Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/A9J5jhgYo3JxyyAMs8KaomQ6LIQ.roa
File: A9J5jhgYo3JxyyAMs8KaomQ6LIQ.roa (raw, json)
Hash identifier: KM8aiFBZNGHTai2ElDjdolRCcug/UJlK5Nvk6NtBbLM=
Subject key identifier: 03:D2:79:8E:18:18:A3:72:71:CB:20:0C:B3:C2:9A:A2:64:3A:2C:84
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019D74E90298E05A8DE2F64A8071E9D19FB2
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/A9J5jhgYo3JxyyAMs8KaomQ6LIQ.roa
Signing time: Fri 10 Apr 2026 01:02:00 +0000
ROA not before: Fri 10 Apr 2026 01:02:00 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201283
IP address blocks: 2a06:9801:14::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:74:e9:02:98:e0:5a:8d:e2:f6:4a:80:71:e9:d1:9f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: Apr 10 01:02:00 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=03d2798e1818a37271cb200cb3c29aa2643a2c84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:59:12:a7:f4:aa:f4:8e:f7:9d:b0:99:3b:05:
57:04:c0:16:c1:9e:72:c0:82:40:0b:86:f3:3f:41:
99:72:8a:4f:ae:56:c2:0c:b6:90:c6:e2:f4:3e:af:
b7:87:f7:6e:ea:ab:a8:c7:eb:43:9d:18:77:e8:61:
e5:4d:b2:ea:58:44:26:64:6b:55:83:69:77:9a:f4:
05:00:62:06:f0:9b:03:78:17:d3:1e:33:b6:50:8a:
1e:f4:8e:2d:8c:71:ad:48:0f:f0:c7:7e:c9:50:7c:
2e:5a:01:41:43:1b:4c:6d:cf:ad:7a:d6:9f:80:18:
5d:4f:e3:6d:fd:17:aa:a5:2e:4a:b1:07:98:bb:ea:
53:fa:51:67:53:72:cc:bb:9b:9a:1e:ae:a2:20:07:
e4:b9:07:65:f2:54:22:7e:95:d1:5b:04:a5:e1:60:
d9:fc:de:6d:52:15:a7:5a:26:52:d1:8f:77:ad:05:
89:72:cf:fd:47:54:68:4e:ca:28:bc:e1:6e:3b:33:
97:cb:ea:79:48:a3:aa:25:d2:6a:0d:ff:da:55:c3:
1e:9d:93:fa:60:33:1c:69:34:76:1e:4c:d5:3c:0b:
b9:d4:25:ac:e1:90:93:4e:f5:f3:a6:d9:61:40:7c:
df:07:a8:12:fa:07:db:47:b5:c1:50:19:45:5e:94:
ec:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D2:79:8E:18:18:A3:72:71:CB:20:0C:B3:C2:9A:A2:64:3A:2C:84
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/A9J5jhgYo3JxyyAMs8KaomQ6LIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:14::/48
Signature Algorithm: sha256WithRSAEncryption
55:9f:fa:10:e1:72:56:bd:66:65:72:92:ae:8d:da:8d:ef:ef:
1d:bc:57:0f:8c:98:e8:97:47:b1:ea:63:dd:67:6c:40:c7:44:
d9:ab:eb:e4:62:00:10:e9:89:62:b9:d8:8a:a6:1c:8e:ac:a8:
62:af:d3:69:6e:79:0b:5c:b0:4b:3b:4f:66:eb:f2:fe:20:33:
2a:40:30:26:8a:1b:a4:0a:f5:3d:c7:ae:84:0b:13:11:48:ba:
2b:83:f4:4a:33:bb:21:32:28:14:70:9c:66:81:14:3d:0f:25:
a6:3f:75:3b:d1:69:52:f4:dc:ba:59:07:24:fd:0b:fc:15:8a:
6e:65:f9:df:d7:53:04:a0:82:cd:5e:93:6c:f9:0a:59:57:41:
b4:5b:9f:e6:8f:34:f2:d3:e8:9a:b9:a9:c1:c9:87:1c:d6:5f:
fd:72:5b:f4:11:a0:52:4b:41:6f:aa:3e:95:7a:03:8e:1a:e9:
42:0a:73:cd:53:a5:d5:c3:1e:de:f2:b6:6f:27:cc:ea:b2:cc:
5b:22:28:5b:ce:7c:d0:42:a6:e5:f2:41:4f:a9:f0:44:b9:7d:
dd:e2:ab:ef:b5:a1:80:1e:5e:84:20:84:7b:be:9d:38:23:c5:
48:57:c4:de:f5:db:4d:be:d0:30:2e:c2:d2:e8:bd:6f:8b:23:
d0:43:37:b9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ106QKY4FqN4vZKgHHp0Z+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwNDEwMDEwMjAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2QyNzk4ZTE4MThhMzcyNzFjYjIwMGNiM2MyOWFhMjY0M2EyYzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lkSp/Sq9I73nbCZOwVXBMAWwZ5y
wIJAC4bzP0GZcopPrlbCDLaQxuL0Pq+3h/du6quox+tDnRh36GHlTbLqWEQmZGtV
g2l3mvQFAGIG8JsDeBfTHjO2UIoe9I4tjHGtSA/wx37JUHwuWgFBQxtMbc+tetaf
gBhdT+Nt/ReqpS5KsQeYu+pT+lFnU3LMu5uaHq6iIAfkuQdl8lQifpXRWwSl4WDZ
/N5tUhWnWiZS0Y93rQWJcs/9R1RoTsoovOFuOzOXy+p5SKOqJdJqDf/aVcMenZP6
YDMcaTR2HkzVPAu51CWs4ZCTTvXzptlhQHzfB6gS+gfbR7XBUBlFXpTsCwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAPSeY4YGKNyccsgDLPCmqJkOiyEMB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvQTlKNWpoZ1lvM0p4eXlBTXM4S2FvbVE2TElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgaYAQAU
MA0GCSqGSIb3DQEBCwUAA4IBAQBVn/oQ4XJWvWZlcpKujdqN7+8dvFcPjJjol0ex
6mPdZ2xAx0TZq+vkYgAQ6YliudiKphyOrKhir9NpbnkLXLBLO09m6/L+IDMqQDAm
ihukCvU9x66ECxMRSLorg/RKM7shMigUcJxmgRQ9DyWmP3U70WlS9Ny6WQck/Qv8
FYpuZfnf11MEoILNXpNs+QpZV0G0W5/mjzTy0+iauanByYcc1l/9clv0EaBSS0Fv
qj6VegOOGulCCnPNU6XVwx7e8rZvJ8zqssxbIihbznzQQqbl8kFPqfBEuX3d4qvv
taGAHl6EIIR7vp04I8VIV8Te9dtNvtAwLsLS6L1viyPQQze5
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:28:39 2026 by rpki-client