Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/itk2c6TdBEhRoJlEiLd6vLQw0pg.roa
File: itk2c6TdBEhRoJlEiLd6vLQw0pg.roa (raw, json)
Hash identifier: sGlIp5fTXIraDXDc17LfgnOcECivVnfjx1Ua2PfiR1Y=
Subject key identifier: 8A:D9:36:73:A4:DD:04:48:51:A0:99:44:88:B7:7A:BC:B4:30:D2:98
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 019D920DF0F17312FF3A5CCE1F00FE1555E3
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/itk2c6TdBEhRoJlEiLd6vLQw0pg.roa
Signing time: Wed 15 Apr 2026 16:51:20 +0000
ROA not before: Wed 15 Apr 2026 16:51:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210464
IP address blocks: 2a0a:79c7:f100::/40 maxlen: 40
2a0a:79c7:f200::/40 maxlen: 40
2a0a:79c7:f300::/40 maxlen: 40
2a0a:79c7:f400::/40 maxlen: 128
2a0a:79c7:f500::/40 maxlen: 40
2a0a:79c7:f600::/40 maxlen: 40
2a0a:79c7:f700::/40 maxlen: 128
2a0a:79c7:f800::/40 maxlen: 40
2a0a:79c7:fa00::/40 maxlen: 40
2a0a:79c7:fb00::/40 maxlen: 128
2a0a:79c7:fc00::/40 maxlen: 40
2a0a:79c7:ff00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 01:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:92:0d:f0:f1:73:12:ff:3a:5c:ce:1f:00:fe:15:55:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Apr 15 16:51:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8ad93673a4dd044851a0994488b77abcb430d298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:54:fe:ae:04:38:09:8a:6d:87:c1:ef:21:2e:
c4:9b:4a:92:0b:83:59:fa:88:3d:14:e4:dd:f7:22:
a8:d9:6c:69:9d:4b:3b:58:04:23:d9:48:b9:8c:33:
1d:81:ed:da:88:b1:c8:97:b6:02:24:16:4e:bf:ed:
2b:04:26:6f:8c:04:7d:2e:dd:68:5c:4c:5c:93:fb:
3b:72:50:5b:39:60:7e:33:81:e2:22:1c:b8:e2:37:
34:12:5d:1c:c5:77:5c:33:03:8d:91:75:c2:f8:6c:
14:47:8b:fc:21:1a:52:44:b6:38:7e:1d:1f:c0:e1:
b9:fa:58:1f:19:23:c7:eb:0d:21:75:0c:6e:7b:a0:
0c:df:54:47:c9:a6:58:bb:59:fd:68:8c:b5:bc:7f:
83:5d:cc:e0:c7:90:ea:9b:59:11:5e:9f:86:16:84:
b6:29:3e:a0:77:1f:2d:b2:7b:b5:d0:fa:ed:f6:96:
31:40:67:9c:7f:a6:b3:92:64:8c:de:f5:f0:14:22:
48:c0:d1:52:e9:88:0d:9b:51:f8:a3:7e:71:ba:a1:
58:c1:7e:ce:00:49:cc:5f:88:37:01:ee:fc:89:97:
09:3c:8a:4b:55:24:5a:04:fe:4e:59:5e:87:1b:b9:
58:e5:e2:5e:4b:f5:25:a7:24:5c:8b:c4:15:6e:f8:
96:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D9:36:73:A4:DD:04:48:51:A0:99:44:88:B7:7A:BC:B4:30:D2:98
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/itk2c6TdBEhRoJlEiLd6vLQw0pg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:79c7:f100::-2a0a:79c7:f8ff:ffff:ffff:ffff:ffff:ffff
