Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/5seVusnKx_Ys9lX6helV3VYtD2U.roa
File: 5seVusnKx_Ys9lX6helV3VYtD2U.roa (raw, json)
Hash identifier: PZFyRFcdx9T5Z2TzIZsPirDrvtRVVFWfye1bbVqWbBc=
Subject key identifier: E6:C7:95:BA:C9:CA:C7:F6:2C:F6:55:FA:85:E9:55:DD:56:2D:0F:65
Certificate issuer: /CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Certificate serial: 019C284499FB01085EE4E7BC1B5A80F1FA68
Authority key identifier: 2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/5seVusnKx_Ys9lX6helV3VYtD2U.roa
Signing time: Wed 04 Feb 2026 10:48:30 +0000
ROA not before: Wed 04 Feb 2026 10:48:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42550
IP address blocks: 2a0e:4cc0::/29 maxlen: 29
2a0f:7080::/29 maxlen: 29
2a0f:c2c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.mft
rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:28:44:99:fb:01:08:5e:e4:e7:bc:1b:5a:80:f1:fa:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b4e2d34ccee4576b5ce7605a084e6c08522c228
Validity
Not Before: Feb 4 10:48:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e6c795bac9cac7f62cf655fa85e955dd562d0f65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f7:1a:ab:6a:1b:15:0d:c1:88:36:ea:22:e1:
bd:07:18:27:26:01:bc:e7:72:5b:3a:43:92:3b:63:
78:ac:7e:05:bc:f9:8b:43:c4:ad:7b:8b:c6:06:91:
dd:cf:90:ee:84:8c:83:26:21:59:ed:26:62:66:90:
b8:8d:ba:f1:0a:12:a8:64:af:2f:12:94:20:65:1e:
ce:4d:5b:31:3b:07:36:cf:f3:f6:e7:29:16:73:5a:
0c:eb:15:c4:25:a5:2e:0f:93:ac:fa:56:b4:44:03:
aa:58:e5:87:17:7d:1a:5d:25:f2:ba:55:30:42:36:
fd:75:5a:15:bc:d3:82:77:6a:8a:83:b6:28:70:f0:
6f:65:f7:c7:9e:75:9d:4e:8c:ff:af:1a:17:be:72:
90:0a:57:e9:96:c6:3a:eb:42:d1:fc:d6:ce:bf:4f:
39:a0:23:82:6a:7f:95:74:df:8b:32:ca:74:90:05:
c1:36:8f:4b:9b:66:26:24:49:1f:06:71:d3:84:06:
2d:c8:07:4e:75:76:f4:f6:0b:5d:a6:38:4d:3f:92:
c1:90:58:f4:1a:8a:ad:e7:8e:a2:ed:37:44:39:9a:
26:6f:fc:32:ba:de:9f:3e:1b:67:75:d1:6d:1c:f6:
be:bb:bc:51:53:d6:4a:3d:70:13:c3:f8:e6:b6:ce:
db:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:C7:95:BA:C9:CA:C7:F6:2C:F6:55:FA:85:E9:55:DD:56:2D:0F:65
X509v3 Authority Key Identifier:
keyid:2B:4E:2D:34:CC:EE:45:76:B5:CE:76:05:A0:84:E6:C0:85:22:C2:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K04tNMzuRXa1znYFoITmwIUiwig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/5seVusnKx_Ys9lX6helV3VYtD2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d899cc-5357-471a-bc1c-077bc8ba1e5d/1/K04tNMzuRXa1znYFoITmwIUiwig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:4cc0::/29
