Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/b9tPgBNgYh6iOkrY-UQLj_LcNYI.roa
File: b9tPgBNgYh6iOkrY-UQLj_LcNYI.roa (raw, json)
Hash identifier: XWqLKaSvCAdhll8JN//U7vrVfAkkRKjwGPOfF08R7Io=
Subject key identifier: 6F:DB:4F:80:13:60:62:1E:A2:3A:4A:D8:F9:44:0B:8F:F2:DC:35:82
Certificate issuer: /CN=05d4d49da3e14855a7b883603ff148c1bb21f690
Certificate serial: 019C95D3BB556136C77F1CD21AA85E428804
Authority key identifier: 05:D4:D4:9D:A3:E1:48:55:A7:B8:83:60:3F:F1:48:C1:BB:21:F6:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BdTUnaPhSFWnuINgP_FIwbsh9pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/b9tPgBNgYh6iOkrY-UQLj_LcNYI.roa
Signing time: Wed 25 Feb 2026 17:23:27 +0000
ROA not before: Wed 25 Feb 2026 17:23:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207279
IP address blocks: 2a09:f1c0::/29 maxlen: 29
2a0e:4780::/29 maxlen: 29
2a0e:7340::/29 maxlen: 29
2a0e:b1c0::/29 maxlen: 29
2a0e:ffc0::/29 maxlen: 29
2a0f:4340::/29 maxlen: 29
2a12:10c0::/29 maxlen: 29
2a12:15c0::/29 maxlen: 29
2a12:1940::/29 maxlen: 29
2a12:25c0::/29 maxlen: 29
2a12:2c40::/29 maxlen: 29
2a12:34c0::/29 maxlen: 29
2a12:3ac0::/29 maxlen: 29
2a12:4240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/BdTUnaPhSFWnuINgP_FIwbsh9pA.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/BdTUnaPhSFWnuINgP_FIwbsh9pA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BdTUnaPhSFWnuINgP_FIwbsh9pA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:95:d3:bb:55:61:36:c7:7f:1c:d2:1a:a8:5e:42:88:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05d4d49da3e14855a7b883603ff148c1bb21f690
Validity
Not Before: Feb 25 17:23:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6fdb4f801360621ea23a4ad8f9440b8ff2dc3582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:38:7e:08:56:7a:9d:1f:d3:db:ae:b4:53:0f:
57:b3:73:0e:bf:98:ee:87:4b:69:75:63:ca:c4:24:
33:c8:9c:01:10:71:3a:9b:c2:8f:b0:cb:d7:ef:3d:
50:a0:5a:ea:ce:81:64:94:51:3f:8a:fd:41:93:1e:
e9:e8:19:6c:4c:07:75:0a:d0:f5:db:78:07:ea:02:
d3:a9:cb:df:4e:3a:7c:27:53:1b:eb:ff:c3:4a:e3:
2d:3c:3d:8a:68:b2:26:cd:40:35:56:b0:ca:f2:0f:
ad:b0:ac:2a:0f:e0:eb:5e:01:3e:7d:19:a4:4c:e0:
6b:a9:ab:67:33:10:da:72:ce:5f:87:0f:1a:1b:ab:
30:1b:cf:d2:cc:2e:fa:ec:eb:3f:45:ac:55:7c:4f:
37:3e:9f:a9:b3:76:a0:93:50:ac:2c:4b:26:98:88:
a8:ff:9c:4b:7c:f0:93:10:9e:ad:0c:10:e3:c2:30:
e9:17:97:6a:4e:44:8c:98:55:93:a2:4c:82:21:b2:
c2:b4:97:a1:38:d4:d4:b7:f4:71:24:06:c4:b2:d1:
0f:f2:a4:0c:89:94:47:08:96:af:eb:f1:56:67:00:
c3:ba:03:18:ec:04:68:1d:96:be:d0:86:a1:6f:80:
68:78:c3:85:79:d7:90:31:d5:ad:de:90:14:25:31:
98:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:DB:4F:80:13:60:62:1E:A2:3A:4A:D8:F9:44:0B:8F:F2:DC:35:82
X509v3 Authority Key Identifier:
keyid:05:D4:D4:9D:A3:E1:48:55:A7:B8:83:60:3F:F1:48:C1:BB:21:F6:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BdTUnaPhSFWnuINgP_FIwbsh9pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/b9tPgBNgYh6iOkrY-UQLj_LcNYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/BdTUnaPhSFWnuINgP_FIwbsh9pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:f1c0::/29
