Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8lD3U--s9iW4UxAuyHE7Ys-JAak.roa
File: 8lD3U--s9iW4UxAuyHE7Ys-JAak.roa (raw, json)
Hash identifier: jlQltUtzm8EqQI9bFYOizdrQrxOmoqYiXHJFliIjVSg=
Subject key identifier: F2:50:F7:53:EF:AC:F6:25:B8:53:10:2E:C8:71:3B:62:CF:89:01:A9
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019E7551FB18FD399E356C929FDA9BFC3381
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8lD3U--s9iW4UxAuyHE7Ys-JAak.roa
Signing time: Fri 29 May 2026 19:59:27 +0000
ROA not before: Fri 29 May 2026 19:59:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 27411
IP address blocks: 2a0c:7886:b4::/48 maxlen: 48
2a0f:1203::/32 maxlen: 32
2a0f:2707::/32 maxlen: 32
2a0f:3043::/32 maxlen: 32
2a0f:e204::/32 maxlen: 32
2a10:67c7::/32 maxlen: 32
2a10:68c6::/32 maxlen: 32
2a10:7500::/29 maxlen: 29
2a13:d45::/32 maxlen: 32
2a13:d46::/32 maxlen: 32
2a13:9280::/32 maxlen: 32
2a13:c907::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:75:51:fb:18:fd:39:9e:35:6c:92:9f:da:9b:fc:33:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 29 19:59:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f250f753efacf625b853102ec8713b62cf8901a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d2:b3:bb:2a:15:7a:6f:f7:21:5a:52:66:f9:
4c:de:eb:cd:2f:62:10:04:a5:c3:5b:b3:66:28:e9:
6d:95:44:bc:d0:f2:29:b9:9b:df:ef:c6:c8:59:08:
51:75:b9:f0:04:bd:6a:81:f1:15:28:34:f3:a9:7f:
46:e8:5a:84:34:c0:eb:5b:01:a2:a3:4d:80:28:19:
73:1a:ec:35:3b:32:6a:85:bd:11:5e:4a:18:6c:28:
33:98:27:8f:ff:8c:f4:ac:f4:59:49:6b:ac:5b:16:
30:65:cd:df:1b:4a:5a:18:f7:df:54:b8:0f:f2:53:
66:22:d2:e0:9d:fc:37:75:ca:33:57:b0:de:5b:40:
71:67:84:6b:f8:68:88:4e:8a:9f:18:68:8d:70:94:
c4:60:85:9d:23:02:63:9a:0f:2c:5f:0e:8f:5d:4d:
80:53:98:bf:e2:a5:ad:de:eb:95:89:14:5f:8f:1f:
9d:6e:c8:fc:a2:9a:01:22:26:33:60:31:a9:fb:7c:
ab:0f:86:47:7c:6f:df:f6:26:cd:e3:54:9e:1b:17:
39:f3:85:4b:70:2d:6a:77:9e:e3:23:42:ce:ed:88:
fe:60:d3:aa:8c:58:09:b6:70:21:65:81:a5:79:5a:
a4:b0:d8:90:1e:91:df:63:a8:11:69:63:28:32:4c:
ad:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:50:F7:53:EF:AC:F6:25:B8:53:10:2E:C8:71:3B:62:CF:89:01:A9
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/8lD3U--s9iW4UxAuyHE7Ys-JAak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:7886:b4::/48
2a0f:1203::/32
2a0f:2707::/32
2a0f:3043::/32
2a0f:e204::/32
2a10:67c7::/32
2a10:68c6::/32