2a0f:7080::/29
2a0f:c2c0::/29
Signature Algorithm: sha256WithRSAEncryption
ac:43:87:33:45:95:6b:97:49:5a:fc:c9:45:1e:23:e8:e5:ec:
25:6e:ed:1f:9d:cd:e3:8d:29:c8:c5:e3:a0:42:f2:6c:63:e4:
09:71:43:23:ae:0e:06:b4:4e:02:6b:73:66:78:3f:7e:95:5e:
f2:44:63:ad:df:c6:4e:1a:cb:31:d0:4a:3b:59:16:af:b5:4b:
52:fc:ab:e0:c3:5c:d6:ac:9d:d9:97:7a:39:7c:16:11:df:28:
10:80:92:6d:4a:e6:57:9e:fb:e1:99:82:90:21:c1:85:a8:ae:
c4:a6:e3:57:30:72:17:ab:46:26:69:52:44:9f:15:9f:55:50:
2a:9c:5e:f7:2e:7b:42:a2:5b:3c:9f:3a:a1:f2:f7:59:87:78:
be:ba:35:5e:48:4c:47:02:8e:8d:eb:f2:d6:57:79:a7:4d:3f:
43:b7:c1:76:71:8e:3a:98:14:34:13:52:49:be:d5:89:92:58:
8c:bc:b2:40:b8:d1:81:de:2a:09:b4:a7:b5:f6:1f:59:7e:3f:
67:50:5f:b9:62:12:f4:69:cc:4f:db:e2:28:aa:03:6b:0a:54:
59:dc:6f:6c:8e:f7:e7:ed:33:fb:6b:29:63:ac:c3:fb:9e:90:
0d:58:66:b7:1a:a4:f3:28:19:cf:c4:05:2f:50:97:91:93:8d:
36:d1:9a:94
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZwoRJn7AQhe5Oe8G1qA8fpoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiNGUyZDM0Y2NlZTQ1NzZiNWNlNzYwNWEwODRlNmMwODUy
MmMyMjgwHhcNMjYwMjA0MTA0ODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmM3OTViYWM5Y2FjN2Y2MmNmNjU1ZmE4NWU5NTVkZDU2MmQwZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/caq2obFQ3BiDbqIuG9BxgnJgG8
53JbOkOSO2N4rH4FvPmLQ8Ste4vGBpHdz5DuhIyDJiFZ7SZiZpC4jbrxChKoZK8v
EpQgZR7OTVsxOwc2z/P25ykWc1oM6xXEJaUuD5Os+la0RAOqWOWHF30aXSXyulUw
Qjb9dVoVvNOCd2qKg7YocPBvZffHnnWdToz/rxoXvnKQClfplsY660LR/NbOv085
oCOCan+VdN+LMsp0kAXBNo9Lm2YmJEkfBnHThAYtyAdOdXb09gtdpjhNP5LBkFj0
Goqt546i7TdEOZomb/wyut6fPhtnddFtHPa+u7xRU9ZKPXATw/jmts7b/wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFObHlbrJysf2LPZV+oXpVd1WLQ9lMB8GA1UdIwQY
MBaAFCtOLTTM7kV2tc52BaCE5sCFIsIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMt
MDc3YmM4YmExZTVkLzEvNXNlVnVzbkt4X1lzOWxYNmhlbFYzVll0RDJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kODk5Y2MtNTM1Ny00NzFhLWJjMWMtMDc3YmM4YmExZTVk
LzEvSzA0dE5NenVSWGExem5ZRm9JVG13SVVpd2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKg5MwAMF
AyoPcIADBQMqD8LAMA0GCSqGSIb3DQEBCwUAA4IBAQCsQ4czRZVrl0la/MlFHiPo
5ewlbu0fnc3jjSnIxeOgQvJsY+QJcUMjrg4GtE4Ca3NmeD9+lV7yRGOt38ZOGssx
0Eo7WRavtUtS/Kvgw1zWrJ3Zl3o5fBYR3ygQgJJtSuZXnvvhmYKQIcGFqK7EpuNX
MHIXq0YmaVJEnxWfVVAqnF73LntCols8nzqh8vdZh3i+ujVeSExHAo6N6/LWV3mn
TT9Dt8F2cY46mBQ0E1JJvtWJkliMvLJAuNGB3ioJtKe19h9Zfj9nUF+5YhL0acxP
2+IoqgNrClRZ3G9sjvfn7TP7ayljrMP7npANWGa3GqTzKBnPxAUvUJeRk4020ZqU
-----END CERTIFICATE-----
Generated at Fri Mar 13 20:04:04 2026 by rpki-client