2a0a:79c7:fa00::-2a0a:79c7:fcff:ffff:ffff:ffff:ffff:ffff
2a0a:79c7:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
10:73:8d:10:e3:24:74:9c:1a:a1:37:5a:7e:75:d1:c4:9d:ea:
93:7a:6c:61:70:b3:81:8c:fc:56:52:e4:40:de:14:b2:37:2e:
9a:d7:52:a3:06:17:f3:c9:25:f7:da:4d:ef:19:64:6a:25:cb:
a2:0b:a1:28:15:0b:ed:f2:41:19:05:07:bd:cb:6a:55:a7:83:
82:d4:d5:dc:42:9f:8d:b6:90:0b:28:0d:0d:12:c6:01:0b:b6:
95:e3:9d:6f:ab:c0:19:69:f5:18:19:b1:02:26:ad:62:bb:e9:
10:7b:63:30:89:2d:e5:a4:71:d1:0d:7d:a3:3a:bc:dd:e1:14:
22:db:d9:61:0c:d7:32:cd:14:64:d6:aa:f1:df:44:33:b4:95:
d8:f9:07:c0:54:61:42:31:59:ce:a8:3a:b2:12:60:a6:b9:b2:
6a:c7:a0:2b:dd:df:0b:79:88:fe:55:3f:b0:6a:44:3e:d6:47:
77:5a:ae:0f:60:38:af:9c:88:e7:53:24:a5:27:f4:da:47:54:
44:13:c3:55:e0:f0:7b:f4:f2:2f:34:8e:51:d6:95:0d:0a:a7:
80:4d:85:fa:b3:50:75:67:b6:bb:c4:16:ec:dd:cf:88:0d:80:
83:02:9a:97:a9:be:f4:47:03:b8:da:f9:b6:0d:b7:a9:f5:53:
2a:27:45:19
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ2SDfDxcxL/OlzOHwD+FVXjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjYwNDE1MTY1MTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWQ5MzY3M2E0ZGQwNDQ4NTFhMDk5NDQ4OGI3N2FiY2I0MzBkMjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FT+rgQ4CYpth8HvIS7Em0qSC4NZ
+og9FOTd9yKo2WxpnUs7WAQj2Ui5jDMdge3aiLHIl7YCJBZOv+0rBCZvjAR9Lt1o
XExck/s7clBbOWB+M4HiIhy44jc0El0cxXdcMwONkXXC+GwUR4v8IRpSRLY4fh0f
wOG5+lgfGSPH6w0hdQxue6AM31RHyaZYu1n9aIy1vH+DXczgx5Dqm1kRXp+GFoS2
KT6gdx8tsnu10Prt9pYxQGecf6azkmSM3vXwFCJIwNFS6YgNm1H4o35xuqFYwX7O
AEnMX4g3Ae78iZcJPIpLVSRaBP5OWV6HG7lY5eJeS/UlpyRci8QVbviWUQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIrZNnOk3QRIUaCZRIi3ery0MNKYMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvaXRrMmM2VGRCRWhSb0psRWlMZDZ2TFF3MHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAAjAsMBADBgAqCnnH
8QMGACoKecf4MBADBgEqCnnH+gMGACoKecf8AwYAKgp5x/8wDQYJKoZIhvcNAQEL
BQADggEBABBzjRDjJHScGqE3Wn510cSd6pN6bGFws4GM/FZS5EDeFLI3LprXUqMG
F/PJJffaTe8ZZGoly6ILoSgVC+3yQRkFB73LalWng4LU1dxCn422kAsoDQ0SxgEL
tpXjnW+rwBlp9RgZsQImrWK76RB7YzCJLeWkcdENfaM6vN3hFCLb2WEM1zLNFGTW
qvHfRDO0ldj5B8BUYUIxWc6oOrISYKa5smrHoCvd3wt5iP5VP7BqRD7WR3darg9g
OK+ciOdTJKUn9NpHVEQTw1Xg8Hv08i80jlHWlQ0Kp4BNhfqzUHVntrvEFuzdz4gN
gIMCmpepvvRHA7ja+bYNt6n1UyonRRk=
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:48:16 2026 by rpki-client