Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/0b70ee-c064-42e7-acff-c2fdec7619a1/1/f8IMUeFD4nC8SZ-FnXMVQXrQOmQ.roa
File: f8IMUeFD4nC8SZ-FnXMVQXrQOmQ.roa (raw, json)
Hash identifier: 4sDgm+XOigmig9qbzZKlgtnrz0wx8lArACN7Tm+Zbek=
Subject key identifier: 7F:C2:0C:51:E1:43:E2:70:BC:49:9F:85:9D:73:15:41:7A:D0:3A:64
Certificate issuer: /CN=25a8b3241f54cb8cc4a361242719eda3500b58f3
Certificate serial: 019D9A2703B4F193D6E7494624E6269ADB11
Authority key identifier: 25:A8:B3:24:1F:54:CB:8C:C4:A3:61:24:27:19:ED:A3:50:0B:58:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JaizJB9Uy4zEo2EkJxnto1ALWPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/0b70ee-c064-42e7-acff-c2fdec7619a1/1/f8IMUeFD4nC8SZ-FnXMVQXrQOmQ.roa
Signing time: Fri 17 Apr 2026 06:35:41 +0000
ROA not before: Fri 17 Apr 2026 06:35:41 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203374
IP address blocks: 2001:67c:2e4c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/0b70ee-c064-42e7-acff-c2fdec7619a1/1/JaizJB9Uy4zEo2EkJxnto1ALWPM.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/0b70ee-c064-42e7-acff-c2fdec7619a1/1/JaizJB9Uy4zEo2EkJxnto1ALWPM.mft
rsync://rpki.ripe.net/repository/DEFAULT/JaizJB9Uy4zEo2EkJxnto1ALWPM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 15:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:27:03:b4:f1:93:d6:e7:49:46:24:e6:26:9a:db:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25a8b3241f54cb8cc4a361242719eda3500b58f3
Validity
Not Before: Apr 17 06:35:41 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7fc20c51e143e270bc499f859d7315417ad03a64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6f:1a:bd:9f:93:e2:2d:28:e9:22:97:b3:75:
ab:5c:bf:a9:43:13:0c:b7:8f:0a:12:f3:c6:e8:d7:
e4:53:dd:df:ec:d3:b6:f5:74:f1:09:3a:14:37:11:
9c:c0:9a:7a:71:e6:d8:9f:5d:26:4a:c6:cb:78:99:
21:7f:8d:68:14:e7:1e:27:c5:56:78:5e:2c:8c:15:
d4:ce:33:34:53:02:3b:1a:3e:9a:70:d4:f1:d5:c7:
4b:07:22:0c:c4:76:7f:75:5a:0d:a6:32:0e:86:33:
81:37:2f:e1:09:60:76:6e:e7:c2:7d:7b:ba:4e:ff:
bb:a0:b5:c6:e9:08:75:5c:82:0d:2f:bd:5e:8f:12:
39:b8:07:26:a0:6e:dd:a1:fb:5b:9f:8b:2d:d2:30:
8c:e9:61:84:b7:43:f7:55:73:98:7a:4d:f2:27:f5:
73:3d:08:aa:39:c6:98:43:ac:d8:10:27:66:ef:bc:
63:26:9e:84:d7:3e:3f:aa:a9:99:fd:02:09:de:8b:
5c:2b:f8:24:ce:0d:d8:b5:b8:e7:f8:23:c1:e0:b9:
57:12:bb:c7:fa:8c:81:60:48:8b:2f:b2:41:99:49:
6e:00:07:33:35:c9:80:e7:ca:05:cc:ef:a1:6f:cb:
b9:2e:27:cc:11:3e:78:d4:c8:79:79:ec:0b:94:04:
97:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:C2:0C:51:E1:43:E2:70:BC:49:9F:85:9D:73:15:41:7A:D0:3A:64
X509v3 Authority Key Identifier:
