Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/sw7GHjPtpb9HqUyoQYUhkWq66-w.roa
File: sw7GHjPtpb9HqUyoQYUhkWq66-w.roa (raw, json)
Hash identifier: nrK/VbUjk8LT8wPW/VaPJ2eTDZiM/j+PkLSnc5Tjtlk=
Subject key identifier: B3:0E:C6:1E:33:ED:A5:BF:47:A9:4C:A8:41:85:21:91:6A:BA:EB:EC
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 019E45D4D6BC6A044323F0D0076F0A65BEE7
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/sw7GHjPtpb9HqUyoQYUhkWq66-w.roa
Signing time: Wed 20 May 2026 14:40:36 +0000
ROA not before: Wed 20 May 2026 14:40:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2a0b:a4c0::/29 maxlen: 32
2a0f:89c0::/29 maxlen: 32
2a0f:e3c0::/29 maxlen: 29
2a10:a9c0::/29 maxlen: 29
2a13:b740::/29 maxlen: 29
2a13:bd40::/29 maxlen: 29
2a13:be40::/29 maxlen: 29
2a13:bec0::/29 maxlen: 29
2a13:d0c0::/29 maxlen: 29
2a13:d1c0::/29 maxlen: 29
2a13:dd40::/29 maxlen: 29
2a13:dfc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:45:d4:d6:bc:6a:04:43:23:f0:d0:07:6f:0a:65:be:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: May 20 14:40:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b30ec61e33eda5bf47a94ca8418521916abaebec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:41:5d:16:3b:f6:62:06:fc:dd:16:4a:d9:87:
45:90:ae:85:64:ba:3b:40:00:11:73:07:4a:01:32:
f5:cf:61:32:9c:14:cc:68:92:cd:11:a6:6c:04:b1:
b6:69:2e:b2:45:46:1d:79:ad:4f:f7:4b:a0:0f:5a:
83:e7:31:13:0e:68:f2:84:2a:03:64:71:1c:9a:64:
2d:ae:f1:56:64:64:ed:23:2d:59:f2:2c:9e:53:3f:
5d:58:be:1f:ec:16:c4:1e:2e:20:28:db:ac:c7:30:
84:11:66:0c:79:36:9c:16:c3:be:ec:a7:4f:94:c8:
ba:ea:0d:45:1f:f8:32:99:9f:38:6c:4a:0a:0f:8d:
09:6a:86:5f:df:99:cc:44:4f:41:57:38:98:96:ee:
21:35:cd:dd:18:82:b3:46:d0:bc:d7:be:c1:b1:17:
c9:dd:d5:6d:1c:ab:87:3d:8a:a1:2c:8f:1b:10:61:
ca:de:d8:3b:03:20:42:95:ea:3e:e0:7b:30:13:07:
91:7d:79:84:74:ce:11:bf:7c:32:36:51:62:c5:2d:
84:77:27:13:a2:73:ab:4d:dd:88:3c:84:b6:2b:00:
6d:27:56:30:b5:28:b5:79:c3:18:0e:a0:98:0b:45:
bc:ca:59:8c:32:05:9e:37:10:1d:14:16:c1:98:07:
07:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:0E:C6:1E:33:ED:A5:BF:47:A9:4C:A8:41:85:21:91:6A:BA:EB:EC
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/sw7GHjPtpb9HqUyoQYUhkWq66-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:a4c0::/29
2a0f:89c0::/29
2a0f:e3c0::/29
2a10:a9c0::/29
2a13:b740::/29
2a13:bd40::/29
2a13:be40::/29
