Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/6h8UBP0cNnuQeOpuFUngyDKpMNQ.roa
File: 6h8UBP0cNnuQeOpuFUngyDKpMNQ.roa (raw, json)
Hash identifier: Tx4+cSsTpoIx022LxoXNYeF1QOBLYfjDrxk8LK7Bhkw=
Subject key identifier: EA:1F:14:04:FD:1C:36:7B:90:78:EA:6E:15:49:E0:C8:32:A9:30:D4
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019D7DA3318D0D3409B98EAC16899EAFF298
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/6h8UBP0cNnuQeOpuFUngyDKpMNQ.roa
Signing time: Sat 11 Apr 2026 17:42:20 +0000
ROA not before: Sat 11 Apr 2026 17:42:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202119
IP address blocks: 2a06:9801:2a0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:7d:a3:31:8d:0d:34:09:b9:8e:ac:16:89:9e:af:f2:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: Apr 11 17:42:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ea1f1404fd1c367b9078ea6e1549e0c832a930d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d8:db:8c:81:43:5f:45:5d:5e:4f:c4:be:97:
a1:a2:e0:fa:c6:5b:0b:0e:25:b7:77:c3:33:ef:30:
da:08:b5:a1:79:47:1f:4c:e4:ab:20:d9:a9:1d:a9:
3d:4a:1a:56:34:3a:4c:e5:19:a8:02:d6:5e:81:4c:
07:df:4a:9f:8e:2b:12:5c:2d:5a:0f:fa:1f:51:1f:
bb:4a:8d:71:f2:ff:08:17:d4:46:00:8e:9d:ec:27:
e1:a7:62:52:45:59:2a:cc:61:06:14:10:88:44:3a:
55:e1:94:5a:68:3a:d7:63:ef:34:05:75:a8:db:26:
c0:a6:5c:49:7e:c5:84:6c:fe:f3:28:23:92:78:6f:
86:19:c5:b3:da:a9:47:76:6c:a6:8e:d4:db:e0:0b:
60:d4:cb:17:d0:f3:b9:74:e4:c6:bd:74:2b:14:cf:
7c:66:f4:40:35:57:3a:4f:b6:80:8f:3b:07:41:ec:
2f:9a:87:fa:fa:e2:5e:15:cd:6b:a8:8c:7d:b5:89:
da:bc:e8:6f:e7:20:39:a2:75:65:47:57:36:c8:1f:
62:dc:ae:db:76:1f:8d:5e:1e:e2:46:36:e4:7f:5a:
12:8a:cf:94:f7:5b:1d:bf:ac:da:c2:81:cc:0d:fe:
a6:3c:01:64:1d:dd:c0:41:41:01:ff:b7:44:32:69:
ed:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:1F:14:04:FD:1C:36:7B:90:78:EA:6E:15:49:E0:C8:32:A9:30:D4
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/6h8UBP0cNnuQeOpuFUngyDKpMNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:2a0::/44
Signature Algorithm: sha256WithRSAEncryption
1b:6e:d6:95:96:f1:54:09:e6:04:f9:30:da:e3:81:78:1c:64:
5c:bd:4e:ef:22:32:2a:48:dc:4d:96:83:84:a5:df:9d:8e:8b:
65:d7:3c:3f:57:6b:9e:52:aa:ab:c4:dc:c0:57:c5:11:f3:aa:
26:69:fc:37:82:c8:1a:14:5c:88:fa:b8:fc:d9:57:29:ec:49:
bc:ac:4e:bd:8e:cf:f0:1a:1c:72:ba:75:c5:62:7a:31:f1:71:
35:34:3e:f1:e4:31:ef:97:83:a7:6a:2c:ab:fb:2f:36:c0:5c:
36:2c:e5:42:22:61:5d:ca:de:90:11:83:8c:bf:33:62:02:8d:
fd:2a:0f:c4:89:08:ba:9f:38:d0:7e:46:72:ad:07:4f:5d:1e:
1c:25:81:40:16:2b:94:fa:a0:57:b5:8b:2b:92:99:85:af:54:
1e:18:19:63:ea:80:e9:e8:17:76:b3:ed:32:3b:0f:66:d4:aa:
f5:b7:93:be:85:6e:63:5a:59:a2:af:32:c7:eb:89:03:81:8f:
db:b7:f8:a8:8a:77:70:ea:f8:5a:a3:b9:52:a1:89:5b:53:9e:
c4:fd:e0:38:98:8d:35:08:72:65:88:8c:4d:b9:6d:96:7f:18:
4a:6b:4f:2b:b9:71:64:8d:de:fa:96:82:23:56:04:58:d2:c2:
e7:aa:ae:88
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ19ozGNDTQJuY6sFomer/KYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwNDExMTc0MjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTFmMTQwNGZkMWMzNjdiOTA3OGVhNmUxNTQ5ZTBjODMyYTkzMGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9jbjIFDX0VdXk/EvpehouD6xlsL
DiW3d8Mz7zDaCLWheUcfTOSrINmpHak9ShpWNDpM5RmoAtZegUwH30qfjisSXC1a
D/ofUR+7So1x8v8IF9RGAI6d7Cfhp2JSRVkqzGEGFBCIRDpV4ZRaaDrXY+80BXWo
2ybAplxJfsWEbP7zKCOSeG+GGcWz2qlHdmymjtTb4Atg1MsX0PO5dOTGvXQrFM98
ZvRANVc6T7aAjzsHQewvmof6+uJeFc1rqIx9tYnavOhv5yA5onVlR1c2yB9i3K7b
dh+NXh7iRjbkf1oSis+U91sdv6zawoHMDf6mPAFkHd3AQUEB/7dEMmnt9wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOofFAT9HDZ7kHjqbhVJ4MgyqTDUMB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvNmg4VUJQMGNObnVRZU9wdUZVbmd5REtwTU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgaYAQKg
MA0GCSqGSIb3DQEBCwUAA4IBAQAbbtaVlvFUCeYE+TDa44F4HGRcvU7vIjIqSNxN
loOEpd+djotl1zw/V2ueUqqrxNzAV8UR86omafw3gsgaFFyI+rj82Vcp7Em8rE69
js/wGhxyunXFYnox8XE1ND7x5DHvl4Onaiyr+y82wFw2LOVCImFdyt6QEYOMvzNi
Ao39Kg/EiQi6nzjQfkZyrQdPXR4cJYFAFiuU+qBXtYsrkpmFr1QeGBlj6oDp6Bd2
s+0yOw9m1Kr1t5O+hW5jWlmirzLH64kDgY/bt/ioindw6vhao7lSoYlbU57E/eA4
mI01CHJliIxNuW2WfxhKa08ruXFkjd76loIjVgRY0sLnqq6I
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:29:08 2026 by rpki-client