Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/v8UWvksKyApjoGkpVQk-f77SIjs.roa
File: v8UWvksKyApjoGkpVQk-f77SIjs.roa (raw, json)
Hash identifier: AWjQmre4TrBhKT07KOw+400SUJ7NB0n9U3rnKiTax+Y=
Subject key identifier: BF:C5:16:BE:4B:0A:C8:0A:63:A0:69:29:55:09:3E:7F:BE:D2:22:3B
Certificate issuer: /CN=338c1868b56380e08c45f81ffe61dd3281d6697e
Certificate serial: 019C81BD38D7FA3B78BF0A4372A26CC56902
Authority key identifier: 33:8C:18:68:B5:63:80:E0:8C:45:F8:1F:FE:61:DD:32:81:D6:69:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M4wYaLVjgOCMRfgf_mHdMoHWaX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/v8UWvksKyApjoGkpVQk-f77SIjs.roa
Signing time: Sat 21 Feb 2026 19:46:27 +0000
ROA not before: Sat 21 Feb 2026 19:46:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197537
IP address blocks: 2a13:a740::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/M4wYaLVjgOCMRfgf_mHdMoHWaX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/M4wYaLVjgOCMRfgf_mHdMoHWaX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/M4wYaLVjgOCMRfgf_mHdMoHWaX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 15:05:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:81:bd:38:d7:fa:3b:78:bf:0a:43:72:a2:6c:c5:69:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=338c1868b56380e08c45f81ffe61dd3281d6697e
Validity
Not Before: Feb 21 19:46:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bfc516be4b0ac80a63a0692955093e7fbed2223b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:64:46:d3:19:15:c8:61:7b:dc:14:39:85:ec:
36:d8:8e:62:d9:cc:0e:3b:0e:72:26:41:d2:b6:3b:
c3:7d:43:92:64:4a:94:a3:3b:fb:4b:5e:51:97:01:
7b:e8:f0:01:24:f3:d4:34:30:b9:2a:48:2f:2a:fc:
76:ae:40:6d:1f:47:7b:63:6b:e4:1b:f5:7c:3e:0e:
42:be:bf:50:69:7d:7d:5e:e3:e6:9f:a4:5f:14:1c:
42:05:a0:3f:21:ee:c7:1f:b4:97:66:4d:a7:9f:2f:
fa:7a:aa:54:2f:30:b9:4b:8b:99:cc:ea:3e:ca:a1:
8f:8d:09:2d:1d:67:a8:63:9b:f6:b2:4d:d8:7c:56:
a1:b4:e0:24:01:c9:ff:ea:e3:69:19:a3:40:da:8f:
22:71:2c:12:7b:ba:06:83:69:bd:b5:e1:1c:ac:fd:
b6:eb:91:83:6c:34:71:56:14:ed:b4:32:8c:ea:72:
05:fc:f2:6d:ec:d1:e5:94:16:60:51:a8:34:fa:30:
f1:00:14:35:56:b0:0b:54:72:f6:58:ce:fa:82:a6:
ae:31:1d:a0:b7:52:1c:0f:6d:c4:5d:d9:ba:15:0c:
c1:24:26:91:70:ad:f6:00:43:41:3f:e2:d5:d4:06:
7c:2d:0d:8a:da:a1:27:c0:2b:6e:f5:fd:96:99:89:
d7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:C5:16:BE:4B:0A:C8:0A:63:A0:69:29:55:09:3E:7F:BE:D2:22:3B
X509v3 Authority Key Identifier:
keyid:33:8C:18:68:B5:63:80:E0:8C:45:F8:1F:FE:61:DD:32:81:D6:69:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M4wYaLVjgOCMRfgf_mHdMoHWaX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/v8UWvksKyApjoGkpVQk-f77SIjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/M4wYaLVjgOCMRfgf_mHdMoHWaX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a740::/29
