Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/218dE_nM7wD8IEs_uKnoWVE7xg8.roa
File: 218dE_nM7wD8IEs_uKnoWVE7xg8.roa (raw, json)
Hash identifier: W+mBrDEGCYnI8EhImipcEY1Zxod2sERaY8FQYC0DHwA=
Subject key identifier: DB:5F:1D:13:F9:CC:EF:00:FC:20:4B:3F:B8:A9:E8:59:51:3B:C6:0F
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019CB7F49D036ABC44FE8D4B8F6DA97F0B78
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/218dE_nM7wD8IEs_uKnoWVE7xg8.roa
Signing time: Wed 04 Mar 2026 08:26:27 +0000
ROA not before: Wed 04 Mar 2026 08:26:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 132337
IP address blocks: 2a09:b700::/29 maxlen: 32
2a0a:2940::/29 maxlen: 32
2a0a:3200::/29 maxlen: 32
2a0f:2100::/29 maxlen: 29
2a0f:2ec0::/29 maxlen: 32
2a0f:6d80::/29 maxlen: 29
2a0f:a200::/29 maxlen: 32
2a0f:c400::/29 maxlen: 29
2a0f:dec0::/29 maxlen: 29
2a10:3440::/29 maxlen: 32
2a10:5c00::/29 maxlen: 32
2a11:5200::/29 maxlen: 32
2a11:b200::/29 maxlen: 32
2a12:4ac0::/29 maxlen: 32
2a13:540::/29 maxlen: 32
2a13:3040::/29 maxlen: 32
2a13:9480::/29 maxlen: 32
2a13:fa00::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 10:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b7:f4:9d:03:6a:bc:44:fe:8d:4b:8f:6d:a9:7f:0b:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 4 08:26:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=db5f1d13f9ccef00fc204b3fb8a9e859513bc60f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e2:06:ac:ea:37:85:7b:1a:46:0d:45:e5:ce:
e0:3d:7e:1a:a3:ac:eb:63:d9:81:29:00:c9:78:a1:
01:6a:46:41:24:d1:86:c8:e5:4e:b7:3f:3a:81:7f:
6b:b3:5a:ab:a1:de:35:90:3a:02:39:1a:8f:84:91:
9e:40:6b:a6:56:7b:f6:58:a0:80:5e:76:51:23:b1:
fd:bc:5c:82:d2:bb:b5:b5:04:c8:38:64:cd:bf:81:
4d:e1:1e:1f:30:7c:2f:d5:98:6f:d8:77:00:bc:64:
f5:42:5e:bd:90:12:e7:d9:f5:a6:95:f7:2d:63:62:
ee:70:61:01:de:d2:dc:8f:47:9a:9e:33:1a:69:19:
fc:3b:7a:94:59:41:ec:53:d5:10:f0:fa:64:87:42:
57:a3:54:60:b2:88:06:c2:5e:86:49:a1:d2:ec:cd:
44:e0:a0:54:30:56:8b:16:44:38:24:fe:d1:5e:63:
55:bc:fc:6c:78:ae:67:c3:20:86:66:cc:49:99:3c:
44:a6:ea:32:73:77:5a:42:4b:33:d8:73:dc:ed:c8:
85:8d:f1:66:4c:c8:a9:8e:6e:d1:f0:87:92:35:19:
cc:c5:5f:d5:57:93:65:9e:83:41:56:cc:fe:63:ba:
6a:18:28:9f:9f:35:cf:42:a9:22:46:d0:ff:16:40:
8a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:5F:1D:13:F9:CC:EF:00:FC:20:4B:3F:B8:A9:E8:59:51:3B:C6:0F
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/218dE_nM7wD8IEs_uKnoWVE7xg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:b700::/29
2a0a:2940::/29
2a0a:3200::/29
2a0f:2100::/29
