Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/Dr4k8rcxNwwvtD-NUqAYA4wpMFQ.roa
File: Dr4k8rcxNwwvtD-NUqAYA4wpMFQ.roa (raw, json)
Hash identifier: yr8UoyK4v1H8SgPKrwOaaeZiAEGz1OruUIWHPcmq9Vo=
Subject key identifier: 0E:BE:24:F2:B7:31:37:0C:2F:B4:3F:8D:52:A0:18:03:8C:29:30:54
Certificate issuer: /CN=304e59a223f4bcb823492fb1096c3a82310c03da
Certificate serial: 019B77C6C28A1332A1062E0A8D27E9CFD2E6
Authority key identifier: 30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/Dr4k8rcxNwwvtD-NUqAYA4wpMFQ.roa
Signing time: Thu 01 Jan 2026 04:17:53 +0000
ROA not before: Thu 01 Jan 2026 04:17:53 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204418
IP address blocks: 2a06:8a01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 21:16:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:c6:c2:8a:13:32:a1:06:2e:0a:8d:27:e9:cf:d2:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=304e59a223f4bcb823492fb1096c3a82310c03da
Validity
Not Before: Jan 1 04:17:53 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0ebe24f2b731370c2fb43f8d52a018038c293054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:26:13:84:9f:63:e0:e1:33:28:7d:a5:44:d9:
ae:4a:28:8e:a1:4b:04:b0:13:6f:56:65:19:e4:68:
d2:ee:23:e6:72:d6:ab:e4:bf:72:cb:9a:5c:f9:64:
a1:95:ef:c1:f8:80:f6:35:2c:70:99:4c:da:4f:9f:
e8:f7:c3:0c:ae:c3:52:1e:4a:a3:b7:d9:6d:6d:49:
82:d7:75:46:a8:63:c0:35:36:e8:f7:0c:fb:5d:46:
69:be:a8:07:28:50:77:08:a4:df:68:88:78:c8:80:
28:66:af:29:a8:a7:ee:1c:24:f4:a2:65:28:cb:f4:
52:af:54:74:90:bf:03:62:43:dc:9d:c1:b6:3c:48:
d3:1d:ee:87:cd:c4:c7:cf:f0:e8:4f:10:60:51:d1:
bc:84:2b:02:8c:74:c5:72:de:46:1c:96:f7:03:2c:
53:d5:48:6b:50:a9:1e:43:02:d6:77:e4:40:da:d2:
f4:13:fc:65:c3:be:00:e4:f2:93:9a:d7:5f:dc:20:
71:34:17:e3:35:7b:c4:d0:9f:16:0b:a9:c9:39:30:
ef:95:bd:89:cd:99:4c:ab:30:16:a3:07:55:75:2d:
66:7f:eb:bb:25:e7:df:fa:a8:d1:8e:e0:db:ad:39:
dd:41:4c:dd:c5:0a:d3:7d:f3:0a:76:4d:ec:6b:c9:
96:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:BE:24:F2:B7:31:37:0C:2F:B4:3F:8D:52:A0:18:03:8C:29:30:54
X509v3 Authority Key Identifier:
keyid:30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/Dr4k8rcxNwwvtD-NUqAYA4wpMFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:8a01::/32
Signature Algorithm: sha256WithRSAEncryption
09:c7:82:69:f5:95:80:c3:4a:41:80:9d:c0:f2:9a:3c:84:92:
94:ab:aa:54:dc:08:9c:79:d4:4a:a4:26:c0:14:65:00:12:a6:
3b:f8:13:4d:71:8c:a2:ee:17:89:90:92:fc:03:66:16:3d:1f:
43:6f:2e:cd:51:df:64:55:6f:32:cf:1d:d5:ae:5b:75:37:f4:
74:67:e0:86:b9:57:c7:f8:0f:e3:f8:67:db:c8:70:c8:f4:67:
6d:ae:0e:2c:10:ea:75:ec:4d:ba:24:e8:c1:01:b7:55:8b:ba:
99:2f:55:27:8b:00:b5:0b:12:fc:3a:0d:ce:3b:ba:a4:f7:eb:
33:71:b2:44:6b:6b:5c:f1:f2:c3:02:02:31:dc:75:a9:e0:8a:
0c:6d:1b:d7:de:ec:36:0b:a9:a7:be:8e:35:7f:4a:03:26:7c:
d7:ce:0d:3f:29:f1:03:e2:4e:4f:d6:d3:41:9e:3f:6f:a8:c4:
dc:27:23:32:f2:a6:6b:f8:25:54:dd:c6:08:71:c3:45:45:d3:
2c:d2:49:f9:86:76:a4:51:80:fb:02:60:b8:79:42:ae:96:a8:
b2:65:5d:5a:40:14:f8:f9:1a:a1:32:2d:40:95:37:aa:90:38:
0d:7e:16:14:fb:2d:39:fd:94:ad:07:31:19:8e:38:16:80:38:
16:9a:f5:00
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZt3xsKKEzKhBi4KjSfpz9LmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNGU1OWEyMjNmNGJjYjgyMzQ5MmZiMTA5NmMzYTgyMzEw
YzAzZGEwHhcNMjYwMTAxMDQxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWJlMjRmMmI3MzEzNzBjMmZiNDNmOGQ1MmEwMTgwMzhjMjkzMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yYThJ9j4OEzKH2lRNmuSiiOoUsE
sBNvVmUZ5GjS7iPmctar5L9yy5pc+WShle/B+ID2NSxwmUzaT5/o98MMrsNSHkqj
t9ltbUmC13VGqGPANTbo9wz7XUZpvqgHKFB3CKTfaIh4yIAoZq8pqKfuHCT0omUo
y/RSr1R0kL8DYkPcncG2PEjTHe6HzcTHz/DoTxBgUdG8hCsCjHTFct5GHJb3AyxT
1UhrUKkeQwLWd+RA2tL0E/xlw74A5PKTmtdf3CBxNBfjNXvE0J8WC6nJOTDvlb2J
zZlMqzAWowdVdS1mf+u7Jeff+qjRjuDbrTndQUzdxQrTffMKdk3sa8mWUwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFA6+JPK3MTcML7Q/jVKgGAOMKTBUMB8GA1UdIwQY
MBaAFDBOWaIj9Ly4I0kvsQlsOoIxDAPaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTct
MzQ0Y2M1MDJmMWJkLzEvRHI0azhyY3hOd3d2dEQtTlVxQVlBNHdwTUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTctMzQ0Y2M1MDJmMWJk
LzEvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgaKATAN
BgkqhkiG9w0BAQsFAAOCAQEACceCafWVgMNKQYCdwPKaPISSlKuqVNwInHnUSqQm
wBRlABKmO/gTTXGMou4XiZCS/ANmFj0fQ28uzVHfZFVvMs8d1a5bdTf0dGfghrlX
x/gP4/hn28hwyPRnba4OLBDqdexNuiTowQG3VYu6mS9VJ4sAtQsS/DoNzju6pPfr
M3GyRGtrXPHywwICMdx1qeCKDG0b197sNgupp76ONX9KAyZ8184NPynxA+JOT9bT
QZ4/b6jE3CcjMvKma/glVN3GCHHDRUXTLNJJ+YZ2pFGA+wJguHlCrpaosmVdWkAU
+PkaoTItQJU3qpA4DX4WFPstOf2UrQcxGY44FoA4Fpr1AA==
-----END CERTIFICATE-----
Generated at Tue Mar 3 04:00:38 2026 by rpki-client