBCP0oCdY7vr3DQ9H
pkpje7vb0CbSIEDH1GMnVN1K897Sqk+DQT7rZCOj2i5q0+5U1GzSk8BAT3MviK1i
qosAgH5tqNax0NjKONPj8pRaccMbiTnPdMs4YpQgOv1pRewCXurKrKh6wd1mk3NI
u/GkQsX+W+V0C7WngDS9W+A6wRWT4fRa3ELpFhBZORa+sCokoM3hRXlO8/FBEtCo
T1CoNGVOeFt4UJvNltWSvk8/Zjmrk6dgMsSLUnHHf/MoV0sJsRx5QjPendyOU59R
m5fMtxHEiDuG8rzWC9V6ylqCIng8jWiMVevjCgdc9B/fZlsrIEMKX+R7PwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFIl9hoy45XDAuHQHp5ohYaCFBgC+MB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvaVgyR2pMamxjTUM0ZEFlbm1pRmhvSVVHQUw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgaYAQKx
MA0GCSqGSIb3DQEBCwUAA4IBAQAxm76yaUn/0Fi7V19Fxp7TqrNyfeiD48TF5RlV
bgInRgGsPjuQWkrISMMSdL1POQg3bwbPB6uK/TBYBslx37cp4IXroM9kiHjp29rL
T72q13VmB32wR0gTWaDY5Ja/j5b7cmikXy8mnJrwPhc0yqsJ8mIKWmz3+NQOQJFI
3rzCA7ZNJ9sfBA/cVSZf0UN8z1PEflt0LkwGB0RZiqoPyUv+KEsCWy7shNDRmjUJ
PAXK09aSVIZ1cy/rTXD6qhKlFXC7Zv7Dy75g9CKkhq3s+P+mRh5sez/Yc6gSbIvQ
rBui5HELIhLleiL0FFeW22S33qVNRf/U78KT1/Yz09B7594y
-----END CERTIFICATE-----
Generated at Tue May 5 18:53:46 2026 by rpki-client