Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/J0BstuYWhIViiKe8RJI_y_aCKe8.roa
File: J0BstuYWhIViiKe8RJI_y_aCKe8.roa (raw, json)
Hash identifier: +MLhc0ZdopgznanETYSJgNiH6/4YsQoQJnPDDPv6O7c=
Subject key identifier: 27:40:6C:B6:E6:16:84:85:62:88:A7:BC:44:92:3F:CB:F6:82:29:EF
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019E2C59B67CE0AAA3C652C7F572FC95DBF0
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/J0BstuYWhIViiKe8RJI_y_aCKe8.roa
Signing time: Fri 15 May 2026 15:55:37 +0000
ROA not before: Fri 15 May 2026 15:55:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205866
IP address blocks: 2a0d:e241::/32 maxlen: 32
2a11:ec2::/32 maxlen: 32
2a11:9044::/32 maxlen: 32
2a11:e2c7::/32 maxlen: 32
2a12:645::/32 maxlen: 32
2a12:2806::/32 maxlen: 32
2a12:8781::/32 maxlen: 32
2a12:cf83::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 03:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2c:59:b6:7c:e0:aa:a3:c6:52:c7:f5:72:fc:95:db:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: May 15 15:55:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=27406cb6e61684856288a7bc44923fcbf68229ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:59:3f:f2:47:59:30:e9:38:bb:ba:c5:b2:62:
70:e5:76:8c:90:83:4a:28:2b:ef:b1:a9:22:df:b5:
17:32:69:8b:75:fd:83:3c:4b:8f:89:89:8a:31:1a:
f1:53:78:a3:de:4b:bf:8d:13:ee:20:e5:af:77:fa:
12:ae:4f:0a:6e:42:c3:c4:f5:14:29:6b:8e:08:99:
1c:55:93:17:2e:83:a4:fd:f9:4e:d6:88:f4:6a:3a:
a1:59:cf:3b:da:7e:f7:af:a8:c0:ad:70:ce:c8:87:
59:8b:c3:d5:2f:b8:46:52:6f:35:60:39:51:79:f6:
49:2a:98:03:26:b2:30:16:6a:19:f3:43:c3:11:12:
42:5c:1b:c0:75:0a:0f:df:b4:43:11:f0:cf:6c:e7:
3d:d6:1b:ba:d5:7f:69:cb:21:14:c3:67:4f:66:85:
1c:4d:cd:0f:45:f7:34:d9:d3:5a:0b:9b:59:3f:cb:
11:d4:00:95:10:d4:1a:a8:b5:bf:af:2b:ee:44:40:
67:23:65:f8:aa:22:c2:81:3f:f3:1b:6b:95:6f:63:
82:0e:4c:19:cf:d8:87:53:f6:ad:05:b0:c1:39:91:
57:48:d9:bc:d1:0b:33:d6:69:cc:6b:be:4c:0a:3b:
9a:5b:70:a2:f9:c1:29:84:84:36:8a:50:09:74:4d:
e0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:40:6C:B6:E6:16:84:85:62:88:A7:BC:44:92:3F:CB:F6:82:29:EF
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/J0BstuYWhIViiKe8RJI_y_aCKe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:e241::/32
2a11:ec2::/32
2a11:9044::/32
2a11:e2c7::/32
2a12:645::/32
2a12:2806::/32
2a12:8781::/32
2a12:cf83::/32
Signature Algorithm: sha256WithRSAEncryption
9d:80:23:25:85:d0:a3:98:a1:1c:7d:01:0f:ca:dc:cb:ac:b0:
9d:45:f0:14:0b:fb:1b:85:0e:67:23:af:45:0b:bf:f3:84:18:
90:2b:2c:e1:08:98:50:4c:27:93:fa:1b:d8:bf:a1:45:84:e0:
34:3f:71:60:47:e7:70:e3:23:e3:6c:85:ce:33:6f:50:c5:f1:
32:37:96:f6:3c:22:bb:6e:be:6e:9f:3c:a8:8f:35:8b:48:a0:
92:38:3a:80:f2:cc:d6:2b:2b:5f:b0:3d:dc:3f:78:87:5e:33:
01:ca:c4:8d:25:98:21:76:e8:a5:37:1c:11:84:7a:ad:4c:ba:
ce:b8:16:50:da:29:20:ad:be:0b:f9:17:2b:26:4f:08:e4:5d:
31:86:49:7b:37:68:e3:0d:fb:f1:28:17:76:aa:0e:8d:bd:f4:
18:c1:41:ff:7f:3c:16:c8:13:2e:22:84:98:9f:af:ba:6c:93:
d9:f6:b0:56:a2:ff:2f:27:dd:a3:9e:32:a0:f5:61:cb:1c:c7:
ac:37:79:16:fa:42:7d:0e:5a:8e:3b:94:1a:ee:b0:73:46:f4:
89:4d:78:b5:5b:fe:98:93:7d:0c:e4:a9:ba:99:07:51:6d:a0:
f4:64:a6:a7:51:db:c7:a7:d7:86:ad:9d:7f:20:b4:d4:ec:b7:
ed:d9:0b:de
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ4sWbZ84KqjxlLH9XL8ldvwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNTE1MTU1NTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzQwNmNiNmU2MTY4NDg1NjI4OGE3YmM0NDkyM2ZjYmY2ODIyOWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1k/8kdZMOk4u7rFsmJw5XaMkINK
KCvvsaki37UXMmmLdf2DPEuPiYmKMRrxU3ij3ku/jRPuIOWvd/oSrk8KbkLDxPUU
KWuOCJkcVZMXLoOk/flO1oj0ajqhWc872n73r6jArXDOyIdZi8PVL7hGUm81YDlR
efZJKpgDJrIwFmoZ80PDERJCXBvAdQoP37RDEfDPbOc91hu61X9pyyEUw2dPZoUc
Tc0PRfc02dNaC5tZP8sR1ACVENQaqLW/ryvuREBnI2X4qiLCgT/zG2uVb2OCDkwZ
z9iHU/atBbDBOZFXSNm80Qsz1mnMa75MCjuaW3Ci+cEphIQ2ilAJdE3gfQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCdAbLbmFoSFYoinvESSP8v2ginvMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvSjBCc3R1WVdoSVZpaUtlOFJKSV95X2FDS2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUAKg3iQQMF
ACoRDsIDBQAqEZBEAwUAKhHixwMFACoSBkUDBQAqEigGAwUAKhKHgQMFACoSz4Mw
DQYJKoZIhvcNAQELBQADggEBAJ2AIyWF0KOYoRx9AQ/K3MussJ1F8BQL+xuFDmcj
r0ULv/OEGJArLOEImFBMJ5P6G9i/oUWE4DQ/cWBH53DjI+Nshc4zb1DF8TI3lvY8
Irtuvm6fPKiPNYtIoJI4OoDyzNYrK1+wPdw/eIdeMwHKxI0lmCF26KU3HBGEeq1M
us64FlDaKSCtvgv5FysmTwjkXTGGSXs3aOMN+/EoF3aqDo299BjBQf9/PBbIEy4i
hJifr7psk9n2sFai/y8n3aOeMqD1Ycscx6w3eRb6Qn0OWo47lBrusHNG9IlNeLVb
/piTfQzkqbqZB1FtoPRkpqdR28en14atnX8gtNTst+3ZC94=
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:59:22 2026 by rpki-client