Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/ek4Lhd0THlZYxtE6BuBdt3eBEmc.roa
File: ek4Lhd0THlZYxtE6BuBdt3eBEmc.roa (raw, json)
Hash identifier: i2hOhKvt3AIYafZVjHc18LyA43rwODb63VbYy8dj8gs=
Subject key identifier: 7A:4E:0B:85:DD:13:1E:56:58:C6:D1:3A:06:E0:5D:B7:77:81:12:67
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019E2C59B7274C59A60FD2A44330EA7E6D54
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/ek4Lhd0THlZYxtE6BuBdt3eBEmc.roa
Signing time: Fri 15 May 2026 15:55:37 +0000
ROA not before: Fri 15 May 2026 15:55:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213294
IP address blocks: 2a0d:ad41::/32 maxlen: 32
2a11:9047::/32 maxlen: 32
2a12:646::/32 maxlen: 32
2a12:2800::/32 maxlen: 32
2a12:2807::/32 maxlen: 32
2a12:cf87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 03:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2c:59:b7:27:4c:59:a6:0f:d2:a4:43:30:ea:7e:6d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: May 15 15:55:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7a4e0b85dd131e5658c6d13a06e05db777811267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:60:eb:9c:3f:c0:d0:9a:77:9f:fd:53:7d:32:
33:2f:b5:a5:5a:85:c5:58:3d:1e:2a:e3:e8:a7:90:
af:51:bc:b3:45:42:17:a5:87:9c:b3:93:c3:45:bd:
ae:3e:b2:90:3c:a4:87:67:a0:b4:f8:58:62:b4:23:
43:ca:80:97:16:49:fe:d8:26:1a:72:2b:8d:f2:a7:
1e:59:05:b8:40:8a:8f:9b:97:e0:cd:32:81:03:89:
e2:b3:59:3a:b6:46:6f:90:ef:1b:f1:f1:42:80:e4:
b3:8d:dd:9e:05:85:f1:56:d5:38:77:f4:13:5a:45:
4d:8e:6c:dc:84:8e:9d:6f:0f:7d:47:92:06:6e:ba:
9b:4b:96:9e:fd:2f:0b:aa:b8:85:28:b3:ac:09:18:
7f:bb:54:e8:2d:e8:1e:24:33:45:e7:36:57:ea:86:
2d:69:f7:24:55:55:16:e7:4d:96:ac:2d:2a:d0:ba:
08:a6:7c:41:17:6d:8f:3b:9a:3e:65:8a:15:03:e8:
a0:d4:31:96:21:dd:06:fb:fa:e7:74:64:2c:b7:be:
ef:12:e4:c7:49:13:9d:fc:9c:e4:4e:2c:6d:bc:3d:
1c:a8:6e:e3:99:d5:29:5d:dc:a8:93:0a:ef:0e:59:
92:a1:10:02:f9:0d:ab:95:44:bc:4e:2d:ef:91:7c:
20:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4E:0B:85:DD:13:1E:56:58:C6:D1:3A:06:E0:5D:B7:77:81:12:67
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/ek4Lhd0THlZYxtE6BuBdt3eBEmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:ad41::/32
2a11:9047::/32
2a12:646::/32
2a12:2800::/32
2a12:2807::/32
2a12:cf87::/32
Signature Algorithm: sha256WithRSAEncryption
00:ad:c9:01:77:7d:36:fa:86:82:4e:c7:f9:b8:8c:76:cf:ca:
09:fe:15:a5:56:6a:09:ac:24:ff:49:11:87:0a:ba:b6:ca:8b:
d5:be:20:ee:27:0b:4e:8e:d2:32:15:e1:c4:49:6f:0f:48:bf:
b1:b1:e4:0b:84:24:b0:d2:91:cc:b2:9c:c1:c8:94:3c:3f:4e:
09:94:68:c0:7a:d9:0b:93:b0:39:be:e0:d5:3f:bd:5d:56:5e:
5a:d3:cf:ec:89:cc:33:ba:a5:7e:a7:99:c9:59:0b:67:d3:5e:
34:c8:c4:ad:72:9d:d7:1b:d7:cd:c0:a7:f4:71:98:bd:46:85:
37:c3:b3:23:a9:b3:47:20:ce:4c:0d:6c:8e:5c:39:2e:60:1a:
22:ed:df:2d:67:46:8c:54:ec:01:47:1b:f7:fd:d2:82:db:e7:
0a:b0:8a:bd:ca:81:0d:23:05:2e:e5:31:7f:21:eb:cd:67:b5:
83:f3:0d:70:50:8c:5a:a9:cf:21:da:7e:65:0a:12:fc:b2:8c:
3e:1b:8b:c6:c8:9f:83:5f:c4:b5:9b:b9:8e:f2:7f:7f:66:44:
af:70:71:79:a6:d8:d5:80:dd:fc:b8:f2:5f:41:29:ea:c5:14:
5e:13:4c:7c:9c:c7:47:59:46:e8:2c:42:74:39:12:81:7b:b2:
0a:f7:8c:4e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ4sWbcnTFmmD9KkQzDqfm1UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNTE1MTU1NTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTRlMGI4NWRkMTMxZTU2NThjNmQxM2EwNmUwNWRiNzc3ODExMjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2DrnD/A0Jp3n/1TfTIzL7WlWoXF
WD0eKuPop5CvUbyzRUIXpYecs5PDRb2uPrKQPKSHZ6C0+FhitCNDyoCXFkn+2CYa
ciuN8qceWQW4QIqPm5fgzTKBA4nis1k6tkZvkO8b8fFCgOSzjd2eBYXxVtU4d/QT
WkVNjmzchI6dbw99R5IGbrqbS5ae/S8LqriFKLOsCRh/u1ToLegeJDNF5zZX6oYt
afckVVUW502WrC0q0LoIpnxBF22PO5o+ZYoVA+ig1DGWId0G+/rndGQst77vEuTH
SROd/JzkTixtvD0cqG7jmdUpXdyokwrvDlmSoRAC+Q2rlUS8Ti3vkXwgfwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHpOC4XdEx5WWMbROgbgXbd3gRJnMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvZWs0TGhkMFRIbFpZeHRFNkJ1QmR0M2VCRW1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKg2tQQMF
ACoRkEcDBQAqEgZGAwUAKhIoAAMFACoSKAcDBQAqEs+HMA0GCSqGSIb3DQEBCwUA
A4IBAQAArckBd302+oaCTsf5uIx2z8oJ/hWlVmoJrCT/SRGHCrq2yovVviDuJwtO
jtIyFeHESW8PSL+xseQLhCSw0pHMspzByJQ8P04JlGjAetkLk7A5vuDVP71dVl5a
08/sicwzuqV+p5nJWQtn0140yMStcp3XG9fNwKf0cZi9RoU3w7MjqbNHIM5MDWyO
XDkuYBoi7d8tZ0aMVOwBRxv3/dKC2+cKsIq9yoENIwUu5TF/IevNZ7WD8w1wUIxa
qc8h2n5lChL8sow+G4vGyJ+DX8S1m7mO8n9/ZkSvcHF5ptjVgN38uPJfQSnqxRRe
E0x8nMdHWUboLEJ0ORKBe7IK94xO
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:59:27 2026 by rpki-client