Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/B0VtulEaKPa_tAeb3cyKEpLJwqQ.roa
File: B0VtulEaKPa_tAeb3cyKEpLJwqQ.roa (raw, json)
Hash identifier: DfXe9EjBy55A0mCRcLwF+DOn3wKxCrGVMcxxJZO9DaA=
Subject key identifier: 07:45:6D:BA:51:1A:28:F6:BF:B4:07:9B:DD:CC:8A:12:92:C9:C2:A4
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 019CBCDF75DCB8B35C32639D05F6687EEA6A
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/B0VtulEaKPa_tAeb3cyKEpLJwqQ.roa
Signing time: Thu 05 Mar 2026 07:21:27 +0000
ROA not before: Thu 05 Mar 2026 07:21:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2001:3080::/29 maxlen: 29
2a0e:a780::/29 maxlen: 29
2a10:9600::/29 maxlen: 29
2a13:8000::/29 maxlen: 29
2a13:b640::/29 maxlen: 29
2a13:b840::/29 maxlen: 29
2a13:d2c0::/29 maxlen: 29
2a13:ddc0::/32 maxlen: 32
2a13:ddc1::/32 maxlen: 32
2a13:ddc2::/32 maxlen: 32
2a13:ddc3::/32 maxlen: 32
2a13:ddc4::/32 maxlen: 32
2a13:ddc5::/32 maxlen: 32
2a13:ddc6::/32 maxlen: 32
2a13:ddc7::/32 maxlen: 32
2a13:de40::/29 maxlen: 29
2a14:6bc0::/29 maxlen: 29
2a14:72c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 17:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:bc:df:75:dc:b8:b3:5c:32:63:9d:05:f6:68:7e:ea:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Mar 5 07:21:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=07456dba511a28f6bfb4079bddcc8a1292c9c2a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:cc:67:a8:70:39:06:95:a5:75:93:12:09:b2:
a3:28:b6:19:77:c9:6e:1d:96:7d:4e:9f:52:f6:2e:
88:71:d8:49:b3:ed:df:0c:da:93:9e:c1:c6:28:e1:
4a:9a:59:d4:b9:42:8c:66:ea:dd:c0:c7:da:95:c2:
54:68:69:b5:80:9f:99:d0:d3:ee:76:88:8a:32:3d:
59:c4:86:4c:8e:8d:7a:40:42:44:82:68:fb:3c:e0:
11:91:71:cc:24:67:4b:e6:e5:32:ff:0b:ba:14:af:
31:31:02:42:55:21:d7:5c:ad:30:5d:c6:14:6d:db:
fc:c8:66:b6:58:c4:a4:f8:5f:af:c2:6c:84:f1:c7:
19:7c:d9:cc:6f:91:02:57:5f:8d:79:19:b1:e5:1b:
41:9e:e2:c4:e5:f5:ca:23:6d:a5:df:1f:ab:13:8c:
13:1f:90:30:fb:3a:92:94:11:4b:ef:f3:bf:b7:8d:
58:5f:5b:41:2e:cf:1e:1c:df:80:3c:03:19:1b:fc:
31:2b:75:d9:cb:08:c1:e3:fb:29:e8:44:aa:94:84:
7a:f4:c2:50:c9:44:51:f6:3c:85:e0:14:1a:6d:a6:
f3:c5:78:60:2c:a7:bc:f9:cc:e5:fe:68:c6:94:03:
f0:0f:35:06:68:44:40:70:6f:09:d9:72:d2:9c:52:
96:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:45:6D:BA:51:1A:28:F6:BF:B4:07:9B:DD:CC:8A:12:92:C9:C2:A4
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/B0VtulEaKPa_tAeb3cyKEpLJwqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3080::/29
