Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/e282e7-4bf1-4cb8-ae6e-69baa11d578f/1/stcR-lSqkJU2Cb-qmerN4K0gerA.roa
File: stcR-lSqkJU2Cb-qmerN4K0gerA.roa (raw, json)
Hash identifier: VXZV1NgbHgfdGJFJNdfWgsLM9jnWqEunQBxug2Zcoyg=
Subject key identifier: B2:D7:11:FA:54:AA:90:95:36:09:BF:AA:99:EA:CD:E0:AD:20:7A:B0
Certificate issuer: /CN=554c24d437a0d56b9bd0be488a60cfd5ccc8f9bf
Certificate serial: 019C81C48A3CCCD8084A24531EA705FDA5FF
Authority key identifier: 55:4C:24:D4:37:A0:D5:6B:9B:D0:BE:48:8A:60:CF:D5:CC:C8:F9:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VUwk1Deg1Wub0L5IimDP1czI-b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/e282e7-4bf1-4cb8-ae6e-69baa11d578f/1/stcR-lSqkJU2Cb-qmerN4K0gerA.roa
Signing time: Sat 21 Feb 2026 19:54:27 +0000
ROA not before: Sat 21 Feb 2026 19:54:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 23532
IP address blocks: 2a14:e00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/e282e7-4bf1-4cb8-ae6e-69baa11d578f/1/VUwk1Deg1Wub0L5IimDP1czI-b8.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/e282e7-4bf1-4cb8-ae6e-69baa11d578f/1/VUwk1Deg1Wub0L5IimDP1czI-b8.mft
rsync://rpki.ripe.net/repository/DEFAULT/VUwk1Deg1Wub0L5IimDP1czI-b8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 15:05:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:81:c4:8a:3c:cc:d8:08:4a:24:53:1e:a7:05:fd:a5:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=554c24d437a0d56b9bd0be488a60cfd5ccc8f9bf
Validity
Not Before: Feb 21 19:54:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b2d711fa54aa90953609bfaa99eacde0ad207ab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:61:df:a7:28:de:5c:84:e8:b9:90:a5:ab:a8:
b6:df:8a:68:34:eb:d8:4f:bb:52:27:0a:e6:9f:46:
8d:40:8f:5b:17:9c:04:89:28:ac:4f:3b:83:64:b3:
cf:fe:a0:54:55:67:5f:43:15:ff:0c:97:e2:04:5a:
23:1b:31:f2:2a:9e:de:cd:dc:95:5a:b8:04:c5:67:
e2:1d:a4:61:d4:48:26:a9:00:aa:c8:63:e7:72:19:
3d:42:ee:8c:f0:cb:c8:bb:ed:03:da:82:22:d5:a6:
1c:6c:16:f9:49:48:fe:95:ad:8a:e5:66:3c:eb:2f:
be:bc:2e:09:ce:43:44:6f:07:5d:2b:61:41:60:17:
db:4f:96:e2:f9:73:c8:f0:08:8c:f1:f4:d6:b4:23:
97:f4:fc:60:36:32:da:28:8c:14:29:3a:6b:8e:46:
6b:46:b2:9c:16:27:12:64:e2:14:6e:23:52:80:fe:
6c:c6:1b:b0:46:24:06:9b:32:6c:82:2d:a5:0c:e0:
4d:bd:25:69:7e:07:ae:c3:e0:59:80:ae:a8:c0:6e:
67:25:e5:fa:42:9c:f1:d5:25:01:0c:f3:81:f3:35:
05:c4:37:85:52:de:b2:1b:03:b4:b5:30:7f:8b:1a:
47:3f:02:7b:66:43:70:38:23:aa:7a:d0:72:72:10:
e2:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D7:11:FA:54:AA:90:95:36:09:BF:AA:99:EA:CD:E0:AD:20:7A:B0
X509v3 Authority Key Identifier:
