Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/V_rYxZ2-w4BK9fVkZwQrsUeAmMA.roa
File: V_rYxZ2-w4BK9fVkZwQrsUeAmMA.roa (raw, json)
Hash identifier: p4HomaDXAg/ZM1GQeP5HFcuB4PlFPPuMGy91Y+Q7mpg=
Subject key identifier: 57:FA:D8:C5:9D:BE:C3:80:4A:F5:F5:64:67:04:2B:B1:47:80:98:C0
Certificate issuer: /CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Certificate serial: 019D02437AC2F83610D619C65C576DA1DF80
Authority key identifier: BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/V_rYxZ2-w4BK9fVkZwQrsUeAmMA.roa
Signing time: Wed 18 Mar 2026 18:44:29 +0000
ROA not before: Wed 18 Mar 2026 18:44:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14789
IP address blocks: 2a09:bac0:439::/48 maxlen: 48
2a09:bac0:450::/48 maxlen: 48
2a09:bac0:477::/48 maxlen: 48
2a09:bac0:483::/48 maxlen: 48
2a09:bac0:545::/48 maxlen: 48
2a09:bac0:566::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.mft
rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 25 Mar 2026 09:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:02:43:7a:c2:f8:36:10:d6:19:c6:5c:57:6d:a1:df:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Validity
Not Before: Mar 18 18:44:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=57fad8c59dbec3804af5f56467042bb1478098c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e6:f6:f1:ab:74:44:2e:e4:47:e3:93:0d:3f:
0f:26:6d:de:05:68:f6:8a:19:87:7c:9d:23:41:d1:
91:31:09:3d:20:c3:9a:2f:50:cc:a0:b0:7e:33:59:
f1:c5:09:ec:e5:3d:c3:9b:71:62:e6:76:5a:da:ff:
f2:7d:cf:6a:e0:7c:cb:4d:06:9a:ce:f4:99:c0:91:
4a:3a:1f:bc:e7:af:b5:14:52:d9:5e:5b:74:19:15:
6d:a1:e2:0f:43:9e:bc:11:76:94:d0:86:b4:05:fb:
61:36:1b:9c:c9:6e:12:4b:35:b8:79:7d:dd:bb:9d:
bc:e6:8c:cf:49:4a:e3:2f:e8:34:d3:6d:cb:b1:1f:
b8:c2:d2:4e:5b:fc:bd:27:be:9e:28:e2:88:8e:48:
76:7d:e4:4f:b1:5f:3e:5e:f6:6a:ed:9c:36:55:80:
dd:43:9a:2d:f8:ae:bf:9f:36:5a:25:3e:2a:a5:ef:
23:72:f4:63:bb:14:2a:e9:17:d2:4e:9b:0d:f2:17:
71:60:f9:e3:ca:9e:90:3b:da:b2:7f:76:48:c5:a3:
57:1a:be:82:60:57:57:a9:64:95:ce:d0:b7:9a:ab:
fc:d6:eb:08:8d:09:11:11:db:ff:b6:47:dc:f5:e8:
fc:9c:3f:88:0c:2a:9b:33:38:be:7d:82:8b:e8:cf:
2f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:FA:D8:C5:9D:BE:C3:80:4A:F5:F5:64:67:04:2B:B1:47:80:98:C0
X509v3 Authority Key Identifier:
keyid:BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/V_rYxZ2-w4BK9fVkZwQrsUeAmMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:bac0:439::/48
2a09:bac0:450::/48
2a09:bac0:477::/48
2a09:bac0:483::/48