2a0e:a780::/29
2a10:9600::/29
2a13:8000::/29
2a13:b640::/29
2a13:b840::/29
2a13:d2c0::/29
2a13:ddc0::/29
2a13:de40::/29
2a14:6bc0::/29
2a14:72c0::/29
Signature Algorithm: sha256WithRSAEncryption
a7:a2:1e:56:c8:bd:0d:fb:28:e2:87:8b:8c:cb:ad:37:e9:12:
17:27:3f:09:da:1a:f6:bd:04:4d:3a:ce:8a:ff:f8:ff:65:a9:
9c:e2:28:5c:67:37:ae:e1:17:37:d6:79:f9:07:e8:60:d2:e2:
d2:5c:b3:cb:76:ac:bf:40:94:5d:bb:8a:00:66:b1:c9:bc:e9:
71:8e:13:d9:bf:6a:4c:a4:23:2f:c1:82:e3:0c:2d:f2:46:1c:
34:e7:38:be:f1:41:54:0f:fd:b2:27:df:80:50:a7:ae:14:c2:
9e:6f:dd:88:78:7d:67:70:3b:9b:95:0f:64:7e:17:4e:7e:8e:
9b:76:9e:4e:24:2f:c6:57:65:4e:13:0c:90:0c:88:4f:df:aa:
2b:15:ca:02:9c:80:b9:eb:d0:a9:59:7f:74:d7:6b:c5:d7:f7:
58:27:c2:7a:1a:e2:d8:78:af:c0:70:16:d5:04:41:5f:2a:78:
1a:3f:57:7b:2b:25:bf:55:1f:ed:61:2d:4d:8f:1c:76:77:31:
d6:39:a8:ec:60:83:9a:df:40:b3:28:d8:ba:4a:db:b0:d3:23:
13:a6:4b:00:6f:e3:b4:65:3a:4f:21:6d:35:f9:7a:58:28:ce:
f6:a5:f6:0d:bd:22:93:8b:5d:77:da:c4:ed:76:c6:13:b2:b4:
e6:d5:15:f1
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZy833XcuLNcMmOdBfZofupqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjYwMzA1MDcyMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzQ1NmRiYTUxMWEyOGY2YmZiNDA3OWJkZGNjOGExMjkyYzljMmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcxnqHA5BpWldZMSCbKjKLYZd8lu
HZZ9Tp9S9i6IcdhJs+3fDNqTnsHGKOFKmlnUuUKMZurdwMfalcJUaGm1gJ+Z0NPu
doiKMj1ZxIZMjo16QEJEgmj7POARkXHMJGdL5uUy/wu6FK8xMQJCVSHXXK0wXcYU
bdv8yGa2WMSk+F+vwmyE8ccZfNnMb5ECV1+NeRmx5RtBnuLE5fXKI22l3x+rE4wT
H5Aw+zqSlBFL7/O/t41YX1tBLs8eHN+APAMZG/wxK3XZywjB4/sp6ESqlIR69MJQ
yURR9jyF4BQababzxXhgLKe8+czl/mjGlAPwDzUGaERAcG8J2XLSnFKWZQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFAdFbbpRGij2v7QHm93MihKSycKkMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvQjBWdHVsRWFLUGFfdEFlYjNjeUtFcExKd3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAAjBNAwUDIAEwgAMF
AyoOp4ADBQMqEJYAAwUDKhOAAAMFAyoTtkADBQMqE7hAAwUDKhPSwAMFAyoT3cAD
BQMqE95AAwUDKhRrwAMFAyoUcsAwDQYJKoZIhvcNAQELBQADggEBAKeiHlbIvQ37
KOKHi4zLrTfpEhcnPwnaGva9BE06zor/+P9lqZziKFxnN67hFzfWefkH6GDS4tJc
s8t2rL9AlF27igBmscm86XGOE9m/akykIy/BguMMLfJGHDTnOL7xQVQP/bIn34BQ
p64Uwp5v3Yh4fWdwO5uVD2R+F05+jpt2nk4kL8ZXZU4TDJAMiE/fqisVygKcgLnr
0KlZf3TXa8XX91gnwnoa4th4r8BwFtUEQV8qeBo/V3srJb9VH+1hLU2PHHZ3MdY5
qOxgg5rfQLMo2LpK27DTIxOmSwBv47RlOk8hbTX5elgozval9g29IpOLXXfaxO12
xhOytObVFfE=
-----END CERTIFICATE-----
Generated at Sat Mar 14 01:21:52 2026 by rpki-client