Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/SRUg9xGBkT9sFNpU9f2NxEasRyQ.roa
File: SRUg9xGBkT9sFNpU9f2NxEasRyQ.roa (raw, json)
Hash identifier: qx3smE/jPe5+8VecE7QsmPHK3Z5SvpLPJ8n1Wm6tqUs=
Subject key identifier: 49:15:20:F7:11:81:91:3F:6C:14:DA:54:F5:FD:8D:C4:46:AC:47:24
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 019E49D8F94A6F5434A95BA37D6EC741A1ED
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/SRUg9xGBkT9sFNpU9f2NxEasRyQ.roa
Signing time: Thu 21 May 2026 09:23:36 +0000
ROA not before: Thu 21 May 2026 09:23:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2001:3280::/29 maxlen: 32
2001:3380::/29 maxlen: 29
2a0e:a780::/29 maxlen: 32
2a13:8000::/29 maxlen: 32
2a13:b840::/29 maxlen: 32
2a13:bfc0::/29 maxlen: 29
2a13:c040::/29 maxlen: 29
2a13:de40::/29 maxlen: 29
2a14:6ac0::/29 maxlen: 29
2a14:6b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:49:d8:f9:4a:6f:54:34:a9:5b:a3:7d:6e:c7:41:a1:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: May 21 09:23:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=491520f71181913f6c14da54f5fd8dc446ac4724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:99:32:0c:a6:7b:d2:16:e6:80:6c:7c:3b:d8:
21:91:67:f2:b6:24:c2:e9:98:04:15:7a:a9:2d:ef:
ad:c8:4c:fe:3d:c8:37:e8:37:15:d1:bc:7e:a8:cc:
73:a0:77:a4:18:c1:59:eb:4a:ff:e5:c7:a9:83:de:
27:6d:32:f9:58:9c:a4:6f:35:9d:c4:e8:f0:2b:76:
e2:fb:9d:78:00:9f:ec:da:fa:3c:78:7b:db:3f:9b:
27:64:16:95:33:0f:d2:ad:f8:bb:53:c9:c5:6c:33:
ac:d4:3e:ef:55:de:61:cd:7a:b6:b3:3a:24:40:af:
fe:b6:c0:a9:e1:60:01:55:4a:50:ca:4b:7b:ef:4b:
f2:0c:19:3e:7f:ea:b7:b5:be:15:29:7d:f8:75:96:
f7:5c:64:02:10:e1:d1:3c:b1:b8:89:c3:12:f8:ef:
e4:c0:e6:33:72:8c:e7:e0:bd:33:ca:0d:79:58:b8:
8c:99:ef:eb:9e:a2:d5:4f:df:b7:76:a8:28:51:fe:
f3:dc:4f:10:54:30:f8:8a:88:c3:74:1f:be:0c:e2:
2c:56:9f:eb:3e:3d:c9:83:d5:b1:83:5f:fd:2e:ec:
fe:b5:d6:f7:32:f7:36:1f:a7:75:37:3e:71:5c:d8:
a8:ac:7f:8c:c1:1e:04:fc:3c:80:af:b8:95:ec:a3:
e2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:15:20:F7:11:81:91:3F:6C:14:DA:54:F5:FD:8D:C4:46:AC:47:24
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/SRUg9xGBkT9sFNpU9f2NxEasRyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3280::/29
2001:3380::/29
2a0e:a780::/29
2a13:8000::/29
2a13:b840::/29
2a13:bfc0::/29
2a13:c040::/29
2a13:de40::/29
2a14:6ac0::/29
2a14:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
54:37:4b:15:72:9a:73:e0:27:d4:73:0d:74:d2:e3:f8:4c:ff:
2a:04:8e:58:a3:8b:89:55:54:73:15:44:cd:b3:88:fe:ad:c2:
94:62:16:31:1b:dd:df:f5:86:7b:a1:dc:b7:b6:6c:86:7d:66:
e4:39:3f:84:98:7f:17:c0:e7:c3:22:53:d3:68:1e:3c:07:39:
e9:ad:f4:b1:04:a3:b9:d2:0a:48:13:44:24:b7:ca:5b:ae:14:
f3:ff:5c:c8:ea:08:e7:b2:8f:26:98:0a:22:a2:72:9a:96:da:
ae:21:0c:00:55:b2:34:ce:dd:fe:c9:e4:1b:1e:1d:53:ef:0e:
7a:1f:1d:47:53:81:0b:3e:7f:e8:53:e0:27:ae:38:57:ee:b6:
8a:13:4e:7b:cc:fe:6e:42:08:74:d8:ab:a9:0b:f0:fb:fe:eb:
a9:3a:e9:71:f5:c2:04:16:36:c2:4c:54:98:0e:f5:c5:ef:c0:
da:fa:53:6e:82:aa:68:11:a9:80:ad:96:e8:08:42:b9:95:8e:
f1:cc:b4:5f:6b:cf:36:47:9c:93:0e:b2:df:f1:46:7c:ec:49:
ff:8d:79:f2:dd:b0:68:4f:c1:ac:c4:c2:b3:8c:8b:41:f5:4e:
d2:b4:1a:6d:1c:39:1b:96:95:ab:c6:67:f7:44:79:1f:83:6e:
57:98:5d:cf
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZ5J2PlKb1Q0qVujfW7HQaHtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjYwNTIxMDkyMzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTE1MjBmNzExODE5MTNmNmMxNGRhNTRmNWZkOGRjNDQ2YWM0NzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpkyDKZ70hbmgGx8O9ghkWfytiTC
6ZgEFXqpLe+tyEz+Pcg36DcV0bx+qMxzoHekGMFZ60r/5cepg94nbTL5WJykbzWd
xOjwK3bi+514AJ/s2vo8eHvbP5snZBaVMw/Srfi7U8nFbDOs1D7vVd5hzXq2szok
QK/+tsCp4WABVUpQykt770vyDBk+f+q3tb4VKX34dZb3XGQCEOHRPLG4icMS+O/k
wOYzcozn4L0zyg15WLiMme/rnqLVT9+3dqgoUf7z3E8QVDD4iojDdB++DOIsVp/r
Pj3Jg9Wxg1/9Luz+tdb3Mvc2H6d1Nz5xXNiorH+MwR4E/DyAr7iV7KPiTwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFEkVIPcRgZE/bBTaVPX9jcRGrEckMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvU1JVZzl4R0JrVDlzRk5wVTlmMk54RWFzUnlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDIAEygAMF
AyABM4ADBQMqDqeAAwUDKhOAAAMFAyoTuEADBQMqE7/AAwUDKhPAQAMFAyoT3kAD
BQMqFGrAAwUDKhRrQDANBgkqhkiG9w0BAQsFAAOCAQEAVDdLFXKac+An1HMNdNLj
+Ez/KgSOWKOLiVVUcxVEzbOI/q3ClGIWMRvd3/WGe6Hct7Zshn1m5Dk/hJh/F8Dn
wyJT02gePAc56a30sQSjudIKSBNEJLfKW64U8/9cyOoI57KPJpgKIqJympbariEM
AFWyNM7d/snkGx4dU+8Oeh8dR1OBCz5/6FPgJ644V+62ihNOe8z+bkIIdNirqQvw
+/7rqTrpcfXCBBY2wkxUmA71xe/A2vpTboKqaBGpgK2W6AhCuZWO8cy0X2vPNkec
kw6y3/FGfOxJ/4158t2waE/BrMTCs4yLQfVO0rQabRw5G5aVq8Zn90R5H4NuV5hd
zw==
-----END CERTIFICATE-----
Generated at Sat May 23 03:04:31 2026 by rpki-client