Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/i2Iqgb7idyZNQ1KHFqC7txe0qCU.roa
File: i2Iqgb7idyZNQ1KHFqC7txe0qCU.roa (raw, json)
Hash identifier: QC2A2Wn7DMzIRhF3e3yWliEcf95P8bWix34mNMmNsw8=
Subject key identifier: 8B:62:2A:81:BE:E2:77:26:4D:43:52:87:16:A0:BB:B7:17:B4:A8:25
Certificate issuer: /CN=338c1868b56380e08c45f81ffe61dd3281d6697e
Certificate serial: 019C51BAF5AD7F7DCEF9C36C6795A50C201F
Authority key identifier: 33:8C:18:68:B5:63:80:E0:8C:45:F8:1F:FE:61:DD:32:81:D6:69:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M4wYaLVjgOCMRfgf_mHdMoHWaX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/i2Iqgb7idyZNQ1KHFqC7txe0qCU.roa
Signing time: Thu 12 Feb 2026 12:02:12 +0000
ROA not before: Thu 12 Feb 2026 12:02:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 55201
IP address blocks: 2a13:a740::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/M4wYaLVjgOCMRfgf_mHdMoHWaX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/M4wYaLVjgOCMRfgf_mHdMoHWaX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/M4wYaLVjgOCMRfgf_mHdMoHWaX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 15:05:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:51:ba:f5:ad:7f:7d:ce:f9:c3:6c:67:95:a5:0c:20:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=338c1868b56380e08c45f81ffe61dd3281d6697e
Validity
Not Before: Feb 12 12:02:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8b622a81bee277264d43528716a0bbb717b4a825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:24:d4:d5:55:d8:8a:2e:f0:5a:5e:1c:ea:8f:
2d:54:01:33:7d:9d:46:d4:fb:f6:f9:75:a8:01:2a:
b8:40:c4:19:f7:07:8c:23:8a:13:22:7d:12:19:a4:
c8:64:75:78:1d:63:df:23:7a:20:73:1e:3a:3c:93:
a8:64:55:a3:1c:c5:48:b4:ab:36:a0:7f:77:29:8f:
eb:17:ac:8c:9a:fd:dc:54:31:d9:aa:8f:fd:c2:8a:
db:fe:31:9c:09:e1:c0:7b:60:45:dd:ac:fa:be:98:
d4:5e:c2:0a:cb:2e:47:bd:a3:a4:80:fb:f3:73:de:
0d:3e:09:4e:e5:97:dd:8f:45:bf:21:4b:ef:6d:75:
8f:e1:06:2d:da:31:95:05:f9:ac:a6:f0:03:bd:18:
0e:64:42:86:42:c5:5f:dd:e5:80:63:af:9d:2d:de:
95:37:68:07:4e:9f:24:fb:23:e9:83:22:aa:a9:7f:
c8:55:7e:1b:0a:ff:68:79:e6:32:e5:e3:fb:ad:dc:
38:0a:92:ea:48:8d:28:d4:9b:9a:af:72:00:22:0e:
d3:fa:6a:84:85:f0:35:fb:a3:e6:77:ce:a7:62:d2:
b2:94:8a:b5:b3:6c:c1:b5:6f:6d:e8:7f:ea:c6:b2:
77:2d:86:99:ea:5a:14:e7:15:b5:1a:95:b5:bf:1a:
4d:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:62:2A:81:BE:E2:77:26:4D:43:52:87:16:A0:BB:B7:17:B4:A8:25
X509v3 Authority Key Identifier:
keyid:33:8C:18:68:B5:63:80:E0:8C:45:F8:1F:FE:61:DD:32:81:D6:69:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M4wYaLVjgOCMRfgf_mHdMoHWaX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/i2Iqgb7idyZNQ1KHFqC7txe0qCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/M4wYaLVjgOCMRfgf_mHdMoHWaX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a740::/29
