Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1H2LBwxOS6ZK7kP0bHuOOjYLFXM.roa
File: 1H2LBwxOS6ZK7kP0bHuOOjYLFXM.roa (raw, json)
Hash identifier: lM8jCRUWD5XjSKSKG5x5Vcw7snm2M+L123CpHLdB1I8=
Subject key identifier: D4:7D:8B:07:0C:4E:4B:A6:4A:EE:43:F4:6C:7B:8E:3A:36:0B:15:73
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 019CC76FEECBCA779C43A06CB7D074E41414
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1H2LBwxOS6ZK7kP0bHuOOjYLFXM.roa
Signing time: Sat 07 Mar 2026 08:35:27 +0000
ROA not before: Sat 07 Mar 2026 08:35:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 2a06:fe40::/32 maxlen: 32
2a06:fe41::/32 maxlen: 32
2a06:fe42::/32 maxlen: 32
2a06:fe43::/32 maxlen: 32
2a06:fe44::/32 maxlen: 32
2a06:fe45::/32 maxlen: 32
2a06:fe46::/32 maxlen: 32
2a06:fe47::/32 maxlen: 32
2a09:1d80::/29 maxlen: 29
2a09:1d80::/32 maxlen: 32
2a09:1d81::/32 maxlen: 32
2a09:1d82::/32 maxlen: 32
2a09:1d83::/32 maxlen: 32
2a09:1d84::/32 maxlen: 32
2a09:1d85::/32 maxlen: 32
2a09:1d86::/32 maxlen: 32
2a09:1d87::/32 maxlen: 32
2a0e:2c00::/29 maxlen: 29
2a0e:2c00::/32 maxlen: 32
2a0e:2c01::/32 maxlen: 32
2a0e:2c02::/32 maxlen: 32
2a0e:2c03::/32 maxlen: 32
2a0e:2c04::/32 maxlen: 32
2a0e:2c05::/32 maxlen: 32
2a0e:2c06::/32 maxlen: 32
2a0e:2c07::/32 maxlen: 32
2a0e:6c00::/29 maxlen: 29
2a0e:6c00::/32 maxlen: 32
2a0e:6c01::/32 maxlen: 32
2a0e:6c02::/32 maxlen: 32
2a0e:6c03::/32 maxlen: 32
2a0e:6c04::/32 maxlen: 32
2a0e:6c05::/32 maxlen: 32
2a0e:6c06::/32 maxlen: 32
2a0e:6c07::/32 maxlen: 32
2a0e:8400::/29 maxlen: 29
2a11:ed80::/29 maxlen: 29
2a12:f80::/29 maxlen: 29
2a12:f80::/32 maxlen: 32
2a12:f81::/32 maxlen: 32
2a12:f82::/32 maxlen: 32
2a12:f83::/32 maxlen: 32
2a12:f84::/32 maxlen: 32
2a12:f85::/32 maxlen: 32
2a12:f86::/32 maxlen: 32
2a12:f87::/32 maxlen: 32
2a12:2f00::/29 maxlen: 32
2a12:3a80::/32 maxlen: 32
2a12:3a81::/32 maxlen: 32
2a12:3a82::/32 maxlen: 32
2a12:3a83::/32 maxlen: 32
2a12:3a84::/32 maxlen: 32
2a12:3a85::/32 maxlen: 32
2a12:3a86::/32 maxlen: 32
2a12:3a87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c7:6f:ee:cb:ca:77:9c:43:a0:6c:b7:d0:74:e4:14:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Mar 7 08:35:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d47d8b070c4e4ba64aee43f46c7b8e3a360b1573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:68:91:8d:af:2e:51:85:45:21:c1:d7:b0:5f:
95:f4:c7:b3:93:00:0d:99:cf:27:a5:d2:f0:14:ed:
2d:7d:ad:5e:86:98:31:39:51:91:fd:dd:78:a3:20:
29:cc:b8:75:23:81:80:a9:e8:20:b9:92:37:30:59:
b4:df:f3:6d:ff:46:79:d4:a7:53:62:dc:b3:6b:09:
66:5d:f7:b9:4b:09:91:9a:43:99:0d:db:4c:7a:19:
e1:d4:fd:2d:f4:b0:b3:6c:49:7c:1e:26:7d:7b:94:
1c:39:32:fa:17:eb:3d:28:ca:01:50:3a:5c:3f:c5:
46:a3:24:ce:88:7f:b0:c7:bb:c6:7b:f8:9c:70:13:
41:d9:68:a0:5b:82:0f:4c:57:e7:85:6a:ea:e6:ed:
66:22:97:74:6e:22:84:71:1f:6d:b2:70:8b:cd:78:
25:b7:df:7e:cd:a3:fc:2c:0a:cf:8d:05:dc:63:7e:
