Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/_Tm2JxUvXUUwS72Udu0m-0BuZ-0.roa
File: _Tm2JxUvXUUwS72Udu0m-0BuZ-0.roa (raw, json)
Hash identifier: 1aBi4zXI+QFcwyGnxOISG2CE4CmnOOCxmThNKagGEBI=
Subject key identifier: FD:39:B6:27:15:2F:5D:45:30:4B:BD:94:76:ED:26:FB:40:6E:67:ED
Certificate issuer: /CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Certificate serial: 019B7AC93AC010D154E7E7DF6CD60E065A5E
Authority key identifier: BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/_Tm2JxUvXUUwS72Udu0m-0BuZ-0.roa
Signing time: Thu 01 Jan 2026 18:19:26 +0000
ROA not before: Thu 01 Jan 2026 18:19:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208970
IP address blocks: 2a09:e440:100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:c9:3a:c0:10:d1:54:e7:e7:df:6c:d6:0e:06:5a:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba60a4d874d9601c8142c352f80c56a43276cd47
Validity
Not Before: Jan 1 18:19:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fd39b627152f5d45304bbd9476ed26fb406e67ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:ac:1f:8c:f1:b4:9d:d5:60:76:f9:6b:20:51:
c4:e5:5b:2b:e8:45:b7:86:e7:8e:7b:44:3e:bf:3d:
af:17:76:92:7f:58:e8:c3:e8:88:fb:b6:2c:b6:6c:
c2:b7:b3:3a:cc:67:95:5f:09:25:86:b8:1b:aa:25:
6d:c3:2d:18:b7:74:e5:bc:f8:8c:7d:6a:4e:ef:27:
2b:a0:b7:44:cc:0b:58:fa:36:a5:40:d8:f0:35:06:
5f:45:dd:6f:21:6b:59:9e:6c:64:42:54:27:14:6e:
82:51:0c:27:4f:f1:ed:5b:18:7f:a8:8e:07:4f:69:
3c:90:2c:78:b9:cd:63:2f:a0:06:ce:10:6d:67:6b:
48:54:87:de:ac:8d:07:78:ab:ca:cc:98:fb:71:48:
5e:b4:43:ed:66:70:40:51:b3:14:8a:24:15:28:e8:
27:9d:cc:bf:72:63:c7:41:ab:79:f1:69:3b:ec:3a:
85:d5:7e:e6:ce:97:de:01:82:f5:68:53:cb:dc:0f:
f1:ea:09:ae:ea:79:60:94:c2:8b:47:a2:0c:31:8c:
67:96:cf:de:3c:53:eb:5e:7a:7d:94:fa:6d:99:3e:
63:4c:6e:27:88:d0:1b:bf:5e:27:ec:c7:73:c1:ba:
74:0e:24:65:c5:1c:5c:9d:92:5a:b2:0e:ab:a3:94:
48:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:39:B6:27:15:2F:5D:45:30:4B:BD:94:76:ED:26:FB:40:6E:67:ED
X509v3 Authority Key Identifier:
keyid:BA:60:A4:D8:74:D9:60:1C:81:42:C3:52:F8:0C:56:A4:32:76:CD:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/umCk2HTZYByBQsNS-AxWpDJ2zUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/_Tm2JxUvXUUwS72Udu0m-0BuZ-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/28cb5c-298f-4d8b-815b-e5a3778be3ad/1/umCk2HTZYByBQsNS-AxWpDJ2zUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e440:100::/40