Signature Algorithm: sha256WithRSAEncryption
b0:19:f4:bb:e4:9d:9b:ba:a9:f0:18:1b:24:77:2b:2b:c0:c4:
11:4b:70:b1:fa:95:81:ff:e2:71:af:71:89:fd:9a:cb:00:f3:
e6:c7:19:b5:6c:e0:06:f0:f7:10:86:35:a0:d6:30:41:3f:15:
ac:e1:99:f1:da:34:78:f8:c2:6c:07:e6:ce:68:22:0b:bc:28:
b9:49:07:62:4f:8b:05:e7:22:44:5e:e4:0d:4c:ab:5a:fd:32:
d4:9d:89:5f:d6:c3:3c:7a:ef:21:c2:16:c9:3d:6e:6e:6d:77:
ff:85:80:03:ef:18:24:32:1a:0e:bf:f1:6a:db:b9:04:a7:33:
6e:6f:2a:d0:b4:f1:1a:05:92:65:d8:5d:ba:c2:78:4c:fe:fe:
b7:2e:be:9a:f8:65:20:d7:a8:20:a7:95:d2:f4:3c:06:e4:90:
ed:6d:c3:d1:71:88:5b:36:12:21:ea:37:69:7b:63:d0:0f:67:
2f:fe:4c:cd:66:15:bd:73:90:50:70:65:a5:0e:0d:29:08:6a:
3c:fa:a7:26:b4:68:e1:e2:85:c7:c5:88:81:b9:02:9e:10:32:
80:d0:43:18:9f:07:56:2d:9e:2c:de:1a:e3:c2:ce:ba:3e:7b:
76:f6:4a:53:85:ef:de:ba:e7:13:07:07:82:7a:40:60:bc:28:
d7:42:21:49
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZxRuvWtf33O+cNsZ5WlDCAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzOGMxODY4YjU2MzgwZTA4YzQ1ZjgxZmZlNjFkZDMyODFk
NjY5N2UwHhcNMjYwMjEyMTIwMjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjYyMmE4MWJlZTI3NzI2NGQ0MzUyODcxNmEwYmJiNzE3YjRhODI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSTU1VXYii7wWl4c6o8tVAEzfZ1G
1Pv2+XWoASq4QMQZ9weMI4oTIn0SGaTIZHV4HWPfI3ogcx46PJOoZFWjHMVItKs2
oH93KY/rF6yMmv3cVDHZqo/9worb/jGcCeHAe2BF3az6vpjUXsIKyy5HvaOkgPvz
c94NPglO5Zfdj0W/IUvvbXWP4QYt2jGVBfmspvADvRgOZEKGQsVf3eWAY6+dLd6V
N2gHTp8k+yPpgyKqqX/IVX4bCv9oeeYy5eP7rdw4CpLqSI0o1Juar3IAIg7T+mqE
hfA1+6Pmd86nYtKylIq1s2zBtW9t6H/qxrJ3LYaZ6loU5xW1GpW1vxpNsQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFItiKoG+4ncmTUNShxagu7cXtKglMB8GA1UdIwQY
MBaAFDOMGGi1Y4DgjEX4H/5h3TKB1ml+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTR3WWFMVmpnT0NNUmZnZl9tSGRNb0hXYVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80MjQxMWUtZTdhYi00NjQ1LTlhNGIt
MTZkYmE1NDNiNTU4LzEvaTJJcWdiN2lkeVpOUTFLSEZxQzd0eGUwcUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80MjQxMWUtZTdhYi00NjQ1LTlhNGItMTZkYmE1NDNiNTU4
LzEvTTR3WWFMVmpnT0NNUmZnZl9tSGRNb0hXYVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOnQDAN
BgkqhkiG9w0BAQsFAAOCAQEAsBn0u+Sdm7qp8BgbJHcrK8DEEUtwsfqVgf/ica9x
if2aywDz5scZtWzgBvD3EIY1oNYwQT8VrOGZ8do0ePjCbAfmzmgiC7wouUkHYk+L
BeciRF7kDUyrWv0y1J2JX9bDPHrvIcIWyT1ubm13/4WAA+8YJDIaDr/xatu5BKcz
bm8q0LTxGgWSZdhdusJ4TP7+ty6+mvhlINeoIKeV0vQ8BuSQ7W3D0XGIWzYSIeo3
aXtj0A9nL/5MzWYVvXOQUHBlpQ4NKQhqPPqnJrRo4eKFx8WIgbkCnhAygNBDGJ8H
Vi2eLN4a48LOuj57dvZKU4Xv3rrnEwcHgnpAYLwo10IhSQ==
-----END CERTIFICATE-----
Generated at Thu Feb 26 18:51:55 2026 by rpki-client