00:ed:58:9c:3c:42:c3:63:ca:4e:f4:f4:70:0a:b5:
4b:3d:aa:39:be:a5:3e:57:ed:2e:49:85:3d:6e:d0:
58:f9:a0:b8:19:0a:1f:13:4a:f5:48:d6:3f:59:8e:
7a:bc:ec:35:5c:9e:4f:1e:ef:6c:07:0e:97:93:1c:
a1:a9:0f:6d:2a:4f:3b:7c:ed:e9:e1:9c:8f:cc:26:
9e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:7D:8B:07:0C:4E:4B:A6:4A:EE:43:F4:6C:7B:8E:3A:36:0B:15:73
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1H2LBwxOS6ZK7kP0bHuOOjYLFXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:fe40::/29
2a09:1d80::/29
2a0e:2c00::/29
2a0e:6c00::/29
2a0e:8400::/29
2a11:ed80::/29
2a12:f80::/29
2a12:2f00::/29
2a12:3a80::/29
Signature Algorithm: sha256WithRSAEncryption
49:5a:50:87:a1:77:9e:27:9d:83:12:50:51:9f:11:6a:77:bb:
df:37:45:bf:40:7a:f2:4c:98:a8:97:79:33:2b:a0:00:c7:51:
0c:07:f4:53:9c:5d:a2:94:33:d4:84:90:59:93:28:e8:44:10:
5d:b4:88:ac:bc:64:1c:d5:05:cf:4a:59:e1:a9:bd:02:34:d5:
9c:3d:b4:27:46:09:bf:67:ba:10:e6:41:55:d4:88:52:77:ec:
63:56:c3:60:a9:59:3b:90:65:25:c4:f2:dc:aa:bc:f5:64:7e:
cc:f5:58:41:0a:66:87:d2:af:f5:ed:2f:51:57:36:53:6a:f1:
d6:7a:59:ca:01:3f:66:d4:56:e1:de:f0:bf:66:13:8c:a3:2c:
34:29:79:5f:d1:72:89:ac:40:b5:33:b1:e5:18:fc:c4:97:3c:
2b:7b:24:92:d7:66:ec:23:c0:16:7e:89:7b:b0:04:82:bd:89:
bb:d8:a4:c7:62:1a:a0:4b:da:53:73:ec:af:0b:a4:7e:a4:4c:
9c:60:01:c7:11:6c:52:f4:0c:d4:c1:d8:46:a0:4c:a9:ed:5d:
e4:b0:83:e3:c0:26:19:f7:56:40:4c:2f:b9:d8:a9:d3:2d:28:
49:a9:18:b8:b2:3f:40:98:46:73:e2:95:d4:11:c2:f8:77:60:
93:35:af:40
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZzHb+7LynecQ6Bst9B05BQUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjYwMzA3MDgzNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDdkOGIwNzBjNGU0YmE2NGFlZTQzZjQ2YzdiOGUzYTM2MGIxNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7miRja8uUYVFIcHXsF+V9MezkwAN
mc8npdLwFO0tfa1ehpgxOVGR/d14oyApzLh1I4GAqegguZI3MFm03/Nt/0Z51KdT
YtyzawlmXfe5SwmRmkOZDdtMehnh1P0t9LCzbEl8HiZ9e5QcOTL6F+s9KMoBUDpc
P8VGoyTOiH+wx7vGe/iccBNB2WigW4IPTFfnhWrq5u1mIpd0biKEcR9tsnCLzXgl
t99+zaP8LArPjQXcY34A7VicPELDY8pO9PRwCrVLPao5vqU+V+0uSYU9btBY+aC4
GQofE0r1SNY/WY56vOw1XJ5PHu9sBw6XkxyhqQ9tKk87fO3p4ZyPzCaeGwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNR9iwcMTkumSu5D9Gx7jjo2CxVzMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvMUgyTEJ3eE9TNlpLN2tQMGJIdU9PallMRlhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKgb+QAMF
AyoJHYADBQMqDiwAAwUDKg5sAAMFAyoOhAADBQMqEe2AAwUDKhIPgAMFAyoSLwAD
BQMqEjqAMA0GCSqGSIb3DQEBCwUAA4IBAQBJWlCHoXeeJ52DElBRnxFqd7vfN0W/
QHryTJiol3kzK6AAx1EMB/RTnF2ilDPUhJBZkyjoRBBdtIisvGQc1QXPSlnhqb0C
NNWcPbQnRgm/Z7oQ5kFV1IhSd+xjVsNgqVk7kGUlxPLcqrz1ZH7M9VhBCmaH0q/1
7S9RVzZTavHWelnKAT9m1Fbh3vC/ZhOMoyw0KXlf0XKJrEC1M7HlGPzElzwreySS
12bsI8AWfol7sASCvYm72KTHYhqgS9pTc+yvC6R+pEycYAHHEWxS9AzUwdhGoEyp
7V3ksIPjwCYZ91ZATC+52KnTLShJqRi4sj9AmEZz4pXUEcL4d2CTNa9A
-----END CERTIFICATE-----
Generated at Sat Mar 14 22:56:38 2026 by rpki-client