Signature Algorithm: sha256WithRSAEncryption
60:0c:29:23:fc:f0:d4:f4:6b:c9:fe:7c:2d:65:64:8d:b4:43:
9c:7e:84:12:21:5e:ae:55:13:de:b5:6a:b3:10:81:28:48:e8:
85:34:37:19:c6:94:7c:c9:db:fa:26:61:25:28:f8:dd:cf:14:
df:b3:a7:d5:1a:25:23:66:a3:0d:d4:4b:08:a7:a4:a3:58:a2:
06:da:84:28:a3:58:25:ad:59:5e:b0:b2:01:63:43:6c:75:65:
51:e0:83:bb:d2:e4:39:ae:d5:71:95:a3:dd:7a:a9:ac:bc:78:
90:70:d3:98:e1:10:eb:79:89:89:39:49:fe:e5:2e:d0:c0:22:
d0:9e:9c:48:d9:e1:9c:fe:27:71:e3:bb:2f:2d:d5:97:dd:11:
99:16:a0:7f:19:e2:bb:a7:2f:0d:18:64:13:1d:7e:42:91:04:
b6:5a:88:fb:14:93:1a:7d:c3:fc:98:35:6f:c3:7a:d3:77:6b:
4e:93:5b:92:db:c8:d3:fd:01:19:34:04:2e:15:77:56:c7:67:
8f:b6:3c:af:cf:e8:3b:3e:8e:89:ea:58:d7:7d:65:58:95:38:
45:10:b2:d9:0f:58:76:e9:e2:8c:21:92:d2:f8:6c:8c:e6:01:
7a:22:6d:5b:4f:30:e0:37:22:ef:ef:ac:e7:4b:0a:1d:8d:46:
41:32:c6:74
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZyBvTjX+jt4vwpDcqJsxWkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzOGMxODY4YjU2MzgwZTA4YzQ1ZjgxZmZlNjFkZDMyODFk
NjY5N2UwHhcNMjYwMjIxMTk0NjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmM1MTZiZTRiMGFjODBhNjNhMDY5Mjk1NTA5M2U3ZmJlZDIyMjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mRG0xkVyGF73BQ5hew22I5i2cwO
Ow5yJkHStjvDfUOSZEqUozv7S15RlwF76PABJPPUNDC5KkgvKvx2rkBtH0d7Y2vk
G/V8Pg5Cvr9QaX19XuPmn6RfFBxCBaA/Ie7HH7SXZk2nny/6eqpULzC5S4uZzOo+
yqGPjQktHWeoY5v2sk3YfFahtOAkAcn/6uNpGaNA2o8icSwSe7oGg2m9teEcrP22
65GDbDRxVhTttDKM6nIF/PJt7NHllBZgUag0+jDxABQ1VrALVHL2WM76gqauMR2g
t1IcD23EXdm6FQzBJCaRcK32AENBP+LV1AZ8LQ2K2qEnwCtu9f2WmYnX6QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFL/FFr5LCsgKY6BpKVUJPn++0iI7MB8GA1UdIwQY
MBaAFDOMGGi1Y4DgjEX4H/5h3TKB1ml+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTR3WWFMVmpnT0NNUmZnZl9tSGRNb0hXYVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80MjQxMWUtZTdhYi00NjQ1LTlhNGIt
MTZkYmE1NDNiNTU4LzEvdjhVV3Zrc0t5QXBqb0drcFZRay1mNzdTSWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80MjQxMWUtZTdhYi00NjQ1LTlhNGItMTZkYmE1NDNiNTU4
LzEvTTR3WWFMVmpnT0NNUmZnZl9tSGRNb0hXYVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOnQDAN
BgkqhkiG9w0BAQsFAAOCAQEAYAwpI/zw1PRryf58LWVkjbRDnH6EEiFerlUT3rVq
sxCBKEjohTQ3GcaUfMnb+iZhJSj43c8U37On1RolI2ajDdRLCKeko1iiBtqEKKNY
Ja1ZXrCyAWNDbHVlUeCDu9LkOa7VcZWj3XqprLx4kHDTmOEQ63mJiTlJ/uUu0MAi
0J6cSNnhnP4nceO7Ly3Vl90RmRagfxniu6cvDRhkEx1+QpEEtlqI+xSTGn3D/Jg1
b8N603drTpNbktvI0/0BGTQELhV3Vsdnj7Y8r8/oOz6OiepY131lWJU4RRCy2Q9Y
dunijCGS0vhsjOYBeiJtW08w4Dci7++s50sKHY1GQTLGdA==
-----END CERTIFICATE-----
Generated at Thu Feb 26 18:52:46 2026 by rpki-client