Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/9RS1bKDYnq9z3G_R-qYUvctWzoI.roa
File: 9RS1bKDYnq9z3G_R-qYUvctWzoI.roa (raw, json)
Hash identifier: s7GcVAOs/PYU6IZMz5kKjwJ/V/5aeZe5gRNUUTw/o4E=
Subject key identifier: F5:14:B5:6C:A0:D8:9E:AF:73:DC:6F:D1:FA:A6:14:BD:CB:56:CE:82
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 019D393BDE644948F067839C5329BCCB32D1
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/9RS1bKDYnq9z3G_R-qYUvctWzoI.roa
Signing time: Sun 29 Mar 2026 10:55:18 +0000
ROA not before: Sun 29 Mar 2026 10:55:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215427
IP address blocks: 2a11:ad80::/29 maxlen: 29
2a13:c0c0::/29 maxlen: 29
2a13:c140::/29 maxlen: 29
2a13:d240::/29 maxlen: 29
2a14:5740::/29 maxlen: 29
2a14:58c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 Apr 2026 07:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:3b:de:64:49:48:f0:67:83:9c:53:29:bc:cb:32:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Mar 29 10:55:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f514b56ca0d89eaf73dc6fd1faa614bdcb56ce82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fc:4b:c1:8f:a0:80:de:e8:de:3e:6f:e9:b2:
de:4f:5a:88:19:46:ce:ce:ea:fd:ef:f9:64:cc:a6:
dc:d1:62:9f:ef:98:12:e9:43:5f:29:90:d5:1d:12:
d0:b2:14:20:1e:57:0b:f4:32:66:50:34:74:86:71:
3f:d0:59:5d:b2:da:93:3b:8a:27:91:46:60:3a:76:
d8:13:dd:92:69:9b:b6:ec:18:67:9b:0a:ef:16:ab:
77:d3:68:f9:9e:05:57:b7:d5:51:9c:1d:38:ed:ff:
7f:bb:ce:0a:90:fd:2f:5e:c2:4f:3a:c5:c8:19:7e:
db:6d:0b:44:80:4d:48:7d:92:e6:af:6e:06:02:2d:
e4:c7:bd:7f:27:bd:ba:cc:c5:29:c9:70:89:80:d6:
1c:44:64:21:91:a7:f4:51:81:ca:3d:62:b0:6c:9d:
cc:fd:57:b4:20:8a:b2:01:78:d9:dd:52:cf:d7:63:
61:fb:03:fa:af:6e:39:04:04:78:e6:9f:12:93:8b:
aa:01:1a:ac:3c:be:61:21:ab:b5:c2:3d:4e:2b:be:
5c:d3:f3:b4:82:86:a6:0b:a7:20:67:3d:66:af:bb:
6c:e6:64:d4:57:f4:93:b8:d2:eb:5c:8b:30:8a:00:
bc:d8:26:80:f0:31:d7:83:c9:f6:5f:62:3e:c1:f0:
60:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:14:B5:6C:A0:D8:9E:AF:73:DC:6F:D1:FA:A6:14:BD:CB:56:CE:82
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/9RS1bKDYnq9z3G_R-qYUvctWzoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:ad80::/29
2a13:c0c0::/29
2a13:c140::/29
2a13:d240::/29
2a14:5740::/29
2a14:58c0::/29
Signature Algorithm: sha256WithRSAEncryption
41:5b:f2:98:c4:8f:31:42:e5:e0:e8:3d:5f:a3:e5:2b:61:dc:
0f:f0:5b:01:1c:2e:ef:7c:82:ba:a8:c7:b8:e8:2c:5f:48:58:
9a:00:7c:a2:65:13:25:4b:95:7e:d3:be:d7:f4:c5:53:b2:35:
1f:bb:a0:c5:31:ff:7d:dd:40:61:b8:3e:35:63:68:11:fa:04:
2b:58:90:a3:79:dd:ae:b0:42:f2:65:49:b9:7f:72:90:45:be:
d1:4b:c7:7d:6a:a6:6d:4c:7c:72:b0:c6:48:a1:8c:56:d5:14:
7b:2f:71:a6:5e:d1:f0:2a:38:c5:3b:8e:cf:ab:d8:d3:ac:bc:
52:38:49:20:41:8f:c5:8c:c3:bf:56:22:fd:26:62:fc:f8:2b:
14:88:67:f0:58:90:fd:cc:ee:9f:57:b5:64:c7:5e:ae:67:fc:
d5:d2:28:bc:32:55:79:e3:70:8d:66:91:f0:8b:0e:f2:77:20:
09:02:ef:dd:d2:76:81:45:a7:15:b1:88:0c:d0:06:8a:4c:8c:
fb:fc:38:c3:28:f7:9c:00:a5:9f:45:99:e3:ce:2a:89:dc:74:
16:3a:5d:da:ea:8c:2b:f5:93:b0:66:04:92:e8:14:ff:d7:21:
1a:c6:80:46:52:b8:cb:e0:ad:4d:06:fe:36:86:39:4f:aa:b9:
40:27:34:d8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ05O95kSUjwZ4OcUym8yzLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjYwMzI5MTA1NTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTE0YjU2Y2EwZDg5ZWFmNzNkYzZmZDFmYWE2MTRiZGNiNTZjZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfxLwY+ggN7o3j5v6bLeT1qIGUbO
zur97/lkzKbc0WKf75gS6UNfKZDVHRLQshQgHlcL9DJmUDR0hnE/0FldstqTO4on
kUZgOnbYE92SaZu27BhnmwrvFqt302j5ngVXt9VRnB047f9/u84KkP0vXsJPOsXI
GX7bbQtEgE1IfZLmr24GAi3kx71/J726zMUpyXCJgNYcRGQhkaf0UYHKPWKwbJ3M
/Ve0IIqyAXjZ3VLP12Nh+wP6r245BAR45p8Sk4uqARqsPL5hIau1wj1OK75c0/O0
goamC6cgZz1mr7ts5mTUV/STuNLrXIswigC82CaA8DHXg8n2X2I+wfBgrQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPUUtWyg2J6vc9xv0fqmFL3LVs6CMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvOVJTMWJLRFlucTl6M0dfUi1xWVV2Y3RXem9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKhGtgAMF
AyoTwMADBQMqE8FAAwUDKhPSQAMFAyoUV0ADBQMqFFjAMA0GCSqGSIb3DQEBCwUA
A4IBAQBBW/KYxI8xQuXg6D1fo+UrYdwP8FsBHC7vfIK6qMe46CxfSFiaAHyiZRMl
S5V+077X9MVTsjUfu6DFMf993UBhuD41Y2gR+gQrWJCjed2usELyZUm5f3KQRb7R
S8d9aqZtTHxysMZIoYxW1RR7L3GmXtHwKjjFO47Pq9jTrLxSOEkgQY/FjMO/ViL9
JmL8+CsUiGfwWJD9zO6fV7Vkx16uZ/zV0ii8MlV543CNZpHwiw7ydyAJAu/d0naB
RacVsYgM0AaKTIz7/DjDKPecAKWfRZnjziqJ3HQWOl3a6owr9ZOwZgSS6BT/1yEa
xoBGUrjL4K1NBv42hjlPqrlAJzTY
-----END CERTIFICATE-----
Generated at Mon Apr 6 12:58:25 2026 by rpki-client