Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/9QL23Pw0OB_Csflu1hMc-vTqEh0.roa
File: 9QL23Pw0OB_Csflu1hMc-vTqEh0.roa (raw, json)
Hash identifier: YftBQ6/lpcuzeiRf1o6w1Pz4tmLR7cJAkr3pglfRZ9U=
Subject key identifier: F5:02:F6:DC:FC:34:38:1F:C2:B1:F9:6E:D6:13:1C:FA:F4:EA:12:1D
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019EAD49C1114D37D930199D904F6E7F26FD
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/9QL23Pw0OB_Csflu1hMc-vTqEh0.roa
Signing time: Tue 09 Jun 2026 16:49:12 +0000
ROA not before: Tue 09 Jun 2026 16:49:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204968
IP address blocks: 2a0d:ad40::/32 maxlen: 32
2a0d:ad47::/32 maxlen: 32
2a0d:b843::/32 maxlen: 32
2a0d:b845::/32 maxlen: 32
2a12:8780::/32 maxlen: 32
2a12:a503::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ad:49:c1:11:4d:37:d9:30:19:9d:90:4f:6e:7f:26:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jun 9 16:49:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f502f6dcfc34381fc2b1f96ed6131cfaf4ea121d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:4b:95:0a:ba:34:9a:4b:ae:3d:c9:ec:6c:65:
8c:d1:99:78:40:f4:87:5e:3b:a3:60:88:da:65:5e:
7b:a7:ac:9e:8e:9d:e2:16:21:33:70:3b:9a:a7:bc:
82:f9:2d:d4:0d:b4:84:82:6d:1f:24:03:72:73:fc:
24:cf:d2:2c:76:fa:a9:af:db:2c:11:5e:21:7b:d9:
c4:67:5c:a8:23:c5:fc:13:b4:97:c0:b6:3a:71:5d:
e1:d2:b6:11:1f:cc:dd:c1:ae:22:49:6c:41:dc:a6:
b2:42:c2:45:57:6a:77:b7:a2:ec:26:9d:7b:05:0f:
69:0a:d0:8c:93:cf:4c:ca:78:f2:7e:28:ea:c9:09:
09:33:18:fb:7e:3f:22:ba:ef:7f:ed:e7:6d:e3:b4:
50:01:29:22:92:e6:a8:6f:56:62:d7:4b:1e:43:9e:
cb:ed:5b:9a:52:28:50:d7:28:77:60:a8:dc:f3:1d:
43:09:1f:a0:b5:4d:16:b9:b3:85:35:50:0a:3c:78:
07:a6:56:81:e4:f2:25:07:f3:ef:e1:b3:0c:bd:99:
39:37:56:b5:75:a8:80:36:98:a6:4a:8c:9b:6e:32:
28:21:b7:ee:ae:16:74:e6:4b:33:36:98:a2:9c:6d:
7c:71:e9:53:13:b6:2c:f8:f2:74:96:1a:61:14:0a:
47:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:02:F6:DC:FC:34:38:1F:C2:B1:F9:6E:D6:13:1C:FA:F4:EA:12:1D
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/9QL23Pw0OB_Csflu1hMc-vTqEh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:ad40::/32
2a0d:ad47::/32
2a0d:b843::/32
2a0d:b845::/32
2a12:8780::/32
2a12:a503::/32
Signature Algorithm: sha256WithRSAEncryption
4e:d3:3b:e0:4f:df:af:b9:e0:62:bc:7d:df:12:f6:6b:61:84:
9c:bf:54:09:08:1d:8d:67:b8:da:8c:d3:f5:3b:6b:c1:e7:c7:
99:9f:ff:46:e3:70:1f:eb:08:98:1b:0a:d9:c2:7d:4b:f1:10:
da:7e:2b:ee:3e:d1:d5:41:9e:b3:24:bf:f4:67:54:40:b5:84:
ec:2e:e2:35:0e:c1:7b:d8:f0:14:a5:7b:3d:62:93:be:2f:26:
13:93:a1:84:04:36:3c:1d:fd:35:17:df:72:c7:d0:23:22:73:
b7:65:9a:c0:84:23:ff:b5:41:f0:7a:b4:75:96:46:cc:f1:be:
c0:82:84:8d:40:ff:35:42:2c:9c:3a:14:ee:fe:10:b3:36:4e:
73:42:55:86:bd:a9:6c:94:e1:58:da:bc:64:30:13:bf:c2:0a:
84:f1:e2:c2:28:f1:63:0d:b4:d6:2a:f5:48:27:98:a2:78:99:
d6:0d:98:68:27:33:18:c9:7e:14:a7:b1:83:5c:37:89:03:6d:
b1:ff:2d:69:d2:a2:6c:4c:00:c9:52:91:c1:38:9c:99:5c:98:
1c:15:07:8f:b6:51:42:e0:ba:7a:13:ef:32:5f:37:3c:1a:04:
78:15:33:1d:32:9b:be:92:54:b2:4d:f0:b0:ed:a9:96:83:eb:
09:2d:2a:9d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ6tScERTTfZMBmdkE9ufyb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNjA5MTY0OTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTAyZjZkY2ZjMzQzODFmYzJiMWY5NmVkNjEzMWNmYWY0ZWExMjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEuVCro0mkuuPcnsbGWM0Zl4QPSH
XjujYIjaZV57p6yejp3iFiEzcDuap7yC+S3UDbSEgm0fJANyc/wkz9Isdvqpr9ss
EV4he9nEZ1yoI8X8E7SXwLY6cV3h0rYRH8zdwa4iSWxB3KayQsJFV2p3t6LsJp17
BQ9pCtCMk89MynjyfijqyQkJMxj7fj8iuu9/7edt47RQASkikuaob1Zi10seQ57L
7VuaUihQ1yh3YKjc8x1DCR+gtU0WubOFNVAKPHgHplaB5PIlB/Pv4bMMvZk5N1a1
daiANpimSoybbjIoIbfurhZ05kszNpiinG18celTE7Ys+PJ0lhphFApHcQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPUC9tz8NDgfwrH5btYTHPr06hIdMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvOVFMMjNQdzBPQl9Dc2ZsdTFoTWMtdlRxRWgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKg2tQAMF
ACoNrUcDBQAqDbhDAwUAKg24RQMFACoSh4ADBQAqEqUDMA0GCSqGSIb3DQEBCwUA
A4IBAQBO0zvgT9+vueBivH3fEvZrYYScv1QJCB2NZ7jajNP1O2vB58eZn/9G43Af
6wiYGwrZwn1L8RDafivuPtHVQZ6zJL/0Z1RAtYTsLuI1DsF72PAUpXs9YpO+LyYT
k6GEBDY8Hf01F99yx9AjInO3ZZrAhCP/tUHwerR1lkbM8b7AgoSNQP81QiycOhTu
/hCzNk5zQlWGvalslOFY2rxkMBO/wgqE8eLCKPFjDbTWKvVIJ5iieJnWDZhoJzMY
yX4Up7GDXDeJA22x/y1p0qJsTADJUpHBOJyZXJgcFQePtlFC4Lp6E+8yXzc8GgR4
FTMdMpu+klSyTfCw7amWg+sJLSqd
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:37:09 2026 by rpki-client