Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/jhZDQgS37cDeN0fg9TKpAHJ2J-0.roa
File: jhZDQgS37cDeN0fg9TKpAHJ2J-0.roa (raw, json)
Hash identifier: 0zjaA0uaqIEPRMOa6F/AxIRFhD/Vgqi5oAKX2XbvGM8=
Subject key identifier: 8E:16:43:42:04:B7:ED:C0:DE:37:47:E0:F5:32:A9:00:72:76:27:ED
Certificate issuer: /CN=79a843d3a67bf202d0ae23df95e14ea871d8f15d
Certificate serial: 019CB3177CE7FB4CFBF22DBC32992C288575
Authority key identifier: 79:A8:43:D3:A6:7B:F2:02:D0:AE:23:DF:95:E1:4E:A8:71:D8:F1:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/jhZDQgS37cDeN0fg9TKpAHJ2J-0.roa
Signing time: Tue 03 Mar 2026 09:46:26 +0000
ROA not before: Tue 03 Mar 2026 09:46:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 2a0b:bc40::/32 maxlen: 32
2a0b:bc41::/32 maxlen: 32
2a0b:bc42::/32 maxlen: 32
2a0b:bc43::/32 maxlen: 32
2a0b:bc44::/32 maxlen: 32
2a0b:bc45::/32 maxlen: 32
2a0b:bc46::/32 maxlen: 32
2a0b:bc47::/32 maxlen: 32
2a10:4bc0::/32 maxlen: 32
2a10:4bc1::/32 maxlen: 32
2a10:4bc2::/32 maxlen: 32
2a10:4bc3::/32 maxlen: 32
2a10:4bc4::/32 maxlen: 32
2a10:4bc5::/32 maxlen: 32
2a10:4bc6::/32 maxlen: 32
2a10:4bc7::/32 maxlen: 32
2a10:8840::/32 maxlen: 32
2a10:8841::/32 maxlen: 32
2a10:8842::/32 maxlen: 32
2a10:8843::/32 maxlen: 32
2a10:8844::/32 maxlen: 32
2a10:8845::/32 maxlen: 32
2a10:8846::/32 maxlen: 32
2a10:8847::/32 maxlen: 32
2a10:bdc0::/29 maxlen: 29
2a12:6a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/eahD06Z78gLQriPfleFOqHHY8V0.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/eahD06Z78gLQriPfleFOqHHY8V0.mft
rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 00:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b3:17:7c:e7:fb:4c:fb:f2:2d:bc:32:99:2c:28:85:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79a843d3a67bf202d0ae23df95e14ea871d8f15d
Validity
Not Before: Mar 3 09:46:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8e16434204b7edc0de3747e0f532a900727627ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7a:9e:89:e6:bd:29:2b:df:98:27:d9:35:48:
ea:2d:32:90:69:7a:f9:72:95:c5:55:4c:62:e6:93:
bb:d6:4b:96:49:25:2f:f0:8c:aa:ce:92:89:dd:8b:
ae:87:b9:7d:5a:89:2f:48:dd:e1:dc:c7:80:93:37:
19:f6:77:43:74:2b:07:2f:cd:e0:ff:1f:91:44:25:
88:6a:3b:90:e5:52:67:64:82:24:19:2e:3b:75:59:
56:16:7b:62:0f:56:c1:65:ca:c2:37:fb:33:8e:74:
fb:0f:dd:64:f8:6c:de:b4:82:9e:14:8d:c3:bc:06:
13:f3:56:90:f6:c7:51:9a:4d:51:ce:95:e8:02:e4:
3d:d3:f2:b7:f4:0c:3d:11:b0:3f:6b:54:4c:07:66:
ca:2a:38:17:8a:21:0b:63:93:f8:ce:67:d0:8c:f7:
e6:d5:3d:52:96:5e:c5:35:95:32:ab:d2:86:f7:ac:
4e:e6:80:03:fe:58:bb:08:67:0b:8a:84:d3:54:7c:
e4:98:0e:84:eb:91:54:cf:87:2b:24:97:93:90:d0:
c7:c5:13:9b:26:33:a2:66:b0:34:2e:95:3f:fc:ad:
e3:f6:76:26:4f:74:16:3d:32:6a:39:a8:f1:a2:ca:
30:c2:95:25:8c:8c:d8:62:88:83:ea:f7:09:03:c4:
7d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:16:43:42:04:B7:ED:C0:DE:37:47:E0:F5:32:A9:00:72:76:27:ED
X509v3 Authority Key Identifier:
