Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/c29JW2yNh5HoO0EB4VlPAoQtjt0.roa
File: c29JW2yNh5HoO0EB4VlPAoQtjt0.roa (raw, json)
Hash identifier: FnTibZNg+iKmkCC6CIsEZNF63YtnJOb4qD2eGb/Hkkc=
Subject key identifier: 73:6F:49:5B:6C:8D:87:91:E8:3B:41:01:E1:59:4F:02:84:2D:8E:DD
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019C9C07412D78A5F3DA80EFD1DCA84855AC
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/c29JW2yNh5HoO0EB4VlPAoQtjt0.roa
Signing time: Thu 26 Feb 2026 22:17:27 +0000
ROA not before: Thu 26 Feb 2026 22:17:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201371
IP address blocks: 2a06:9801:1b::/48 maxlen: 48
2a06:9801:2e::/48 maxlen: 48
2a06:9801:2f::/48 maxlen: 48
2a06:9801:d0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9c:07:41:2d:78:a5:f3:da:80:ef:d1:dc:a8:48:55:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: Feb 26 22:17:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=736f495b6c8d8791e83b4101e1594f02842d8edd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5f:2a:ce:fd:00:51:30:d4:65:bf:93:e1:c6:
9e:21:13:80:7a:e6:85:e7:59:9f:c3:77:04:c0:df:
1a:95:da:94:8f:db:ab:47:b6:b0:ef:f8:09:ff:10:
ac:0e:51:f5:d7:09:87:80:2b:83:09:f1:aa:35:c0:
c9:41:ab:f4:74:1e:cf:c1:37:87:64:a4:ed:4b:58:
c2:4e:92:b6:10:6f:e0:f5:02:1c:81:d2:52:dd:f3:
a4:f9:92:8d:93:9f:c0:0a:82:f1:75:ad:d1:60:13:
e1:3c:b4:6a:49:0c:37:e8:be:a0:84:6c:5b:87:cd:
7a:cb:19:e1:8e:7a:3c:39:c0:92:9a:e0:20:25:b8:
f7:97:fa:24:0b:09:10:91:2b:4c:a6:74:a3:83:ed:
c9:4e:1b:89:07:82:be:5a:87:ff:9e:74:f2:6f:9b:
24:9c:20:fe:ef:a2:9c:13:21:6f:11:e4:08:d9:a5:
db:76:e7:e7:0a:d9:fa:c6:06:18:f7:f1:c7:67:6e:
f3:09:4e:82:78:3b:56:48:ae:14:e6:79:9f:a4:0c:
71:c5:3d:d1:d6:dc:b0:dc:c8:0b:8a:57:2f:a0:4a:
cc:99:f1:41:17:d5:d4:fa:72:88:88:0d:f4:79:aa:
b6:d4:5e:68:88:b8:80:6f:31:59:a7:e4:10:43:f1:
62:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:6F:49:5B:6C:8D:87:91:E8:3B:41:01:E1:59:4F:02:84:2D:8E:DD
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/c29JW2yNh5HoO0EB4VlPAoQtjt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:1b::/48
2a06:9801:2e::/47
2a06:9801:d0::/44
Signature Algorithm: sha256WithRSAEncryption
2c:23:e2:67:46:b8:f6:a1:b0:ca:bd:8a:88:cd:fa:70:40:8d:
29:ee:34:27:6f:8f:93:28:b9:a9:fe:f0:73:d1:f0:b0:cd:03:
94:5f:40:e7:94:4b:d5:b7:90:b6:f4:1b:9f:53:40:90:fa:59:
8b:ad:5f:b0:64:08:ed:97:5a:f6:60:ab:ee:1a:22:cb:ae:28:
74:97:8c:0e:f4:99:7b:47:48:02:24:5e:dc:3f:9f:d1:f1:56:
3f:4f:28:31:9b:71:89:34:bb:3e:5e:18:21:0d:f1:fa:31:e4:
c0:d0:fe:d6:28:a2:bf:3b:9e:39:15:b0:50:b9:e9:ed:a0:9b:
97:89:74:f8:4f:30:53:af:48:08:85:73:42:d3:5f:29:63:ec:
35:7b:c2:52:38:4e:e5:54:02:33:07:d9:37:dd:b0:c6:ae:5f:
a9:00:ce:71:8e:2f:7c:f1:cc:fb:bc:35:f3:02:fc:e9:0d:25:
0b:10:0b:39:7c:bf:af:cc:bc:e0:bd:ce:b1:ec:4a:c9:93:b7:
89:90:59:c7:28:45:5c:dc:73:1e:4a:24:09:64:35:ef:3e:27:
6f:b8:0e:40:bd:3d:10:2a:2b:82:30:8e:25:45:53:e0:74:df:
c2:dd:0a:cb:0b:7e:ac:eb:91:87:30:ef:10:b5:06:18:ba:d5:
28:bf:e7:90
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZycB0EteKXz2oDv0dyoSFWsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwMjI2MjIxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzZmNDk1YjZjOGQ4NzkxZTgzYjQxMDFlMTU5NGYwMjg0MmQ4ZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApV8qzv0AUTDUZb+T4caeIROAeuaF
51mfw3cEwN8aldqUj9urR7aw7/gJ/xCsDlH11wmHgCuDCfGqNcDJQav0dB7PwTeH
ZKTtS1jCTpK2EG/g9QIcgdJS3fOk+ZKNk5/ACoLxda3RYBPhPLRqSQw36L6ghGxb
h816yxnhjno8OcCSmuAgJbj3l/okCwkQkStMpnSjg+3JThuJB4K+Wof/nnTyb5sk
nCD+76KcEyFvEeQI2aXbdufnCtn6xgYY9/HHZ27zCU6CeDtWSK4U5nmfpAxxxT3R
1tyw3MgLilcvoErMmfFBF9XU+nKIiA30eaq21F5oiLiAbzFZp+QQQ/FiDwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHNvSVtsjYeR6DtBAeFZTwKELY7dMB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvYzI5SlcyeU5oNUhvTzBFQjRWbFBBb1F0anQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgaYAQAb
AwcBKgaYAQAuAwcEKgaYAQDQMA0GCSqGSIb3DQEBCwUAA4IBAQAsI+JnRrj2obDK
vYqIzfpwQI0p7jQnb4+TKLmp/vBz0fCwzQOUX0DnlEvVt5C29BufU0CQ+lmLrV+w
ZAjtl1r2YKvuGiLLrih0l4wO9Jl7R0gCJF7cP5/R8VY/Tygxm3GJNLs+XhghDfH6
MeTA0P7WKKK/O545FbBQuentoJuXiXT4TzBTr0gIhXNC018pY+w1e8JSOE7lVAIz
B9k33bDGrl+pAM5xji988cz7vDXzAvzpDSULEAs5fL+vzLzgvc6x7ErJk7eJkFnH
KEVc3HMeSiQJZDXvPidvuA5AvT0QKiuCMI4lRVPgdN/C3QrLC36s65GHMO8QtQYY
utUov+eQ
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:05:34 2026 by rpki-client