Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/umIRuHpxX9ebriBCvcmax-6rghI.roa
File: umIRuHpxX9ebriBCvcmax-6rghI.roa (raw, json)
Hash identifier: C/8G0mcCjZSfHcX9z+n/wr8OBXx9A0aj/vE5hg6xmP4=
Subject key identifier: BA:62:11:B8:7A:71:5F:D7:9B:AE:20:42:BD:C9:9A:C7:EE:AB:82:12
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 019DAA2B6D6CC6260AE0601969A0725AEA67
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/umIRuHpxX9ebriBCvcmax-6rghI.roa
Signing time: Mon 20 Apr 2026 09:14:25 +0000
ROA not before: Mon 20 Apr 2026 09:14:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3308
IP address blocks: 2001:2000:1000::/40 maxlen: 40
2001:2092::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 18:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:aa:2b:6d:6c:c6:26:0a:e0:60:19:69:a0:72:5a:ea:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Apr 20 09:14:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ba6211b87a715fd79bae2042bdc99ac7eeab8212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6a:a4:f4:77:dd:f7:d2:60:f5:6c:1d:42:6d:
e7:eb:d1:a5:fe:6a:be:61:37:19:b9:41:38:e6:52:
3a:5a:3b:97:76:2c:17:02:cd:45:95:d1:b6:67:13:
94:ef:f2:39:88:20:97:21:35:57:6f:80:46:b9:9d:
bc:73:49:85:bc:8e:d9:19:e6:88:ad:b5:5f:89:8d:
da:f2:c0:72:3e:a4:e7:7e:ef:bd:66:79:b1:1c:d2:
12:be:dc:ec:ae:6c:8e:f6:a3:3a:56:8c:f9:c5:54:
ac:73:16:e1:10:2d:5c:7d:ab:82:92:be:a1:ae:dc:
dc:37:e8:f4:41:d5:27:07:55:a7:4e:eb:b8:67:3d:
cc:38:a2:5e:4e:ca:ca:04:63:d8:5f:44:22:f9:8c:
a9:99:1e:3e:13:99:4c:0f:96:ee:68:4e:c8:fa:d8:
05:bd:2b:04:d3:39:d1:a7:33:cc:6b:51:2e:6e:6c:
b2:fc:04:c7:99:61:73:31:30:79:ed:07:7b:77:fc:
a5:dd:64:56:ca:1b:f1:3a:68:6c:bf:5b:50:50:08:
00:ed:bb:de:fe:b3:ec:ad:6e:1e:a8:7c:01:39:6d:
68:70:e8:21:5f:1b:8f:5d:ee:c3:e9:20:df:a8:db:
bf:12:90:d7:fb:52:a4:c8:f0:f6:93:cb:79:20:94:
b6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:62:11:B8:7A:71:5F:D7:9B:AE:20:42:BD:C9:9A:C7:EE:AB:82:12
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/umIRuHpxX9ebriBCvcmax-6rghI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2000:1000::/40
2001:2092::/32
Signature Algorithm: sha256WithRSAEncryption
77:59:44:4b:db:45:a9:6e:13:24:a6:b8:4e:d0:88:8a:d8:33:
a8:49:8f:d8:74:f6:7f:7f:95:20:31:6e:33:16:fc:c5:76:f0:
99:e6:a6:fa:08:dc:61:38:b5:3e:2d:e9:25:88:d4:c9:1f:ef:
a4:50:37:2e:09:6e:14:04:a8:cf:c2:3e:d8:92:a5:7f:20:b8:
44:23:b6:71:a1:4c:e1:01:3a:36:b6:41:06:02:b0:ce:eb:65:
78:e2:28:2e:4a:93:6c:78:51:2b:72:85:49:21:ea:03:58:9b:
cf:47:f7:c8:f1:b6:20:29:5f:dc:0a:f5:f8:44:86:31:e7:90:
b7:5f:26:df:e0:96:5b:a4:49:bd:5d:42:29:d1:66:ef:94:bf:
a0:4c:71:70:1b:90:ae:1f:52:d7:56:b5:05:17:87:a1:92:6b:
89:f0:f6:ae:f0:42:0e:84:9c:d0:18:fe:23:84:a8:7d:e4:a0:
9d:ca:58:8d:79:60:b5:46:e5:86:a4:3d:9e:7b:3c:b1:8c:39:
c1:a8:39:76:27:c9:79:15:f0:b4:ce:c5:85:69:c6:c6:65:8d:
79:0b:77:48:66:e7:81:ee:2f:37:3c:9d:c5:d1:d2:7f:df:8c:
d5:cc:2a:5b:42:98:cf:37:d1:a6:38:41:a4:f4:66:06:3a:80:
cd:5a:2b:76
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAZ2qK21sxiYK4GAZaaByWupnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjYwNDIwMDkxNDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTYyMTFiODdhNzE1ZmQ3OWJhZTIwNDJiZGM5OWFjN2VlYWI4MjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGqk9Hfd99Jg9WwdQm3n69Gl/mq+
YTcZuUE45lI6WjuXdiwXAs1FldG2ZxOU7/I5iCCXITVXb4BGuZ28c0mFvI7ZGeaI
rbVfiY3a8sByPqTnfu+9ZnmxHNISvtzsrmyO9qM6Voz5xVSscxbhEC1cfauCkr6h
rtzcN+j0QdUnB1WnTuu4Zz3MOKJeTsrKBGPYX0Qi+YypmR4+E5lMD5buaE7I+tgF
vSsE0znRpzPMa1Eubmyy/ATHmWFzMTB57Qd7d/yl3WRWyhvxOmhsv1tQUAgA7bve
/rPsrW4eqHwBOW1ocOghXxuPXe7D6SDfqNu/EpDX+1KkyPD2k8t5IJS2wQIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFLpiEbh6cV/Xm64gQr3Jmsfuq4ISMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEvdW1JUnVIcHhYOWVicmlCQ3ZjbWF4LTZyZ2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCgGCCsGAQUFBwEHAQH/BBkwFzAVBAIAAjAPAwYAIAEgABAD
BQAgASCSMA0GCSqGSIb3DQEBCwUAA4IBAQB3WURL20WpbhMkprhO0IiK2DOoSY/Y
dPZ/f5UgMW4zFvzFdvCZ5qb6CNxhOLU+LekliNTJH++kUDcuCW4UBKjPwj7YkqV/
ILhEI7ZxoUzhATo2tkEGArDO62V44iguSpNseFErcoVJIeoDWJvPR/fI8bYgKV/c
CvX4RIYx55C3Xybf4JZbpEm9XUIp0WbvlL+gTHFwG5CuH1LXVrUFF4ehkmuJ8Pau
8EIOhJzQGP4jhKh95KCdyliNeWC1RuWGpD2eezyxjDnBqDl2J8l5FfC0zsWFacbG
ZY15C3dIZueB7i83PJ3F0dJ/34zVzCpbQpjPN9GmOEGk9GYGOoDNWit2
-----END CERTIFICATE-----
Generated at Mon Apr 27 03:06:34 2026 by rpki-client