Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/C0vJX5XW0gbOlpjFNRkgGNipR7o.roa
File: C0vJX5XW0gbOlpjFNRkgGNipR7o.roa (raw, json)
Hash identifier: kGGg4w1LUNGNPgYsLUojYM6u4XjRvdPfPD0LzrW8shI=
Subject key identifier: 0B:4B:C9:5F:95:D6:D2:06:CE:96:98:C5:35:19:20:18:D8:A9:47:BA
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019DAB16BBEE6716917A2C743338571BF6C8
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/C0vJX5XW0gbOlpjFNRkgGNipR7o.roa
Signing time: Mon 20 Apr 2026 13:31:26 +0000
ROA not before: Mon 20 Apr 2026 13:31:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48347
IP address blocks: 170.168.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 14:27:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ab:16:bb:ee:67:16:91:7a:2c:74:33:38:57:1b:f6:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Apr 20 13:31:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0b4bc95f95d6d206ce9698c535192018d8a947ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c9:ec:c9:92:cd:eb:4c:9b:ee:1c:23:56:10:
5c:8a:a6:4e:b4:1e:79:5e:04:1f:87:bb:3f:77:97:
c8:5d:cb:5b:2a:f4:52:b6:bb:bd:35:13:a2:4d:f3:
6a:a6:d9:6e:63:09:54:1c:02:06:2c:11:40:f8:d8:
0a:ed:c4:6b:67:00:b9:d3:5e:df:35:c1:17:aa:88:
2a:55:98:c9:21:64:c9:60:06:5a:b3:48:e0:ef:ac:
17:b4:01:57:34:cc:cf:a5:86:67:42:56:42:d4:c9:
cd:17:25:d9:fd:94:cd:c8:d1:27:bf:bf:12:7f:10:
d1:65:6f:79:95:7a:50:39:be:6f:ea:33:a9:d8:7b:
7d:cb:8f:aa:e5:4d:50:e7:9b:b4:bf:a7:e6:9b:84:
22:0e:fc:f1:51:2a:20:5b:97:6a:5f:02:83:2f:7e:
d0:12:0a:fc:4b:b1:20:cf:d4:f7:7a:0a:d8:ca:bf:
fc:df:5a:64:9a:df:75:9b:9d:b6:bc:6e:58:de:96:
b3:5a:a1:6c:78:9f:04:a9:5c:3c:b2:ee:4a:f4:e9:
79:7b:c9:c8:3f:30:a8:5f:3e:ed:48:fd:37:28:5d:
d1:ae:f7:d6:d0:5e:1a:53:29:dd:3d:0a:a3:f3:62:
cd:ae:36:2f:4e:82:67:95:c5:27:48:5c:d4:fe:e8:
32:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:4B:C9:5F:95:D6:D2:06:CE:96:98:C5:35:19:20:18:D8:A9:47:BA
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/C0vJX5XW0gbOlpjFNRkgGNipR7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.168.10.0/24
Signature Algorithm: sha256WithRSAEncryption
81:d0:03:e0:3f:2a:b3:cb:4d:a4:46:6e:ba:4f:f2:88:d6:95:
2e:44:a4:00:e3:e9:f5:d9:8c:4b:a4:65:75:c3:59:aa:7c:6d:
05:29:a8:7b:74:fe:c6:cf:e1:f5:fc:4c:fc:ca:ac:9a:33:63:
49:dc:b4:a5:77:72:d4:a2:a1:56:ea:2f:7f:3a:2c:89:e2:fc:
4f:90:23:e0:a0:4f:f6:2e:50:3b:a8:9e:08:3e:fb:22:9b:07:
ff:35:4c:53:c4:77:69:e0:8a:ec:c6:d5:d2:3f:ec:ca:23:a9:
5a:84:0c:56:4e:1e:0a:45:80:d0:c6:8b:d6:49:c5:8e:97:33:
4b:7a:07:2d:61:f4:06:82:88:90:86:49:60:ad:7d:7c:46:37:
52:81:5d:f9:1b:2e:9a:e5:6b:2d:1f:cd:33:c3:43:45:8a:95:
31:78:b4:b8:d5:5c:ea:48:75:5d:1b:01:97:26:4d:4b:10:dc:
7d:b5:dc:8b:f7:e4:7f:16:ca:c4:11:00:1c:0d:b7:25:e3:b5:
ba:e2:7c:8e:e8:fd:67:22:d0:ca:72:4b:a6:63:7d:10:53:45:
99:ee:fb:52:bf:68:e6:e8:62:1f:8a:98:e1:33:2b:e2:58:2e:
42:50:fe:eb:aa:88:32:6c:d4:e6:be:dd:6d:1d:4f:32:2c:7f:
6d:b9:be:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2rFrvuZxaReix0MzhXG/bIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjYwNDIwMTMzMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjRiYzk1Zjk1ZDZkMjA2Y2U5Njk4YzUzNTE5MjAxOGQ4YTk0N2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMnsyZLN60yb7hwjVhBciqZOtB55
XgQfh7s/d5fIXctbKvRStru9NROiTfNqptluYwlUHAIGLBFA+NgK7cRrZwC5017f
NcEXqogqVZjJIWTJYAZas0jg76wXtAFXNMzPpYZnQlZC1MnNFyXZ/ZTNyNEnv78S
fxDRZW95lXpQOb5v6jOp2Ht9y4+q5U1Q55u0v6fmm4QiDvzxUSogW5dqXwKDL37Q
Egr8S7Egz9T3egrYyr/831pkmt91m522vG5Y3pazWqFseJ8EqVw8su5K9Ol5e8nI
PzCoXz7tSP03KF3RrvfW0F4aUyndPQqj82LNrjYvToJnlcUnSFzU/ugyeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAtLyV+V1tIGzpaYxTUZIBjYqUe6MB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvQzB2Slg1WFcwZ2JPbHBqRk5Sa2dHTmlwUjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqqgKMA0G
CSqGSIb3DQEBCwUAA4IBAQCB0APgPyqzy02kRm66T/KI1pUuRKQA4+n12YxLpGV1
w1mqfG0FKah7dP7Gz+H1/Ez8yqyaM2NJ3LSld3LUoqFW6i9/OiyJ4vxPkCPgoE/2
LlA7qJ4IPvsimwf/NUxTxHdp4IrsxtXSP+zKI6lahAxWTh4KRYDQxovWScWOlzNL
egctYfQGgoiQhklgrX18RjdSgV35Gy6a5WstH80zw0NFipUxeLS41VzqSHVdGwGX
Jk1LENx9tdyL9+R/FsrEEQAcDbcl47W64nyO6P1nItDKckumY30QU0WZ7vtSv2jm
6GIfipjhMyviWC5CUP7rqogybNTmvt1tHU8yLH9tub6p
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:25:56 2026 by rpki-client