Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/lSIRrN8QjQeyR6G-DQa38hWmAsY.roa
File: lSIRrN8QjQeyR6G-DQa38hWmAsY.roa (raw, json)
Hash identifier: GjIE64WgsfeQ70UpB5WBz82uQ+7CopALK9zaus5GZ/8=
Subject key identifier: 95:22:11:AC:DF:10:8D:07:B2:47:A1:BE:0D:06:B7:F2:15:A6:02:C6
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019E8E5B53E70D83E6E0109A298DBEC39547
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/lSIRrN8QjQeyR6G-DQa38hWmAsY.roa
Signing time: Wed 03 Jun 2026 16:40:10 +0000
ROA not before: Wed 03 Jun 2026 16:40:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 219538
IP address blocks: 2a06:9801:797::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 08:33:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8e:5b:53:e7:0d:83:e6:e0:10:9a:29:8d:be:c3:95:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: Jun 3 16:40:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=952211acdf108d07b247a1be0d06b7f215a602c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f6:bf:8a:48:e0:17:46:d6:b4:0c:cf:05:81:
e2:f1:52:d2:35:bb:f5:28:27:37:12:e4:08:42:77:
08:fe:f1:91:11:f4:bf:e3:b5:f1:00:4f:cb:c3:8d:
07:64:95:4e:8d:ff:2a:65:e3:c1:01:3a:97:18:84:
b5:4d:e9:77:6c:ea:44:da:d8:dd:15:a4:e9:c7:fb:
36:91:46:38:8d:8f:62:64:95:c2:c7:cb:dd:a3:55:
3c:d4:fc:f4:de:f9:14:20:51:52:7e:9e:a7:6d:b4:
3b:b0:bf:9f:4b:84:1f:7f:8e:65:78:83:77:6f:8d:
1d:c7:f4:b3:da:94:d8:62:e2:d7:89:70:a3:40:e4:
e6:b4:9a:75:99:97:98:80:b9:44:05:99:ce:33:ad:
60:ec:ed:9f:78:32:c3:5f:ba:d8:8e:f7:b6:5f:87:
8a:8a:9c:82:3e:af:2e:f1:37:82:2b:65:50:ab:a8:
51:7e:99:fb:ea:10:f7:ef:83:2e:eb:8a:c8:2a:ac:
4f:21:0b:6a:37:09:60:44:87:b2:34:16:2f:2b:10:
c4:6a:a4:77:a7:25:67:3f:7c:ac:79:3c:bc:34:28:
42:4c:02:a5:09:96:17:1c:df:31:34:dc:ed:73:ad:
e7:cb:de:37:b0:68:d7:8a:d9:59:b6:d5:de:84:01:
a3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:22:11:AC:DF:10:8D:07:B2:47:A1:BE:0D:06:B7:F2:15:A6:02:C6
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/lSIRrN8QjQeyR6G-DQa38hWmAsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:797::/48
Signature Algorithm: sha256WithRSAEncryption
76:bf:ed:01:5a:d7:14:bf:f1:6e:24:b9:5b:9c:68:cc:e1:79:
ba:60:19:6f:22:45:60:fb:2a:af:f8:74:a1:33:bb:4c:77:ca:
2a:db:c6:e2:9d:77:27:5f:2d:7a:94:ac:f9:82:f5:e7:00:4c:
59:58:bf:2b:ec:0b:ae:37:ea:c6:44:88:51:73:28:11:21:5a:
6c:53:12:43:cd:9f:e2:39:70:ec:5b:5d:0b:25:03:ac:de:5c:
d9:db:eb:cd:cc:22:6c:17:f2:32:22:1a:41:c8:c1:48:09:ca:
d2:57:77:3f:e1:15:86:fc:5c:c1:ed:78:d3:2f:2d:d7:f6:71:
e2:68:dd:64:36:28:d8:2d:26:3d:55:b7:72:90:d0:34:bd:57:
00:22:7d:0a:f6:71:3b:7d:a4:6c:03:4d:0c:52:5b:d4:7b:2f:
f4:5f:dc:28:fb:28:cb:cb:35:c3:0a:de:44:ee:b8:3e:29:9b:
0e:99:62:a9:bb:f1:cd:10:50:1a:fd:9c:16:24:99:d1:4c:36:
cb:0c:b8:e7:5d:49:13:0b:75:20:2f:88:24:64:8b:4d:62:0b:
ee:24:c6:7c:79:62:d3:74:78:21:cc:3b:cc:e5:a4:bf:56:ae:
7b:29:34:94:0c:e7:7c:f6:c0:26:b9:03:6b:33:26:58:36:ee:
da:8e:b0:77
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ6OW1PnDYPm4BCaKY2+w5VHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwNjAzMTY0MDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTIyMTFhY2RmMTA4ZDA3YjI0N2ExYmUwZDA2YjdmMjE1YTYwMmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPa/ikjgF0bWtAzPBYHi8VLSNbv1
KCc3EuQIQncI/vGREfS/47XxAE/Lw40HZJVOjf8qZePBATqXGIS1Tel3bOpE2tjd
FaTpx/s2kUY4jY9iZJXCx8vdo1U81Pz03vkUIFFSfp6nbbQ7sL+fS4Qff45leIN3
b40dx/Sz2pTYYuLXiXCjQOTmtJp1mZeYgLlEBZnOM61g7O2feDLDX7rYjve2X4eK
ipyCPq8u8TeCK2VQq6hRfpn76hD374Mu64rIKqxPIQtqNwlgRIeyNBYvKxDEaqR3
pyVnP3yseTy8NChCTAKlCZYXHN8xNNztc63ny943sGjXitlZttXehAGjKwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJUiEazfEI0Hskehvg0Gt/IVpgLGMB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvbFNJUnJOOFFqUWV5UjZHLURRYTM4aFdtQXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgaYAQeX
MA0GCSqGSIb3DQEBCwUAA4IBAQB2v+0BWtcUv/FuJLlbnGjM4Xm6YBlvIkVg+yqv
+HShM7tMd8oq28binXcnXy16lKz5gvXnAExZWL8r7AuuN+rGRIhRcygRIVpsUxJD
zZ/iOXDsW10LJQOs3lzZ2+vNzCJsF/IyIhpByMFICcrSV3c/4RWG/FzB7XjTLy3X
9nHiaN1kNijYLSY9VbdykNA0vVcAIn0K9nE7faRsA00MUlvUey/0X9wo+yjLyzXD
Ct5E7rg+KZsOmWKpu/HNEFAa/ZwWJJnRTDbLDLjnXUkTC3UgL4gkZItNYgvuJMZ8
eWLTdHghzDvM5aS/Vq57KTSUDOd89sAmuQNrMyZYNu7ajrB3
-----END CERTIFICATE-----
Generated at Wed Jun 17 12:19:19 2026 by rpki-client