Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/orobjSRUh0BuSUOBDubbJJRQ5dU.roa
File: orobjSRUh0BuSUOBDubbJJRQ5dU.roa (raw, json)
Hash identifier: zVl/1NzBWKCsfLYsbCIcieeaJIwVNHOZEzJ3XSlEq7I=
Subject key identifier: A2:BA:1B:8D:24:54:87:40:6E:49:43:81:0E:E6:DB:24:94:50:E5:D5
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019C72263940B13D99F0F90F9F9AAC280F12
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/orobjSRUh0BuSUOBDubbJJRQ5dU.roa
Signing time: Wed 18 Feb 2026 19:07:13 +0000
ROA not before: Wed 18 Feb 2026 19:07:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204909
IP address blocks: 2a0d:7140::/29 maxlen: 29
2a0d:97c0::/29 maxlen: 29
2a11:9900::/29 maxlen: 29
2a11:a2c0::/29 maxlen: 29
2a11:c2c0::/29 maxlen: 29
2a12:a506::/32 maxlen: 32
2a12:d380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:72:26:39:40:b1:3d:99:f0:f9:0f:9f:9a:ac:28:0f:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Feb 18 19:07:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a2ba1b8d245487406e4943810ee6db249450e5d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b8:3f:3f:47:0e:f7:b5:14:ff:ef:a2:68:a0:
86:c6:06:a4:dc:c3:86:1b:72:a1:9d:d0:e2:6f:46:
e0:fd:80:ca:d7:b7:c5:63:64:6f:82:b3:b4:d7:19:
6a:63:80:7e:eb:3a:6d:60:cb:09:cb:6d:45:26:ef:
c5:6c:84:76:d2:81:a3:2c:cf:31:5b:33:3e:09:df:
1c:3b:ac:59:fa:93:9c:dd:54:6b:6d:7d:6b:5d:fd:
b7:ca:60:60:b9:22:47:ce:00:fb:3e:bc:e7:1c:51:
f3:06:a7:45:42:4b:fa:ec:53:5b:56:a7:29:83:66:
53:5b:ee:24:26:57:57:18:f7:9c:56:d1:61:a5:78:
10:76:b4:0f:fe:61:18:81:2d:98:6e:4a:2d:f1:3b:
d3:30:4a:68:0e:43:87:0f:6f:ff:20:46:db:68:d6:
dd:12:6f:a8:31:56:92:f3:5f:d6:0a:3d:b4:5b:df:
e9:a6:44:50:fe:8e:ae:a1:6b:48:c9:92:09:c0:01:
14:37:cb:b9:a4:7c:06:68:ee:05:bb:79:f4:6b:95:
e8:65:0c:e4:84:60:e8:9a:5b:b2:00:cf:9a:9c:e8:
cf:40:7c:5d:9a:45:26:63:c5:3d:5f:99:15:72:90:
2b:c9:0f:ab:e5:79:29:b1:04:f7:1d:ee:65:d9:21:
74:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BA:1B:8D:24:54:87:40:6E:49:43:81:0E:E6:DB:24:94:50:E5:D5
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/orobjSRUh0BuSUOBDubbJJRQ5dU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:7140::/29
2a0d:97c0::/29
2a11:9900::/29
2a11:a2c0::/29
2a11:c2c0::/29
2a12:a506::/32
2a12:d380::/29
Signature Algorithm: sha256WithRSAEncryption
50:d6:c9:42:74:d3:ce:85:67:59:be:60:a0:c7:ea:aa:d2:dc:
a3:11:5d:94:41:8d:7a:96:d0:30:b3:6e:5c:1b:19:36:9a:19:
24:a7:7d:04:0f:ef:b9:b6:d5:91:fb:1e:00:47:ee:c1:43:9d:
af:04:3e:5e:06:36:89:3a:4b:22:fb:95:64:c9:6a:ba:18:a5:
53:8d:c8:b1:d6:4b:44:33:dd:d6:dc:5c:c1:ec:14:63:c7:24:
d4:31:ae:f4:e0:15:03:61:21:70:aa:5b:78:90:d6:dd:a1:5b:
3e:85:7d:81:f8:c5:47:45:47:26:11:e8:fc:69:0e:15:7d:e3:
36:d3:c5:0e:df:ed:0a:f9:26:f5:1c:7d:cd:b1:17:1e:88:65:
1f:e2:0c:82:08:5b:8a:d3:5f:50:c3:8e:5b:48:ca:9f:ea:71:
05:57:b4:b7:32:42:6d:d1:c4:5c:63:57:35:2a:a4:a0:75:27:
90:26:22:a3:2c:d5:43:5c:c8:d0:a8:0d:bb:96:39:7a:cc:5d:
70:ab:03:a9:9e:37:be:5b:67:1e:e8:ec:2c:9b:b9:61:db:ef:
de:65:de:90:64:3f:a2:50:63:3e:5f:f0:4c:7b:02:75:d2:33:
f3:23:69:02:d2:6a:99:14:19:23:4e:94:3f:d9:15:c7:37:e0:
10:de:4a:d5
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZxyJjlAsT2Z8PkPn5qsKA8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMjE4MTkwNzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmJhMWI4ZDI0NTQ4NzQwNmU0OTQzODEwZWU2ZGIyNDk0NTBlNWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Lg/P0cO97UU/++iaKCGxgak3MOG
G3KhndDib0bg/YDK17fFY2RvgrO01xlqY4B+6zptYMsJy21FJu/FbIR20oGjLM8x
WzM+Cd8cO6xZ+pOc3VRrbX1rXf23ymBguSJHzgD7PrznHFHzBqdFQkv67FNbVqcp
g2ZTW+4kJldXGPecVtFhpXgQdrQP/mEYgS2Ybkot8TvTMEpoDkOHD2//IEbbaNbd
Em+oMVaS81/WCj20W9/ppkRQ/o6uoWtIyZIJwAEUN8u5pHwGaO4Fu3n0a5XoZQzk
hGDomluyAM+anOjPQHxdmkUmY8U9X5kVcpAryQ+r5XkpsQT3He5l2SF0lQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFKK6G40kVIdAbklDgQ7m2ySUUOXVMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvb3JvYmpTUlVoMEJ1U1VPQkR1YmJKSlJRNWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKg1xQAMF
AyoNl8ADBQMqEZkAAwUDKhGiwAMFAyoRwsADBQAqEqUGAwUDKhLTgDANBgkqhkiG
9w0BAQsFAAOCAQEAUNbJQnTTzoVnWb5goMfqqtLcoxFdlEGNepbQMLNuXBsZNpoZ
JKd9BA/vubbVkfseAEfuwUOdrwQ+XgY2iTpLIvuVZMlquhilU43IsdZLRDPd1txc
wewUY8ck1DGu9OAVA2EhcKpbeJDW3aFbPoV9gfjFR0VHJhHo/GkOFX3jNtPFDt/t
Cvkm9Rx9zbEXHohlH+IMgghbitNfUMOOW0jKn+pxBVe0tzJCbdHEXGNXNSqkoHUn
kCYioyzVQ1zI0KgNu5Y5esxdcKsDqZ43vltnHujsLJu5Ydvv3mXekGQ/olBjPl/w
THsCddIz8yNpAtJqmRQZI06UP9kVxzfgEN5K1Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:57:52 2026 by rpki-client