Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/cthI0m3zKbnasgLQpqFuYvkNgj4.roa
File: cthI0m3zKbnasgLQpqFuYvkNgj4.roa (raw, json)
Hash identifier: YHOn0g5iDwOrc5/5ZibxnBBInciVRWyxVy8vCRnCI0o=
Subject key identifier: 72:D8:48:D2:6D:F3:29:B9:DA:B2:02:D0:A6:A1:6E:62:F9:0D:82:3E
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019EFB4B9554129EAF775C38AC6857E8505D
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/cthI0m3zKbnasgLQpqFuYvkNgj4.roa
Signing time: Wed 24 Jun 2026 20:21:35 +0000
ROA not before: Wed 24 Jun 2026 20:21:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206174
IP address blocks: 2a0d:ad42::/32 maxlen: 32
2a0d:b840::/32 maxlen: 32
2a11:ec5::/32 maxlen: 32
2a11:9041::/32 maxlen: 32
2a12:6483::/32 maxlen: 32
2a12:bc81::/32 maxlen: 32
2a12:cf81::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:fb:4b:95:54:12:9e:af:77:5c:38:ac:68:57:e8:50:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jun 24 20:21:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=72d848d26df329b9dab202d0a6a16e62f90d823e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:bb:d2:26:e8:f6:78:54:f9:81:9e:7e:f3:e4:
2c:1c:3b:ac:8d:a6:a0:12:df:42:10:f0:a9:90:e6:
36:74:93:12:45:9a:7e:72:91:86:e1:d0:91:c0:0c:
79:58:f6:a9:c1:b8:85:75:90:1a:e0:27:4a:02:64:
38:f1:07:03:fd:3d:14:30:9e:d1:42:92:a8:31:f1:
c0:64:d2:48:fd:63:f2:61:96:c6:07:5c:f6:8d:45:
e6:e4:5f:75:06:a0:bf:18:6c:7a:6d:05:09:f3:c6:
a6:c8:87:09:a0:14:10:bf:5a:9a:25:96:91:21:8a:
af:fb:ac:d7:03:53:55:a3:0e:7f:5d:8e:d1:33:7e:
f4:68:84:8e:eb:0b:5c:b6:28:77:76:06:8d:30:fd:
a2:46:7e:fd:9c:88:f6:69:e8:0d:4b:30:ab:c0:96:
ef:98:01:aa:e7:0b:6b:8a:35:6b:b6:6a:e7:85:aa:
1f:f0:7f:1c:53:da:a9:b3:40:d6:53:64:9c:ef:fd:
8e:c0:c7:62:56:69:34:e1:93:f3:2f:72:c2:c1:f2:
7c:90:ef:18:90:b3:a5:5b:2c:89:03:ec:03:42:c3:
a1:86:1a:c2:52:ef:3f:9b:0e:4a:62:24:19:21:33:
c6:1b:48:f2:ff:6a:7c:24:f0:54:5b:5f:75:9c:eb:
54:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D8:48:D2:6D:F3:29:B9:DA:B2:02:D0:A6:A1:6E:62:F9:0D:82:3E
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/cthI0m3zKbnasgLQpqFuYvkNgj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:ad42::/32
2a0d:b840::/32
2a11:ec5::/32
2a11:9041::/32
2a12:6483::/32
2a12:bc81::/32
2a12:cf81::/32
Signature Algorithm: sha256WithRSAEncryption
8e:2c:5f:6f:b7:bb:f1:bb:68:0b:1a:eb:17:d7:6c:e0:79:40:
c0:63:ba:da:61:62:a4:db:b1:93:4e:35:bc:aa:5a:c2:60:4d:
ba:71:5a:9a:b5:d5:84:3a:9f:b7:2d:c9:eb:2b:31:da:87:e3:
fa:2b:95:f8:48:80:fb:48:af:ed:7e:78:d2:28:5b:f2:a8:94:
17:68:3f:69:73:f0:9e:45:e3:01:fe:9d:a0:16:7b:a9:36:42:
05:9e:42:58:9c:9c:39:85:5f:4a:9e:0f:f4:c7:5e:e9:5e:da:
21:39:18:eb:98:bf:b4:0f:33:76:f7:72:19:cc:2e:9d:60:95:
42:18:46:be:46:e4:c6:9a:b6:6a:44:95:47:be:23:25:d1:ba:
8f:fa:04:1a:51:c4:98:05:14:6e:8a:ab:5d:48:95:d0:68:7a:
d9:99:2f:1a:3d:93:32:a7:48:4a:ce:64:9e:f9:ed:b3:0c:d0:
b0:a6:6e:47:e2:6c:3f:0c:dc:78:f9:39:8b:e3:00:92:6c:1a:
a9:95:ca:b3:43:e8:ea:ee:dc:d0:b8:0d:8f:61:d6:1e:56:ea:
5b:f1:3c:7b:ce:c0:31:d3:a7:92:b0:33:a0:96:2a:d3:60:88:
13:62:ec:92:2e:a2:e4:31:3d:7d:f6:01:05:a9:d2:ac:41:3d:
5c:e4:10:2f
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZ77S5VUEp6vd1w4rGhX6FBdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNjI0MjAyMTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQ4NDhkMjZkZjMyOWI5ZGFiMjAyZDBhNmExNmU2MmY5MGQ4MjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6LvSJuj2eFT5gZ5+8+QsHDusjaag
Et9CEPCpkOY2dJMSRZp+cpGG4dCRwAx5WPapwbiFdZAa4CdKAmQ48QcD/T0UMJ7R
QpKoMfHAZNJI/WPyYZbGB1z2jUXm5F91BqC/GGx6bQUJ88amyIcJoBQQv1qaJZaR
IYqv+6zXA1NVow5/XY7RM370aISO6wtctih3dgaNMP2iRn79nIj2aegNSzCrwJbv
mAGq5wtrijVrtmrnhaof8H8cU9qps0DWU2Sc7/2OwMdiVmk04ZPzL3LCwfJ8kO8Y
kLOlWyyJA+wDQsOhhhrCUu8/mw5KYiQZITPGG0jy/2p8JPBUW191nOtU8wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFHLYSNJt8ym52rIC0KahbmL5DYI+MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvY3RoSTBtM3pLYm5hc2dMUXBxRnVZdmtOZ2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAKg2tQgMF
ACoNuEADBQAqEQ7FAwUAKhGQQQMFACoSZIMDBQAqEryBAwUAKhLPgTANBgkqhkiG
9w0BAQsFAAOCAQEAjixfb7e78btoCxrrF9ds4HlAwGO62mFipNuxk041vKpawmBN
unFamrXVhDqfty3J6ysx2ofj+iuV+EiA+0iv7X540ihb8qiUF2g/aXPwnkXjAf6d
oBZ7qTZCBZ5CWJycOYVfSp4P9Mde6V7aITkY65i/tA8zdvdyGcwunWCVQhhGvkbk
xpq2akSVR74jJdG6j/oEGlHEmAUUboqrXUiV0Gh62ZkvGj2TMqdISs5knvntswzQ
sKZuR+JsPwzcePk5i+MAkmwaqZXKs0Po6u7c0LgNj2HWHlbqW/E8e87AMdOnkrAz
oJYq02CIE2Lski6i5DE9ffYBBanSrEE9XOQQLw==
-----END CERTIFICATE-----
Generated at Tue Jun 30 21:32:36 2026 by rpki-client