Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SLYf5GDXZQzbjZ1Fnia9ZHYS0FM.roa
File: SLYf5GDXZQzbjZ1Fnia9ZHYS0FM.roa (raw, json)
Hash identifier: QZzA07aHVM1VEEmveaKXHO+zPLl0ohRrHvqHnYOvlcs=
Subject key identifier: 48:B6:1F:E4:60:D7:65:0C:DB:8D:9D:45:9E:26:BD:64:76:12:D0:53
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019CD26F0D85291DDB5356F2B5C809A9F076
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SLYf5GDXZQzbjZ1Fnia9ZHYS0FM.roa
Signing time: Mon 09 Mar 2026 11:50:19 +0000
ROA not before: Mon 09 Mar 2026 11:50:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 132707
IP address blocks: 2a06:4d80::/29 maxlen: 29
2a0e:8880::/29 maxlen: 29
2a0f:29c0::/29 maxlen: 29
2a0f:2f40::/29 maxlen: 29
2a0f:7280::/29 maxlen: 29
2a10:37c0::/29 maxlen: 29
2a10:6840::/29 maxlen: 29
2a11:4c40::/29 maxlen: 29
2a13:df00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 14:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d2:6f:0d:85:29:1d:db:53:56:f2:b5:c8:09:a9:f0:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 9 11:50:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=48b61fe460d7650cdb8d9d459e26bd647612d053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:59:23:ba:43:9e:27:ae:73:85:be:01:b7:b0:
2e:38:d4:9d:ae:5f:92:8f:a6:cb:f8:8e:f8:9f:5c:
1a:92:c3:88:ca:2e:71:fc:75:bb:20:52:04:25:71:
38:e3:8e:f1:bf:83:4a:4d:75:e6:b2:49:0a:e0:a3:
fa:d0:d8:66:ae:f2:20:c3:26:ba:6c:2f:23:29:b2:
3c:35:76:3c:0d:34:ee:9b:44:cb:c9:76:da:f4:21:
8a:0e:41:fd:18:4c:65:b9:ad:e5:70:31:a5:4f:6c:
28:e7:fa:7f:b2:79:16:51:4c:fe:51:e0:0c:3c:32:
b5:f3:a0:34:8f:d4:89:fd:73:2d:39:67:5c:c1:b7:
51:48:66:f0:f0:a3:6c:40:f2:0b:4f:67:6f:3e:94:
f0:b9:bc:9c:87:38:61:86:92:a9:a7:8d:5d:67:43:
89:be:a2:77:4e:36:32:e2:20:04:fe:87:3e:a9:d9:
54:d7:d3:cb:ba:99:f9:fb:f8:17:8d:b4:f9:ce:68:
09:f8:ab:1e:d8:ac:fe:76:dd:91:3e:8e:b4:99:46:
db:d0:5b:b5:f2:90:a2:18:8f:71:c7:d0:2f:b2:0f:
e3:2d:21:2c:06:06:61:8a:66:a8:a1:2b:8a:4d:a3:
2a:c8:c1:f8:ba:ea:59:f1:3c:63:6d:69:18:b1:2e:
b1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:B6:1F:E4:60:D7:65:0C:DB:8D:9D:45:9E:26:BD:64:76:12:D0:53
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SLYf5GDXZQzbjZ1Fnia9ZHYS0FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:4d80::/29
2a0e:8880::/29
2a0f:29c0::/29
2a0f:2f40::/29
2a0f:7280::/29
2a10:37c0::/29
2a10:6840::/29
2a11:4c40::/29
2a13:df00::/29
Signature Algorithm: sha256WithRSAEncryption
2e:a9:de:31:c2:82:82:b2:00:75:55:68:0d:62:c0:29:ad:44:
eb:65:ed:56:51:0d:e0:8c:08:44:d9:72:6c:86:2a:06:ca:0b:
a3:2d:fc:78:a7:a5:8e:e7:76:8d:7e:bf:43:cb:06:37:a0:6f:
19:f0:7b:a8:42:8a:ae:04:eb:68:d7:63:7d:10:07:44:3e:89:
10:d0:ac:88:71:56:e0:b9:7e:6a:a2:fb:ab:08:5a:0c:56:2b:
19:77:a7:60:31:83:09:81:f3:78:e4:7c:fd:2a:84:71:d2:ce:
d7:a5:4f:8d:18:b1:8b:f2:c0:a3:06:6c:1c:d0:79:35:70:48:
a4:f7:9c:ab:68:f0:98:b5:e1:2d:df:ec:f4:ff:3f:9f:05:60:
d3:15:36:c2:f5:b1:ca:18:8b:61:53:13:9b:5e:d5:e9:10:7a:
33:f3:cd:c0:26:db:35:28:5c:2a:87:b4:47:c4:b6:ab:4d:96:
fa:b3:cd:77:d1:aa:ab:93:6c:32:f5:87:64:08:8a:22:3c:17:
64:37:f7:a5:fe:4e:5e:04:dd:cb:80:e0:ab:5b:bd:69:6a:5c:
38:41:e4:3a:36:7e:65:49:f0:ac:c9:90:8b:29:cf:74:8c:08:
f0:1c:48:45:d6:70:00:c7:99:fa:12:ee:cc:7e:86:31:78:06:
9b:c6:29:31
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZzSbw2FKR3bU1bytcgJqfB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzA5MTE1MDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGI2MWZlNDYwZDc2NTBjZGI4ZDlkNDU5ZTI2YmQ2NDc2MTJkMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVkjukOeJ65zhb4Bt7AuONSdrl+S
j6bL+I74n1waksOIyi5x/HW7IFIEJXE4447xv4NKTXXmskkK4KP60NhmrvIgwya6
bC8jKbI8NXY8DTTum0TLyXba9CGKDkH9GExlua3lcDGlT2wo5/p/snkWUUz+UeAM
PDK186A0j9SJ/XMtOWdcwbdRSGbw8KNsQPILT2dvPpTwubychzhhhpKpp41dZ0OJ
vqJ3TjYy4iAE/oc+qdlU19PLupn5+/gXjbT5zmgJ+Kse2Kz+dt2RPo60mUbb0Fu1
8pCiGI9xx9Avsg/jLSEsBgZhimaooSuKTaMqyMH4uupZ8TxjbWkYsS6xpwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFEi2H+Rg12UM242dRZ4mvWR2EtBTMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvU0xZZjVHRFhaUXpialoxRm5pYTlaSFlTMEZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKgZNgAMF
AyoOiIADBQMqDynAAwUDKg8vQAMFAyoPcoADBQMqEDfAAwUDKhBoQAMFAyoRTEAD
BQMqE98AMA0GCSqGSIb3DQEBCwUAA4IBAQAuqd4xwoKCsgB1VWgNYsAprUTrZe1W
UQ3gjAhE2XJshioGygujLfx4p6WO53aNfr9DywY3oG8Z8HuoQoquBOto12N9EAdE
PokQ0KyIcVbguX5qovurCFoMVisZd6dgMYMJgfN45Hz9KoRx0s7XpU+NGLGL8sCj
Bmwc0Hk1cEik95yraPCYteEt3+z0/z+fBWDTFTbC9bHKGIthUxObXtXpEHoz883A
Jts1KFwqh7RHxLarTZb6s8130aqrk2wy9YdkCIoiPBdkN/el/k5eBN3LgOCrW71p
alw4QeQ6Nn5lSfCsyZCLKc90jAjwHEhF1nAAx5n6Eu7MfoYxeAabxikx
-----END CERTIFICATE-----
Generated at Sat Mar 21 23:03:51 2026 by rpki-client