Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/k2ARdikxN9KDLwEYOTj7rA03tck.roa
File: k2ARdikxN9KDLwEYOTj7rA03tck.roa (raw, json)
Hash identifier: 17Iyu6Bq3YNNwBSHGv6T+1WMQURvGsO2DjlvzlanJeU=
Subject key identifier: 93:60:11:76:29:31:37:D2:83:2F:01:18:39:38:FB:AC:0D:37:B5:C9
Certificate issuer: /CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Certificate serial: 019CB9734BFFCFA85ABC4DB94FA3C2317E34
Authority key identifier: 2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/k2ARdikxN9KDLwEYOTj7rA03tck.roa
Signing time: Wed 04 Mar 2026 15:24:26 +0000
ROA not before: Wed 04 Mar 2026 15:24:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204582
IP address blocks: 45.144.44.0/29 maxlen: 29
45.144.44.0/30 maxlen: 30
2a0e:eac0:2000::/44 maxlen: 48
2a0e:eac0:2001::/48 maxlen: 48
2a0e:eac0:2002::/48 maxlen: 48
2a0e:eac0:2003::/48 maxlen: 48
2a0e:eac0:2010::/44 maxlen: 48
2a0e:eac0:2030::/44 maxlen: 44
2a0e:eac0:2100::/44 maxlen: 48
2a0e:eac0:2101::/48 maxlen: 48
2a0e:eac0:2110::/44 maxlen: 48
2a0e:eac0:2200::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.mft
rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 12:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b9:73:4b:ff:cf:a8:5a:bc:4d:b9:4f:a3:c2:31:7e:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b6d7e5191f81ff0a19f102b1718ab4f9e0ea3a0
Validity
Not Before: Mar 4 15:24:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=93601176293137d2832f01183938fbac0d37b5c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:de:b4:35:86:50:71:ad:0c:54:a7:f5:d2:1c:
46:cf:be:8d:3e:0f:78:15:2c:b2:d0:b6:f6:00:d0:
88:f8:57:21:c0:55:9b:eb:be:78:5a:b7:3a:bd:9c:
ac:83:53:cc:d7:f5:c8:c3:e2:89:6b:98:34:f7:98:
74:8e:db:f5:b6:d3:f9:1b:ff:21:da:e9:ce:4e:03:
0c:74:7e:e5:66:64:eb:18:05:33:e1:b1:24:3c:09:
ad:66:f1:50:f1:04:ea:2a:63:25:1b:9c:f8:4f:02:
e3:73:ad:1e:24:dd:fe:4b:90:5a:c5:63:1e:a3:b0:
c5:d0:9c:97:be:a2:84:00:bd:52:95:05:06:76:81:
21:d4:7c:eb:57:7b:fe:fd:c9:b5:ba:4a:c8:57:87:
6d:14:09:3d:1a:0e:62:db:2c:8a:0b:84:46:03:82:
75:80:2f:3d:27:dc:f9:f7:98:d6:29:49:bc:a0:4b:
66:b4:23:8a:ae:14:c5:32:72:0d:61:59:f4:47:42:
93:9f:7c:10:6c:48:2b:fb:4f:5c:04:ee:71:d0:6f:
68:9f:1e:66:f1:27:57:b1:82:8a:b6:52:27:33:35:
59:4a:5f:80:01:d6:33:63:cb:86:0f:7e:e4:d4:27:
be:91:85:bc:a6:7d:46:11:7c:d8:1f:8c:eb:96:51:
f2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:60:11:76:29:31:37:D2:83:2F:01:18:39:38:FB:AC:0D:37:B5:C9
X509v3 Authority Key Identifier:
keyid:2B:6D:7E:51:91:F8:1F:F0:A1:9F:10:2B:17:18:AB:4F:9E:0E:A3:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K21-UZH4H_ChnxArFxirT54Oo6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/k2ARdikxN9KDLwEYOTj7rA03tck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ab3156-b061-49fc-b1f0-00ca3126b3fe/1/K21-UZH4H_ChnxArFxirT54Oo6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.44.0/29
