Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/nPbZiqgzqP1bY-I6_wdMavBBkBA.roa
File: nPbZiqgzqP1bY-I6_wdMavBBkBA.roa (raw, json)
Hash identifier: Sq945+dQn0o4BzLs0yMjO8v84hsdEzHaPps8ZLOVuoM=
Subject key identifier: 9C:F6:D9:8A:A8:33:A8:FD:5B:63:E2:3A:FF:07:4C:6A:F0:41:90:10
Certificate issuer: /CN=23329cb3abe4e940cfc62a20e2a6e2c28fc28329
Certificate serial: 019D4AA5AFDB3E3300F890B3D3FD55229A41
Authority key identifier: 23:32:9C:B3:AB:E4:E9:40:CF:C6:2A:20:E2:A6:E2:C2:8F:C2:83:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IzKcs6vk6UDPxiog4qbiwo_Cgyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/nPbZiqgzqP1bY-I6_wdMavBBkBA.roa
Signing time: Wed 01 Apr 2026 20:04:25 +0000
ROA not before: Wed 01 Apr 2026 20:04:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 40662
IP address blocks: 2001:3480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/IzKcs6vk6UDPxiog4qbiwo_Cgyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/IzKcs6vk6UDPxiog4qbiwo_Cgyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/IzKcs6vk6UDPxiog4qbiwo_Cgyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4a:a5:af:db:3e:33:00:f8:90:b3:d3:fd:55:22:9a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23329cb3abe4e940cfc62a20e2a6e2c28fc28329
Validity
Not Before: Apr 1 20:04:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9cf6d98aa833a8fd5b63e23aff074c6af0419010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:00:d2:df:54:33:b3:37:12:e9:09:b5:e4:29:
af:7f:6d:fb:10:e9:70:ff:83:ff:59:cc:ab:38:7c:
ac:ba:1a:4a:6d:9f:6e:d6:5b:d1:f2:9f:0d:cf:06:
dc:0e:34:4d:8a:5f:cb:4e:be:c8:8c:e4:ed:80:14:
24:d2:a7:a6:a0:19:f4:c4:d6:d5:bb:42:b7:97:d0:
1f:8a:48:e3:86:42:62:0c:30:05:82:f1:ee:5d:7f:
fb:72:5b:2d:01:84:51:9f:20:21:97:98:d3:68:80:
e3:e9:bd:70:38:ee:11:e9:b1:9d:1f:56:e3:a4:66:
fb:a1:d3:d6:83:f6:d2:25:d0:f4:42:b2:58:ed:2e:
18:5b:21:6d:77:62:b6:c7:42:f3:93:f4:b5:21:de:
61:5a:f2:70:11:1b:77:94:fe:40:7c:5a:2c:55:47:
6f:3b:f8:84:dc:94:57:5a:39:fe:b2:dc:53:41:b3:
1e:9d:17:72:aa:f8:68:28:85:2e:0f:83:a8:5f:88:
dd:2a:04:ad:38:98:41:68:ea:47:0c:90:e8:b8:49:
bf:6d:1e:1e:16:31:8f:74:bf:9d:12:16:6c:b4:aa:
18:64:88:4c:c2:a2:15:ec:d2:50:83:71:26:7d:b8:
4d:d0:7f:24:e2:3c:aa:96:19:61:cb:76:52:0f:9e:
d7:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:F6:D9:8A:A8:33:A8:FD:5B:63:E2:3A:FF:07:4C:6A:F0:41:90:10
X509v3 Authority Key Identifier:
keyid:23:32:9C:B3:AB:E4:E9:40:CF:C6:2A:20:E2:A6:E2:C2:8F:C2:83:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IzKcs6vk6UDPxiog4qbiwo_Cgyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/nPbZiqgzqP1bY-I6_wdMavBBkBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/dd394b-6bc4-4e47-b012-518f2c8f846b/1/IzKcs6vk6UDPxiog4qbiwo_Cgyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3480::/29
