Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0Wvzd0qg8K9G_8lvSBJjKGNRNzE.roa
File: 0Wvzd0qg8K9G_8lvSBJjKGNRNzE.roa (raw, json)
Hash identifier: 6iPcnVePZ/HqOjjQRnr0RUQe689WyUQcuS9OL6ssXR0=
Subject key identifier: D1:6B:F3:77:4A:A0:F0:AF:46:FF:C9:6F:48:12:63:28:63:51:37:31
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019DB0638B81B881DD02CE07CFBF5A65C116
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0Wvzd0qg8K9G_8lvSBJjKGNRNzE.roa
Signing time: Tue 21 Apr 2026 14:13:26 +0000
ROA not before: Tue 21 Apr 2026 14:13:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50007
IP address blocks: 2a06:3b00::/48 maxlen: 48
2a09:1140::/48 maxlen: 48
2a09:6a80::/48 maxlen: 48
2a09:9940::/48 maxlen: 48
2a09:f180::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b0:63:8b:81:b8:81:dd:02:ce:07:cf:bf:5a:65:c1:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 21 14:13:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d16bf3774aa0f0af46ffc96f4812632863513731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:26:fc:d5:c1:08:ca:d3:88:ed:4f:ef:2b:dd:
bc:5f:8a:48:ae:cb:13:57:ba:4d:2d:e0:87:62:5e:
ce:f1:99:5c:d3:19:bd:49:84:42:48:b8:3f:14:3e:
b5:58:65:32:1d:6c:30:f4:6b:59:a2:ed:25:a3:a5:
c6:ff:dc:cb:2c:80:d5:1b:9e:22:a8:a0:1f:d2:51:
d2:57:35:dd:5c:9f:78:08:29:de:09:ac:75:ba:7e:
2b:50:0a:50:d4:2e:38:3f:39:c3:1f:c0:c1:0c:71:
e9:97:d6:3e:92:78:6e:68:ed:05:fc:04:54:e1:79:
08:7d:71:0e:e6:55:59:12:ca:56:fb:3c:af:1e:80:
53:40:dc:8c:63:3a:69:8d:36:4c:09:b9:3a:44:5c:
8f:ce:51:fc:f1:a2:c3:96:86:b7:c6:47:7f:2d:e2:
de:12:b1:6a:c0:b0:c7:76:ec:75:fd:29:bd:f1:17:
cd:9d:7f:6f:ef:66:f5:94:4b:70:b0:8d:cb:0f:b7:
12:96:86:5c:d2:7d:01:51:6d:b7:cc:2b:ba:0c:2d:
4a:8e:f3:41:d4:e8:c5:5d:a6:e3:04:3c:79:9c:a2:
4d:bc:42:7a:b5:3f:34:30:42:df:a1:ca:bb:7f:11:
aa:7a:b9:88:b1:12:75:1e:c2:0f:d4:d1:2c:c7:da:
90:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:6B:F3:77:4A:A0:F0:AF:46:FF:C9:6F:48:12:63:28:63:51:37:31
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0Wvzd0qg8K9G_8lvSBJjKGNRNzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:3b00::/48
2a09:1140::/48
2a09:6a80::/48
2a09:9940::/48
2a09:f180::/48
Signature Algorithm: sha256WithRSAEncryption
06:45:0f:02:84:f6:5f:94:9b:e6:7e:1a:d1:c2:7d:01:b8:9f:
52:aa:33:58:42:8a:39:c1:70:42:bd:28:ad:dd:64:31:05:cd:
3f:bd:24:ec:9d:c0:e9:12:a1:76:06:c0:3e:8c:6c:08:0e:21:
fc:5f:ea:14:b8:bc:59:3b:a2:ef:42:d4:2a:bc:31:e6:ca:df:
50:6e:41:01:26:8d:b6:d0:59:85:9f:16:a7:bb:0f:e4:83:a7:
a7:3f:7a:73:d2:50:65:6f:07:ac:64:b5:17:87:3b:83:75:88:
d8:20:ad:29:2b:c8:d0:f8:62:ee:1c:bc:0f:c3:db:8a:12:b5:
72:71:1d:88:7c:53:b5:45:43:68:ad:00:ec:40:1f:2c:43:5c:
78:79:4d:98:74:7e:71:44:38:2d:c8:d0:be:95:ca:6d:73:df:
c4:11:8a:7b:42:29:4f:c4:49:27:8b:d6:13:ea:b2:fc:a6:f5:
90:1c:9c:c0:dd:4c:c2:37:a7:dc:4d:b5:55:70:0f:a3:d5:1e:
69:4e:b1:17:fd:0f:7b:4b:cb:05:c7:27:86:08:79:4a:ed:34:
6f:22:26:2c:d7:fb:48:75:e4:c2:a8:bc:1a:74:d8:5b:0d:a8:
d8:9f:17:e5:86:10:90:85:0a:19:03:5e:fc:93:4a:5f:42:a3:
52:46:09:ea
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZ2wY4uBuIHdAs4Hz79aZcEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNDIxMTQxMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTZiZjM3NzRhYTBmMGFmNDZmZmM5NmY0ODEyNjMyODYzNTEzNzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCb81cEIytOI7U/vK928X4pIrssT
V7pNLeCHYl7O8Zlc0xm9SYRCSLg/FD61WGUyHWww9GtZou0lo6XG/9zLLIDVG54i
qKAf0lHSVzXdXJ94CCneCax1un4rUApQ1C44PznDH8DBDHHpl9Y+knhuaO0F/ARU
4XkIfXEO5lVZEspW+zyvHoBTQNyMYzppjTZMCbk6RFyPzlH88aLDloa3xkd/LeLe
ErFqwLDHdux1/Sm98RfNnX9v72b1lEtwsI3LD7cSloZc0n0BUW23zCu6DC1KjvNB
1OjFXabjBDx5nKJNvEJ6tT80MELfocq7fxGqermIsRJ1HsIP1NEsx9qQtwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNFr83dKoPCvRv/Jb0gSYyhjUTcxMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvMFd2emQwcWc4SzlHXzhsdlNCSmpLR05STnpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAKgY7AAAA
AwcAKgkRQAAAAwcAKglqgAAAAwcAKgmZQAAAAwcAKgnxgAAAMA0GCSqGSIb3DQEB
CwUAA4IBAQAGRQ8ChPZflJvmfhrRwn0BuJ9SqjNYQoo5wXBCvSit3WQxBc0/vSTs
ncDpEqF2BsA+jGwIDiH8X+oUuLxZO6LvQtQqvDHmyt9QbkEBJo220FmFnxanuw/k
g6enP3pz0lBlbwesZLUXhzuDdYjYIK0pK8jQ+GLuHLwPw9uKErVycR2IfFO1RUNo
rQDsQB8sQ1x4eU2YdH5xRDgtyNC+lcptc9/EEYp7QilPxEkni9YT6rL8pvWQHJzA
3UzCN6fcTbVVcA+j1R5pTrEX/Q97S8sFxyeGCHlK7TRvIiYs1/tIdeTCqLwadNhb
DajYnxflhhCQhQoZA178k0pfQqNSRgnq
-----END CERTIFICATE-----
Generated at Sun May 3 17:06:20 2026 by rpki-client