Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/eK5KYaBv7rGYQylc77Q_KaWZp-k.roa
File: eK5KYaBv7rGYQylc77Q_KaWZp-k.roa (raw, json)
Hash identifier: wH+PyP1Rad7ulCdZvuT4Q+mx9NyU1f6I/8n6VXlm8qs=
Subject key identifier: 78:AE:4A:61:A0:6F:EE:B1:98:43:29:5C:EF:B4:3F:29:A5:99:A7:E9
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 019D77525F53400DB4A375B12ED4D2DBB90E
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/eK5KYaBv7rGYQylc77Q_KaWZp-k.roa
Signing time: Fri 10 Apr 2026 12:16:20 +0000
ROA not before: Fri 10 Apr 2026 12:16:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199176
IP address blocks: 2a03:5840:152::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 May 2026 11:18:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:77:52:5f:53:40:0d:b4:a3:75:b1:2e:d4:d2:db:b9:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Apr 10 12:16:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=78ae4a61a06feeb19843295cefb43f29a599a7e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0e:26:e9:1f:09:3d:47:fb:92:18:c0:5b:5b:
62:24:a5:29:df:0c:1c:4f:22:65:f4:c4:7a:4d:be:
e6:4e:fc:45:15:4f:a6:bb:9c:af:1a:c5:b1:53:b1:
4e:f6:18:84:b6:53:e8:20:b9:29:12:f3:42:66:5e:
b5:48:fc:8f:18:ce:b8:c8:e2:20:d3:1f:72:1b:1f:
ed:77:c6:d5:c1:41:4e:0b:b3:62:77:0d:57:a4:0b:
17:fd:18:f0:05:3e:ee:17:6c:33:82:34:35:64:7e:
7f:92:c0:45:3e:2a:f9:25:60:9a:88:eb:19:8a:e7:
45:d8:0a:33:62:0f:3a:f1:84:bf:3e:72:e9:94:90:
da:4e:0b:f4:0c:49:33:7d:21:6a:3e:a1:fb:a4:3f:
b8:ef:a0:9c:8f:15:9d:f7:cd:c2:30:8e:ae:da:73:
bd:07:ed:c8:78:d5:5b:93:75:b9:0e:cf:8b:a9:8b:
7c:8d:80:f5:b8:32:bb:5b:de:18:df:24:4d:35:4a:
25:5d:1b:63:30:c8:82:6f:40:05:cf:72:8e:eb:ef:
56:9a:fa:de:c6:8b:c7:bc:d7:cd:c1:78:e1:c2:e2:
8f:90:3f:d3:76:ea:25:39:2d:db:0f:73:be:88:84:
22:02:7f:74:07:2b:9b:53:c9:3c:68:d8:bc:cf:b0:
6e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:AE:4A:61:A0:6F:EE:B1:98:43:29:5C:EF:B4:3F:29:A5:99:A7:E9
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/eK5KYaBv7rGYQylc77Q_KaWZp-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:152::/48
Signature Algorithm: sha256WithRSAEncryption
51:cf:52:67:86:1f:65:5c:21:7c:24:8e:6d:55:3f:50:20:f5:
aa:49:b8:ce:5d:cb:72:aa:d8:d0:cf:89:64:72:2e:77:7b:74:
0b:6c:1f:29:9d:7b:6d:21:77:bc:ce:43:62:90:db:bc:bc:ff:
bb:53:78:19:65:43:aa:a4:a3:32:ea:39:7c:51:21:93:08:fa:
88:dd:ec:81:56:dd:90:04:31:31:49:86:25:7e:95:7d:d8:7d:
7a:ac:fa:24:24:2d:ae:58:18:5f:fe:05:1c:bd:cc:31:00:1a:
8b:47:91:76:01:ea:83:68:43:19:71:55:9e:02:50:9f:38:d3:
e9:55:62:85:da:ad:b7:6d:95:91:fb:50:41:32:d8:bb:9e:cd:
52:2d:2d:10:12:0c:b0:bd:74:57:46:41:e7:7e:e2:6c:d4:80:
ae:a0:1a:e0:7b:d8:fb:eb:d8:8b:5e:fe:78:3d:53:59:89:53:
5e:d4:06:2a:67:4d:15:0a:b0:eb:6f:e0:ab:4d:8a:f6:85:7e:
5f:3d:bb:86:2a:bb:56:de:9e:d8:8a:e0:14:ab:80:18:2c:64:
bd:01:41:79:ac:b9:01:7f:eb:87:8a:71:9e:ab:14:94:bc:36:
d8:d3:69:ff:73:8c:d6:80:ab:74:6a:12:d1:48:d4:99:8a:50:
35:f0:9d:57
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ13Ul9TQA20o3WxLtTS27kOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjYwNDEwMTIxNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGFlNGE2MWEwNmZlZWIxOTg0MzI5NWNlZmI0M2YyOWE1OTlhN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ4m6R8JPUf7khjAW1tiJKUp3wwc
TyJl9MR6Tb7mTvxFFU+mu5yvGsWxU7FO9hiEtlPoILkpEvNCZl61SPyPGM64yOIg
0x9yGx/td8bVwUFOC7Nidw1XpAsX/RjwBT7uF2wzgjQ1ZH5/ksBFPir5JWCaiOsZ
iudF2AozYg868YS/PnLplJDaTgv0DEkzfSFqPqH7pD+476CcjxWd983CMI6u2nO9
B+3IeNVbk3W5Ds+LqYt8jYD1uDK7W94Y3yRNNUolXRtjMMiCb0AFz3KO6+9Wmvre
xovHvNfNwXjhwuKPkD/TduolOS3bD3O+iIQiAn90ByubU8k8aNi8z7Bu+wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFHiuSmGgb+6xmEMpXO+0PymlmafpMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvZUs1S1lhQnY3ckdZUXlsYzc3UV9LYVdacC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgNYQAFS
MA0GCSqGSIb3DQEBCwUAA4IBAQBRz1Jnhh9lXCF8JI5tVT9QIPWqSbjOXctyqtjQ
z4lkci53e3QLbB8pnXttIXe8zkNikNu8vP+7U3gZZUOqpKMy6jl8USGTCPqI3eyB
Vt2QBDExSYYlfpV92H16rPokJC2uWBhf/gUcvcwxABqLR5F2AeqDaEMZcVWeAlCf
ONPpVWKF2q23bZWR+1BBMti7ns1SLS0QEgywvXRXRkHnfuJs1ICuoBrge9j769iL
Xv54PVNZiVNe1AYqZ00VCrDrb+CrTYr2hX5fPbuGKrtW3p7YiuAUq4AYLGS9AUF5
rLkBf+uHinGeqxSUvDbY02n/c4zWgKt0ahLRSNSZilA18J1X
-----END CERTIFICATE-----
Generated at Sun May 10 15:53:12 2026 by rpki-client