Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/belvSv2ymqgkOlS6HkEN5vfj5ho.roa
File: belvSv2ymqgkOlS6HkEN5vfj5ho.roa (raw, json)
Hash identifier: LU13OrHjOljdUA6S9iD5fD+7aTf2fhMhNqxEtC2pbhY=
Subject key identifier: 6D:E9:6F:4A:FD:B2:9A:A8:24:3A:54:BA:1E:41:0D:E6:F7:E3:E6:1A
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 019C8B3671F9D90121641FAAA73702D3578F
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/belvSv2ymqgkOlS6HkEN5vfj5ho.roa
Signing time: Mon 23 Feb 2026 15:55:27 +0000
ROA not before: Mon 23 Feb 2026 15:55:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2a10:2ec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8b:36:71:f9:d9:01:21:64:1f:aa:a7:37:02:d3:57:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Feb 23 15:55:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6de96f4afdb29aa8243a54ba1e410de6f7e3e61a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:23:ef:aa:ed:b1:9c:a1:08:9f:7c:2e:f6:ae:
09:3a:b3:57:15:94:b2:03:9c:50:30:d6:ea:ff:32:
ea:82:1a:fd:4a:78:97:4d:93:c0:3b:c4:b6:60:d6:
d0:1b:6b:d4:a1:fe:2e:13:bb:35:f8:73:46:03:d8:
23:ba:39:36:da:00:69:c9:5a:36:3a:1b:75:83:ae:
be:0f:51:6f:34:b2:75:0f:79:cc:69:6a:40:e6:5f:
05:01:5c:6b:42:27:04:bc:18:3e:43:2c:78:b5:a0:
4a:83:6a:fa:e2:79:b3:2a:6e:ba:32:b5:00:4f:ce:
53:48:fc:56:3e:73:96:f5:30:a2:80:86:d3:d0:8b:
06:4f:5f:e9:79:f6:9a:35:18:e5:f6:76:b4:ae:ae:
f2:a1:20:53:7e:38:87:aa:64:5a:56:a3:2a:e4:e8:
a5:5e:02:da:30:ea:8b:b3:1a:74:40:d8:95:30:42:
4f:6b:67:f8:00:a2:cf:f5:ef:b9:5f:62:1a:dd:bf:
ec:66:72:67:c4:4f:fb:12:fa:1b:16:87:4e:64:df:
02:06:be:30:ff:58:96:b0:60:16:af:85:80:4e:00:
d2:cb:4d:04:17:7f:65:21:68:57:1c:41:a6:8c:39:
8a:1c:e5:26:de:dd:e9:8b:15:e4:99:f4:f5:64:9b:
3c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E9:6F:4A:FD:B2:9A:A8:24:3A:54:BA:1E:41:0D:E6:F7:E3:E6:1A
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/belvSv2ymqgkOlS6HkEN5vfj5ho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
aa:4d:d9:17:87:81:a0:73:cc:89:2c:6f:1d:41:1d:a2:1a:bd:
50:02:0c:97:7c:f4:e4:34:3d:d6:11:e2:55:b4:25:9b:ff:df:
eb:f7:4e:ed:1b:45:26:3c:15:26:40:a7:14:46:1b:bb:0a:20:
68:26:81:ce:45:1f:e6:8c:38:b2:7e:34:80:fe:73:3e:c0:78:
e4:09:f2:da:b5:ef:a1:53:ef:32:64:bb:e6:75:54:6a:6f:3a:
71:5a:e3:b5:11:99:ab:45:25:2d:d3:d3:ad:b8:1d:83:02:26:
94:75:2f:53:75:3b:41:5c:47:ce:d5:f2:45:ec:62:f7:cb:20:
50:03:65:fd:be:02:1a:56:97:5d:8f:8c:30:ae:39:8b:f6:25:
a8:14:7c:f9:c5:fd:9f:11:65:2a:de:bb:58:41:07:fd:6a:ea:
a8:59:86:6d:4f:97:13:91:7d:e2:c0:93:f0:1c:f3:79:49:a2:
01:ba:9a:54:73:9a:d6:f5:e4:e6:4f:a9:df:c1:d8:66:b3:fb:
3a:66:3a:fb:5b:68:9c:6e:c6:94:da:02:94:06:8e:a8:a2:ff:
6b:5d:1d:a5:1e:95:dd:9a:8b:56:f2:c7:ad:45:15:81:d9:dc:
7e:74:6f:fa:96:f4:4d:ba:8b:75:cd:8b:67:2a:76:5a:9f:1d:
db:28:de:de
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZyLNnH52QEhZB+qpzcC01ePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjYwMjIzMTU1NTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGU5NmY0YWZkYjI5YWE4MjQzYTU0YmExZTQxMGRlNmY3ZTNlNjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCPvqu2xnKEIn3wu9q4JOrNXFZSy
A5xQMNbq/zLqghr9SniXTZPAO8S2YNbQG2vUof4uE7s1+HNGA9gjujk22gBpyVo2
Oht1g66+D1FvNLJ1D3nMaWpA5l8FAVxrQicEvBg+Qyx4taBKg2r64nmzKm66MrUA
T85TSPxWPnOW9TCigIbT0IsGT1/pefaaNRjl9na0rq7yoSBTfjiHqmRaVqMq5Oil
XgLaMOqLsxp0QNiVMEJPa2f4AKLP9e+5X2Ia3b/sZnJnxE/7EvobFodOZN8CBr4w
/1iWsGAWr4WATgDSy00EF39lIWhXHEGmjDmKHOUm3t3pixXkmfT1ZJs8PQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFG3pb0r9spqoJDpUuh5BDeb34+YaMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvYmVsdlN2MnltcWdrT2xTNkhrRU41dmZqNWhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhAuwDAN
BgkqhkiG9w0BAQsFAAOCAQEAqk3ZF4eBoHPMiSxvHUEdohq9UAIMl3z05DQ91hHi
VbQlm//f6/dO7RtFJjwVJkCnFEYbuwogaCaBzkUf5ow4sn40gP5zPsB45Any2rXv
oVPvMmS75nVUam86cVrjtRGZq0UlLdPTrbgdgwImlHUvU3U7QVxHztXyRexi98sg
UANl/b4CGlaXXY+MMK45i/YlqBR8+cX9nxFlKt67WEEH/WrqqFmGbU+XE5F94sCT
8BzzeUmiAbqaVHOa1vXk5k+p38HYZrP7OmY6+1tonG7GlNoClAaOqKL/a10dpR6V
3ZqLVvLHrUUVgdncfnRv+pb0TbqLdc2LZyp2Wp8d2yje3g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:18:28 2026 by rpki-client