Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PHVRuhGA6yHvO1079gAv6PX9Sks.roa
File: PHVRuhGA6yHvO1079gAv6PX9Sks.roa (raw, json)
Hash identifier: sz8JcP/yJgD+fAA5wfjjbQMniwqTgO9AXK8JWerbgNk=
Subject key identifier: 3C:75:51:BA:11:80:EB:21:EF:3B:5D:3B:F6:00:2F:E8:F5:FD:4A:4B
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019DB05D41EF384181744A80BD474887919F
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PHVRuhGA6yHvO1079gAv6PX9Sks.roa
Signing time: Tue 21 Apr 2026 14:06:34 +0000
ROA not before: Tue 21 Apr 2026 14:06:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12792
IP address blocks: 2a09:4040::/29 maxlen: 48
2a09:40c0::/29 maxlen: 48
2a09:9740::/29 maxlen: 48
2a09:98c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b0:5d:41:ef:38:41:81:74:4a:80:bd:47:48:87:91:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 21 14:06:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3c7551ba1180eb21ef3b5d3bf6002fe8f5fd4a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0e:73:8a:c1:43:09:dc:d3:44:12:b6:94:21:
3a:db:f0:76:31:cb:3e:02:8d:a1:6f:99:13:b8:ae:
84:ee:15:ee:06:80:d4:2f:04:a0:42:e4:c7:ef:b5:
0b:6c:2d:25:71:c1:22:95:6c:28:c3:2a:68:8b:4f:
8e:b1:a1:5b:66:1b:80:b5:bf:d9:c6:ca:50:8d:8d:
31:73:e7:1b:59:f6:3f:32:f3:fe:4a:3c:3c:54:4e:
40:70:b3:33:0d:2c:11:ba:2d:8e:85:ef:6d:68:ed:
3b:c5:2d:76:dc:36:f6:71:63:ab:2a:4d:06:16:d4:
75:9a:d6:c5:b0:3f:cd:d9:50:0f:59:9f:11:b0:cd:
f7:d9:e0:70:8a:3d:38:a5:09:1f:fb:7d:69:e4:05:
53:0c:a1:4e:00:22:97:ae:ad:28:40:2d:b3:6b:74:
d8:02:49:e1:03:84:bf:0d:44:ea:ce:4a:34:28:70:
f5:0a:5f:db:e6:df:ae:52:81:3b:ab:00:25:e0:91:
ff:f5:20:31:e0:f7:32:b0:4e:56:4f:c3:90:d3:ec:
b2:b9:e6:c8:7f:57:45:5a:21:b7:42:98:a6:79:e5:
2b:46:59:ab:b3:9c:e3:b0:e1:9b:20:93:3a:d7:49:
be:1f:31:c1:de:3f:55:a8:b2:b3:e0:51:0d:77:62:
70:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:75:51:BA:11:80:EB:21:EF:3B:5D:3B:F6:00:2F:E8:F5:FD:4A:4B
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/PHVRuhGA6yHvO1079gAv6PX9Sks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:4040::/29
2a09:40c0::/29
2a09:9740::/29
2a09:98c0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:af:6a:3b:10:af:de:76:00:07:24:d7:db:8c:e8:b8:ee:22:
55:d9:a8:16:2d:20:3b:5f:2b:1f:26:aa:ab:72:3b:b2:3b:66:
45:61:0d:d1:35:02:e3:38:14:b5:5a:48:70:0d:13:14:af:b1:
12:a1:fa:ab:ea:79:e0:55:66:0f:ee:08:f5:24:64:0c:4d:7f:
2d:c7:e4:41:71:a5:61:06:c1:63:57:bb:47:28:54:26:40:68:
2a:7b:1e:5b:4e:e4:5d:a9:d0:ef:39:79:a2:2d:1f:64:35:1d:
8f:79:e8:e2:d8:a1:18:c6:c6:96:9d:3d:43:98:6f:81:a4:06:
91:9a:32:34:6b:24:1d:9f:cb:47:6b:96:e9:fe:f7:51:01:08:
5f:7c:01:3c:2b:40:54:5a:f2:fc:50:39:87:fe:59:36:08:53:
03:ba:c1:2b:14:22:99:bd:ab:02:b7:e4:16:7a:4a:2e:fa:0c:
6f:b1:a0:b4:40:b8:99:b5:3c:a8:c3:6f:a9:40:b7:f3:08:01:
4f:a6:73:35:10:8c:d0:b0:60:24:e7:e5:1d:34:ce:30:85:8a:
66:38:79:98:05:ef:c3:43:93:29:06:69:c6:0f:25:85:74:37:
da:40:44:69:53:97:70:01:49:d9:99:0b:71:8d:00:f0:3e:d7:
5b:23:7b:3b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZ2wXUHvOEGBdEqAvUdIh5GfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNDIxMTQwNjM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzc1NTFiYTExODBlYjIxZWYzYjVkM2JmNjAwMmZlOGY1ZmQ0YTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0w5zisFDCdzTRBK2lCE62/B2Mcs+
Ao2hb5kTuK6E7hXuBoDULwSgQuTH77ULbC0lccEilWwowypoi0+OsaFbZhuAtb/Z
xspQjY0xc+cbWfY/MvP+Sjw8VE5AcLMzDSwRui2Ohe9taO07xS123Db2cWOrKk0G
FtR1mtbFsD/N2VAPWZ8RsM332eBwij04pQkf+31p5AVTDKFOACKXrq0oQC2za3TY
AknhA4S/DUTqzko0KHD1Cl/b5t+uUoE7qwAl4JH/9SAx4PcysE5WT8OQ0+yyuebI
f1dFWiG3QpimeeUrRlmrs5zjsOGbIJM610m+HzHB3j9VqLKz4FENd2JwcwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDx1UboRgOsh7ztdO/YAL+j1/UpLMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvUEhWUnVoR0E2eUh2TzEwNzlnQXY2UFg5U2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKglAQAMF
AyoJQMADBQMqCZdAAwUDKgmYwDANBgkqhkiG9w0BAQsFAAOCAQEAt69qOxCv3nYA
ByTX24zouO4iVdmoFi0gO18rHyaqq3I7sjtmRWEN0TUC4zgUtVpIcA0TFK+xEqH6
q+p54FVmD+4I9SRkDE1/LcfkQXGlYQbBY1e7RyhUJkBoKnseW07kXanQ7zl5oi0f
ZDUdj3no4tihGMbGlp09Q5hvgaQGkZoyNGskHZ/LR2uW6f73UQEIX3wBPCtAVFry
/FA5h/5ZNghTA7rBKxQimb2rArfkFnpKLvoMb7GgtEC4mbU8qMNvqUC38wgBT6Zz
NRCM0LBgJOflHTTOMIWKZjh5mAXvw0OTKQZpxg8lhXQ32kBEaVOXcAFJ2ZkLcY0A
8D7XWyN7Ow==
-----END CERTIFICATE-----
Generated at Sun May 3 17:06:23 2026 by rpki-client