Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/rwQ0VWAsVfkakcC_sflvKnuujzs.roa
File: rwQ0VWAsVfkakcC_sflvKnuujzs.roa (raw, json)
Hash identifier: Y/yNyr2rarlQDHzwWURsWcSWQD1JiGX22NSnQr6ZODs=
Subject key identifier: AF:04:34:55:60:2C:55:F9:1A:91:C0:BF:B1:F9:6F:2A:7B:AE:8F:3B
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 019C168219EE4182848A5714C3CC41B8BEAD
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/rwQ0VWAsVfkakcC_sflvKnuujzs.roa
Signing time: Sun 01 Feb 2026 00:02:30 +0000
ROA not before: Sun 01 Feb 2026 00:02:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62513
IP address blocks: 2a0f:b240::/46 maxlen: 48
2a0f:b240:60::/44 maxlen: 48
2a0f:b240:70::/44 maxlen: 48
2a0f:b240:5800::/40 maxlen: 48
2a0f:b245::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 07:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:16:82:19:ee:41:82:84:8a:57:14:c3:cc:41:b8:be:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: Feb 1 00:02:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=af043455602c55f91a91c0bfb1f96f2a7bae8f3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b4:c3:2a:8e:c5:42:cc:49:54:58:01:7b:e6:
fd:dc:af:5c:48:11:5b:31:98:bd:40:6e:39:76:3c:
3e:02:52:8b:e8:d9:01:8c:dd:d7:29:97:65:fe:f2:
3b:c3:3c:a2:fe:f3:f1:86:cd:ee:2e:64:0e:82:b9:
26:a6:cf:07:bb:ea:b7:20:e9:21:0d:64:d3:3a:ae:
8b:a6:67:49:52:34:08:73:4e:f5:7e:41:61:76:e2:
9e:5c:9c:5a:36:d9:09:96:f5:58:b7:b0:58:c2:9f:
c2:69:f6:ba:ee:fa:64:be:27:b9:d5:db:e4:5d:a2:
b0:d0:ab:02:8b:b1:4e:2a:d1:90:b3:a2:14:94:01:
de:58:40:5d:24:f9:60:90:68:82:77:86:6e:61:e3:
c5:77:04:f2:fd:42:15:f6:1e:aa:40:e3:e1:42:21:
ca:0d:58:df:88:9b:6d:b9:1d:d8:e7:e1:eb:78:03:
0a:c5:1d:bf:60:64:d1:a5:2b:a8:d1:f3:0c:25:60:
29:86:a9:9f:5d:6d:40:ed:b3:2e:5d:a3:55:50:f2:
a9:f0:2b:12:19:ef:6c:7b:2f:f7:e9:27:14:a3:4a:
9c:33:b6:3f:ba:43:43:93:98:90:32:f5:ce:e3:0a:
ac:b8:9b:92:ba:13:21:16:01:a6:2e:cf:4e:ec:e6:
7b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:04:34:55:60:2C:55:F9:1A:91:C0:BF:B1:F9:6F:2A:7B:AE:8F:3B
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/rwQ0VWAsVfkakcC_sflvKnuujzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b240::/46
2a0f:b240:60::/43
2a0f:b240:5800::/40
2a0f:b245::/32
Signature Algorithm: sha256WithRSAEncryption
8a:6a:c7:62:0c:bd:b9:63:41:e8:e9:35:0e:1a:27:1f:53:f0:
87:95:3f:de:22:55:8e:7b:63:c1:03:45:d0:71:50:e6:e6:f7:
05:8d:56:9b:72:4b:37:98:ac:e7:d9:76:a6:3d:00:b0:b9:49:
f5:59:cf:08:2f:cb:42:56:03:09:3e:20:07:bc:f2:c1:f0:0e:
ac:23:92:4c:53:30:3c:65:89:63:6b:6e:09:55:a8:50:ea:91:
52:e3:34:e4:f7:76:50:58:c1:6c:2d:88:f1:e4:7b:45:b4:0c:
b3:05:47:6b:55:d7:ae:af:a0:43:c2:f1:75:e8:05:cf:8b:96:
4e:19:f7:57:7e:b6:52:52:3f:8d:4e:35:b2:46:17:32:a6:71:
9d:c3:2b:48:f6:e7:a8:f7:6c:f8:19:1e:79:03:ca:9e:2f:5c:
a9:2b:e6:eb:dc:f8:4a:ef:e7:05:ee:20:d3:9e:63:a2:17:18:
fa:40:20:1f:f8:b1:53:cd:7e:6f:fb:4e:d7:99:29:a3:7c:00:
c5:f6:05:4b:0d:ab:f6:03:26:06:54:44:ef:08:f4:14:03:25:
7b:f4:8f:b1:98:df:43:f3:9a:43:55:ae:55:df:e8:b0:ac:58:
3a:88:f8:c4:40:90:3c:da:3c:7b:68:4d:dd:df:c2:6c:5f:7e:
b9:e6:79:4b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZwWghnuQYKEilcUw8xBuL6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjYwMjAxMDAwMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjA0MzQ1NTYwMmM1NWY5MWE5MWMwYmZiMWY5NmYyYTdiYWU4ZjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7TDKo7FQsxJVFgBe+b93K9cSBFb
MZi9QG45djw+AlKL6NkBjN3XKZdl/vI7wzyi/vPxhs3uLmQOgrkmps8Hu+q3IOkh
DWTTOq6LpmdJUjQIc071fkFhduKeXJxaNtkJlvVYt7BYwp/Cafa67vpkvie51dvk
XaKw0KsCi7FOKtGQs6IUlAHeWEBdJPlgkGiCd4ZuYePFdwTy/UIV9h6qQOPhQiHK
DVjfiJttuR3Y5+HreAMKxR2/YGTRpSuo0fMMJWAphqmfXW1A7bMuXaNVUPKp8CsS
Ge9sey/36ScUo0qcM7Y/ukNDk5iQMvXO4wqsuJuSuhMhFgGmLs9O7OZ7WwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFK8ENFVgLFX5GpHAv7H5byp7ro87MB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvcndRMFZXQXNWZmtha2NDX3NmbHZLbnV1anpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAAjAhAwcCKg+yQAAA
AwcFKg+yQABgAwYAKg+yQFgDBQAqD7JFMA0GCSqGSIb3DQEBCwUAA4IBAQCKasdi
DL25Y0Ho6TUOGicfU/CHlT/eIlWOe2PBA0XQcVDm5vcFjVabcks3mKzn2XamPQCw
uUn1Wc8IL8tCVgMJPiAHvPLB8A6sI5JMUzA8ZYlja24JVahQ6pFS4zTk93ZQWMFs
LYjx5HtFtAyzBUdrVdeur6BDwvF16AXPi5ZOGfdXfrZSUj+NTjWyRhcypnGdwytI
9ueo92z4GR55A8qeL1ypK+br3PhK7+cF7iDTnmOiFxj6QCAf+LFTzX5v+07XmSmj
fADF9gVLDav2AyYGVETvCPQUAyV79I+xmN9D85pDVa5V3+iwrFg6iPjEQJA82jx7
aE3d38JsX3655nlL
-----END CERTIFICATE-----
Generated at Thu Feb 26 15:35:44 2026 by rpki-client