keyid:55:4C:24:D4:37:A0:D5:6B:9B:D0:BE:48:8A:60:CF:D5:CC:C8:F9:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VUwk1Deg1Wub0L5IimDP1czI-b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/e282e7-4bf1-4cb8-ae6e-69baa11d578f/1/stcR-lSqkJU2Cb-qmerN4K0gerA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/e282e7-4bf1-4cb8-ae6e-69baa11d578f/1/VUwk1Deg1Wub0L5IimDP1czI-b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:e00::/29
Signature Algorithm: sha256WithRSAEncryption
01:d6:24:ef:0d:f0:ac:9b:8a:a4:ff:10:83:dd:06:8e:14:a8:
66:16:10:cf:ae:5a:55:0a:ea:c9:da:38:16:6e:0e:28:ad:dc:
14:59:e1:31:a5:19:9b:d5:1c:90:4e:5a:37:b6:eb:c7:2f:e9:
a9:58:1a:fc:29:e3:4d:5f:f4:65:80:a8:06:35:fd:db:85:d2:
7a:7c:58:1f:74:29:13:90:47:e9:4c:8b:69:c6:5b:97:f0:42:
ac:f9:96:b8:e1:55:11:ab:6f:3b:05:ea:27:7b:b6:7f:db:e5:
76:db:87:37:07:ee:fb:6e:7e:03:1c:30:7d:35:94:1f:92:45:
c0:5b:bf:58:7e:2e:04:85:b0:d6:75:9c:fd:32:75:9b:6c:f7:
3e:d2:e5:1b:2a:72:a4:61:ca:0e:bc:08:5a:f6:52:64:de:4a:
68:18:43:99:a9:4b:c8:4a:87:9f:11:b9:8f:ff:5f:ae:40:d3:
6b:3d:27:aa:cd:9a:6e:fa:fa:14:20:c1:a5:7a:73:e3:a3:03:
b0:ff:34:08:f8:09:7d:8f:c5:9a:74:42:a8:60:43:ee:ac:d2:
2e:f9:3c:09:04:0d:4a:49:cd:35:3b:27:61:f6:d9:53:a8:66:
c6:16:30:95:25:d9:e2:5a:dc:f6:24:d3:5d:48:9a:23:7f:ca:
dc:ce:14:2b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZyBxIo8zNgISiRTHqcF/aX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NGMyNGQ0MzdhMGQ1NmI5YmQwYmU0ODhhNjBjZmQ1Y2Nj
OGY5YmYwHhcNMjYwMjIxMTk1NDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmQ3MTFmYTU0YWE5MDk1MzYwOWJmYWE5OWVhY2RlMGFkMjA3YWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12HfpyjeXITouZClq6i234poNOvY
T7tSJwrmn0aNQI9bF5wEiSisTzuDZLPP/qBUVWdfQxX/DJfiBFojGzHyKp7ezdyV
WrgExWfiHaRh1EgmqQCqyGPnchk9Qu6M8MvIu+0D2oIi1aYcbBb5SUj+la2K5WY8
6y++vC4JzkNEbwddK2FBYBfbT5bi+XPI8AiM8fTWtCOX9PxgNjLaKIwUKTprjkZr
RrKcFicSZOIUbiNSgP5sxhuwRiQGmzJsgi2lDOBNvSVpfgeuw+BZgK6owG5nJeX6
Qpzx1SUBDPOB8zUFxDeFUt6yGwO0tTB/ixpHPwJ7ZkNwOCOqetBychDiLQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLLXEfpUqpCVNgm/qpnqzeCtIHqwMB8GA1UdIwQY
MBaAFFVMJNQ3oNVrm9C+SIpgz9XMyPm/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlV3azFEZWcxV3ViMEw1SWltRFAxY3pJLWI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9lMjgyZTctNGJmMS00Y2I4LWFlNmUt
NjliYWExMWQ1NzhmLzEvc3RjUi1sU3FrSlUyQ2ItcW1lck40SzBnZXJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9lMjgyZTctNGJmMS00Y2I4LWFlNmUtNjliYWExMWQ1Nzhm
LzEvVlV3azFEZWcxV3ViMEw1SWltRFAxY3pJLWI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQOADAN
BgkqhkiG9w0BAQsFAAOCAQEAAdYk7w3wrJuKpP8Qg90GjhSoZhYQz65aVQrqydo4
Fm4OKK3cFFnhMaUZm9UckE5aN7brxy/pqVga/CnjTV/0ZYCoBjX924XSenxYH3Qp
E5BH6UyLacZbl/BCrPmWuOFVEatvOwXqJ3u2f9vldtuHNwfu+25+AxwwfTWUH5JF
wFu/WH4uBIWw1nWc/TJ1m2z3PtLlGypypGHKDrwIWvZSZN5KaBhDmalLyEqHnxG5
j/9frkDTaz0nqs2abvr6FCDBpXpz46MDsP80CPgJfY/FmnRCqGBD7qzSLvk8CQQN
SknNNTsnYfbZU6hmxhYwlSXZ4lrc9iTTXUiaI3/K3M4UKw==
-----END CERTIFICATE-----
Generated at Thu Feb 26 18:53:06 2026 by rpki-client