Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/2oa8ybmE5en4VK3NVvtbdpAg5-A.roa
File: 2oa8ybmE5en4VK3NVvtbdpAg5-A.roa (raw, json)
Hash identifier: 8vSRr36/VDZ4W0khtqoBMnVpy4aZzWZV+k9S0i3C97w=
Subject key identifier: DA:86:BC:C9:B9:84:E5:E9:F8:54:AD:CD:56:FB:5B:76:90:20:E7:E0
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019D988BA213E0B03C33E597689D44E83FC6
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/2oa8ybmE5en4VK3NVvtbdpAg5-A.roa
Signing time: Thu 16 Apr 2026 23:06:20 +0000
ROA not before: Thu 16 Apr 2026 23:06:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201238
IP address blocks: 2a06:9801:2c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:98:8b:a2:13:e0:b0:3c:33:e5:97:68:9d:44:e8:3f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: Apr 16 23:06:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=da86bcc9b984e5e9f854adcd56fb5b769020e7e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5a:53:25:0e:9f:b5:de:e9:ee:2c:03:d2:03:
a1:d6:4a:af:d2:10:7e:e6:4e:0d:05:d0:63:6c:31:
f7:50:ec:5b:05:d0:22:e4:ee:fd:1b:b8:0d:58:54:
86:f3:1f:ea:8a:58:4b:25:43:25:bd:50:dd:eb:3e:
88:4d:82:d2:92:d7:f3:c1:06:83:66:1c:48:73:b1:
08:f3:2c:87:d4:4e:a6:6a:2b:8b:c0:40:32:f1:fb:
94:a5:78:7a:79:86:83:f3:19:de:53:7b:69:0e:15:
d3:7a:17:cd:df:1e:cd:1f:82:f8:1c:96:55:06:f2:
13:49:d5:af:f9:53:5b:39:4a:1b:bd:18:4e:1f:67:
dd:df:cf:42:22:08:1f:db:86:ed:fe:f2:51:5b:95:
d6:2f:be:3e:93:58:fc:80:fa:cf:4f:7b:2b:7b:0c:
f6:81:c0:ab:a2:2a:0c:fd:66:f1:df:96:6c:a4:15:
ca:6c:5f:02:a8:eb:f0:ac:e0:dc:6b:fc:d6:66:a7:
ac:05:11:d0:78:3e:8c:7d:39:55:db:b8:12:26:63:
d3:05:70:ae:fe:5a:bc:fa:67:29:fb:54:73:27:e5:
d2:27:74:3b:37:51:80:a5:b1:c9:26:7f:27:e0:b2:
cc:e2:cf:f3:6d:dd:bd:4d:65:ab:7e:34:12:a9:5c:
d2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:86:BC:C9:B9:84:E5:E9:F8:54:AD:CD:56:FB:5B:76:90:20:E7:E0
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/2oa8ybmE5en4VK3NVvtbdpAg5-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:2c::/48
Signature Algorithm: sha256WithRSAEncryption
5e:49:30:4f:b7:b0:15:9b:5d:52:bd:bf:63:ab:2e:3d:7c:63:
c9:f5:dd:65:63:68:fb:94:ee:cc:fc:1b:0c:8d:53:03:ec:67:
ec:01:2e:c7:59:7c:e6:c6:54:46:d4:c3:f5:af:2d:67:60:87:
2e:1d:6f:02:ca:2d:fb:d5:60:ad:cd:4d:60:de:23:78:b2:17:
87:b9:21:fc:87:fc:c3:e0:e5:ac:bd:60:c7:f4:31:25:9a:84:
53:66:29:54:00:9e:6f:be:a1:8d:86:0d:43:13:15:f8:90:96:
64:6d:52:f7:17:0f:a7:9f:76:f8:81:87:71:a1:6d:da:0e:59:
66:c7:93:1c:e1:e8:25:a6:15:87:38:b0:aa:ea:e2:6c:68:99:
7f:27:a1:85:23:ba:31:bc:e5:da:b6:a2:2e:83:51:20:d2:3c:
e5:b8:60:5b:ec:4d:0b:fd:af:c8:c7:32:e6:3c:c5:36:95:19:
99:61:d1:30:48:72:50:2b:46:56:68:00:2f:73:7a:52:74:0f:
dd:a7:2d:f4:4e:e1:d3:dd:9b:5d:83:af:b9:6a:dd:ef:bc:3b:
46:18:1d:eb:48:bb:7c:2b:be:d8:ca:16:09:d9:ff:42:e8:6a:
fa:ec:88:11:7b:12:8d:b1:42:19:bd:ca:34:ef:4b:af:1b:09:
77:12:36:ef
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ2Yi6IT4LA8M+WXaJ1E6D/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwNDE2MjMwNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTg2YmNjOWI5ODRlNWU5Zjg1NGFkY2Q1NmZiNWI3NjkwMjBlN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFpTJQ6ftd7p7iwD0gOh1kqv0hB+
5k4NBdBjbDH3UOxbBdAi5O79G7gNWFSG8x/qilhLJUMlvVDd6z6ITYLSktfzwQaD
ZhxIc7EI8yyH1E6maiuLwEAy8fuUpXh6eYaD8xneU3tpDhXTehfN3x7NH4L4HJZV
BvITSdWv+VNbOUobvRhOH2fd389CIggf24bt/vJRW5XWL74+k1j8gPrPT3srewz2
gcCroioM/Wbx35ZspBXKbF8CqOvwrODca/zWZqesBRHQeD6MfTlV27gSJmPTBXCu
/lq8+mcp+1RzJ+XSJ3Q7N1GApbHJJn8n4LLM4s/zbd29TWWrfjQSqVzS7QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNqGvMm5hOXp+FStzVb7W3aQIOfgMB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvMm9hOHlibUU1ZW40VkszTlZ2dGJkcEFnNS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgaYAQAs
MA0GCSqGSIb3DQEBCwUAA4IBAQBeSTBPt7AVm11Svb9jqy49fGPJ9d1lY2j7lO7M
/BsMjVMD7GfsAS7HWXzmxlRG1MP1ry1nYIcuHW8Cyi371WCtzU1g3iN4sheHuSH8
h/zD4OWsvWDH9DElmoRTZilUAJ5vvqGNhg1DExX4kJZkbVL3Fw+nn3b4gYdxoW3a
Dllmx5Mc4eglphWHOLCq6uJsaJl/J6GFI7oxvOXatqIug1Eg0jzluGBb7E0L/a/I
xzLmPMU2lRmZYdEwSHJQK0ZWaAAvc3pSdA/dpy30TuHT3Ztdg6+5at3vvDtGGB3r
SLt8K77YyhYJ2f9C6Gr67IgRexKNsUIZvco070uvGwl3Ejbv
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:27:47 2026 by rpki-client