keyid:25:A8:B3:24:1F:54:CB:8C:C4:A3:61:24:27:19:ED:A3:50:0B:58:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaizJB9Uy4zEo2EkJxnto1ALWPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/0b70ee-c064-42e7-acff-c2fdec7619a1/1/f8IMUeFD4nC8SZ-FnXMVQXrQOmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/0b70ee-c064-42e7-acff-c2fdec7619a1/1/JaizJB9Uy4zEo2EkJxnto1ALWPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2e4c::/48
Signature Algorithm: sha256WithRSAEncryption
6d:7b:e9:ae:b2:84:8d:1c:57:43:52:a2:e8:b8:e7:e9:28:4e:
a5:b9:d5:76:59:a8:ea:0b:bc:ad:60:0b:99:d8:45:29:fd:2d:
54:22:49:c3:90:62:21:40:87:63:d5:36:74:bc:b8:fc:6a:1a:
51:e2:9d:1e:61:e5:01:be:b3:69:80:d3:9f:a6:04:b9:f5:69:
ec:a8:1d:58:ce:1b:2a:c3:16:7d:96:dd:6e:d1:a0:9c:5e:c6:
7a:48:9e:5c:54:14:57:14:b8:eb:b2:4d:43:08:3a:04:e8:b2:
8e:e6:94:88:eb:66:d5:47:25:e4:db:cc:54:31:4a:f1:36:d7:
59:b4:06:51:dd:85:5b:cf:03:4f:15:4b:68:b6:b8:65:5b:d4:
7d:04:14:03:15:4d:a7:f8:cc:9f:43:2a:d5:e3:25:dc:a9:0f:
2d:86:9e:68:bf:9a:d3:0d:c8:49:cf:97:24:b4:b6:4f:b5:2b:
33:b2:6c:7d:ce:71:c3:06:b6:84:a8:5a:3f:2f:d2:cd:35:9a:
07:b5:a5:b7:2a:10:40:1b:c6:09:71:26:e2:f3:95:54:72:41:
41:24:af:9d:89:bb:06:a7:c2:ec:ef:60:a9:42:44:74:51:da:
fe:d3:9b:35:f7:11:75:c4:46:b1:4c:df:ad:ba:2a:c0:a9:1c:
b5:ce:af:d1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ2aJwO08ZPW50lGJOYmmtsRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YThiMzI0MWY1NGNiOGNjNGEzNjEyNDI3MTllZGEzNTAw
YjU4ZjMwHhcNMjYwNDE3MDYzNTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmMyMGM1MWUxNDNlMjcwYmM0OTlmODU5ZDczMTU0MTdhZDAzYTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG8avZ+T4i0o6SKXs3WrXL+pQxMM
t48KEvPG6NfkU93f7NO29XTxCToUNxGcwJp6cebYn10mSsbLeJkhf41oFOceJ8VW
eF4sjBXUzjM0UwI7Gj6acNTx1cdLByIMxHZ/dVoNpjIOhjOBNy/hCWB2bufCfXu6
Tv+7oLXG6Qh1XIINL71ejxI5uAcmoG7doftbn4st0jCM6WGEt0P3VXOYek3yJ/Vz
PQiqOcaYQ6zYECdm77xjJp6E1z4/qqmZ/QIJ3otcK/gkzg3Ytbjn+CPB4LlXErvH
+oyBYEiLL7JBmUluAAczNcmA58oFzO+hb8u5LifMET541Mh5eewLlASXxQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFH/CDFHhQ+JwvEmfhZ1zFUF60DpkMB8GA1UdIwQY
MBaAFCWosyQfVMuMxKNhJCcZ7aNQC1jzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFpekpCOVV5NHpFbzJFa0p4bnRvMUFMV1BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8wYjcwZWUtYzA2NC00MmU3LWFjZmYt
YzJmZGVjNzYxOWExLzEvZjhJTVVlRkQ0bkM4U1otRm5YTVZRWHJRT21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8wYjcwZWUtYzA2NC00MmU3LWFjZmYtYzJmZGVjNzYxOWEx
LzEvSmFpekpCOVV5NHpFbzJFa0p4bnRvMUFMV1BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfC5M
MA0GCSqGSIb3DQEBCwUAA4IBAQBte+musoSNHFdDUqLouOfpKE6ludV2WajqC7yt
YAuZ2EUp/S1UIknDkGIhQIdj1TZ0vLj8ahpR4p0eYeUBvrNpgNOfpgS59WnsqB1Y
zhsqwxZ9lt1u0aCcXsZ6SJ5cVBRXFLjrsk1DCDoE6LKO5pSI62bVRyXk28xUMUrx
NtdZtAZR3YVbzwNPFUtotrhlW9R9BBQDFU2n+MyfQyrV4yXcqQ8thp5ov5rTDchJ
z5cktLZPtSszsmx9znHDBraEqFo/L9LNNZoHtaW3KhBAG8YJcSbi85VUckFBJK+d
ibsGp8Ls72CpQkR0Udr+05s19xF1xEaxTN+tuirAqRy1zq/R
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:23:32 2026 by rpki-client