Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/sCMT3FjNRXsV4zD08syFixS63kI.roa
File: sCMT3FjNRXsV4zD08syFixS63kI.roa (raw, json)
Hash identifier: UQOEVWqNUcA3ClHSeJ5/hd2/e/u5eVibXnHOTPc2HYI=
Subject key identifier: B0:23:13:DC:58:CD:45:7B:15:E3:30:F4:F2:CC:85:8B:14:BA:DE:42
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 019E463E222D1CD866B0ECB1BA8A69854968
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/sCMT3FjNRXsV4zD08syFixS63kI.roa
Signing time: Wed 20 May 2026 16:35:37 +0000
ROA not before: Wed 20 May 2026 16:35:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205126
IP address blocks: 2a12:bec4:1cf0::/48 maxlen: 48
2a12:bec4:1cf1::/48 maxlen: 48
2a12:bec4:1cf2::/47 maxlen: 47
2a12:bec4:1cfa::/48 maxlen: 48
2a12:bec4:1cff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 05:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:46:3e:22:2d:1c:d8:66:b0:ec:b1:ba:8a:69:85:49:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: May 20 16:35:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b02313dc58cd457b15e330f4f2cc858b14bade42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4c:55:45:3a:c4:4c:37:a5:96:d8:53:ac:5c:
4e:59:e2:ff:93:fe:b7:78:ec:bb:de:58:0a:27:29:
1c:b4:fd:47:f6:22:1e:f8:00:19:9b:55:f0:bb:28:
c4:17:06:82:2b:4c:aa:88:ac:e5:44:c5:34:35:0d:
5b:bb:13:49:c4:c2:e4:de:26:e9:2b:ea:f8:1c:6b:
46:d2:f3:24:a4:38:21:4c:da:b3:d9:34:5c:97:a7:
ac:f4:b8:ad:c9:71:29:bd:ad:02:91:f1:7e:37:09:
f7:a4:5c:01:0b:01:2e:e3:0c:17:24:a2:0e:12:60:
ab:58:b9:70:da:3b:67:d7:6a:82:23:a9:1c:a6:9f:
66:a3:5a:b5:c2:03:26:ba:13:de:b1:57:ce:d6:e2:
f6:b9:43:ac:81:ef:eb:ad:eb:b5:ff:2b:91:6a:cc:
64:8a:32:cf:af:49:d5:26:9e:94:ad:58:59:fc:83:
92:26:c0:c2:93:40:c7:55:b0:89:b7:8d:e7:8f:14:
7f:0d:ac:0c:7d:e9:b4:7a:77:b8:fa:ee:8d:51:f1:
0f:83:76:6d:9d:84:f3:ba:9c:08:44:67:c3:c9:17:
ad:b9:d6:c8:70:71:f9:c9:e6:43:ab:a2:5d:03:3d:
c4:27:28:cb:e1:97:09:fd:93:fb:cf:eb:86:e4:1e:
13:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:23:13:DC:58:CD:45:7B:15:E3:30:F4:F2:CC:85:8B:14:BA:DE:42
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/sCMT3FjNRXsV4zD08syFixS63kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:1cf0::/46
2a12:bec4:1cfa::/48
2a12:bec4:1cff::/48
Signature Algorithm: sha256WithRSAEncryption
72:6e:b8:b9:a7:d9:56:e6:ed:04:a5:b2:f6:95:11:56:06:6e:
7d:52:17:fb:fd:ef:74:bb:19:b8:e2:f9:69:e5:b6:8c:1c:f9:
2f:af:56:c1:5d:17:26:38:c3:7c:ac:36:76:c1:72:c1:52:7f:
34:e1:87:b3:da:82:ec:76:24:0b:d4:f1:08:0d:7a:de:9d:30:
34:26:31:ae:1d:16:59:de:dc:05:f3:96:ae:c7:db:55:58:40:
44:83:9d:29:48:b0:e3:44:7d:22:9e:7d:3c:5e:0e:4b:ce:e7:
5c:a7:17:37:ad:12:04:8d:a7:49:c7:b7:3d:9e:b0:13:09:67:
c5:1e:8c:a8:7b:03:93:e7:95:6f:9f:34:90:6c:8c:c6:61:88:
f0:39:a1:e6:b4:30:9e:b0:45:82:cb:00:3b:82:3c:31:0d:8b:
be:80:fd:7f:77:bf:e0:64:b2:b4:86:06:cd:ae:36:fa:12:a9:
e3:e4:1a:aa:13:44:aa:9f:2f:79:2a:01:2e:36:e0:f0:dd:4d:
2d:5b:3e:82:cb:64:6f:bc:c6:90:8a:65:80:e3:6f:16:56:a5:
7c:f2:62:a3:e9:21:85:b8:9b:6d:9a:90:92:e5:a7:05:97:21:
19:35:c7:bf:cd:b5:0d:33:b7:3c:72:fb:fa:61:50:fe:43:99:
a1:b2:eb:42
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ5GPiItHNhmsOyxuopphUloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjYwNTIwMTYzNTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDIzMTNkYzU4Y2Q0NTdiMTVlMzMwZjRmMmNjODU4YjE0YmFkZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnExVRTrETDellthTrFxOWeL/k/63
eOy73lgKJykctP1H9iIe+AAZm1XwuyjEFwaCK0yqiKzlRMU0NQ1buxNJxMLk3ibp
K+r4HGtG0vMkpDghTNqz2TRcl6es9LityXEpva0CkfF+Nwn3pFwBCwEu4wwXJKIO
EmCrWLlw2jtn12qCI6kcpp9mo1q1wgMmuhPesVfO1uL2uUOsge/rreu1/yuRasxk
ijLPr0nVJp6UrVhZ/IOSJsDCk0DHVbCJt43njxR/DawMfem0ene4+u6NUfEPg3Zt
nYTzupwIRGfDyRetudbIcHH5yeZDq6JdAz3EJyjL4ZcJ/ZP7z+uG5B4TAwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLAjE9xYzUV7FeMw9PLMhYsUut5CMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvc0NNVDNGak5SWHNWNHpEMDhzeUZpeFM2M2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcCKhK+xBzw
AwcAKhK+xBz6AwcAKhK+xBz/MA0GCSqGSIb3DQEBCwUAA4IBAQBybri5p9lW5u0E
pbL2lRFWBm59Uhf7/e90uxm44vlp5baMHPkvr1bBXRcmOMN8rDZ2wXLBUn804Yez
2oLsdiQL1PEIDXrenTA0JjGuHRZZ3twF85aux9tVWEBEg50pSLDjRH0inn08Xg5L
zudcpxc3rRIEjadJx7c9nrATCWfFHoyoewOT55VvnzSQbIzGYYjwOaHmtDCesEWC
ywA7gjwxDYu+gP1/d7/gZLK0hgbNrjb6Eqnj5BqqE0Sqny95KgEuNuDw3U0tWz6C
y2RvvMaQimWA428WVqV88mKj6SGFuJttmpCS5acFlyEZNce/zbUNM7c8cvv6YVD+
Q5mhsutC
-----END CERTIFICATE-----
Generated at Thu Jun 4 15:07:26 2026 by rpki-client