keyid:79:A8:43:D3:A6:7B:F2:02:D0:AE:23:DF:95:E1:4E:A8:71:D8:F1:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eahD06Z78gLQriPfleFOqHHY8V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/jhZDQgS37cDeN0fg9TKpAHJ2J-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/f70c6a-814b-461a-8541-b4dd22758951/1/eahD06Z78gLQriPfleFOqHHY8V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:bc40::/29
2a10:4bc0::/29
2a10:8840::/29
2a10:bdc0::/29
2a12:6a40::/29
Signature Algorithm: sha256WithRSAEncryption
04:3d:17:7d:1e:72:31:a7:0c:1b:71:44:6f:b3:83:49:ab:90:
39:ba:b3:76:9c:d8:d7:26:4e:ce:09:9b:ba:13:00:6a:00:68:
da:76:a6:28:13:00:3d:eb:79:9e:70:96:9e:9c:40:e8:e2:41:
f7:d1:ab:ac:42:94:61:78:99:67:80:e0:b5:07:9c:a5:75:61:
d9:a3:d1:ae:d4:ca:dd:5b:ac:a0:bb:f0:81:96:c7:3c:ec:bf:
29:28:8e:6f:ed:59:d6:9e:61:ab:11:9f:bf:a8:e8:09:b8:24:
39:7f:f8:95:96:a4:8a:eb:24:de:08:17:33:fd:02:42:d8:27:
0f:84:7f:e4:46:66:c0:85:c2:37:ad:5b:19:1c:50:40:0d:7d:
4d:9e:2d:e6:f4:0e:03:80:3b:15:c7:7f:d4:50:ea:88:37:50:
fc:ce:db:90:eb:58:02:22:ec:09:34:e4:cc:9c:06:a5:43:6b:
5e:d9:f1:da:74:d7:64:50:5f:7e:c0:02:99:df:ef:f4:29:69:
aa:ec:50:fb:1c:62:13:04:3b:56:f1:d7:8c:67:10:4d:36:d4:
a2:79:ad:2a:99:97:ea:17:41:f9:7d:82:4a:2b:8c:bd:dd:a9:
2b:54:02:a8:db:e7:f0:4f:1b:07:08:fe:21:d0:b2:72:b6:9d:
d8:69:cf:ef
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZyzF3zn+0z78i28MpksKIV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTg0M2QzYTY3YmYyMDJkMGFlMjNkZjk1ZTE0ZWE4NzFk
OGYxNWQwHhcNMjYwMzAzMDk0NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTE2NDM0MjA0YjdlZGMwZGUzNzQ3ZTBmNTMyYTkwMDcyNzYyN2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23qeiea9KSvfmCfZNUjqLTKQaXr5
cpXFVUxi5pO71kuWSSUv8IyqzpKJ3Yuuh7l9WokvSN3h3MeAkzcZ9ndDdCsHL83g
/x+RRCWIajuQ5VJnZIIkGS47dVlWFntiD1bBZcrCN/szjnT7D91k+GzetIKeFI3D
vAYT81aQ9sdRmk1RzpXoAuQ90/K39Aw9EbA/a1RMB2bKKjgXiiELY5P4zmfQjPfm
1T1Sll7FNZUyq9KG96xO5oAD/li7CGcLioTTVHzkmA6E65FUz4crJJeTkNDHxROb
JjOiZrA0LpU//K3j9nYmT3QWPTJqOajxosowwpUljIzYYoiD6vcJA8R9lwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFI4WQ0IEt+3A3jdH4PUyqQBydiftMB8GA1UdIwQY
MBaAFHmoQ9Ome/IC0K4j35XhTqhx2PFdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFoRDA2Wjc4Z0xRcmlQZmxlRk9xSEhZOFYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9mNzBjNmEtODE0Yi00NjFhLTg1NDEt
YjRkZDIyNzU4OTUxLzEvamhaRFFnUzM3Y0RlTjBmZzlUS3BBSEoySi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9mNzBjNmEtODE0Yi00NjFhLTg1NDEtYjRkZDIyNzU4OTUx
LzEvZWFoRDA2Wjc4Z0xRcmlQZmxlRk9xSEhZOFYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKgu8QAMF
AyoQS8ADBQMqEIhAAwUDKhC9wAMFAyoSakAwDQYJKoZIhvcNAQELBQADggEBAAQ9
F30ecjGnDBtxRG+zg0mrkDm6s3ac2NcmTs4Jm7oTAGoAaNp2pigTAD3reZ5wlp6c
QOjiQffRq6xClGF4mWeA4LUHnKV1Ydmj0a7Uyt1brKC78IGWxzzsvykojm/tWdae
YasRn7+o6Am4JDl/+JWWpIrrJN4IFzP9AkLYJw+Ef+RGZsCFwjetWxkcUEANfU2e
Leb0DgOAOxXHf9RQ6og3UPzO25DrWAIi7Ak05MycBqVDa17Z8dp012RQX37AApnf
7/QpaarsUPscYhMEO1bx14xnEE021KJ5rSqZl+oXQfl9gkorjL3dqStUAqjb5/BP
GwcI/iHQsnK2ndhpz+8=
-----END CERTIFICATE-----
Generated at Fri Mar 6 10:37:14 2026 by rpki-client