Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/CBS2cYZH0a1-EtTZe3IWAD6c-2g.roa
File: CBS2cYZH0a1-EtTZe3IWAD6c-2g.roa (raw, json)
Hash identifier: aNpmaLz6DM8TbSPf9PeLDC2ZVCw6M60lBO00KmbqUys=
Subject key identifier: 08:14:B6:71:86:47:D1:AD:7E:12:D4:D9:7B:72:16:00:3E:9C:FB:68
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 019C7265632D34B3BCAE2C6C27F1011C2AA4
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/CBS2cYZH0a1-EtTZe3IWAD6c-2g.roa
Signing time: Wed 18 Feb 2026 20:16:12 +0000
ROA not before: Wed 18 Feb 2026 20:16:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203029
IP address blocks: 31.22.76.0/24 maxlen: 24
2a14:6781:2000::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:72:65:63:2d:34:b3:bc:ae:2c:6c:27:f1:01:1c:2a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Feb 18 20:16:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0814b6718647d1ad7e12d4d97b7216003e9cfb68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ec:a6:1c:1b:e0:10:95:92:6a:c0:7d:ba:49:
9c:60:c0:45:c2:60:37:b1:22:01:09:dc:1a:cb:8c:
9c:64:a9:7f:23:9c:aa:2f:b4:ac:35:59:03:50:de:
de:71:d6:98:cb:29:c2:2c:0b:74:72:6d:e4:16:21:
c9:13:85:a8:a4:d6:b0:fc:b0:29:15:2b:ea:15:bf:
b5:8c:67:e2:52:d7:d9:03:db:96:6e:01:fb:92:95:
a2:4a:c0:48:79:9c:a6:c6:c8:d2:f7:d5:d9:c0:57:
bf:17:cd:ef:dc:9e:54:62:b5:a7:5d:6a:2c:9b:30:
d8:3a:54:0b:89:c9:e7:e9:11:93:fa:e1:93:1f:2a:
35:ec:1d:0f:34:23:8a:e7:74:28:44:c9:8a:be:00:
bc:b9:cc:94:76:19:c9:c7:d2:f2:32:46:16:f0:43:
96:7f:73:7f:f0:6f:fb:fe:98:c3:04:19:14:6a:68:
f3:9e:5e:76:7e:ed:0e:a2:05:fa:2a:84:44:57:db:
1e:ef:59:91:9b:b3:b5:7f:f2:4c:cb:76:f2:1d:c6:
23:94:15:fb:95:5e:60:57:c7:bd:b5:81:2e:13:5d:
db:50:fb:d0:13:4f:2b:ea:30:b2:cd:79:b8:8b:f1:
2c:4c:af:ec:8d:aa:b3:ac:b0:37:7b:2e:10:ef:99:
ee:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:14:B6:71:86:47:D1:AD:7E:12:D4:D9:7B:72:16:00:3E:9C:FB:68
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/CBS2cYZH0a1-EtTZe3IWAD6c-2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.76.0/24
IPv6:
2a14:6781:2000::/38
Signature Algorithm: sha256WithRSAEncryption
65:16:e9:ba:16:f3:fd:0d:b1:95:76:ac:62:1b:bf:e0:48:20:
a1:45:88:cf:c6:75:17:1e:da:a5:b2:1d:1f:29:3f:dd:7b:81:
9e:71:ea:7c:c1:61:e6:a8:c6:70:01:4a:ba:fd:00:08:6d:8b:
5f:86:7b:fa:18:f9:88:4b:6f:5a:71:cf:63:f9:03:35:f6:7d:
61:d5:4d:02:42:66:2e:5a:4d:c2:73:6a:4c:13:a3:9d:fa:14:
62:7f:7b:d5:7d:98:e0:96:80:25:71:47:d5:9e:65:55:cd:2d:
ea:cf:7e:92:29:29:a6:ef:20:5e:23:f7:7d:9b:31:7d:73:62:
ec:ed:1c:c0:e1:7e:8a:9b:2d:0c:83:59:21:cb:de:b7:2d:b7:
5b:8d:c2:a9:8d:cf:75:c1:7d:e5:8e:7f:a3:fa:3c:38:b1:f7:
97:77:03:5b:4e:23:43:0c:b4:a2:01:86:e6:46:50:99:86:09:
38:83:7d:95:8e:15:37:14:a6:6b:fe:1f:d3:99:9b:04:68:2b:
02:fd:47:11:16:a0:cc:9a:3d:9c:6b:0b:ef:35:b8:f6:c5:17:
54:04:47:7e:a5:e8:50:ba:05:d7:7b:be:64:72:ac:83:39:ba:
ae:0f:14:1e:69:66:52:71:56:93:c4:07:f7:02:b2:eb:21:a6:
92:54:d9:69
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZxyZWMtNLO8rixsJ/EBHCqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjYwMjE4MjAxNjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODE0YjY3MTg2NDdkMWFkN2UxMmQ0ZDk3YjcyMTYwMDNlOWNmYjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOymHBvgEJWSasB9ukmcYMBFwmA3
sSIBCdway4ycZKl/I5yqL7SsNVkDUN7ecdaYyynCLAt0cm3kFiHJE4WopNaw/LAp
FSvqFb+1jGfiUtfZA9uWbgH7kpWiSsBIeZymxsjS99XZwFe/F83v3J5UYrWnXWos
mzDYOlQLicnn6RGT+uGTHyo17B0PNCOK53QoRMmKvgC8ucyUdhnJx9LyMkYW8EOW
f3N/8G/7/pjDBBkUamjznl52fu0OogX6KoREV9se71mRm7O1f/JMy3byHcYjlBX7
lV5gV8e9tYEuE13bUPvQE08r6jCyzXm4i/EsTK/sjaqzrLA3ey4Q75nufQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFAgUtnGGR9GtfhLU2XtyFgA+nPtoMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvQ0JTMmNZWkgwYTEtRXRUWmUzSVdBRDZjLTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAHxZMMA4E
AgACMAgDBgIqFGeBIDANBgkqhkiG9w0BAQsFAAOCAQEAZRbpuhbz/Q2xlXasYhu/
4EggoUWIz8Z1Fx7apbIdHyk/3XuBnnHqfMFh5qjGcAFKuv0ACG2LX4Z7+hj5iEtv
WnHPY/kDNfZ9YdVNAkJmLlpNwnNqTBOjnfoUYn971X2Y4JaAJXFH1Z5lVc0t6s9+
kikppu8gXiP3fZsxfXNi7O0cwOF+ipstDINZIcvety23W43CqY3PdcF95Y5/o/o8
OLH3l3cDW04jQwy0ogGG5kZQmYYJOIN9lY4VNxSma/4f05mbBGgrAv1HERagzJo9
nGsL7zW49sUXVARHfqXoULoF13u+ZHKsgzm6rg8UHmlmUnFWk8QH9wKy6yGmklTZ
aQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:06:08 2026 by rpki-client