Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/IAzqisjxP23pxHIZNU2PwOnCvLM.roa
File: IAzqisjxP23pxHIZNU2PwOnCvLM.roa (raw, json)
Hash identifier: Dx8Ru9bk+rrGzgV8uzgjB8VkPAyaJl87lUuZPbol+S8=
Subject key identifier: 20:0C:EA:8A:C8:F1:3F:6D:E9:C4:72:19:35:4D:8F:C0:E9:C2:BC:B3
Certificate issuer: /CN=338c1868b56380e08c45f81ffe61dd3281d6697e
Certificate serial: 019C81BE223B6162C50B2A16E120E6BA73B3
Authority key identifier: 33:8C:18:68:B5:63:80:E0:8C:45:F8:1F:FE:61:DD:32:81:D6:69:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M4wYaLVjgOCMRfgf_mHdMoHWaX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/IAzqisjxP23pxHIZNU2PwOnCvLM.roa
Signing time: Sat 21 Feb 2026 19:47:27 +0000
ROA not before: Sat 21 Feb 2026 19:47:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401163
IP address blocks: 2a13:a740::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/M4wYaLVjgOCMRfgf_mHdMoHWaX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/M4wYaLVjgOCMRfgf_mHdMoHWaX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/M4wYaLVjgOCMRfgf_mHdMoHWaX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 15:05:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:81:be:22:3b:61:62:c5:0b:2a:16:e1:20:e6:ba:73:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=338c1868b56380e08c45f81ffe61dd3281d6697e
Validity
Not Before: Feb 21 19:47:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=200cea8ac8f13f6de9c47219354d8fc0e9c2bcb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:99:58:31:0f:9a:86:c5:a8:7f:2f:9c:57:ce:
68:1e:2b:1f:9d:65:53:61:b9:08:18:96:ed:00:61:
b2:d4:95:2f:52:ef:8d:a0:80:f4:be:82:97:b7:c1:
69:44:fa:1f:7a:12:18:29:c6:4a:53:5e:0f:fc:f6:
8b:3f:c9:12:1e:46:19:05:06:01:f7:94:4a:71:57:
e6:7d:e0:f5:85:8f:43:65:a7:28:b1:cf:35:05:29:
3f:c3:e0:44:19:ca:69:84:9c:8c:d5:46:2b:14:75:
92:00:f0:de:d7:a6:f9:e9:97:70:b5:4e:10:dd:d3:
10:cc:2c:72:33:9e:d5:54:54:3a:cd:d2:03:1a:80:
2d:c8:9f:16:82:76:23:6b:19:27:5f:0c:63:55:e7:
3f:3f:69:5e:a0:e3:7d:9a:fb:1b:78:55:8c:3a:b8:
9a:11:ea:2c:bc:f3:1c:d6:07:95:da:31:2c:10:b0:
a1:a7:ca:30:fb:29:de:bb:43:75:c8:d0:f9:10:cf:
d8:08:be:4e:4f:99:51:29:4a:6e:45:da:b4:31:c7:
a4:e4:2a:5c:cc:cc:0b:e7:00:c8:2e:a2:df:c4:46:
7d:3b:e4:eb:50:a0:1b:ec:55:b7:a5:6e:4c:3b:6e:
0c:e5:3a:5d:53:2b:6c:5e:ce:f2:af:8c:e4:58:92:
c3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0C:EA:8A:C8:F1:3F:6D:E9:C4:72:19:35:4D:8F:C0:E9:C2:BC:B3
X509v3 Authority Key Identifier:
keyid:33:8C:18:68:B5:63:80:E0:8C:45:F8:1F:FE:61:DD:32:81:D6:69:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M4wYaLVjgOCMRfgf_mHdMoHWaX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/IAzqisjxP23pxHIZNU2PwOnCvLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/M4wYaLVjgOCMRfgf_mHdMoHWaX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a740::/29