IPv6:
2a0e:eac0:2000::/43
2a0e:eac0:2030::/44
2a0e:eac0:2100::/43
2a0e:eac0:2200::/48
Signature Algorithm: sha256WithRSAEncryption
10:4f:03:b9:ef:cf:63:2b:21:5a:04:8c:ec:a1:2d:61:f0:40:
92:3d:1b:01:f4:97:4a:62:0b:45:99:c1:78:93:66:74:8a:7c:
86:e6:3d:e8:36:e3:3d:ed:f0:04:98:12:c1:c2:ac:44:b7:61:
f8:bd:bf:e0:d8:60:ba:4d:08:e3:f0:4d:a5:60:bc:51:e3:54:
c4:7f:c1:20:cb:4e:03:d2:83:86:d8:93:36:ff:14:13:7b:f7:
f1:55:cb:b9:fe:d3:ec:49:1d:92:ee:38:1c:3e:ad:ff:c0:9b:
cc:0f:02:f1:41:a4:90:ac:0c:74:1a:c6:dc:26:74:37:b7:c1:
c5:24:9b:e4:e6:66:fc:bb:39:33:93:ed:fa:c2:0f:50:c6:25:
56:4b:d0:23:21:dd:5d:ed:13:5d:a2:4b:60:6a:56:9f:a2:ac:
9e:cc:92:d8:e0:9b:2c:44:8c:32:c8:6c:f8:0a:99:b1:90:5a:
b1:04:d6:69:e0:ba:81:b9:f0:d1:ce:d6:71:ee:25:ef:b5:db:
ed:80:d8:c2:81:38:c6:d3:ab:c6:31:14:f1:5a:8c:52:18:17:
7b:94:ab:c3:41:f0:74:7b:93:ac:3c:18:a0:b0:09:0d:b4:51:
c9:0d:d6:5f:f5:16:2d:58:d0:89:b2:cf:1b:c1:86:b4:6f:dd:
80:be:ce:eb
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZy5c0v/z6havE25T6PCMX40MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNmQ3ZTUxOTFmODFmZjBhMTlmMTAyYjE3MThhYjRmOWUw
ZWEzYTAwHhcNMjYwMzA0MTUyNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzYwMTE3NjI5MzEzN2QyODMyZjAxMTgzOTM4ZmJhYzBkMzdiNWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv960NYZQca0MVKf10hxGz76NPg94
FSyy0Lb2ANCI+FchwFWb6754Wrc6vZysg1PM1/XIw+KJa5g095h0jtv1ttP5G/8h
2unOTgMMdH7lZmTrGAUz4bEkPAmtZvFQ8QTqKmMlG5z4TwLjc60eJN3+S5BaxWMe
o7DF0JyXvqKEAL1SlQUGdoEh1HzrV3v+/cm1ukrIV4dtFAk9Gg5i2yyKC4RGA4J1
gC89J9z595jWKUm8oEtmtCOKrhTFMnINYVn0R0KTn3wQbEgr+09cBO5x0G9onx5m
8SdXsYKKtlInMzVZSl+AAdYzY8uGD37k1Ce+kYW8pn1GEXzYH4zrllHypQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJNgEXYpMTfSgy8BGDk4+6wNN7XJMB8GA1UdIwQY
MBaAFCttflGR+B/woZ8QKxcYq0+eDqOgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAt
MDBjYTMxMjZiM2ZlLzEvazJBUmRpa3hOOUtETHdFWU9UajdyQTAzdGNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hYjMxNTYtYjA2MS00OWZjLWIxZjAtMDBjYTMxMjZiM2Zl
LzEvSzIxLVVaSDRIX0NobnhBckZ4aXJUNTRPbzZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzANBAIAATAHAwUDLZAsADAq
BAIAAjAkAwcFKg7qwCAAAwcEKg7qwCAwAwcFKg7qwCEAAwcAKg7qwCIAMA0GCSqG
SIb3DQEBCwUAA4IBAQAQTwO5789jKyFaBIzsoS1h8ECSPRsB9JdKYgtFmcF4k2Z0
inyG5j3oNuM97fAEmBLBwqxEt2H4vb/g2GC6TQjj8E2lYLxR41TEf8Egy04D0oOG
2JM2/xQTe/fxVcu5/tPsSR2S7jgcPq3/wJvMDwLxQaSQrAx0GsbcJnQ3t8HFJJvk
5mb8uzkzk+36wg9QxiVWS9AjId1d7RNdoktgalafoqyezJLY4JssRIwyyGz4Cpmx
kFqxBNZp4LqBufDRztZx7iXvtdvtgNjCgTjG06vGMRTxWoxSGBd7lKvDQfB0e5Os
PBigsAkNtFHJDdZf9RYtWNCJss8bwYa0b92Avs7r
-----END CERTIFICATE-----
Generated at Thu Mar 12 22:09:43 2026 by rpki-client