2a10:7500::/29
2a13:d45::-2a13:d46:ffff:ffff:ffff:ffff:ffff:ffff
2a13:9280::/32
2a13:c907::/32
Signature Algorithm: sha256WithRSAEncryption
95:db:fc:28:a9:f8:24:3a:14:e6:37:b8:1b:8b:dc:c1:53:26:
ba:c5:17:62:42:67:15:b0:c7:52:f1:df:60:c2:b1:39:21:bc:
d0:b5:72:83:60:80:8d:eb:71:d2:b6:a4:8b:d0:60:b0:0b:16:
e5:3e:a9:64:4d:dd:6b:01:a9:cb:fe:1e:2f:da:2c:f5:86:e3:
9a:ce:8c:c6:97:03:4a:a9:b6:a6:ce:9e:76:a5:d3:c1:fb:a4:
4a:88:9b:9e:84:6b:9b:99:0b:45:dd:cf:a7:22:ba:1f:78:15:
d7:06:2d:83:5d:7f:84:c7:58:d0:70:36:52:8f:9e:6c:58:05:
29:f4:a3:11:d6:b4:0a:0a:28:52:0d:68:e2:fa:48:b3:4d:53:
db:d3:eb:14:14:ad:e7:55:fc:29:fa:aa:72:83:5b:f5:ce:d9:
07:3c:cc:1f:0c:1f:df:ec:aa:cd:9f:6a:28:40:ef:ba:40:d1:
24:d4:f5:0a:8b:09:75:18:c0:38:f7:a0:98:4c:40:a0:3a:f9:
86:28:aa:92:4f:4f:09:0d:26:6a:72:67:5d:f6:4f:fe:f8:70:
4f:77:b7:cc:35:25:f0:6b:a9:2e:94:c4:51:ef:86:3f:9f:6b:
2f:2c:eb:14:d0:8b:69:bc:77:87:3e:f5:c9:63:31:5f:c0:27:
e2:c0:09:2f
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZ51UfsY/TmeNWySn9qb/DOBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNTI5MTk1OTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjUwZjc1M2VmYWNmNjI1Yjg1MzEwMmVjODcxM2I2MmNmODkwMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNKzuyoVem/3IVpSZvlM3uvNL2IQ
BKXDW7NmKOltlUS80PIpuZvf78bIWQhRdbnwBL1qgfEVKDTzqX9G6FqENMDrWwGi
o02AKBlzGuw1OzJqhb0RXkoYbCgzmCeP/4z0rPRZSWusWxYwZc3fG0paGPffVLgP
8lNmItLgnfw3dcozV7DeW0BxZ4Rr+GiIToqfGGiNcJTEYIWdIwJjmg8sXw6PXU2A
U5i/4qWt3uuViRRfjx+dbsj8opoBIiYzYDGp+3yrD4ZHfG/f9ibN41SeGxc584VL
cC1qd57jI0LO7Yj+YNOqjFgJtnAhZYGleVqksNiQHpHfY6gRaWMoMkytuQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFPJQ91PvrPYluFMQLshxO2LPiQGpMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvOGxEM1UtLXM5aVc0VXhBdXlIRTdZcy1KQWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAAjBYAwcAKgx4hgC0
AwUAKg8SAwMFACoPJwcDBQAqDzBDAwUAKg/iBAMFACoQZ8cDBQAqEGjGAwUDKhB1
ADAOAwUAKhMNRQMFACoTDUYDBQAqE5KAAwUAKhPJBzANBgkqhkiG9w0BAQsFAAOC
AQEAldv8KKn4JDoU5je4G4vcwVMmusUXYkJnFbDHUvHfYMKxOSG80LVyg2CAjetx
0raki9BgsAsW5T6pZE3dawGpy/4eL9os9Ybjms6MxpcDSqm2ps6edqXTwfukSoib
noRrm5kLRd3PpyK6H3gV1wYtg11/hMdY0HA2Uo+ebFgFKfSjEda0CgooUg1o4vpI
s01T29PrFBSt51X8KfqqcoNb9c7ZBzzMHwwf3+yqzZ9qKEDvukDRJNT1CosJdRjA
OPegmExAoDr5hiiqkk9PCQ0manJnXfZP/vhwT3e3zDUl8GupLpTEUe+GP59rLyzr
FNCLabx3hz71yWMxX8An4sAJLw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:21:18 2026 by rpki-client