Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/hy9A240z5duyi34QXA7EnqVELgs.roa
File: hy9A240z5duyi34QXA7EnqVELgs.roa (raw, json)
Hash identifier: bLJo88/wlnXwleBLpFysTxW5nl4FQ6vmDmPOFHtPv98=
Subject key identifier: 87:2F:40:DB:8D:33:E5:DB:B2:8B:7E:10:5C:0E:C4:9E:A5:44:2E:0B
Certificate issuer: /CN=94948e5f2fa04b222a6e96883b840f7124531556
Certificate serial: 019E2B6D7FB9D22C2D7FBD94876836118DDB
Authority key identifier: 94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/hy9A240z5duyi34QXA7EnqVELgs.roa
Signing time: Fri 15 May 2026 11:37:36 +0000
ROA not before: Fri 15 May 2026 11:37:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215152
IP address blocks: 2a0f:5f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 May 2026 20:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2b:6d:7f:b9:d2:2c:2d:7f:bd:94:87:68:36:11:8d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94948e5f2fa04b222a6e96883b840f7124531556
Validity
Not Before: May 15 11:37:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=872f40db8d33e5dbb28b7e105c0ec49ea5442e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:93:8f:8e:32:8b:47:b4:d7:d0:ec:a6:3d:7a:
94:4d:85:f1:f7:96:14:36:2e:fe:20:22:e4:5a:dc:
96:f7:17:8c:03:a0:dc:83:11:41:bc:6c:01:5b:6c:
9e:24:46:09:97:49:1f:10:41:bf:8e:b6:f5:1b:33:
44:bc:06:ae:68:e8:af:e9:e6:c8:62:6f:c3:27:22:
ca:e3:40:9c:4d:a5:7b:d0:51:7a:61:1d:a1:a1:0b:
11:85:07:45:87:f7:4d:ab:eb:2a:8b:83:f3:de:3c:
6c:33:69:b6:99:2d:ff:e1:e0:42:c1:a8:a9:63:2c:
9d:b7:3d:de:81:8f:c3:62:77:1a:1a:99:f9:28:21:
0b:a7:63:e9:de:d0:f9:f3:bb:ac:1c:3c:0d:a9:2c:
0b:56:17:33:ca:2b:01:5e:c4:ca:00:9a:40:45:76:
8a:6f:f0:18:37:1e:38:69:9b:5f:99:b4:fc:bc:40:
86:62:88:fa:77:93:fe:20:29:4b:fc:64:35:83:fe:
a9:af:61:ea:1c:6c:41:dc:06:97:3e:b5:8a:e2:29:
89:cd:d1:76:c2:68:e7:1a:d8:88:7b:58:51:ea:bf:
cb:28:e4:36:db:a2:de:c2:c3:c3:5a:c3:98:24:c4:
b0:93:df:17:fc:ee:64:c5:88:77:7e:41:a7:26:7b:
17:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2F:40:DB:8D:33:E5:DB:B2:8B:7E:10:5C:0E:C4:9E:A5:44:2E:0B
X509v3 Authority Key Identifier:
keyid:94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/hy9A240z5duyi34QXA7EnqVELgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5f00::/29
Signature Algorithm: sha256WithRSAEncryption
88:10:38:22:82:f3:e2:b8:20:b9:91:26:9c:0b:a6:77:db:6b:
05:8d:d4:51:d0:dd:bf:d9:57:bb:f7:b2:6a:bd:37:91:e0:05:
14:c6:e7:30:42:5f:1c:bd:b7:28:3f:3a:39:f8:a3:56:b7:6b:
de:ec:d9:f2:92:ac:07:65:a9:c6:4b:2a:dd:2b:5d:03:08:ec:
fe:d9:bc:7d:dc:b7:ed:15:b8:dd:be:0a:79:83:a6:73:4b:53:
6a:5e:dc:18:bf:50:fd:07:c1:4a:fe:2a:c1:36:a5:d8:75:6a:
9c:f2:c8:12:75:58:dc:74:61:16:64:c3:cd:e8:bd:94:07:21:
e5:a7:18:f6:5c:e6:3d:75:6f:74:05:26:8d:c6:8c:3c:98:20:
c0:7e:67:39:62:2d:39:17:fc:cc:6d:5f:fe:4d:46:67:a1:2c:
3b:61:d5:ce:12:4a:31:bf:9a:4b:db:bb:ce:ec:ea:b5:64:8d:
75:65:98:e9:9b:65:e1:ef:3b:a0:4d:5f:ec:b6:80:64:95:7d:
fb:21:99:17:c0:f8:a5:cb:80:30:57:95:8f:98:ad:96:c1:16:
47:6b:d8:6d:33:2b:e5:f0:83:c8:37:2d:e2:04:ee:f0:31:e2:
bc:39:c1:b7:f7:37:92:80:6c:1f:b6:6b:05:a2:4e:3e:c8:b7:
b2:14:89:36
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ4rbX+50iwtf72Uh2g2EY3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTQ4ZTVmMmZhMDRiMjIyYTZlOTY4ODNiODQwZjcxMjQ1
MzE1NTYwHhcNMjYwNTE1MTEzNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzJmNDBkYjhkMzNlNWRiYjI4YjdlMTA1YzBlYzQ5ZWE1NDQyZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZOPjjKLR7TX0OymPXqUTYXx95YU
Ni7+ICLkWtyW9xeMA6DcgxFBvGwBW2yeJEYJl0kfEEG/jrb1GzNEvAauaOiv6ebI
Ym/DJyLK40CcTaV70FF6YR2hoQsRhQdFh/dNq+sqi4Pz3jxsM2m2mS3/4eBCwaip
Yyydtz3egY/DYncaGpn5KCELp2Pp3tD587usHDwNqSwLVhczyisBXsTKAJpARXaK
b/AYNx44aZtfmbT8vECGYoj6d5P+IClL/GQ1g/6pr2HqHGxB3AaXPrWK4imJzdF2
wmjnGtiIe1hR6r/LKOQ226LewsPDWsOYJMSwk98X/O5kxYh3fkGnJnsXFQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIcvQNuNM+Xbsot+EFwOxJ6lRC4LMB8GA1UdIwQY
MBaAFJSUjl8voEsiKm6WiDuED3EkUxVWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODct
NjQxYjhlNjBkM2UyLzEvaHk5QTI0MHo1ZHV5aTM0UVhBN0VucVZFTGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODctNjQxYjhlNjBkM2Uy
LzEvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9fADAN
BgkqhkiG9w0BAQsFAAOCAQEAiBA4IoLz4rgguZEmnAumd9trBY3UUdDdv9lXu/ey
ar03keAFFMbnMEJfHL23KD86OfijVrdr3uzZ8pKsB2Wpxksq3StdAwjs/tm8fdy3
7RW43b4KeYOmc0tTal7cGL9Q/QfBSv4qwTal2HVqnPLIEnVY3HRhFmTDzei9lAch
5acY9lzmPXVvdAUmjcaMPJggwH5nOWItORf8zG1f/k1GZ6EsO2HVzhJKMb+aS9u7
zuzqtWSNdWWY6Ztl4e87oE1f7LaAZJV9+yGZF8D4pcuAMFeVj5itlsEWR2vYbTMr
5fCDyDct4gTu8DHivDnBt/c3koBsH7ZrBaJOPsi3shSJNg==
-----END CERTIFICATE-----
Generated at Mon May 25 05:43:44 2026 by rpki-client