Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/kQBFKAIgUSzRKJDd32cJzgu-nxU.roa
File: kQBFKAIgUSzRKJDd32cJzgu-nxU.roa (raw, json)
Hash identifier: C36nf7xzwTqGF/KQKrthkI0kKa/Zo4n4MiOq3MlwZYM=
Subject key identifier: 91:00:45:28:02:20:51:2C:D1:28:90:DD:DF:67:09:CE:0B:BE:9F:15
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 019CBCE23501C5B2FACC682AC5979D93024E
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/kQBFKAIgUSzRKJDd32cJzgu-nxU.roa
Signing time: Thu 05 Mar 2026 07:24:27 +0000
ROA not before: Thu 05 Mar 2026 07:24:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2a07:f240::/29 maxlen: 29
2a0b:8440::/29 maxlen: 29
2a0b:a4c0::/29 maxlen: 29
2a0b:b480::/29 maxlen: 29
2a0f:63c0::/29 maxlen: 29
2a0f:89c0::/29 maxlen: 29
2a10:7ac0::/29 maxlen: 29
2a10:a9c0::/29 maxlen: 29
2a13:5040::/29 maxlen: 29
2a13:bd40::/29 maxlen: 29
2a13:be40::/32 maxlen: 32
2a13:be41::/32 maxlen: 32
2a13:be42::/32 maxlen: 32
2a13:be44::/32 maxlen: 32
2a13:be45::/32 maxlen: 32
2a13:be46::/32 maxlen: 32
2a13:be47::/32 maxlen: 32
2a13:bec0::/29 maxlen: 29
2a13:cdc0::/29 maxlen: 29
2a13:d0c0::/29 maxlen: 29
2a13:d140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:bc:e2:35:01:c5:b2:fa:cc:68:2a:c5:97:9d:93:02:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Mar 5 07:24:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=910045280220512cd12890dddf6709ce0bbe9f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ee:84:7a:f2:79:4e:77:29:e5:b8:74:32:ea:
fd:87:f3:1f:e6:ce:36:57:84:e7:10:c3:d9:35:f7:
32:5d:f0:79:c8:c6:d4:47:b2:d1:68:5b:7f:54:15:
f0:38:82:2b:10:b3:6c:d0:fe:39:f4:cb:db:b2:e1:
e0:04:dc:84:74:9e:7c:ff:24:a3:18:17:ff:06:74:
1c:dc:ad:d9:74:99:e4:58:d0:53:ca:c3:e2:c0:2f:
3e:e9:50:16:8f:67:e1:bf:c2:8f:2c:ba:47:08:4e:
62:90:d5:1d:93:5f:fd:51:38:fc:3e:2c:52:5c:7c:
a4:c8:03:81:c3:40:10:ba:1e:84:bd:49:9b:bb:14:
44:20:00:cd:47:6f:56:8b:23:7b:98:a6:5e:b1:db:
2d:da:63:29:82:76:b9:32:20:2b:a8:19:62:9f:a5:
58:ad:39:77:02:24:0f:9d:fd:77:48:6e:21:db:cc:
1a:5b:a9:d0:a0:85:33:b1:5d:8b:da:1a:ff:5f:a7:
ff:4a:ff:d4:e8:bd:8d:24:d9:e7:ac:fd:37:76:55:
3c:c2:b2:28:48:96:18:76:b1:7e:0d:f0:3f:67:ee:
bf:20:b7:ed:47:ad:a0:0a:bb:f7:8d:66:1f:d3:9d:
e0:52:70:5c:bc:67:e3:fb:40:1e:05:a2:1c:f6:50:
03:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:00:45:28:02:20:51:2C:D1:28:90:DD:DF:67:09:CE:0B:BE:9F:15
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/kQBFKAIgUSzRKJDd32cJzgu-nxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:f240::/29
2a0b:8440::/29
2a0b:a4c0::/29
2a0b:b480::/29
2a0f:63c0::/29