2a13:bec0::/29
2a13:d0c0::/29
2a13:d1c0::/29
2a13:dd40::/29
2a13:dfc0::/29
Signature Algorithm: sha256WithRSAEncryption
a2:39:84:f3:40:72:da:8f:db:01:69:23:9e:6c:c7:2e:27:04:
b1:86:d4:ef:53:42:07:91:06:78:1b:71:0d:cb:4f:3d:28:90:
c4:d6:d5:24:a6:d7:a8:24:1a:32:54:6d:52:9b:3b:3e:8e:ab:
07:70:03:fb:14:14:b7:dd:c1:7c:37:87:81:a7:64:fd:3d:0e:
a8:c1:a6:8b:9d:a4:d3:a8:92:99:89:ab:cc:15:1b:10:e5:ac:
29:2f:73:aa:b7:15:03:b1:c0:1e:3f:8b:6f:37:36:19:96:fd:
6b:0a:66:5f:ce:cb:33:c3:5e:de:41:8b:f6:52:b5:99:51:b4:
b5:e3:88:17:0b:bb:33:12:49:4b:0c:5f:79:97:97:48:6e:1b:
e0:58:d9:3c:4b:c9:5b:9e:e8:83:da:f1:bc:09:65:4b:ec:37:
06:15:81:65:45:f1:7b:e7:d7:3a:33:0d:a7:72:fd:52:ac:47:
1b:8b:10:d5:0f:cd:01:d3:01:b5:77:d8:42:f9:88:66:8a:46:
30:48:a1:34:71:57:b2:ac:1c:75:a4:3a:9f:0a:86:38:e2:b6:
16:89:ff:b3:32:0c:e2:3c:fe:8b:1c:07:89:6b:d2:bb:cb:ab:
92:1f:be:6c:70:fa:de:fc:59:ef:15:35:70:d7:20:a7:3c:4b:
01:48:40:63
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZ5F1Na8agRDI/DQB28KZb7nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjYwNTIwMTQ0MDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzBlYzYxZTMzZWRhNWJmNDdhOTRjYTg0MTg1MjE5MTZhYmFlYmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkFdFjv2Ygb83RZK2YdFkK6FZLo7
QAARcwdKATL1z2EynBTMaJLNEaZsBLG2aS6yRUYdea1P90ugD1qD5zETDmjyhCoD
ZHEcmmQtrvFWZGTtIy1Z8iyeUz9dWL4f7BbEHi4gKNusxzCEEWYMeTacFsO+7KdP
lMi66g1FH/gymZ84bEoKD40JaoZf35nMRE9BVziYlu4hNc3dGIKzRtC8177BsRfJ
3dVtHKuHPYqhLI8bEGHK3tg7AyBCleo+4HswEweRfXmEdM4Rv3wyNlFixS2EdycT
onOrTd2IPIS2KwBtJ1YwtSi1ecMYDqCYC0W8ylmMMgWeNxAdFBbBmAcHSQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFLMOxh4z7aW/R6lMqEGFIZFquuvsMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvc3c3R0hqUHRwYjlIcVV5b1FZVWhrV3E2Ni13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAAjBUAwUDKgukwAMF
AyoPicADBQMqD+PAAwUDKhCpwAMFAyoTt0ADBQMqE71AAwUDKhO+QAMFAyoTvsAD
BQMqE9DAAwUDKhPRwAMFAyoT3UADBQMqE9/AMA0GCSqGSIb3DQEBCwUAA4IBAQCi
OYTzQHLaj9sBaSOebMcuJwSxhtTvU0IHkQZ4G3ENy089KJDE1tUkpteoJBoyVG1S
mzs+jqsHcAP7FBS33cF8N4eBp2T9PQ6owaaLnaTTqJKZiavMFRsQ5awpL3OqtxUD
scAeP4tvNzYZlv1rCmZfzsszw17eQYv2UrWZUbS144gXC7szEklLDF95l5dIbhvg
WNk8S8lbnuiD2vG8CWVL7DcGFYFlRfF759c6Mw2ncv1SrEcbixDVD80B0wG1d9hC
+YhmikYwSKE0cVeyrBx1pDqfCoY44rYWif+zMgziPP6LHAeJa9K7y6uSH75scPre
/FnvFTVw1yCnPEsBSEBj
-----END CERTIFICATE-----
Generated at Sat May 23 03:03:18 2026 by rpki-client