Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/CjD1LPxMImTeed-Kh6oqrZI1UPk.roa
File: CjD1LPxMImTeed-Kh6oqrZI1UPk.roa (raw, json)
Hash identifier: axXGbyIBH1IJdJ+2sw0MumWpME0Zzrjz9ypBPBdsMeU=
Subject key identifier: 0A:30:F5:2C:FC:4C:22:64:DE:79:DF:8A:87:AA:2A:AD:92:35:50:F9
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019C4E71995FBB8B7A328D0C61C2A62AAD2F
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/CjD1LPxMImTeed-Kh6oqrZI1UPk.roa
Signing time: Wed 11 Feb 2026 20:43:13 +0000
ROA not before: Wed 11 Feb 2026 20:43:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201349
IP address blocks: 2a0c:9a40:8910::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4e:71:99:5f:bb:8b:7a:32:8d:0c:61:c2:a6:2a:ad:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Feb 11 20:43:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0a30f52cfc4c2264de79df8a87aa2aad923550f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9a:8c:08:f7:da:07:e3:89:ed:fd:e7:4e:c5:
8a:f4:b1:65:a8:54:0d:a4:5c:87:65:8a:a9:0c:c5:
ba:83:4e:16:ed:a9:0d:20:f5:96:ee:e0:d0:b7:b9:
0b:20:a8:eb:ea:8f:7c:b9:5f:d8:4b:38:10:7c:fa:
4f:42:f7:39:2d:29:25:40:ec:0a:1e:51:50:60:dc:
1d:6f:4f:b5:91:9c:91:b5:3b:33:09:b7:66:b4:d8:
2c:de:2d:55:a8:13:3a:c6:ae:5d:32:ed:8c:40:70:
b1:b3:88:e6:7b:1b:40:59:0a:e1:c3:ee:6e:0f:2b:
0a:5d:a3:89:ba:05:fb:41:32:ff:98:e1:22:15:01:
ff:0c:cd:0a:40:c5:cd:f4:4f:66:94:94:56:f7:0a:
61:bc:cf:c2:6b:aa:dd:24:fe:71:4f:4b:80:9a:3b:
ba:3e:74:3b:01:14:a3:58:9a:a1:ff:83:16:10:a9:
67:d0:34:bd:ce:63:d1:76:13:c4:83:a8:5b:ae:d8:
89:7c:8b:63:8a:be:b2:52:ba:72:5b:79:74:8d:19:
e0:57:3e:7f:d4:9b:db:7a:ab:69:80:ce:a5:e2:be:
2d:3a:e8:ef:c3:ed:37:9c:03:8a:7a:5e:29:08:e8:
0a:a3:e0:58:50:a1:50:7a:ff:b3:ac:3d:32:e0:14:
1d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:30:F5:2C:FC:4C:22:64:DE:79:DF:8A:87:AA:2A:AD:92:35:50:F9
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/CjD1LPxMImTeed-Kh6oqrZI1UPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8910::/44
Signature Algorithm: sha256WithRSAEncryption
2c:3b:13:97:10:88:bd:38:98:64:34:f6:4c:3e:c6:9e:7e:65:
f4:eb:29:b3:42:b4:70:30:c3:cd:38:48:38:64:f9:91:65:b5:
26:e1:99:94:a5:9b:76:4a:4e:36:28:f7:7d:47:57:06:4f:6e:
1f:4f:2b:9b:38:91:c2:e1:6b:29:10:cd:c2:58:00:e1:cb:5e:
49:65:ae:be:ce:77:0f:79:32:9d:d9:7d:56:a3:be:56:19:f8:
cf:47:c3:9e:21:fa:4f:40:ae:be:6d:e1:9a:05:a6:6b:91:c1:
9e:ca:4c:5b:ed:48:07:b6:5f:b9:3c:32:65:68:b3:39:92:82:
01:0f:4b:58:f7:b7:28:96:30:c2:be:68:43:55:29:37:f7:f0:
fd:a2:77:15:4a:43:88:60:4a:3b:f8:ec:d0:fb:21:0b:e1:76:
d8:74:52:2f:b3:49:2f:f9:ae:74:be:31:5b:73:b8:41:9f:81:
12:cd:91:9c:e3:8b:8d:bd:7b:9f:eb:92:71:0c:9c:44:6e:6c:
d2:89:1e:2f:67:79:09:c1:f4:cf:89:c4:e2:ae:f1:b5:5f:af:
7c:57:8b:a3:17:59:d3:c5:49:5f:c2:4d:36:f7:b9:39:b9:9f:
f9:1f:4d:79:7f:97:3e:ad:28:f9:cd:26:86:6e:b7:91:a9:6e:
cc:2e:e1:7e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZxOcZlfu4t6Mo0MYcKmKq0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjYwMjExMjA0MzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTMwZjUyY2ZjNGMyMjY0ZGU3OWRmOGE4N2FhMmFhZDkyMzU1MGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA25qMCPfaB+OJ7f3nTsWK9LFlqFQN
pFyHZYqpDMW6g04W7akNIPWW7uDQt7kLIKjr6o98uV/YSzgQfPpPQvc5LSklQOwK
HlFQYNwdb0+1kZyRtTszCbdmtNgs3i1VqBM6xq5dMu2MQHCxs4jmextAWQrhw+5u
DysKXaOJugX7QTL/mOEiFQH/DM0KQMXN9E9mlJRW9wphvM/Ca6rdJP5xT0uAmju6
PnQ7ARSjWJqh/4MWEKln0DS9zmPRdhPEg6hbrtiJfItjir6yUrpyW3l0jRngVz5/
1JvbeqtpgM6l4r4tOujvw+03nAOKel4pCOgKo+BYUKFQev+zrD0y4BQdZwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAow9Sz8TCJk3nnfioeqKq2SNVD5MB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvQ2pEMUxQeE1JbVRlZWQtS2g2b3FyWkkxVVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgyaQIkQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAsOxOXEIi9OJhkNPZMPsaefmX06ymzQrRwMMPN
OEg4ZPmRZbUm4ZmUpZt2Sk42KPd9R1cGT24fTyubOJHC4WspEM3CWADhy15JZa6+
zncPeTKd2X1Wo75WGfjPR8OeIfpPQK6+beGaBaZrkcGeykxb7UgHtl+5PDJlaLM5
koIBD0tY97coljDCvmhDVSk39/D9oncVSkOIYEo7+OzQ+yEL4XbYdFIvs0kv+a50
vjFbc7hBn4ESzZGc44uNvXuf65JxDJxEbmzSiR4vZ3kJwfTPicTirvG1X698V4uj
F1nTxUlfwk0297k5uZ/5H015f5c+rSj5zSaGbreRqW7MLuF+
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:06:59 2026 by rpki-client