Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/P0NC92fPZRpKBRi719omuqTIvmw.roa
File: P0NC92fPZRpKBRi719omuqTIvmw.roa (raw, json)
Hash identifier: XeiQ1M/iOY6f3B+1dmihKorpvgAdfG9pAwEVvV+YqF8=
Subject key identifier: 3F:43:42:F7:67:CF:65:1A:4A:05:18:BB:D7:DA:26:BA:A4:C8:BE:6C
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019C8CC946D944EB92C8CF4E4E24A2F3A36A
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/P0NC92fPZRpKBRi719omuqTIvmw.roa
Signing time: Mon 23 Feb 2026 23:15:26 +0000
ROA not before: Mon 23 Feb 2026 23:15:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213496
IP address blocks: 2a06:9801:b0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8c:c9:46:d9:44:eb:92:c8:cf:4e:4e:24:a2:f3:a3:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: Feb 23 23:15:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3f4342f767cf651a4a0518bbd7da26baa4c8be6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:fc:3e:54:eb:42:64:e3:8a:c4:6d:7a:d5:4b:
ae:b2:bd:04:29:6a:ae:05:1b:d1:fc:8f:52:2c:4b:
18:1e:93:c6:13:b2:e2:ee:8a:19:65:32:83:25:90:
fa:19:59:f6:37:52:ba:b9:35:85:c0:33:26:2d:e5:
16:ec:b2:7e:b3:ca:bd:79:4a:97:4a:e7:43:20:9b:
3a:38:78:4f:d5:35:e0:c9:97:dc:7e:08:5d:a4:e6:
27:32:3d:50:8e:29:24:d6:b2:dd:42:8a:b2:8d:ad:
1c:d3:a6:63:03:24:b0:ca:c5:f9:fe:50:c5:38:9f:
14:b8:29:e6:18:28:17:96:7f:51:50:dc:61:95:ac:
2c:c5:4f:04:83:32:ac:f4:31:8c:fa:d0:24:6e:dd:
95:95:cc:1f:27:40:de:a7:d6:3b:4a:b1:5a:97:71:
ad:77:6b:4c:ab:9b:ae:8f:5b:20:28:07:cc:4c:19:
01:94:91:35:1e:af:ad:4b:0a:04:03:06:84:5a:cd:
6f:eb:3f:99:6d:c2:c9:28:14:7d:fb:6b:89:f1:19:
3f:aa:cf:c7:c8:c6:28:80:1c:33:51:46:95:b5:94:
70:d3:9f:43:f0:52:3c:0a:fc:89:ab:b7:70:69:42:
99:91:b9:3c:f8:3a:6d:65:b1:2d:34:35:7c:28:6f:
5f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:43:42:F7:67:CF:65:1A:4A:05:18:BB:D7:DA:26:BA:A4:C8:BE:6C
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/P0NC92fPZRpKBRi719omuqTIvmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:b0::/44
Signature Algorithm: sha256WithRSAEncryption
48:48:e0:f2:14:5e:60:70:37:8e:45:6d:ee:f2:51:a6:c6:e3:
fc:a7:42:57:27:e3:de:cb:06:07:57:53:71:65:73:00:60:e8:
9b:0c:e6:9c:2d:fe:e4:c3:83:b1:bd:c0:c7:89:26:3d:c7:81:
41:a6:20:31:43:9a:70:cf:27:82:b6:89:5a:55:e8:5a:d2:e0:
cb:06:2d:4d:a0:2a:dd:9a:6f:a6:f7:72:41:08:2a:e1:b7:02:
cf:f0:df:32:60:d6:8d:04:c3:ef:3b:b0:5a:43:c4:0e:f2:f7:
fc:3d:3e:e4:8c:ad:99:39:1b:27:ad:35:26:fb:a3:99:ca:ba:
7e:4a:a6:53:5f:12:18:1a:af:06:43:39:8c:ff:80:06:cd:30:
77:d6:1b:a8:be:60:1f:d8:18:b5:7f:1b:32:5a:13:d5:e8:cf:
5e:f4:85:95:55:78:e0:72:a2:27:1f:ec:d4:a5:36:3c:f3:d5:
da:5b:55:36:b2:af:7b:39:75:09:59:f3:33:82:40:36:f7:f5:
19:7e:a8:05:cb:da:cf:6b:93:06:7d:08:21:91:01:07:4a:0a:
ad:7a:0d:18:00:b5:c4:27:4e:54:59:17:97:88:5c:6e:c0:ae:
9b:4a:ce:c5:34:1f:69:c0:f2:95:96:3a:49:d5:7d:49:6e:1f:
b2:2b:35:19
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZyMyUbZROuSyM9OTiSi86NqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwMjIzMjMxNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjQzNDJmNzY3Y2Y2NTFhNGEwNTE4YmJkN2RhMjZiYWE0YzhiZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9fw+VOtCZOOKxG161Uuusr0EKWqu
BRvR/I9SLEsYHpPGE7Li7ooZZTKDJZD6GVn2N1K6uTWFwDMmLeUW7LJ+s8q9eUqX
SudDIJs6OHhP1TXgyZfcfghdpOYnMj1Qjikk1rLdQoqyja0c06ZjAySwysX5/lDF
OJ8UuCnmGCgXln9RUNxhlawsxU8EgzKs9DGM+tAkbt2VlcwfJ0Dep9Y7SrFal3Gt
d2tMq5uuj1sgKAfMTBkBlJE1Hq+tSwoEAwaEWs1v6z+ZbcLJKBR9+2uJ8Rk/qs/H
yMYogBwzUUaVtZRw059D8FI8CvyJq7dwaUKZkbk8+DptZbEtNDV8KG9fvQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFD9DQvdnz2UaSgUYu9faJrqkyL5sMB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvUDBOQzkyZlBaUnBLQlJpNzE5b211cVRJdm13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgaYAQCw
MA0GCSqGSIb3DQEBCwUAA4IBAQBISODyFF5gcDeORW3u8lGmxuP8p0JXJ+PeywYH
V1NxZXMAYOibDOacLf7kw4OxvcDHiSY9x4FBpiAxQ5pwzyeCtolaVeha0uDLBi1N
oCrdmm+m93JBCCrhtwLP8N8yYNaNBMPvO7BaQ8QO8vf8PT7kjK2ZORsnrTUm+6OZ
yrp+SqZTXxIYGq8GQzmM/4AGzTB31huovmAf2Bi1fxsyWhPV6M9e9IWVVXjgcqIn
H+zUpTY889XaW1U2sq97OXUJWfMzgkA29/UZfqgFy9rPa5MGfQghkQEHSgqteg0Y
ALXEJ05UWReXiFxuwK6bSs7FNB9pwPKVljpJ1X1Jbh+yKzUZ
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:10:05 2026 by rpki-client