2a0f:2ec0::/29
2a0f:6d80::/29
2a0f:a200::/29
2a0f:c400::/29
2a0f:dec0::/29
2a10:3440::/29
2a10:5c00::/29
2a11:5200::/29
2a11:b200::/29
2a12:4ac0::/29
2a13:540::/29
2a13:3040::/29
2a13:9480::/29
2a13:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
6d:6a:27:bb:07:5d:fc:30:e4:6d:62:d7:70:58:8b:80:64:68:
3e:9c:ab:2f:24:5d:94:a1:66:96:c5:3a:28:87:15:ca:57:da:
2d:75:ea:85:a2:fc:67:fb:b9:65:cc:75:12:3a:89:f1:e5:e1:
1e:5d:f7:7e:b6:7b:a8:bf:cb:90:8b:05:80:50:20:7c:18:42:
2a:26:ae:71:e2:32:06:9d:ca:e4:63:5d:56:94:a1:89:ee:57:
ac:a1:07:8c:1d:fb:31:d4:70:eb:3b:d0:5c:77:a4:5f:78:ad:
af:d4:68:dd:31:89:d9:d0:e8:5c:2d:45:b5:4a:0d:75:7e:4f:
1d:75:2e:ac:e3:a7:d9:4e:b4:ab:ab:9a:63:80:4e:47:a1:d1:
6d:29:7e:5a:a9:8d:1b:6b:de:aa:04:7c:21:92:1d:80:a5:c0:
d8:83:1b:54:5c:6f:35:cb:75:3f:03:42:33:36:96:92:66:63:
16:52:32:d9:4e:0f:f2:8c:49:31:c4:da:6c:37:02:7d:da:c9:
35:79:bc:70:cb:c6:b7:56:a7:fa:6f:66:e6:93:f4:1a:35:4c:
b3:9b:62:bf:62:d7:3c:57:43:f9:37:32:9f:14:6a:84:0c:ee:
bf:21:1c:b9:27:aa:86:1b:38:d5:24:6e:28:73:cd:e4:09:b2:
ee:20:66:28
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZy39J0DarxE/o1Lj22pfwt4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzA0MDgyNjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjVmMWQxM2Y5Y2NlZjAwZmMyMDRiM2ZiOGE5ZTg1OTUxM2JjNjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+IGrOo3hXsaRg1F5c7gPX4ao6zr
Y9mBKQDJeKEBakZBJNGGyOVOtz86gX9rs1qrod41kDoCORqPhJGeQGumVnv2WKCA
XnZRI7H9vFyC0ru1tQTIOGTNv4FN4R4fMHwv1Zhv2HcAvGT1Ql69kBLn2fWmlfct
Y2LucGEB3tLcj0eanjMaaRn8O3qUWUHsU9UQ8Ppkh0JXo1RgsogGwl6GSaHS7M1E
4KBUMFaLFkQ4JP7RXmNVvPxseK5nwyCGZsxJmTxEpuoyc3daQksz2HPc7ciFjfFm
TMipjm7R8IeSNRnMxV/VV5NlnoNBVsz+Y7pqGCifnzXPQqkiRtD/FkCKWQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFNtfHRP5zO8A/CBLP7ip6FlRO8YPMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMjE4ZEVfbk03d0Q4SUVzX3VLbm9XVkU3eGc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAIwfgMFAyoJ
twADBQMqCilAAwUDKgoyAAMFAyoPIQADBQMqDy7AAwUDKg9tgAMFAyoPogADBQMq
D8QAAwUDKg/ewAMFAyoQNEADBQMqEFwAAwUDKhFSAAMFAyoRsgADBQMqEkrAAwUD
KhMFQAMFAyoTMEADBQMqE5SAAwUDKhP6ADANBgkqhkiG9w0BAQsFAAOCAQEAbWon
uwdd/DDkbWLXcFiLgGRoPpyrLyRdlKFmlsU6KIcVylfaLXXqhaL8Z/u5Zcx1EjqJ
8eXhHl33frZ7qL/LkIsFgFAgfBhCKiauceIyBp3K5GNdVpShie5XrKEHjB37MdRw
6zvQXHekX3itr9Ro3TGJ2dDoXC1FtUoNdX5PHXUurOOn2U60q6uaY4BOR6HRbSl+
WqmNG2veqgR8IZIdgKXA2IMbVFxvNct1PwNCMzaWkmZjFlIy2U4P8oxJMcTabDcC
fdrJNXm8cMvGt1an+m9m5pP0GjVMs5tiv2LXPFdD+TcynxRqhAzuvyEcuSeqhhs4
1SRuKHPN5Amy7iBmKA==
-----END CERTIFICATE-----
Generated at Fri Mar 6 19:07:50 2026 by rpki-client