Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/45LfcEe6L3UZFnOKO2wyqyaSbfQ.roa
File: 45LfcEe6L3UZFnOKO2wyqyaSbfQ.roa (raw, json)
Hash identifier: 8iXDLUbrh+rz25MkugmW5rwltOwFAR8Mw2O6FKG1mNo=
Subject key identifier: E3:92:DF:70:47:BA:2F:75:19:16:73:8A:3B:6C:32:AB:26:92:6D:F4
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019EAD49C045CF474CA682251E3B90DFF2B1
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/45LfcEe6L3UZFnOKO2wyqyaSbfQ.roa
Signing time: Tue 09 Jun 2026 16:49:11 +0000
ROA not before: Tue 09 Jun 2026 16:49:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204490
IP address blocks: 2a0d:ad46::/32 maxlen: 32
2a11:9040::/32 maxlen: 32
2a12:2802::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 19:44:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ad:49:c0:45:cf:47:4c:a6:82:25:1e:3b:90:df:f2:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jun 9 16:49:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e392df7047ba2f751916738a3b6c32ab26926df4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d1:1f:a8:00:43:a2:c3:b2:63:d0:b9:6a:4e:
c3:fd:c3:78:e9:e5:8f:4b:f0:44:10:66:4f:5c:1f:
5d:49:54:c2:bc:9a:a7:52:88:10:eb:ec:b3:6d:39:
1e:55:eb:6c:52:31:8a:99:3f:98:4c:96:93:12:d8:
1a:d8:c2:9c:7f:10:e4:62:cb:43:7e:65:63:d1:4b:
e8:a6:63:09:af:b5:cc:7f:26:09:ec:13:5c:75:08:
09:44:f0:42:3a:80:7a:93:7d:a8:6a:23:c2:ae:fd:
1b:6b:b4:57:b6:9e:85:32:a0:21:cc:99:c5:59:76:
e1:33:34:a5:24:e4:3f:f2:26:e0:d8:f0:2f:45:50:
1e:50:d6:07:f5:e1:9c:28:e3:2d:82:97:dc:49:c5:
ca:56:59:fa:b5:fd:d5:5c:17:94:d9:6c:97:ec:b0:
65:5d:46:a9:7f:ff:ab:da:63:47:03:d9:d3:ef:ed:
c5:30:11:c0:77:48:54:01:f3:46:ca:f7:5b:c6:c7:
0e:c8:34:04:7b:af:df:c5:7f:1b:b8:5e:f8:b9:65:
09:1b:dd:ce:31:ca:98:4c:aa:29:35:47:d5:61:7f:
08:36:30:83:ef:71:dd:c0:63:44:a0:9b:1b:dc:20:
78:39:50:72:62:fd:0f:66:10:4d:b8:1c:13:03:45:
ad:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:92:DF:70:47:BA:2F:75:19:16:73:8A:3B:6C:32:AB:26:92:6D:F4
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/45LfcEe6L3UZFnOKO2wyqyaSbfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:ad46::/32
2a11:9040::/32
2a12:2802::/32
Signature Algorithm: sha256WithRSAEncryption
26:8f:4e:2b:14:ee:ae:e9:fb:86:b8:8b:6d:7c:12:b6:b1:ae:
c2:4a:56:54:70:66:21:30:b8:c9:eb:b5:fe:4b:3e:12:e0:66:
34:5a:ae:0d:8a:c2:da:21:f5:66:4c:3e:63:36:91:4b:36:e5:
95:c7:8c:18:a3:3c:50:e0:0c:6b:20:47:80:2f:01:aa:02:1d:
01:2a:d5:26:1f:72:be:c9:da:7c:61:f2:59:58:99:d7:96:db:
1c:56:c2:fa:4e:d6:01:c3:d2:b2:ee:21:27:ac:24:13:d8:06:
2d:dc:b9:20:27:d8:2d:36:86:5c:44:2b:89:b5:d5:79:3d:62:
1a:c0:cd:a8:52:66:3c:27:31:6e:db:d7:28:b3:e3:a1:f1:b1:
a4:85:16:92:f5:8f:89:a4:58:1e:21:44:34:78:0e:7a:99:0d:
c9:59:56:e4:ba:2d:16:ff:68:0a:aa:89:f0:aa:e1:09:1b:38:
2c:bf:23:05:a4:f1:22:9c:7e:2f:cf:24:62:4e:5c:c9:b2:c4:
52:88:6a:8a:a2:e5:48:07:fd:e7:b2:5d:22:6b:52:be:44:c5:
61:e2:8b:3b:b0:7c:7b:87:f1:7f:33:c5:92:3c:ca:0e:07:2a:
39:67:74:6d:6c:0a:98:cf:e0:74:67:38:ef:cc:0d:c4:7a:0d:
7d:d3:95:a6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ6tScBFz0dMpoIlHjuQ3/KxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNjA5MTY0OTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzkyZGY3MDQ3YmEyZjc1MTkxNjczOGEzYjZjMzJhYjI2OTI2ZGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtEfqABDosOyY9C5ak7D/cN46eWP
S/BEEGZPXB9dSVTCvJqnUogQ6+yzbTkeVetsUjGKmT+YTJaTEtga2MKcfxDkYstD
fmVj0UvopmMJr7XMfyYJ7BNcdQgJRPBCOoB6k32oaiPCrv0ba7RXtp6FMqAhzJnF
WXbhMzSlJOQ/8ibg2PAvRVAeUNYH9eGcKOMtgpfcScXKVln6tf3VXBeU2WyX7LBl
XUapf/+r2mNHA9nT7+3FMBHAd0hUAfNGyvdbxscOyDQEe6/fxX8buF74uWUJG93O
McqYTKopNUfVYX8INjCD73HdwGNEoJsb3CB4OVByYv0PZhBNuBwTA0Wt0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOOS33BHui91GRZzijtsMqsmkm30MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvNDVMZmNFZTZMM1VaRm5PS08yd3lxeWFTYmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKg2tRgMF
ACoRkEADBQAqEigCMA0GCSqGSIb3DQEBCwUAA4IBAQAmj04rFO6u6fuGuIttfBK2
sa7CSlZUcGYhMLjJ67X+Sz4S4GY0Wq4NisLaIfVmTD5jNpFLNuWVx4wYozxQ4Axr
IEeALwGqAh0BKtUmH3K+ydp8YfJZWJnXltscVsL6TtYBw9Ky7iEnrCQT2AYt3Lkg
J9gtNoZcRCuJtdV5PWIawM2oUmY8JzFu29cos+Oh8bGkhRaS9Y+JpFgeIUQ0eA56
mQ3JWVbkui0W/2gKqonwquEJGzgsvyMFpPEinH4vzyRiTlzJssRSiGqKouVIB/3n
sl0ia1K+RMVh4os7sHx7h/F/M8WSPMoOByo5Z3RtbAqYz+B0ZzjvzA3Eeg1905Wm
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:23:46 2026 by rpki-client