Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/aSpXiAzN_u_07jR4cxg2tb-Q0tM.roa
File: aSpXiAzN_u_07jR4cxg2tb-Q0tM.roa (raw, json)
Hash identifier: z2MAZ4KGPOpIkRLl7vcDeLc05LAPzMoHoo2k9QoSEFc=
Subject key identifier: 69:2A:57:88:0C:CD:FE:EF:F4:EE:34:78:73:18:36:B5:BF:90:D2:D3
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019CFD95F8C88BE64D167C9E9AF08E155DA6
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/aSpXiAzN_u_07jR4cxg2tb-Q0tM.roa
Signing time: Tue 17 Mar 2026 20:56:29 +0000
ROA not before: Tue 17 Mar 2026 20:56:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49424
IP address blocks: 138.249.248.0/24 maxlen: 24
170.168.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 20:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fd:95:f8:c8:8b:e6:4d:16:7c:9e:9a:f0:8e:15:5d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Mar 17 20:56:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=692a57880ccdfeeff4ee3478731836b5bf90d2d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fd:98:cc:5c:2e:06:4b:87:5f:e5:ac:40:f3:
64:c0:4a:65:ab:b6:6d:31:eb:c8:66:a5:0a:15:3c:
95:8b:ea:41:66:ad:5a:06:64:7a:6a:01:e9:6e:74:
b7:a9:a7:af:9e:6a:64:71:1c:35:33:bb:1c:4f:ae:
80:10:dc:7a:d2:79:1a:d5:1e:60:5b:da:c5:02:5a:
8b:ba:46:87:99:8b:31:bc:ec:c6:9f:3b:66:70:96:
fb:a8:7b:f4:8f:91:2c:ab:e1:4c:c2:8a:4b:d8:78:
fd:f4:8d:7c:c2:fc:93:57:b1:1e:f1:bb:7f:f8:72:
c6:fd:6b:7d:13:2f:27:9a:98:9a:9b:64:15:45:38:
d1:88:26:b5:24:b9:33:46:8b:f7:64:68:ad:3c:fd:
9f:ba:44:9c:41:d6:22:87:e1:3f:99:1e:78:46:81:
3e:fe:08:a2:7a:07:84:b8:09:bb:08:a9:b8:20:fd:
93:d2:c2:84:9c:d4:fc:97:2a:84:2a:6f:54:8f:fa:
e7:67:91:4a:a0:97:7b:28:e7:dd:28:b2:d2:7f:bd:
44:cf:d4:d9:7d:fd:e7:32:d9:1d:3d:85:05:a0:d9:
fa:36:39:56:4b:04:dd:a3:26:fc:33:b1:09:57:27:
d0:20:d5:4c:1e:e8:c5:ea:ec:38:82:40:25:ed:99:
6d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:2A:57:88:0C:CD:FE:EF:F4:EE:34:78:73:18:36:B5:BF:90:D2:D3
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/aSpXiAzN_u_07jR4cxg2tb-Q0tM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.249.248.0/24
170.168.60.0/24
Signature Algorithm: sha256WithRSAEncryption
47:be:62:f6:92:80:2d:10:70:91:57:30:18:f8:bd:1b:57:e2:
2e:ec:88:6a:61:3c:14:10:0f:f9:61:50:bc:60:84:35:af:6e:
ef:2e:92:7b:c2:6e:9b:ff:10:e3:ed:6d:06:1c:95:3d:d0:71:
de:e8:7e:ef:60:37:9b:95:03:5c:38:eb:57:80:de:8a:2e:07:
54:ff:db:76:e8:81:b6:55:40:3d:ce:35:1c:49:ad:94:54:39:
88:29:2e:43:76:c8:90:4e:45:a9:a7:89:e0:37:47:ed:cc:7e:
84:bd:a4:75:a0:1c:ba:e8:f7:4e:d5:3e:83:80:d4:65:73:2f:
91:32:ea:18:d1:17:61:5c:87:4c:f3:6c:fc:8e:f9:b2:33:d3:
90:b6:20:f0:e9:18:c7:68:83:4c:76:71:38:cd:31:3d:89:49:
de:4a:1d:d9:d3:56:ac:31:b8:b0:ba:74:ec:15:5a:df:3b:db:
ad:9c:6b:ae:49:22:fd:9f:3d:39:f7:d0:d0:a2:80:25:76:0b:
4d:d6:95:11:93:b1:94:72:d4:5d:00:1d:cd:cf:b2:5b:4e:ca:
65:37:aa:59:60:8b:51:2c:5e:7e:5e:d7:84:a4:5b:0b:5c:a6:
30:c3:c2:aa:86:2f:48:06:37:28:d4:80:cf:18:ae:74:79:fd:
35:ed:a1:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZz9lfjIi+ZNFnyemvCOFV2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjYwMzE3MjA1NjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTJhNTc4ODBjY2RmZWVmZjRlZTM0Nzg3MzE4MzZiNWJmOTBkMmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/2YzFwuBkuHX+WsQPNkwEplq7Zt
MevIZqUKFTyVi+pBZq1aBmR6agHpbnS3qaevnmpkcRw1M7scT66AENx60nka1R5g
W9rFAlqLukaHmYsxvOzGnztmcJb7qHv0j5Esq+FMwopL2Hj99I18wvyTV7Ee8bt/
+HLG/Wt9Ey8nmpiam2QVRTjRiCa1JLkzRov3ZGitPP2fukScQdYih+E/mR54RoE+
/giiegeEuAm7CKm4IP2T0sKEnNT8lyqEKm9Uj/rnZ5FKoJd7KOfdKLLSf71Ez9TZ
ff3nMtkdPYUFoNn6NjlWSwTdoyb8M7EJVyfQINVMHujF6uw4gkAl7ZltkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGkqV4gMzf7v9O40eHMYNrW/kNLTMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvYVNwWGlBek5fdV8wN2pSNGN4ZzJ0Yi1RMHRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAivn4AwQA
qqg8MA0GCSqGSIb3DQEBCwUAA4IBAQBHvmL2koAtEHCRVzAY+L0bV+Iu7IhqYTwU
EA/5YVC8YIQ1r27vLpJ7wm6b/xDj7W0GHJU90HHe6H7vYDeblQNcOOtXgN6KLgdU
/9t26IG2VUA9zjUcSa2UVDmIKS5DdsiQTkWpp4ngN0ftzH6EvaR1oBy66PdO1T6D
gNRlcy+RMuoY0RdhXIdM82z8jvmyM9OQtiDw6RjHaINMdnE4zTE9iUneSh3Z01as
MbiwunTsFVrfO9utnGuuSSL9nz0599DQooAldgtN1pURk7GUctRdAB3Nz7JbTspl
N6pZYItRLF5+XteEpFsLXKYww8Kqhi9IBjco1IDPGK50ef017aGf
-----END CERTIFICATE-----
Generated at Sun Mar 22 01:52:37 2026 by rpki-client