Signature Algorithm: sha256WithRSAEncryption
0b:dc:93:d4:0b:8c:73:ee:b9:96:06:dd:84:aa:46:ac:5f:57:
67:56:92:9b:48:49:d7:0f:f5:60:41:3b:3c:d6:61:94:ba:72:
db:ed:bf:c1:2a:be:70:23:11:71:28:18:8c:d1:dd:e9:2f:aa:
62:d6:1c:93:ba:6b:37:29:d8:65:3b:8a:68:36:c0:65:43:98:
ab:39:0f:50:af:7d:5c:18:a4:f2:68:45:99:4d:b0:ba:fe:5d:
ac:61:e9:db:9a:bf:ef:61:d1:cf:05:9f:6e:47:72:57:13:1e:
ef:d2:f7:1f:a2:0c:a0:ed:98:df:62:d7:b5:e2:cc:d2:d7:bf:
91:af:c6:21:8c:e6:a5:83:96:ed:fb:da:ff:6a:85:f7:be:05:
49:41:ab:3c:ab:85:aa:0b:21:10:fb:cd:b9:62:cd:5c:e7:d1:
bc:56:4e:07:75:f5:35:44:d6:83:f6:57:dc:08:ae:1f:c0:a9:
4c:08:1c:6d:3d:e5:7d:13:fb:69:df:63:21:2b:60:86:af:6f:
2c:9e:c5:97:1f:20:77:5f:a5:34:36:84:6a:a9:5f:ba:ac:17:
f3:f3:ad:aa:4c:ee:d4:2a:52:fa:44:e5:c7:10:1d:8a:b6:ef:
14:24:5d:7e:60:67:6e:6b:64:c4:22:07:31:d9:a8:37:d8:c0:
cd:15:f2:3f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ1Kpa/bPjMA+JCz0/1VIppBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMzI5Y2IzYWJlNGU5NDBjZmM2MmEyMGUyYTZlMmMyOGZj
MjgzMjkwHhcNMjYwNDAxMjAwNDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2Y2ZDk4YWE4MzNhOGZkNWI2M2UyM2FmZjA3NGM2YWYwNDE5MDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwDS31QzszcS6Qm15Cmvf237EOlw
/4P/WcyrOHysuhpKbZ9u1lvR8p8NzwbcDjRNil/LTr7IjOTtgBQk0qemoBn0xNbV
u0K3l9AfikjjhkJiDDAFgvHuXX/7clstAYRRnyAhl5jTaIDj6b1wOO4R6bGdH1bj
pGb7odPWg/bSJdD0QrJY7S4YWyFtd2K2x0Lzk/S1Id5hWvJwERt3lP5AfFosVUdv
O/iE3JRXWjn+stxTQbMenRdyqvhoKIUuD4OoX4jdKgStOJhBaOpHDJDouEm/bR4e
FjGPdL+dEhZstKoYZIhMwqIV7NJQg3EmfbhN0H8k4jyqlhlhy3ZSD57XQQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJz22YqoM6j9W2PiOv8HTGrwQZAQMB8GA1UdIwQY
MBaAFCMynLOr5OlAz8YqIOKm4sKPwoMpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXpLY3M2dms2VURQeGlvZzRxYml3b19DZ3lrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9kZDM5NGItNmJjNC00ZTQ3LWIwMTIt
NTE4ZjJjOGY4NDZiLzEvblBiWmlxZ3pxUDFiWS1JNl93ZE1hdkJCa0JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9kZDM5NGItNmJjNC00ZTQ3LWIwMTItNTE4ZjJjOGY4NDZi
LzEvSXpLY3M2dms2VURQeGlvZzRxYml3b19DZ3lrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDIAE0gDAN
BgkqhkiG9w0BAQsFAAOCAQEAC9yT1AuMc+65lgbdhKpGrF9XZ1aSm0hJ1w/1YEE7
PNZhlLpy2+2/wSq+cCMRcSgYjNHd6S+qYtYck7prNynYZTuKaDbAZUOYqzkPUK99
XBik8mhFmU2wuv5drGHp25q/72HRzwWfbkdyVxMe79L3H6IMoO2Y32LXteLM0te/
ka/GIYzmpYOW7fva/2qF974FSUGrPKuFqgshEPvNuWLNXOfRvFZOB3X1NUTWg/ZX
3AiuH8CpTAgcbT3lfRP7ad9jIStghq9vLJ7Flx8gd1+lNDaEaqlfuqwX8/Otqkzu
1CpS+kTlxxAdirbvFCRdfmBnbmtkxCIHMdmoN9jAzRXyPw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:10:27 2026 by rpki-client