2a0f:89c0::/29
2a10:7ac0::/29
2a10:a9c0::/29
2a13:5040::/29
2a13:bd40::/29
2a13:be40::-2a13:be42:ffff:ffff:ffff:ffff:ffff:ffff
2a13:be44::/30
2a13:bec0::/29
2a13:cdc0::/29
2a13:d0c0::/29
2a13:d140::/29
Signature Algorithm: sha256WithRSAEncryption
65:13:74:08:e7:38:f0:42:50:68:de:5b:be:95:b2:5b:00:73:
19:1f:ae:89:65:47:ea:d7:6e:e3:1b:49:62:ac:cd:0d:ce:37:
a3:0f:9f:e3:d6:df:73:e5:e9:e8:da:40:4e:f2:99:13:c1:34:
51:68:e1:ea:11:5d:26:28:8c:38:c0:d3:13:e7:9d:2b:c4:f4:
01:66:bd:9c:6e:59:ae:d5:00:96:14:dc:ac:00:f9:a9:3a:ec:
d3:aa:01:9d:34:f7:0e:4d:54:36:cb:5b:dc:68:34:94:d0:0c:
07:ce:77:02:3c:09:49:03:46:cd:da:ff:37:32:36:d8:10:24:
64:53:b1:8f:56:fb:77:ac:50:71:5d:69:72:75:69:62:06:2c:
19:8f:7b:ae:1b:57:b9:c2:5a:a0:26:ed:be:6b:44:2b:03:cc:
69:bf:3d:14:87:94:78:7b:ef:ac:c2:77:7d:9e:d6:54:4f:a0:
ff:18:cf:65:d9:ca:65:b8:aa:a9:46:22:00:06:06:a7:76:9a:
35:47:89:9f:72:1f:8d:4f:00:1e:c9:cc:42:58:61:51:fc:b1:
eb:34:56:2a:bb:31:02:ba:85:ee:46:10:d1:95:3e:09:4a:24:
41:bc:cf:d6:b1:f1:44:5b:0a:8e:12:5d:c1:88:08:83:2c:11:
42:fe:30:0a
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZy84jUBxbL6zGgqxZedkwJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjYwMzA1MDcyNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTAwNDUyODAyMjA1MTJjZDEyODkwZGRkZjY3MDljZTBiYmU5ZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+6EevJ5Tncp5bh0Mur9h/Mf5s42
V4TnEMPZNfcyXfB5yMbUR7LRaFt/VBXwOIIrELNs0P459MvbsuHgBNyEdJ58/ySj
GBf/BnQc3K3ZdJnkWNBTysPiwC8+6VAWj2fhv8KPLLpHCE5ikNUdk1/9UTj8PixS
XHykyAOBw0AQuh6EvUmbuxREIADNR29WiyN7mKZesdst2mMpgna5MiArqBlin6VY
rTl3AiQPnf13SG4h28waW6nQoIUzsV2L2hr/X6f/Sv/U6L2NJNnnrP03dlU8wrIo
SJYYdrF+DfA/Z+6/ILftR62gCrv3jWYf053gUnBcvGfj+0AeBaIc9lADAQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFJEARSgCIFEs0SiQ3d9nCc4Lvp8VMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEva1FCRktBSWdVU3pSS0pEZDMyY0p6Z3UtbnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTB/BAIAAjB5AwUDKgfy
QAMFAyoLhEADBQMqC6TAAwUDKgu0gAMFAyoPY8ADBQMqD4nAAwUDKhB6wAMFAyoQ
qcADBQMqE1BAAwUDKhO9QDAOAwUGKhO+QAMFACoTvkIDBQIqE75EAwUDKhO+wAMF
AyoTzcADBQMqE9DAAwUDKhPRQDANBgkqhkiG9w0BAQsFAAOCAQEAZRN0COc48EJQ
aN5bvpWyWwBzGR+uiWVH6tdu4xtJYqzNDc43ow+f49bfc+Xp6NpATvKZE8E0UWjh
6hFdJiiMOMDTE+edK8T0AWa9nG5ZrtUAlhTcrAD5qTrs06oBnTT3Dk1UNstb3Gg0
lNAMB853AjwJSQNGzdr/NzI22BAkZFOxj1b7d6xQcV1pcnVpYgYsGY97rhtXucJa
oCbtvmtEKwPMab89FIeUeHvvrMJ3fZ7WVE+g/xjPZdnKZbiqqUYiAAYGp3aaNUeJ
n3IfjU8AHsnMQlhhUfyx6zRWKrsxArqF7kYQ0ZU+CUokQbzP1rHxRFsKjhJdwYgI
gywRQv4wCg==
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:26:25 2026 by rpki-client