Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/da9aQ7rY0NTaPdWqUoD2i3wK9bM.roa
File: da9aQ7rY0NTaPdWqUoD2i3wK9bM.roa (raw, json)
Hash identifier: KFC2ZtnDVil+pOIydDZS/Qa+vzMKz2KgJ79qZZ4gstI=
Subject key identifier: 75:AF:5A:43:BA:D8:D0:D4:DA:3D:D5:AA:52:80:F6:8B:7C:0A:F5:B3
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019E2BAE8FCB79B9F035133037771135B486
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/da9aQ7rY0NTaPdWqUoD2i3wK9bM.roa
Signing time: Fri 15 May 2026 12:48:40 +0000
ROA not before: Fri 15 May 2026 12:48:40 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7018
IP address blocks: 45.129.127.0/24 maxlen: 24
2a12:ecc0:200::/48 maxlen: 48
2a13:8c86:150::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2b:ae:8f:cb:79:b9:f0:35:13:30:37:77:11:35:b4:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 15 12:48:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=75af5a43bad8d0d4da3dd5aa5280f68b7c0af5b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:80:ca:37:f0:8b:6b:06:ce:dc:b5:4b:cd:4c:
7b:4b:74:59:01:11:78:3e:0c:15:dd:4c:05:0b:47:
1e:0c:13:3d:ad:e7:0b:c4:13:00:49:1d:4c:88:22:
98:4c:16:c7:d3:4a:92:6e:91:9f:82:f5:9a:2e:52:
39:51:94:aa:43:1e:a5:ba:b1:50:3c:c2:3e:1e:9e:
7c:cd:6b:ef:08:4e:f2:3d:c9:ff:fd:f6:f2:05:a9:
17:9c:11:fc:f6:76:a3:86:33:71:fe:a4:c1:7e:5d:
3e:26:db:fb:03:93:23:a2:2c:0b:57:cf:23:67:2d:
47:0e:93:f0:fe:fb:07:69:1e:bd:98:d6:e6:48:b7:
4e:cb:9e:c8:57:b2:19:08:f5:48:63:be:94:7a:c3:
a5:1a:da:3b:47:eb:ce:d8:3b:71:44:27:d7:f5:38:
0b:a0:4b:00:7b:99:ab:b5:ee:59:dd:7b:e7:a1:ba:
10:b9:0e:44:26:0d:01:f4:38:9c:36:cb:3d:59:e0:
74:0f:e0:06:45:60:1a:34:39:59:17:9a:77:b3:03:
70:10:85:3b:8d:7d:1c:0e:21:93:9f:d0:3e:d7:3f:
bc:5b:1e:58:aa:be:26:11:c7:c3:f6:68:82:5d:9e:
65:6a:27:5f:b0:ba:09:65:f5:a5:8c:0e:9e:45:31:
50:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:AF:5A:43:BA:D8:D0:D4:DA:3D:D5:AA:52:80:F6:8B:7C:0A:F5:B3
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/da9aQ7rY0NTaPdWqUoD2i3wK9bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.127.0/24
IPv6:
2a12:ecc0:200::/48
2a13:8c86:150::/48
Signature Algorithm: sha256WithRSAEncryption
a6:88:d7:ec:bc:9f:24:7e:19:c0:6a:57:4f:24:fd:ed:cb:54:
99:dd:f0:66:7e:41:6f:be:7d:06:1a:ef:4f:89:74:98:cc:c1:
37:20:99:ad:1b:32:7d:d8:00:e7:b9:a8:8f:d5:c5:22:40:72:
56:80:d6:11:a8:28:48:f4:d9:0b:be:2e:a7:9b:d4:58:81:da:
18:7a:d0:a9:c7:2e:f1:65:e7:f0:06:36:ea:bb:00:e3:0d:94:
74:c0:80:e0:09:43:99:76:d7:ea:c2:0f:0e:2d:47:f2:b6:4c:
00:a7:0f:57:a2:a6:ae:52:e4:6d:e8:d7:40:c0:d5:15:23:26:
8e:d5:f4:9f:66:40:70:6a:3d:10:c0:7e:53:24:3f:48:ad:78:
f2:ca:31:92:f6:00:62:da:80:cf:7f:7a:e3:d7:5c:4e:ef:32:
67:9a:c3:02:88:1d:7a:61:68:72:63:68:b3:2a:d0:b4:8e:bd:
cb:12:17:38:4f:b6:b2:ea:5f:ce:35:ad:f8:16:9e:91:78:7e:
c5:1c:b1:a6:de:58:93:29:c7:15:87:ef:c4:63:e6:85:84:de:
8a:a6:65:02:38:8d:32:c0:6c:f7:c7:05:5c:21:bb:14:7d:11:
20:37:d7:61:cd:63:62:a4:a4:2b:b5:f9:07:71:f3:f4:b2:98:
68:d0:3b:47
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ4rro/LebnwNRMwN3cRNbSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNTE1MTI0ODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWFmNWE0M2JhZDhkMGQ0ZGEzZGQ1YWE1MjgwZjY4YjdjMGFmNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4DKN/CLawbO3LVLzUx7S3RZARF4
PgwV3UwFC0ceDBM9recLxBMASR1MiCKYTBbH00qSbpGfgvWaLlI5UZSqQx6lurFQ
PMI+Hp58zWvvCE7yPcn//fbyBakXnBH89najhjNx/qTBfl0+Jtv7A5MjoiwLV88j
Zy1HDpPw/vsHaR69mNbmSLdOy57IV7IZCPVIY76UesOlGto7R+vO2DtxRCfX9TgL
oEsAe5mrte5Z3XvnoboQuQ5EJg0B9DicNss9WeB0D+AGRWAaNDlZF5p3swNwEIU7
jX0cDiGTn9A+1z+8Wx5Yqr4mEcfD9miCXZ5laidfsLoJZfWljA6eRTFQIQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHWvWkO62NDU2j3VqlKA9ot8CvWzMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZGE5YVE3clkwTlRhUGRXcVVvRDJpM3dLOWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQALYF/MBgE
AgACMBIDBwAqEuzAAgADBwAqE4yGAVAwDQYJKoZIhvcNAQELBQADggEBAKaI1+y8
nyR+GcBqV08k/e3LVJnd8GZ+QW++fQYa70+JdJjMwTcgma0bMn3YAOe5qI/VxSJA
claA1hGoKEj02Qu+Lqeb1FiB2hh60KnHLvFl5/AGNuq7AOMNlHTAgOAJQ5l21+rC
Dw4tR/K2TACnD1eipq5S5G3o10DA1RUjJo7V9J9mQHBqPRDAflMkP0itePLKMZL2
AGLagM9/euPXXE7vMmeawwKIHXphaHJjaLMq0LSOvcsSFzhPtrLqX841rfgWnpF4
fsUcsabeWJMpxxWH78Rj5oWE3oqmZQI4jTLAbPfHBVwhuxR9ESA312HNY2KkpCu1
+Qdx8/SymGjQO0c=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:32:08 2026 by rpki-client