Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/L37d5XpVwOihITHnXxLI5vAySz0.roa
File: L37d5XpVwOihITHnXxLI5vAySz0.roa (raw, json)
Hash identifier: Meq3YteYq93BIA+pzMA3bx3hn2eN+fGD8F0EUsr+moo=
Subject key identifier: 2F:7E:DD:E5:7A:55:C0:E8:A1:21:31:E7:5F:12:C8:E6:F0:32:4B:3D
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 019C8F64B2A1852A3A9BA130839026FFAC3E
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/L37d5XpVwOihITHnXxLI5vAySz0.roa
Signing time: Tue 24 Feb 2026 11:24:27 +0000
ROA not before: Tue 24 Feb 2026 11:24:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213529
IP address blocks: 2a0d:d940:2008::/48 maxlen: 48
2a0d:d940:9006::/48 maxlen: 48
2a0d:d940:900e::/48 maxlen: 48
2a0d:d940:90ab::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8f:64:b2:a1:85:2a:3a:9b:a1:30:83:90:26:ff:ac:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Feb 24 11:24:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2f7edde57a55c0e8a12131e75f12c8e6f0324b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:75:c0:2f:99:ed:85:f4:77:55:25:3c:fb:db:
48:af:97:1f:a6:89:78:18:26:6b:21:32:2e:79:2d:
ff:55:09:84:7a:c2:c7:8e:f4:ed:3e:1f:50:92:ba:
cc:84:8d:30:15:61:11:e0:6f:1f:f7:d2:7c:79:a7:
c8:07:1d:be:7d:6d:74:40:a1:bb:3f:53:da:58:67:
14:75:99:7c:fd:a8:55:f3:55:68:a5:10:ea:f7:f6:
72:a8:2a:af:96:76:ba:ec:1c:a6:bf:69:cb:e3:98:
b4:33:58:bb:d2:c0:c1:09:03:21:e6:17:56:81:72:
af:d9:5f:96:bc:47:08:69:c4:4b:b9:12:33:54:56:
67:5b:3e:4e:f2:3f:62:aa:c8:db:06:fc:d7:8d:0a:
d8:2c:02:74:aa:70:48:43:cf:4c:6b:01:fb:7f:a5:
bb:4c:b4:89:69:eb:45:fb:b2:82:83:81:8d:84:b0:
f9:59:e6:92:77:33:e1:24:fd:07:30:27:98:07:b7:
7c:ec:54:03:8d:3c:95:ac:f0:f3:65:c0:e2:02:aa:
8d:ec:64:24:43:21:58:20:e6:5f:7d:be:dc:f0:54:
3c:9f:0e:26:73:e8:aa:83:49:c8:e0:ec:7f:d5:c1:
4b:c3:a6:e6:18:6d:47:f2:88:cd:a1:f4:40:19:57:
7d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:7E:DD:E5:7A:55:C0:E8:A1:21:31:E7:5F:12:C8:E6:F0:32:4B:3D
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/L37d5XpVwOihITHnXxLI5vAySz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:2008::/48
2a0d:d940:9006::/48
2a0d:d940:900e::/48
2a0d:d940:90ab::/48
Signature Algorithm: sha256WithRSAEncryption
48:cf:95:3c:db:ae:82:c1:85:2a:ee:d0:ed:d8:c4:aa:e4:fa:
d7:55:89:69:38:39:a2:e7:f7:da:75:63:c8:07:28:9c:2f:5c:
31:00:4e:2b:ee:50:c6:a8:ac:1c:17:cc:05:9b:93:79:a8:67:
8d:fc:30:18:ba:fb:4e:74:de:e8:ef:5a:1a:10:1e:6e:3c:8d:
1b:f8:f2:15:ad:a7:47:ea:9d:a9:0e:7f:39:50:b3:88:a1:70:
b1:df:71:71:03:6e:1c:08:69:29:4b:74:26:48:2b:5d:c0:d3:
60:89:31:1f:7f:cb:6d:67:e5:9a:69:d6:cd:7b:96:77:69:08:
0a:7f:f5:e0:86:c4:21:92:35:b4:a2:1e:fb:5f:94:17:5c:23:
f7:6a:0f:ae:91:20:a8:b8:cd:58:49:cd:ad:4d:6e:53:f5:c3:
a7:22:41:29:dd:d2:92:a4:a9:0e:20:2d:63:a0:ab:ac:dd:97:
7a:9a:a3:78:9d:b6:41:d4:04:b9:63:e7:5c:90:77:ae:21:71:
26:3e:4c:72:19:25:56:ca:0b:53:58:f4:c1:fe:a7:00:7d:68:
9d:05:80:3b:1a:03:ef:60:29:bd:c5:dd:64:2a:51:11:1f:f0:
70:d6:54:ab:0b:eb:70:bc:d7:97:20:20:7e:27:5c:ff:30:81:
7d:c4:6a:64
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZyPZLKhhSo6m6Ewg5Am/6w+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjYwMjI0MTEyNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjdlZGRlNTdhNTVjMGU4YTEyMTMxZTc1ZjEyYzhlNmYwMzI0YjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnXAL5nthfR3VSU8+9tIr5cfpol4
GCZrITIueS3/VQmEesLHjvTtPh9QkrrMhI0wFWER4G8f99J8eafIBx2+fW10QKG7
P1PaWGcUdZl8/ahV81VopRDq9/ZyqCqvlna67Bymv2nL45i0M1i70sDBCQMh5hdW
gXKv2V+WvEcIacRLuRIzVFZnWz5O8j9iqsjbBvzXjQrYLAJ0qnBIQ89MawH7f6W7
TLSJaetF+7KCg4GNhLD5WeaSdzPhJP0HMCeYB7d87FQDjTyVrPDzZcDiAqqN7GQk
QyFYIOZffb7c8FQ8nw4mc+iqg0nI4Ox/1cFLw6bmGG1H8ojNofRAGVd9FwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFC9+3eV6VcDooSEx518SyObwMks9MB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvTDM3ZDVYcFZ3T2loSVRIblh4TEk1dkF5U3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKg3ZQCAI
AwcAKg3ZQJAGAwcAKg3ZQJAOAwcAKg3ZQJCrMA0GCSqGSIb3DQEBCwUAA4IBAQBI
z5U8266CwYUq7tDt2MSq5PrXVYlpODmi5/fadWPIByicL1wxAE4r7lDGqKwcF8wF
m5N5qGeN/DAYuvtOdN7o71oaEB5uPI0b+PIVradH6p2pDn85ULOIoXCx33FxA24c
CGkpS3QmSCtdwNNgiTEff8ttZ+WaadbNe5Z3aQgKf/XghsQhkjW0oh77X5QXXCP3
ag+ukSCouM1YSc2tTW5T9cOnIkEp3dKSpKkOIC1joKus3Zd6mqN4nbZB1AS5Y+dc
kHeuIXEmPkxyGSVWygtTWPTB/qcAfWidBYA7GgPvYCm9xd1kKlERH/Bw1lSrC+tw
vNeXICB+J1z/MIF9xGpk
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:30:27 2026 by rpki-client