Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/FJcsmaUQsD13YXXoyE7RkZKR-ng.roa
File: FJcsmaUQsD13YXXoyE7RkZKR-ng.roa (raw, json)
Hash identifier: u6HoYzjVqNqn2YWEImLaDRf/C6bprfKvf9KjlvjxNLc=
Subject key identifier: 14:97:2C:99:A5:10:B0:3D:77:61:75:E8:C8:4E:D1:91:92:91:FA:78
Certificate issuer: /CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Certificate serial: 019E83109B05E23AFABD3665BCC384850640
Authority key identifier: 9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/FJcsmaUQsD13YXXoyE7RkZKR-ng.roa
Signing time: Mon 01 Jun 2026 12:02:43 +0000
ROA not before: Mon 01 Jun 2026 12:02:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 2a12:5f80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:83:10:9b:05:e2:3a:fa:bd:36:65:bc:c3:84:85:06:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Validity
Not Before: Jun 1 12:02:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=14972c99a510b03d776175e8c84ed1919291fa78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:16:6f:1b:e8:df:28:e3:77:b0:91:32:39:b5:
9d:db:de:bc:ee:3c:91:d1:b2:65:35:2e:76:59:9b:
53:a3:a8:8c:b1:3a:7d:e8:c5:d5:5f:e2:f7:58:c0:
8c:02:12:8e:4b:f3:a1:9c:30:e4:13:cc:59:4f:b8:
3c:5d:7a:03:8e:22:5f:ac:88:cd:48:b6:3e:37:8d:
44:c5:a7:4d:d8:8e:bf:26:d8:4d:1a:ed:00:f2:47:
a6:09:69:2b:52:fc:83:c6:a5:27:c6:ee:94:33:fa:
d6:8e:4e:56:1c:d4:b3:7b:19:d9:01:72:08:14:68:
41:0a:e2:71:0e:d9:d0:bf:f9:27:21:dd:2f:c5:00:
f2:cf:79:eb:fc:b8:95:46:43:86:c1:1c:32:93:5c:
99:56:f4:69:da:f4:e6:e6:d9:b1:56:24:ba:95:0a:
0f:1a:6c:10:72:64:0d:19:33:f5:75:9b:b7:20:1b:
7d:39:ad:4a:d1:bc:6d:28:29:9f:69:40:db:74:88:
26:fe:a4:93:8b:7d:f1:ba:27:29:0d:38:b7:2c:c3:
41:8e:b1:d9:e7:19:49:9a:00:3f:0a:af:67:5a:d6:
5b:60:08:17:38:db:fd:c4:8f:93:d8:29:28:aa:aa:
6b:72:4d:d6:b3:21:9a:57:e6:fe:b7:58:60:96:b3:
23:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:97:2C:99:A5:10:B0:3D:77:61:75:E8:C8:4E:D1:91:92:91:FA:78
X509v3 Authority Key Identifier:
keyid:9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/FJcsmaUQsD13YXXoyE7RkZKR-ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:5f80::/29
Signature Algorithm: sha256WithRSAEncryption
5f:2d:0a:aa:7a:43:90:19:ae:f5:18:e9:ec:52:18:ae:94:ec:
3d:d2:51:f9:86:29:d7:c2:dc:d1:88:8e:09:3b:49:10:32:85:
cc:d7:3c:b8:51:41:2f:dc:13:f5:a0:d1:98:b2:5b:e0:c2:97:
f1:ad:2a:dc:bc:18:a0:0a:af:40:2b:bd:d8:f6:7b:b5:0f:e9:
40:0a:00:fa:00:65:e6:23:3c:e9:c0:92:c7:23:92:b6:66:d2:
eb:72:aa:9f:76:eb:09:2c:ed:b7:7b:e7:82:fb:dd:02:b4:67:
a7:36:eb:d8:8c:ac:4c:8b:64:f1:bb:c1:4f:e4:fb:60:df:79:
d6:ac:a1:28:9c:7b:00:d6:a9:7d:57:63:6d:bd:34:fb:51:5f:
fb:7f:bc:ea:4d:77:d4:fd:6a:fe:2d:cc:7b:62:08:92:9a:98:
a7:1b:70:70:3e:69:5a:72:ee:13:cc:ab:8e:18:b4:1c:eb:4c:
4c:c2:27:5e:73:04:73:1a:28:eb:9f:55:c9:31:ce:7e:42:f1:
04:29:05:99:ac:85:3e:49:33:89:3a:6d:5d:53:e7:e8:f0:a9:
d9:2c:3f:ea:5c:43:9f:fe:ef:f6:5c:ea:af:ea:39:66:10:5f:
c9:a8:6a:5b:fd:2a:3c:7b:48:7d:d7:2c:af:8d:ed:3c:ca:5b:
6f:8a:4e:52
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ6DEJsF4jr6vTZlvMOEhQZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzI4YWU5OTM3ZmY3ZTQ5ZWM0ZjEyMzRlNTNkOGI5ZGQ2
OTQ1NDEwHhcNMjYwNjAxMTIwMjQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDk3MmM5OWE1MTBiMDNkNzc2MTc1ZThjODRlZDE5MTkyOTFmYTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRZvG+jfKON3sJEyObWd29687jyR
0bJlNS52WZtTo6iMsTp96MXVX+L3WMCMAhKOS/OhnDDkE8xZT7g8XXoDjiJfrIjN
SLY+N41ExadN2I6/JthNGu0A8kemCWkrUvyDxqUnxu6UM/rWjk5WHNSzexnZAXII
FGhBCuJxDtnQv/knId0vxQDyz3nr/LiVRkOGwRwyk1yZVvRp2vTm5tmxViS6lQoP
GmwQcmQNGTP1dZu3IBt9Oa1K0bxtKCmfaUDbdIgm/qSTi33xuicpDTi3LMNBjrHZ
5xlJmgA/Cq9nWtZbYAgXONv9xI+T2Ckoqqprck3WsyGaV+b+t1hglrMj3QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBSXLJmlELA9d2F16MhO0ZGSkfp4MB8GA1UdIwQY
MBaAFJ3CiumTf/fknsTxI05T2LndaUVBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMt
MTkyY2JkMDhkYjUxLzEvRkpjc21hVVFzRDEzWVhYb3lFN1JrWktSLW5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMtMTkyY2JkMDhkYjUx
LzEvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhJfgDAN
BgkqhkiG9w0BAQsFAAOCAQEAXy0KqnpDkBmu9Rjp7FIYrpTsPdJR+YYp18Lc0YiO
CTtJEDKFzNc8uFFBL9wT9aDRmLJb4MKX8a0q3LwYoAqvQCu92PZ7tQ/pQAoA+gBl
5iM86cCSxyOStmbS63Kqn3brCSztt3vngvvdArRnpzbr2IysTItk8bvBT+T7YN95
1qyhKJx7ANapfVdjbb00+1Ff+3+86k131P1q/i3Me2IIkpqYpxtwcD5pWnLuE8yr
jhi0HOtMTMInXnMEcxoo659VyTHOfkLxBCkFmayFPkkziTptXVPn6PCp2Sw/6lxD
n/7v9lzqr+o5ZhBfyahqW/0qPHtIfdcsr43tPMpbb4pOUg==
-----END CERTIFICATE-----
Generated at Tue Jun 2 20:50:55 2026 by rpki-client