Signature Algorithm: sha256WithRSAEncryption
a1:52:2a:63:94:3b:a2:0e:92:83:2a:cd:e2:eb:50:e7:ba:f1:
e0:af:76:5b:c2:c3:1e:75:b4:ab:ce:2f:11:0d:8e:f4:83:dc:
46:e5:61:ac:44:1c:7f:8d:5c:31:f5:61:84:37:0e:48:8d:1d:
2c:12:5a:dc:12:af:5a:11:4e:80:8a:0d:f1:3f:47:09:03:64:
de:69:7a:4e:ef:8d:49:5e:0c:50:a0:3d:8e:da:ad:06:ce:57:
bb:07:5e:49:f0:b7:a0:14:f7:e8:88:cb:4d:f3:1d:8b:ff:f9:
93:bc:d9:e9:67:92:1c:c0:05:7e:40:74:4a:b7:cd:87:d6:49:
b8:7f:2b:54:37:8b:b1:d4:ef:9a:47:88:28:2b:66:2e:c9:74:
a7:da:b8:9e:29:bd:c8:3a:a2:67:a4:ca:79:4d:1d:87:f1:c4:
1b:c5:03:c0:18:3d:30:2c:41:ca:62:36:c7:dd:e5:73:f7:32:
82:a6:7e:49:0b:ab:1f:11:cb:f8:97:69:76:47:0f:5c:9e:a7:
e3:bd:0a:da:74:5e:94:94:33:3e:35:7f:b9:26:51:a4:f7:5c:
c4:1e:99:40:56:e6:36:5e:96:55:d3:0f:5c:c8:de:2b:ef:a8:
a4:ee:c9:12:03:eb:d1:09:62:11:d0:d0:2b:73:46:70:6e:79:
ad:91:ca:57
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZt6yTrAENFU5+ffbNYOBlpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNjBhNGQ4NzRkOTYwMWM4MTQyYzM1MmY4MGM1NmE0MzI3
NmNkNDcwHhcNMjYwMTAxMTgxOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDM5YjYyNzE1MmY1ZDQ1MzA0YmJkOTQ3NmVkMjZmYjQwNmU2N2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7awfjPG0ndVgdvlrIFHE5Vsr6EW3
hueOe0Q+vz2vF3aSf1jow+iI+7YstmzCt7M6zGeVXwklhrgbqiVtwy0Yt3TlvPiM
fWpO7ycroLdEzAtY+jalQNjwNQZfRd1vIWtZnmxkQlQnFG6CUQwnT/HtWxh/qI4H
T2k8kCx4uc1jL6AGzhBtZ2tIVIferI0HeKvKzJj7cUhetEPtZnBAUbMUiiQVKOgn
ncy/cmPHQat58Wk77DqF1X7mzpfeAYL1aFPL3A/x6gmu6nlglMKLR6IMMYxnls/e
PFPrXnp9lPptmT5jTG4niNAbv14n7Mdzwbp0DiRlxRxcnZJasg6ro5RINwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFP05ticVL11FMEu9lHbtJvtAbmftMB8GA1UdIwQY
MBaAFLpgpNh02WAcgULDUvgMVqQyds1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWIt
ZTVhMzc3OGJlM2FkLzEvX1RtMkp4VXZYVVV3UzcyVWR1MG0tMEJ1Wi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yOGNiNWMtMjk4Zi00ZDhiLTgxNWItZTVhMzc3OGJlM2Fk
LzEvdW1DazJIVFpZQnlCUXNOUy1BeFdwREoyelVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgnkQAEw
DQYJKoZIhvcNAQELBQADggEBAKFSKmOUO6IOkoMqzeLrUOe68eCvdlvCwx51tKvO
LxENjvSD3EblYaxEHH+NXDH1YYQ3DkiNHSwSWtwSr1oRToCKDfE/RwkDZN5pek7v
jUleDFCgPY7arQbOV7sHXknwt6AU9+iIy03zHYv/+ZO82elnkhzABX5AdEq3zYfW
Sbh/K1Q3i7HU75pHiCgrZi7JdKfauJ4pvcg6omekynlNHYfxxBvFA8AYPTAsQcpi
Nsfd5XP3MoKmfkkLqx8Ry/iXaXZHD1yep+O9Ctp0XpSUMz41f7kmUaT3XMQemUBW
5jZellXTD1zI3ivvqKTuyRID69EJYhHQ0CtzRnBuea2Rylc=
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:03:42 2026 by rpki-client