Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/IezxA1RLph9hkupkJ-Qp8qkiHuU.roa
File: IezxA1RLph9hkupkJ-Qp8qkiHuU.roa (raw, json)
Hash identifier: Ovxu2xNkY4OeZxmEVFSycL617wn/IdouUvJFyOC4SH8=
Subject key identifier: 21:EC:F1:03:54:4B:A6:1F:61:92:EA:64:27:E4:29:F2:A9:22:1E:E5
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 019D3941720B5E365780126BD0BD884CE506
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/IezxA1RLph9hkupkJ-Qp8qkiHuU.roa
Signing time: Sun 29 Mar 2026 11:01:23 +0000
ROA not before: Sun 29 Mar 2026 11:01:23 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 2001:3180::/29 maxlen: 32
2001:3380::/29 maxlen: 32
2a13:b640::/29 maxlen: 32
2a13:bfc0::/29 maxlen: 32
2a13:c040::/29 maxlen: 32
2a13:d2c0::/29 maxlen: 32
2a14:6ac0::/29 maxlen: 32
2a14:6b40::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:72:0b:5e:36:57:80:12:6b:d0:bd:88:4c:e5:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Mar 29 11:01:23 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=21ecf103544ba61f6192ea6427e429f2a9221ee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f0:2b:7a:e1:e6:cb:26:bd:3c:58:d3:8e:10:
2b:ae:84:33:d6:4d:3b:12:84:60:a9:30:91:b6:79:
d1:7f:71:89:00:09:ef:6e:7a:1f:fd:c3:c2:06:ab:
eb:29:ed:3c:49:d2:c6:03:01:3a:73:d0:b0:6c:89:
e8:7c:fc:76:df:7b:f5:8f:18:7a:36:79:a8:26:e2:
0f:21:9c:31:3e:77:f4:f5:df:67:73:8c:38:59:55:
85:2b:50:f2:93:59:83:de:f5:1f:f6:22:6a:13:71:
f5:0e:8a:cd:fa:02:3d:9e:39:1c:e2:04:1e:9a:db:
14:08:5d:3b:32:cc:91:74:a6:d3:63:3d:58:fa:7b:
cf:bf:5f:3d:4e:19:c6:a8:71:dd:28:fd:31:2c:eb:
66:1c:4d:cd:5d:ff:cb:71:c2:03:b6:c4:9f:6e:64:
28:a6:07:8a:45:a4:60:a5:24:aa:58:18:2f:bc:f1:
13:c8:81:fc:a6:02:60:56:55:8b:e6:c2:eb:85:f7:
a1:f1:78:f2:95:56:e8:cc:95:88:e1:5f:49:1e:9d:
35:bf:c1:c7:28:69:99:f3:10:d7:7a:8e:5f:2b:59:
c0:8d:f9:82:a0:c3:19:bc:68:98:df:00:9e:d2:29:
9c:ac:45:92:7e:85:bb:41:9a:bd:15:28:06:fd:19:
4a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:EC:F1:03:54:4B:A6:1F:61:92:EA:64:27:E4:29:F2:A9:22:1E:E5
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/IezxA1RLph9hkupkJ-Qp8qkiHuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3180::/29
2001:3380::/29
2a13:b640::/29
2a13:bfc0::/29
2a13:c040::/29
2a13:d2c0::/29
2a14:6ac0::/29
2a14:6b40::/29
Signature Algorithm: sha256WithRSAEncryption
3f:ca:0e:a9:69:78:51:f4:00:bc:9b:09:93:e5:fb:31:f0:00:
68:cc:45:21:51:e8:fe:ea:a6:a5:83:42:4a:89:17:b5:0a:a3:
dd:83:be:89:d1:f0:d9:a2:da:07:5a:fc:f1:a1:2b:68:2c:df:
2e:50:04:c2:00:8c:f1:6e:ed:59:29:76:e1:86:71:9b:9c:9b:
41:22:eb:c3:fa:a3:f3:74:30:0c:e5:59:72:95:fc:1f:b0:3a:
7b:89:22:dc:29:5a:f3:d9:03:23:57:e9:c4:72:1b:97:c2:1b:
7c:f5:a9:0b:9f:6c:da:5e:c4:15:0f:44:f1:e8:6f:b3:e3:93:
3a:87:c1:70:00:ee:09:7b:94:ea:3f:d9:1c:58:fc:93:e7:7c:
03:a1:ec:7b:a3:53:bf:ae:a7:d4:45:fd:34:d7:a4:58:1f:de:
be:23:a9:e5:03:74:c8:a7:41:1a:a1:16:33:51:bb:45:36:ca:
44:91:d8:5f:59:78:c6:5d:a7:93:06:b8:26:c0:4b:2b:0a:07:
63:2c:ce:da:2f:20:c2:86:b0:b8:84:8e:bf:82:b9:f5:f9:8b:
09:ac:01:1a:87:ca:a2:6d:6a:2e:5f:dd:16:76:7f:80:a9:7c:
18:08:72:67:21:42:24:26:68:88:48:f4:7c:d2:b3:c3:4c:4b:
f0:97:18:d4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ05QXILXjZXgBJr0L2ITOUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjYwMzI5MTEwMTIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWVjZjEwMzU0NGJhNjFmNjE5MmVhNjQyN2U0MjlmMmE5MjIxZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fAreuHmyya9PFjTjhArroQz1k07
EoRgqTCRtnnRf3GJAAnvbnof/cPCBqvrKe08SdLGAwE6c9CwbInofPx233v1jxh6
NnmoJuIPIZwxPnf09d9nc4w4WVWFK1Dyk1mD3vUf9iJqE3H1DorN+gI9njkc4gQe
mtsUCF07MsyRdKbTYz1Y+nvPv189ThnGqHHdKP0xLOtmHE3NXf/LccIDtsSfbmQo
pgeKRaRgpSSqWBgvvPETyIH8pgJgVlWL5sLrhfeh8XjylVbozJWI4V9JHp01v8HH
KGmZ8xDXeo5fK1nAjfmCoMMZvGiY3wCe0imcrEWSfoW7QZq9FSgG/RlKRwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCHs8QNUS6YfYZLqZCfkKfKpIh7lMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvSWV6eEExUkxwaDloa3Vwa0otUXA4cWtpSHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDIAExgAMF
AyABM4ADBQMqE7ZAAwUDKhO/wAMFAyoTwEADBQMqE9LAAwUDKhRqwAMFAyoUa0Aw
DQYJKoZIhvcNAQELBQADggEBAD/KDqlpeFH0ALybCZPl+zHwAGjMRSFR6P7qpqWD
QkqJF7UKo92DvonR8Nmi2gda/PGhK2gs3y5QBMIAjPFu7VkpduGGcZucm0Ei68P6
o/N0MAzlWXKV/B+wOnuJItwpWvPZAyNX6cRyG5fCG3z1qQufbNpexBUPRPHob7Pj
kzqHwXAA7gl7lOo/2RxY/JPnfAOh7HujU7+up9RF/TTXpFgf3r4jqeUDdMinQRqh
FjNRu0U2ykSR2F9ZeMZdp5MGuCbASysKB2MsztovIMKGsLiEjr+CufX5iwmsARqH
yqJtai5f3RZ2f4CpfBgIcmchQiQmaIhI9HzSs8NMS/CXGNQ=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:38:12 2026 by rpki-client