Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Cq_L0DikyHT76i7-pIlExhlGrkg.roa
File: Cq_L0DikyHT76i7-pIlExhlGrkg.roa (raw, json)
Hash identifier: xfj0WegQYMETd84zonaainmVKD1HMNrTEFMx1TgoHF4=
Subject key identifier: 0A:AF:CB:D0:38:A4:C8:74:FB:EA:2E:FE:A4:89:44:C6:19:46:AE:48
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 019E51485C142112FCF1ABEC1CE35F6C18E7
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Cq_L0DikyHT76i7-pIlExhlGrkg.roa
Signing time: Fri 22 May 2026 20:02:37 +0000
ROA not before: Fri 22 May 2026 20:02:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215120
IP address blocks: 2a12:bec4:19a0::/48 maxlen: 48
2a12:bec4:19a1::/48 maxlen: 48
2a12:bec4:19a2::/48 maxlen: 48
2a12:bec4:19a3::/48 maxlen: 48
2a12:bec4:19a5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:51:48:5c:14:21:12:fc:f1:ab:ec:1c:e3:5f:6c:18:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: May 22 20:02:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0aafcbd038a4c874fbea2efea48944c61946ae48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:cd:ce:fe:35:00:9c:8f:cd:48:8f:a2:04:7a:
a9:13:1f:8c:38:0c:6b:89:75:8f:58:ba:45:dc:cd:
3e:51:6e:5f:04:10:7f:20:d9:a5:f6:2b:6b:10:4e:
0a:a0:3d:6b:9c:64:4e:83:3e:e5:37:bc:40:f5:10:
cd:98:31:6b:7c:a7:fa:a0:05:16:d4:06:8c:9c:c5:
28:ea:ae:c3:5f:92:e0:cc:4b:9a:d9:df:fd:db:0b:
54:a0:40:fb:c0:55:b6:ff:0e:7b:fd:9b:b5:2a:51:
a3:16:d0:a0:f5:b5:5e:c8:34:91:ef:66:61:39:4f:
1a:3e:26:12:6b:85:a2:87:e6:77:37:bc:9a:09:9c:
04:c0:70:c3:c1:53:0f:90:ea:f1:ce:f5:e5:97:db:
96:0c:ae:17:ca:f9:2e:20:83:c5:75:9f:aa:ff:07:
fc:58:b8:1c:cc:bf:57:c5:e0:6c:11:8b:4b:4a:4b:
7e:38:aa:fc:aa:17:37:97:00:14:93:9e:74:9c:17:
08:e5:3c:6b:0d:74:bd:a5:5e:a2:a6:90:83:f1:b8:
e4:88:e8:2e:2c:9c:2c:07:1d:5a:44:cb:68:b3:67:
c4:b8:cd:cb:01:30:d9:53:b1:1a:54:f2:28:4d:d5:
3b:ad:6f:a3:fe:44:5e:f4:75:24:0b:f6:e2:c7:a6:
d9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AF:CB:D0:38:A4:C8:74:FB:EA:2E:FE:A4:89:44:C6:19:46:AE:48
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/Cq_L0DikyHT76i7-pIlExhlGrkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:bec4:19a0::/46
2a12:bec4:19a5::/48
Signature Algorithm: sha256WithRSAEncryption
96:50:cc:9f:33:d9:0d:59:ff:87:2d:9a:c5:85:52:f7:62:02:
5b:b8:d0:36:14:9b:5a:a7:8e:36:74:5a:f3:d9:c8:8e:89:32:
55:98:5b:4f:40:6c:2c:2e:df:8d:a3:28:a8:7f:e0:2e:5b:b2:
27:57:58:d6:40:7c:5c:cf:34:47:2f:3f:03:61:6c:5e:94:e8:
03:db:1d:dc:f0:84:c9:45:8a:fb:22:95:a3:41:f7:ee:57:9d:
2d:fc:62:bc:fd:07:98:3c:f4:8f:3d:92:27:4f:35:da:ea:02:
c1:62:e4:43:27:e9:13:e1:ce:48:a1:fd:66:df:79:30:3a:9e:
4a:6b:e4:e6:ae:46:99:18:35:10:e0:26:92:49:23:87:63:80:
c9:e2:31:59:83:35:57:71:f1:7a:78:bf:2a:02:38:38:33:ce:
a7:76:77:c2:23:d3:3d:4e:b6:1e:d7:c8:4f:1d:26:14:30:4e:
ec:9e:f0:e6:51:aa:f2:2f:01:13:53:57:c1:23:a3:d1:95:35:
2b:71:54:c3:d1:15:9e:3c:b1:18:05:06:78:a9:22:d0:e9:b3:
aa:06:a9:30:4d:15:3c:3d:2a:84:19:b5:80:a8:19:79:86:f6:
02:38:ee:44:80:d7:9d:62:1c:87:85:01:34:c5:d5:b2:0b:83:
3b:2a:e3:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ5RSFwUIRL88avsHONfbBjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjYwNTIyMjAwMjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWFmY2JkMDM4YTRjODc0ZmJlYTJlZmVhNDg5NDRjNjE5NDZhZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA683O/jUAnI/NSI+iBHqpEx+MOAxr
iXWPWLpF3M0+UW5fBBB/INml9itrEE4KoD1rnGROgz7lN7xA9RDNmDFrfKf6oAUW
1AaMnMUo6q7DX5LgzEua2d/92wtUoED7wFW2/w57/Zu1KlGjFtCg9bVeyDSR72Zh
OU8aPiYSa4Wih+Z3N7yaCZwEwHDDwVMPkOrxzvXll9uWDK4XyvkuIIPFdZ+q/wf8
WLgczL9XxeBsEYtLSkt+OKr8qhc3lwAUk550nBcI5TxrDXS9pV6ippCD8bjkiOgu
LJwsBx1aRMtos2fEuM3LATDZU7EaVPIoTdU7rW+j/kRe9HUkC/bix6bZnwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAqvy9A4pMh0++ou/qSJRMYZRq5IMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvQ3FfTDBEaWt5SFQ3Nmk3LXBJbEV4aGxHcmtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcCKhK+xBmg
AwcAKhK+xBmlMA0GCSqGSIb3DQEBCwUAA4IBAQCWUMyfM9kNWf+HLZrFhVL3YgJb
uNA2FJtap442dFrz2ciOiTJVmFtPQGwsLt+Noyiof+AuW7InV1jWQHxczzRHLz8D
YWxelOgD2x3c8ITJRYr7IpWjQffuV50t/GK8/QeYPPSPPZInTzXa6gLBYuRDJ+kT
4c5Iof1m33kwOp5Ka+TmrkaZGDUQ4CaSSSOHY4DJ4jFZgzVXcfF6eL8qAjg4M86n
dnfCI9M9TrYe18hPHSYUME7snvDmUaryLwETU1fBI6PRlTUrcVTD0RWePLEYBQZ4
qSLQ6bOqBqkwTRU8PSqEGbWAqBl5hvYCOO5EgNedYhyHhQE0xdWyC4M7KuOy
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:55:20 2026 by rpki-client