Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/3WX-j8yaj6S7bT3Wd-eKDTs2bck.roa
File: 3WX-j8yaj6S7bT3Wd-eKDTs2bck.roa (raw, json)
Hash identifier: ROUy1/canafAxMaZALWpdI2/vdOpAfp8YS+6dty2rmw=
Subject key identifier: DD:65:FE:8F:CC:9A:8F:A4:BB:6D:3D:D6:77:E7:8A:0D:3B:36:6D:C9
Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Certificate serial: 019E450E2E0A73342A42FF8F22AF0D6ED775
Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/3WX-j8yaj6S7bT3Wd-eKDTs2bck.roa
Signing time: Wed 20 May 2026 11:03:37 +0000
ROA not before: Wed 20 May 2026 11:03:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197462
IP address blocks: 2a01:ecc0:c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.mft
rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:45:0e:2e:0a:73:34:2a:42:ff:8f:22:af:0d:6e:d7:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Validity
Not Before: May 20 11:03:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dd65fe8fcc9a8fa4bb6d3dd677e78a0d3b366dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:89:aa:fd:c9:e8:b7:d3:03:2f:b2:d0:5f:6e:
03:be:5e:3b:4b:9c:46:78:bc:d4:30:c2:59:68:ae:
9c:07:f9:e1:72:59:01:e2:21:58:b0:9c:b1:35:04:
2f:1b:d2:f2:7e:64:34:eb:a5:a6:d1:4e:33:91:99:
90:72:e7:3d:2f:1e:92:13:72:bc:26:19:8e:2e:c0:
bc:fe:f7:f1:a0:00:d6:7c:02:99:71:06:6f:ed:5f:
47:42:51:44:a6:93:a6:3c:19:b9:48:61:5c:66:b5:
e3:8f:f5:f6:b4:8f:11:4a:57:ba:2b:be:7a:ba:3d:
33:c4:58:59:ae:c5:b9:4f:dc:7c:1b:26:79:e8:84:
ed:da:d7:5e:31:6a:d8:5d:97:5c:72:0e:12:9b:f2:
2e:b6:d2:38:cd:27:bb:64:34:f1:8a:bb:b8:ad:bc:
95:f0:1e:38:e4:08:20:80:12:2c:5e:97:00:68:14:
d9:24:c3:97:50:b4:54:5a:6e:e8:0a:ed:68:70:9d:
52:01:41:86:dc:a9:5f:f8:66:96:63:b0:a6:65:5c:
8b:91:ae:83:f1:22:b0:4f:ee:24:7d:c3:d8:a0:e1:
08:36:e8:df:2a:b2:54:3a:36:36:c3:e2:55:c9:6b:
54:11:d0:62:e8:16:83:8d:8a:d2:ad:91:ec:9b:cb:
47:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:65:FE:8F:CC:9A:8F:A4:BB:6D:3D:D6:77:E7:8A:0D:3B:36:6D:C9
X509v3 Authority Key Identifier:
keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/3WX-j8yaj6S7bT3Wd-eKDTs2bck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ecc0:c::/48
Signature Algorithm: sha256WithRSAEncryption
95:50:23:3c:48:96:21:d0:6b:a1:d6:05:bc:90:a5:1a:9f:a6:
09:4a:9e:e5:18:36:68:f2:8b:74:a0:49:ce:68:7b:f7:c0:14:
43:d8:9f:72:93:b0:05:b9:d1:69:7d:0e:4e:80:91:17:69:0e:
b3:60:02:59:23:bb:66:68:9f:93:e8:92:5e:69:69:b1:53:29:
b2:e5:de:8f:30:4a:a9:82:22:dc:71:2e:fd:99:51:3d:01:a0:
c3:f5:eb:15:cb:5d:aa:03:8b:a0:06:ac:3e:55:b0:a1:ca:7b:
a6:f6:1f:2d:2c:6f:17:ca:8a:f0:6f:62:3c:fa:dc:0a:79:6a:
c7:99:be:20:dd:45:4b:de:80:fa:cb:1b:0d:9c:66:c4:5e:31:
16:9f:cd:29:ef:83:67:74:0d:55:75:35:c9:06:78:6b:96:fe:
0a:b4:72:04:46:07:8c:ae:28:28:bd:9e:c8:92:44:e4:5c:ee:
f7:36:1c:03:70:38:75:eb:20:0c:fc:40:16:9a:62:00:02:2b:
bc:87:42:85:2b:71:af:c6:03:ff:49:5d:9a:cf:06:ab:ae:b2:
d4:27:4a:f4:87:42:c7:c4:26:9f:9b:0c:9c:45:ed:2c:55:56:
2c:1c:a8:a4:fd:0e:36:79:af:66:9c:39:7b:4c:5c:f9:6f:9b:
91:8d:e8:ea
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ5FDi4KczQqQv+PIq8Nbtd1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0
ZWU1YmUwHhcNMjYwNTIwMTEwMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDY1ZmU4ZmNjOWE4ZmE0YmI2ZDNkZDY3N2U3OGEwZDNiMzY2ZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1omq/cnot9MDL7LQX24Dvl47S5xG
eLzUMMJZaK6cB/nhclkB4iFYsJyxNQQvG9LyfmQ066Wm0U4zkZmQcuc9Lx6SE3K8
JhmOLsC8/vfxoADWfAKZcQZv7V9HQlFEppOmPBm5SGFcZrXjj/X2tI8RSle6K756
uj0zxFhZrsW5T9x8GyZ56ITt2tdeMWrYXZdccg4Sm/IuttI4zSe7ZDTxiru4rbyV
8B445AgggBIsXpcAaBTZJMOXULRUWm7oCu1ocJ1SAUGG3Klf+GaWY7CmZVyLka6D
8SKwT+4kfcPYoOEINujfKrJUOjY2w+JVyWtUEdBi6BaDjYrSrZHsm8tHSQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFN1l/o/Mmo+ku2091nfnig07Nm3JMB8GA1UdIwQY
MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt
NjM0NTE1NDg5NzlkLzEvM1dYLWo4eWFqNlM3YlQzV2QtZUtEVHMyYmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk
LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgHswAAM
MA0GCSqGSIb3DQEBCwUAA4IBAQCVUCM8SJYh0Guh1gW8kKUan6YJSp7lGDZo8ot0
oEnOaHv3wBRD2J9yk7AFudFpfQ5OgJEXaQ6zYAJZI7tmaJ+T6JJeaWmxUymy5d6P
MEqpgiLccS79mVE9AaDD9esVy12qA4ugBqw+VbChynum9h8tLG8Xyorwb2I8+twK
eWrHmb4g3UVL3oD6yxsNnGbEXjEWn80p74NndA1VdTXJBnhrlv4KtHIERgeMrigo
vZ7IkkTkXO73NhwDcDh16yAM/EAWmmIAAiu8h0KFK3GvxgP/SV2azwarrrLUJ0r0
h0LHxCafmwycRe0sVVYsHKik/Q42ea9mnDl7TFz5b5uRjejq
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:27:47 2026 by rpki-client