2a09:bac0:545::/48
2a09:bac0:566::/48
Signature Algorithm: sha256WithRSAEncryption
6f:b3:a7:65:2b:76:9e:04:8a:4f:bc:c6:9d:67:71:b1:f2:96:
e4:d7:ab:8b:eb:06:3a:61:47:7b:cb:4c:9d:58:a7:dd:1c:74:
45:00:d2:cd:7c:e9:c4:e7:3e:a0:65:56:e9:5f:08:a6:52:c2:
09:cd:c6:81:90:58:a2:72:e1:d3:5f:0e:d4:81:57:71:3f:db:
9c:84:f9:54:b2:b7:cc:dc:1d:6c:e5:6c:68:0a:ca:8b:40:3d:
15:cc:2d:06:ea:4f:35:6f:16:87:93:d3:b9:cb:7b:80:d3:91:
57:ff:7b:08:69:89:02:78:c9:60:0b:b3:1f:fd:f8:0b:28:85:
f0:df:f7:0f:0e:42:89:b6:f7:29:90:73:f9:03:e8:40:7d:a9:
c6:40:fe:9a:37:e2:23:fd:ab:02:cd:e0:f5:2c:0e:06:0c:ef:
37:ad:5c:97:dc:63:10:04:b7:61:5c:7c:2a:a2:0d:0f:28:91:
41:45:c5:35:6e:7e:d2:96:21:e8:f8:cd:70:f1:32:39:92:d5:
0f:44:12:6c:89:dc:fb:ff:8c:ec:bb:01:18:a0:dc:8c:75:37:
62:f5:eb:ce:3e:29:26:1a:f7:ea:f5:42:2e:cc:2b:3f:a1:7a:
4d:f3:d6:d1:98:3b:c8:15:ca:dd:8d:44:5e:41:d2:a0:5c:a2:
31:db:f2:3b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ0CQ3rC+DYQ1hnGXFdtod+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTlmMTJjOTZiYTIwNjgzYWZmNWM5NThiZmFkOGU0YzU3
N2Y3ZmUwHhcNMjYwMzE4MTg0NDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2ZhZDhjNTlkYmVjMzgwNGFmNWY1NjQ2NzA0MmJiMTQ3ODA5OGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleb28at0RC7kR+OTDT8PJm3eBWj2
ihmHfJ0jQdGRMQk9IMOaL1DMoLB+M1nxxQns5T3Dm3Fi5nZa2v/yfc9q4HzLTQaa
zvSZwJFKOh+856+1FFLZXlt0GRVtoeIPQ568EXaU0Ia0BfthNhucyW4SSzW4eX3d
u5285ozPSUrjL+g0023LsR+4wtJOW/y9J76eKOKIjkh2feRPsV8+XvZq7Zw2VYDd
Q5ot+K6/nzZaJT4qpe8jcvRjuxQq6RfSTpsN8hdxYPnjyp6QO9qyf3ZIxaNXGr6C
YFdXqWSVztC3mqv81usIjQkREdv/tkfc9ej8nD+IDCqbMzi+fYKL6M8v1QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFf62MWdvsOASvX1ZGcEK7FHgJjAMB8GA1UdIwQY
MBaAFL/p8SyWuiBoOv9clYv62OTFd/f+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQt
Zjc4MjBjNWU5NjZhLzEvVl9yWXhaMi13NEJLOWZWa1p3UXJzVWVBbU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQtZjc4MjBjNWU5NjZh
LzEvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgm6wAQ5
AwcAKgm6wARQAwcAKgm6wAR3AwcAKgm6wASDAwcAKgm6wAVFAwcAKgm6wAVmMA0G
CSqGSIb3DQEBCwUAA4IBAQBvs6dlK3aeBIpPvMadZ3Gx8pbk16uL6wY6YUd7y0yd
WKfdHHRFANLNfOnE5z6gZVbpXwimUsIJzcaBkFiicuHTXw7UgVdxP9uchPlUsrfM
3B1s5WxoCsqLQD0VzC0G6k81bxaHk9O5y3uA05FX/3sIaYkCeMlgC7Mf/fgLKIXw
3/cPDkKJtvcpkHP5A+hAfanGQP6aN+Ij/asCzeD1LA4GDO83rVyX3GMQBLdhXHwq
og0PKJFBRcU1bn7SliHo+M1w8TI5ktUPRBJsidz7/4zsuwEYoNyMdTdi9evOPikm
Gvfq9UIuzCs/oXpN89bRmDvIFcrdjUReQdKgXKIx2/I7
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:48:30 2026 by rpki-client