Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/w7Np8iSlCJeCuuAXwVQG7hkPbRU.roa
File: w7Np8iSlCJeCuuAXwVQG7hkPbRU.roa (raw, json)
Hash identifier: aHzr74BnLMQ8E71AQ32nn0I2S5SGW8FEaYM1VYMWA84=
Subject key identifier: C3:B3:69:F2:24:A5:08:97:82:BA:E0:17:C1:54:06:EE:19:0F:6D:15
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019D73AD75C7FF60276146F86D2234EB95FF
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/w7Np8iSlCJeCuuAXwVQG7hkPbRU.roa
Signing time: Thu 09 Apr 2026 19:17:20 +0000
ROA not before: Thu 09 Apr 2026 19:17:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211009
IP address blocks: 2a0d:b841::/32 maxlen: 32
2a0e:19c7::/32 maxlen: 32
2a11:b4c4::/32 maxlen: 32
2a11:b4c5::/32 maxlen: 32
2a11:b4c7::/32 maxlen: 32
2a11:e2c4::/32 maxlen: 32
2a12:2803::/32 maxlen: 32
2a12:8787::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:73:ad:75:c7:ff:60:27:61:46:f8:6d:22:34:eb:95:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 9 19:17:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c3b369f224a5089782bae017c15406ee190f6d15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e3:dc:94:f9:57:da:bd:4b:b7:76:a4:da:93:
1d:30:44:6c:37:47:6e:da:b3:85:93:01:f2:5d:fb:
16:a4:17:99:db:5e:f7:6d:fd:f4:2c:58:c6:24:c6:
48:6d:eb:82:c4:08:6c:5e:64:5a:38:4a:c2:d7:91:
75:d8:d6:4f:3b:20:32:cd:e3:7a:34:09:38:63:43:
16:b8:64:6c:b3:fc:f0:7d:e7:5a:55:5a:9e:f1:ab:
59:c5:47:df:15:36:e5:57:e1:31:1c:c4:e4:66:c9:
64:9f:9f:30:18:c3:63:6e:fb:5b:b5:0c:46:b7:85:
87:1a:07:79:c2:f2:2b:c4:3a:28:0c:fd:3e:de:0c:
1a:29:1c:a6:c9:f6:23:93:d8:ca:b7:2a:50:a6:c0:
98:3f:95:42:5d:e9:e3:8d:df:c5:de:8c:6a:7a:17:
86:62:05:8e:f6:7e:3f:c0:1c:3d:90:aa:4c:c7:df:
6f:f8:99:b0:59:1a:4e:bf:90:9d:fc:00:e4:f1:70:
0c:3a:aa:87:67:2e:48:7f:72:ed:0e:8e:4f:53:7c:
0f:e8:4b:07:07:c8:5f:44:6f:11:8e:0c:06:61:2f:
56:67:b7:d9:e4:89:f1:91:17:d5:cc:6b:cb:86:23:
ca:b0:81:f8:cd:be:db:0b:82:0f:2f:d4:12:9f:dd:
31:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:B3:69:F2:24:A5:08:97:82:BA:E0:17:C1:54:06:EE:19:0F:6D:15
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/w7Np8iSlCJeCuuAXwVQG7hkPbRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:b841::/32
2a0e:19c7::/32
2a11:b4c4::/31
2a11:b4c7::/32
2a11:e2c4::/32
2a12:2803::/32
2a12:8787::/32
Signature Algorithm: sha256WithRSAEncryption
8f:ab:45:1b:9f:d7:d1:91:ce:f8:0d:de:3d:74:0f:61:3c:69:
e8:48:af:97:9f:6f:02:85:c1:a4:f8:e2:1d:33:58:14:f7:96:
5d:f3:9f:19:ea:6f:51:1b:e7:ca:99:8b:5a:76:1e:f0:d2:bf:
75:cb:61:1a:24:16:fe:70:b0:82:4c:a4:46:ca:1c:df:ef:0e:
48:fd:6b:76:8b:f7:3d:b8:1e:c3:4b:62:7d:0a:92:66:38:e0:
83:b7:b8:46:ad:63:6d:f5:35:f5:b7:ad:40:cd:37:12:ee:bd:
09:39:cf:f3:ee:00:81:b9:3e:1c:69:a3:61:e8:0a:e5:72:88:
b1:98:25:99:cb:07:72:0d:e6:b9:2b:b9:55:c5:f1:81:68:b7:
f6:f4:3b:87:1a:6d:d4:90:17:3a:bb:19:bf:ca:15:fd:12:93:
02:ae:01:99:17:4d:fe:3c:f3:fb:5d:f9:64:2b:5e:7e:ee:ac:
a8:3d:8e:6e:23:7e:88:45:ae:74:39:db:62:a5:30:cd:3d:19:
4e:6c:05:63:58:1e:fa:5e:a7:60:d7:a3:63:44:d8:cd:51:54:
a0:73:b1:b5:18:c1:7a:96:a8:32:4e:44:22:fb:11:68:fd:21:
89:99:6c:b5:76:0e:1b:45:44:b4:cf:1a:d4:18:a5:51:e8:1a:
30:72:a7:6a
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZ1zrXXH/2AnYUb4bSI065X/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNDA5MTkxNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2IzNjlmMjI0YTUwODk3ODJiYWUwMTdjMTU0MDZlZTE5MGY2ZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquPclPlX2r1Lt3ak2pMdMERsN0du
2rOFkwHyXfsWpBeZ2173bf30LFjGJMZIbeuCxAhsXmRaOErC15F12NZPOyAyzeN6
NAk4Y0MWuGRss/zwfedaVVqe8atZxUffFTblV+ExHMTkZslkn58wGMNjbvtbtQxG
t4WHGgd5wvIrxDooDP0+3gwaKRymyfYjk9jKtypQpsCYP5VCXenjjd/F3oxqeheG
YgWO9n4/wBw9kKpMx99v+JmwWRpOv5Cd/ADk8XAMOqqHZy5If3LtDo5PU3wP6EsH
B8hfRG8RjgwGYS9WZ7fZ5InxkRfVzGvLhiPKsIH4zb7bC4IPL9QSn90xvwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFMOzafIkpQiXgrrgF8FUBu4ZD20VMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvdzdOcDhpU2xDSmVDdXVBWHdWUUc3aGtQYlJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUAKg24QQMF
ACoOGccDBQEqEbTEAwUAKhG0xwMFACoR4sQDBQAqEigDAwUAKhKHhzANBgkqhkiG
9w0BAQsFAAOCAQEAj6tFG5/X0ZHO+A3ePXQPYTxp6Eivl59vAoXBpPjiHTNYFPeW
XfOfGepvURvnypmLWnYe8NK/dcthGiQW/nCwgkykRsoc3+8OSP1rdov3Pbgew0ti
fQqSZjjgg7e4Rq1jbfU19betQM03Eu69CTnP8+4Agbk+HGmjYegK5XKIsZglmcsH
cg3muSu5VcXxgWi39vQ7hxpt1JAXOrsZv8oV/RKTAq4BmRdN/jzz+135ZCtefu6s
qD2ObiN+iEWudDnbYqUwzT0ZTmwFY1ge+l6nYNejY0TYzVFUoHOxtRjBepaoMk5E
IvsRaP0hiZlstXYOG0VEtM8a1BilUegaMHKnag==
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:47:43 2026 by rpki-client