Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/9RuEfPDy7NcEevxrr3brvJp9UCU.roa
File: 9RuEfPDy7NcEevxrr3brvJp9UCU.roa (raw, json)
Hash identifier: 0j6TPncrYZJxKRy7qi/uID511rndKgFVeAqO5t+E9Ok=
Subject key identifier: F5:1B:84:7C:F0:F2:EC:D7:04:7A:FC:6B:AF:76:EB:BC:9A:7D:50:25
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 019DE60D5F62467510C0158D271CDF065BEE
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/9RuEfPDy7NcEevxrr3brvJp9UCU.roa
Signing time: Sat 02 May 2026 00:18:49 +0000
ROA not before: Sat 02 May 2026 00:18:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62240
IP address blocks: 2a03:efc0:4900::/40 maxlen: 40
2a03:efc0:4920::/43 maxlen: 43
2a03:efc0:4940::/43 maxlen: 43
2a03:efc0:4960::/43 maxlen: 43
2a03:efc0:4980::/43 maxlen: 43
2a03:efc0:49a0::/43 maxlen: 43
2a03:efc0:49c0::/43 maxlen: 43
2a03:efc0:5800::/40 maxlen: 43
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e6:0d:5f:62:46:75:10:c0:15:8d:27:1c:df:06:5b:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: May 2 00:18:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f51b847cf0f2ecd7047afc6baf76ebbc9a7d5025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:80:03:f3:db:1e:58:32:ca:9f:b6:4d:3d:3c:
72:69:13:99:c4:d6:08:bc:2a:31:50:4e:48:4d:35:
49:cb:9d:74:ab:f2:7e:bc:bc:23:ee:04:a5:9c:ac:
b1:e8:c4:9f:02:7a:4e:b0:45:6e:84:7e:b9:07:88:
e4:c4:14:50:61:d6:3c:00:ce:38:a9:30:36:12:c6:
7a:84:ed:25:c7:a6:74:cf:17:8e:31:1c:bf:7f:7b:
4c:11:2a:de:ec:7f:7f:c8:85:be:69:1d:ef:1c:3a:
5b:0e:6c:48:a1:cc:9b:8c:9c:c2:78:50:0b:6f:e5:
ab:bc:1f:2b:22:77:c9:52:94:53:f9:26:b1:63:a1:
e1:e6:a6:5d:ea:9e:b6:dc:89:71:b6:6c:5c:a8:34:
c5:b3:06:67:41:8d:eb:9a:b3:82:1b:96:bc:61:77:
ae:f4:47:e6:bf:da:f5:85:b8:8c:e5:6d:d9:4b:62:
5f:4c:71:58:84:25:7b:03:dc:af:e6:a0:20:8e:23:
49:8c:ec:18:4d:c7:d9:19:a1:6b:f6:a1:ee:c3:b0:
65:2d:33:85:db:e1:10:56:e2:c8:bc:fc:dd:84:fd:
88:90:df:d8:41:0f:6a:04:06:ff:ba:a4:cf:4c:96:
8f:02:ee:af:71:15:23:e0:e2:39:27:38:8e:d1:c0:
dd:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:1B:84:7C:F0:F2:EC:D7:04:7A:FC:6B:AF:76:EB:BC:9A:7D:50:25
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/9RuEfPDy7NcEevxrr3brvJp9UCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:efc0:4900::/40
2a03:efc0:5800::/40
Signature Algorithm: sha256WithRSAEncryption
b4:62:66:f4:39:4e:41:e5:8c:e6:92:b2:0e:37:09:ef:e2:b6:
03:1f:21:33:3f:11:1e:d4:92:2a:ac:22:5f:da:21:fe:24:3a:
14:a6:78:28:fb:68:c1:32:12:03:fb:e6:4b:cf:f8:18:94:c9:
86:01:f0:14:8f:e4:66:c7:ef:1a:7e:d2:39:75:c3:eb:55:6a:
70:88:a4:f2:6d:39:82:f5:59:95:57:49:14:c6:43:4a:69:45:
7b:c5:74:58:c7:ee:a6:b4:ae:f5:e9:cd:d9:62:44:cd:97:89:
f2:82:1b:41:fc:12:ed:0c:35:cd:b2:d7:e5:2d:31:fa:c2:9c:
eb:76:15:d5:6e:a9:b9:75:33:28:e2:bd:34:24:5a:ea:d4:c2:
aa:5e:96:39:58:f7:5e:7c:ac:76:0c:0f:ce:7e:9b:d7:07:7a:
3c:42:d7:35:0e:3e:39:20:71:52:e3:29:eb:a5:c1:36:6d:35:
cb:f7:e2:dc:49:f7:82:fe:c7:d2:e4:f8:1b:2c:82:92:6b:3a:
fd:71:a1:ad:6c:f4:ee:f7:15:1b:c2:71:98:1a:c5:66:58:02:
0e:1e:05:38:68:57:28:d2:db:83:ed:2b:57:91:fe:ad:86:1b:
bc:c9:fa:a5:b7:e5:a7:71:6f:63:11:3d:57:41:e3:ed:f4:6a:
b7:df:73:c4
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZ3mDV9iRnUQwBWNJxzfBlvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjYwNTAyMDAxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTFiODQ3Y2YwZjJlY2Q3MDQ3YWZjNmJhZjc2ZWJiYzlhN2Q1MDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4AD89seWDLKn7ZNPTxyaROZxNYI
vCoxUE5ITTVJy510q/J+vLwj7gSlnKyx6MSfAnpOsEVuhH65B4jkxBRQYdY8AM44
qTA2EsZ6hO0lx6Z0zxeOMRy/f3tMESre7H9/yIW+aR3vHDpbDmxIocybjJzCeFAL
b+WrvB8rInfJUpRT+SaxY6Hh5qZd6p623IlxtmxcqDTFswZnQY3rmrOCG5a8YXeu
9Efmv9r1hbiM5W3ZS2JfTHFYhCV7A9yv5qAgjiNJjOwYTcfZGaFr9qHuw7BlLTOF
2+EQVuLIvPzdhP2IkN/YQQ9qBAb/uqTPTJaPAu6vcRUj4OI5JziO0cDdmwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFPUbhHzw8uzXBHr8a69267yafVAlMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvOVJ1RWZQRHk3TmNFZXZ4cnIzYnJ2SnA5VUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgPvwEkD
BgAqA+/AWDANBgkqhkiG9w0BAQsFAAOCAQEAtGJm9DlOQeWM5pKyDjcJ7+K2Ax8h
Mz8RHtSSKqwiX9oh/iQ6FKZ4KPtowTISA/vmS8/4GJTJhgHwFI/kZsfvGn7SOXXD
61VqcIik8m05gvVZlVdJFMZDSmlFe8V0WMfuprSu9enN2WJEzZeJ8oIbQfwS7Qw1
zbLX5S0x+sKc63YV1W6puXUzKOK9NCRa6tTCql6WOVj3XnysdgwPzn6b1wd6PELX
NQ4+OSBxUuMp66XBNm01y/fi3En3gv7H0uT4GyyCkms6/XGhrWz07vcVG8JxmBrF
ZlgCDh4FOGhXKNLbg+0rV5H+rYYbvMn6pbflp3FvYxE9V0Hj7fRqt99zxA==
-----END CERTIFICATE-----
Generated at Wed May 6 01:09:10 2026 by rpki-client