2a0e:4780::/29
2a0e:7340::/29
2a0e:b1c0::/29
2a0e:ffc0::/29
2a0f:4340::/29
2a12:10c0::/29
2a12:15c0::/29
2a12:1940::/29
2a12:25c0::/29
2a12:2c40::/29
2a12:34c0::/29
2a12:3ac0::/29
2a12:4240::/29
Signature Algorithm: sha256WithRSAEncryption
b8:31:41:6b:b9:c5:f8:01:f0:9d:d5:9e:b6:ee:e4:4f:84:87:
ff:15:a4:9c:0c:af:16:8e:0b:14:d8:0e:d9:76:c5:13:e4:82:
1e:80:6f:28:40:23:76:18:2e:1b:b7:37:66:9e:ca:b3:ef:ac:
d1:06:4a:64:b4:de:4b:7f:3a:89:9f:2e:d0:c5:de:f3:70:20:
47:3e:16:ad:7b:d5:b4:77:0f:20:59:39:9b:39:4d:79:8a:13:
f4:a0:23:f5:90:05:95:44:56:f1:60:86:71:04:2e:07:8b:14:
86:70:35:00:ef:53:24:d5:84:d7:fb:6c:a1:a0:f4:ac:24:17:
5c:6d:57:48:9c:59:4f:d9:7b:d7:39:a9:29:27:99:21:36:3c:
84:df:d4:4b:a1:dc:ac:57:e0:7b:f4:af:b0:3d:2e:ae:c2:54:
cd:e5:f4:96:4c:3a:a8:b8:62:2d:1a:09:0c:4f:a6:7f:ff:14:
95:74:24:8d:a0:ad:b1:61:a7:2b:7e:9e:8a:da:2a:65:18:9e:
48:78:d6:3e:9f:03:56:57:d4:ab:87:4f:01:ed:a5:fa:01:ac:
6a:7d:dc:9b:a4:09:b0:28:fd:cc:98:5d:7c:af:10:14:65:ab:
16:71:42:04:61:33:ec:83:13:10:ca:2c:0a:0f:81:29:ad:cb:
9a:88:a2:d3
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZyV07tVYTbHfxzSGqheQogEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZDRkNDlkYTNlMTQ4NTVhN2I4ODM2MDNmZjE0OGMxYmIy
MWY2OTAwHhcNMjYwMjI1MTcyMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmRiNGY4MDEzNjA2MjFlYTIzYTRhZDhmOTQ0MGI4ZmYyZGMzNTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTh+CFZ6nR/T2660Uw9Xs3MOv5ju
h0tpdWPKxCQzyJwBEHE6m8KPsMvX7z1QoFrqzoFklFE/iv1Bkx7p6BlsTAd1CtD1
23gH6gLTqcvfTjp8J1Mb6//DSuMtPD2KaLImzUA1VrDK8g+tsKwqD+DrXgE+fRmk
TOBrqatnMxDacs5fhw8aG6swG8/SzC767Os/RaxVfE83Pp+ps3agk1CsLEsmmIio
/5xLfPCTEJ6tDBDjwjDpF5dqTkSMmFWTokyCIbLCtJehONTUt/RxJAbEstEP8qQM
iZRHCJav6/FWZwDDugMY7ARoHZa+0Iahb4BoeMOFedeQMdWt3pAUJTGYVQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFG/bT4ATYGIeojpK2PlEC4/y3DWCMB8GA1UdIwQY
MBaAFAXU1J2j4UhVp7iDYD/xSMG7IfaQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmRUVW5hUGhTRldudUlOZ1BfRkl3YnNoOXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8xYTNmOTEtMTViYy00ZWI4LTk3ZGQt
NThmMWNiZjNjYWMzLzEvYjl0UGdCTmdZaDZpT2tyWS1VUUxqX0xjTllJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8xYTNmOTEtMTViYy00ZWI4LTk3ZGQtNThmMWNiZjNjYWMz
LzEvQmRUVW5hUGhTRldudUlOZ1BfRkl3YnNoOXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAAjBiAwUDKgnxwAMF
AyoOR4ADBQMqDnNAAwUDKg6xwAMFAyoO/8ADBQMqD0NAAwUDKhIQwAMFAyoSFcAD
BQMqEhlAAwUDKhIlwAMFAyoSLEADBQMqEjTAAwUDKhI6wAMFAyoSQkAwDQYJKoZI
hvcNAQELBQADggEBALgxQWu5xfgB8J3Vnrbu5E+Eh/8VpJwMrxaOCxTYDtl2xRPk
gh6AbyhAI3YYLhu3N2aeyrPvrNEGSmS03kt/OomfLtDF3vNwIEc+Fq171bR3DyBZ
OZs5TXmKE/SgI/WQBZVEVvFghnEELgeLFIZwNQDvUyTVhNf7bKGg9KwkF1xtV0ic
WU/Ze9c5qSknmSE2PITf1Euh3KxX4Hv0r7A9Lq7CVM3l9JZMOqi4Yi0aCQxPpn//
FJV0JI2grbFhpyt+noraKmUYnkh41j6fA1ZX1KuHTwHtpfoBrGp93JukCbAo/cyY
XXyvEBRlqxZxQgRhM+yDExDKLAoPgSmty5qIotM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:54:04 2026 by rpki-client