Signature Algorithm: sha256WithRSAEncryption
d4:4e:09:d3:52:c5:16:ea:1c:bd:d0:26:d3:e6:a6:32:79:6f:
0b:79:96:f6:2e:97:84:ea:aa:92:66:4a:74:79:a1:00:cd:d6:
8f:e7:0f:2e:b4:25:5c:30:60:77:40:d0:8b:f0:5a:b0:2c:00:
5a:6b:b0:35:fb:94:df:9c:2f:bf:ee:6c:0b:a6:b8:b3:87:9b:
0d:83:54:a3:40:19:e4:ac:ce:7f:8f:56:e6:f6:4b:84:da:c9:
2c:82:1e:f7:e5:ed:8f:2f:f1:57:7c:c6:5b:1c:27:15:88:91:
98:49:5c:12:f4:e9:29:03:5f:c0:4b:37:6f:64:4e:fa:84:ca:
d8:63:6b:e2:e8:7f:63:33:62:8c:a8:25:4f:22:79:40:01:05:
05:b0:68:ce:3a:0d:c6:f5:5c:75:dd:92:c0:17:95:e6:1d:56:
ee:77:70:a5:32:53:31:35:8f:48:0b:12:77:1e:f8:ce:65:0a:
3b:77:5a:b5:07:ef:64:aa:99:c5:42:fb:e4:51:04:c7:cf:59:
85:ce:ac:12:00:9e:30:95:b8:11:2c:f3:7e:cf:bd:f8:7b:bb:
ba:58:7f:18:b5:78:f2:cd:b6:ce:6e:c8:03:44:ca:1f:31:3b:
59:01:81:65:f5:ee:66:51:8a:17:08:6d:93:19:f6:8c:99:3f:
f5:9c:3f:3a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZyBviI7YWLFCyoW4SDmunOzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzOGMxODY4YjU2MzgwZTA4YzQ1ZjgxZmZlNjFkZDMyODFk
NjY5N2UwHhcNMjYwMjIxMTk0NzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDBjZWE4YWM4ZjEzZjZkZTljNDcyMTkzNTRkOGZjMGU5YzJiY2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqplYMQ+ahsWofy+cV85oHisfnWVT
YbkIGJbtAGGy1JUvUu+NoID0voKXt8FpRPofehIYKcZKU14P/PaLP8kSHkYZBQYB
95RKcVfmfeD1hY9DZacosc81BSk/w+BEGcpphJyM1UYrFHWSAPDe16b56ZdwtU4Q
3dMQzCxyM57VVFQ6zdIDGoAtyJ8WgnYjaxknXwxjVec/P2leoON9mvsbeFWMOria
EeosvPMc1geV2jEsELChp8ow+yneu0N1yND5EM/YCL5OT5lRKUpuRdq0Mcek5Cpc
zMwL5wDILqLfxEZ9O+TrUKAb7FW3pW5MO24M5TpdUytsXs7yr4zkWJLDuQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCAM6orI8T9t6cRyGTVNj8DpwryzMB8GA1UdIwQY
MBaAFDOMGGi1Y4DgjEX4H/5h3TKB1ml+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTR3WWFMVmpnT0NNUmZnZl9tSGRNb0hXYVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80MjQxMWUtZTdhYi00NjQ1LTlhNGIt
MTZkYmE1NDNiNTU4LzEvSUF6cWlzanhQMjNweEhJWk5VMlB3T25DdkxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80MjQxMWUtZTdhYi00NjQ1LTlhNGItMTZkYmE1NDNiNTU4
LzEvTTR3WWFMVmpnT0NNUmZnZl9tSGRNb0hXYVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOnQDAN
BgkqhkiG9w0BAQsFAAOCAQEA1E4J01LFFuocvdAm0+amMnlvC3mW9i6XhOqqkmZK
dHmhAM3Wj+cPLrQlXDBgd0DQi/BasCwAWmuwNfuU35wvv+5sC6a4s4ebDYNUo0AZ
5KzOf49W5vZLhNrJLIIe9+Xtjy/xV3zGWxwnFYiRmElcEvTpKQNfwEs3b2RO+oTK
2GNr4uh/YzNijKglTyJ5QAEFBbBozjoNxvVcdd2SwBeV5h1W7ndwpTJTMTWPSAsS
dx74zmUKO3datQfvZKqZxUL75FEEx89Zhc6sEgCeMJW4ESzzfs+9+Hu7ulh/GLV4
8s22zm7IA0TKHzE7WQGBZfXuZlGKFwhtkxn2jJk/9Zw/Og==
-----END CERTIFICATE-----
Generated at Thu Feb 26 18:51:20 2026 by rpki-client