Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/45c300-85ed-4549-851a-e60908eb7c8d/1/TvRQaRsziqrRJCQCiUQYjyKVrn0.roa
File: TvRQaRsziqrRJCQCiUQYjyKVrn0.roa (raw, json)
Hash identifier: mrwUynV6T3tedBWfd3iohzz+A8WkbO6ygpgXbd4vXq0=
Subject key identifier: 4E:F4:50:69:1B:33:8A:AA:D1:24:24:02:89:44:18:8F:22:95:AE:7D
Certificate issuer: /CN=1ffa057bbc4d09b9c671c43ff96f35c00de9fbbb
Certificate serial: 019EB0C0E2BE01C757690F11E4B4C0BCFBC2
Authority key identifier: 1F:FA:05:7B:BC:4D:09:B9:C6:71:C4:3F:F9:6F:35:C0:0D:E9:FB:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H_oFe7xNCbnGccQ_-W81wA3p-7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/45c300-85ed-4549-851a-e60908eb7c8d/1/TvRQaRsziqrRJCQCiUQYjyKVrn0.roa
Signing time: Wed 10 Jun 2026 08:58:11 +0000
ROA not before: Wed 10 Jun 2026 08:58:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 219514
IP address blocks: 2a01:b80::/44 maxlen: 44
2a01:b80:10::/44 maxlen: 44
2a01:b80:20::/44 maxlen: 44
2a01:b80:30::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/45c300-85ed-4549-851a-e60908eb7c8d/1/H_oFe7xNCbnGccQ_-W81wA3p-7s.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/45c300-85ed-4549-851a-e60908eb7c8d/1/H_oFe7xNCbnGccQ_-W81wA3p-7s.mft
rsync://rpki.ripe.net/repository/DEFAULT/H_oFe7xNCbnGccQ_-W81wA3p-7s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b0:c0:e2:be:01:c7:57:69:0f:11:e4:b4:c0:bc:fb:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ffa057bbc4d09b9c671c43ff96f35c00de9fbbb
Validity
Not Before: Jun 10 08:58:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4ef450691b338aaad12424028944188f2295ae7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:44:80:3a:55:ed:6d:29:93:0b:8e:b8:7c:9e:
f5:12:bc:7c:48:ea:78:e3:59:1c:6d:9d:3b:05:7b:
5e:f7:de:3f:59:15:04:d3:6e:de:b0:50:ea:6b:20:
3a:a6:1f:f8:c2:ed:9a:79:f7:69:49:fe:75:68:01:
fa:e9:16:15:6c:72:1d:8e:43:da:84:9c:72:3c:d2:
3b:41:15:e7:22:ac:99:f1:aa:e0:cf:3d:db:1f:4f:
80:6d:f0:94:f8:33:af:fc:f8:e4:78:37:d5:18:27:
97:cc:ba:58:90:cb:74:e6:eb:36:19:ac:46:d4:93:
f2:d4:36:70:49:b1:c3:0f:fb:6b:46:20:cf:72:83:
27:7f:9c:6f:c3:8c:37:37:2a:95:48:f0:d5:4e:21:
f1:47:3a:1f:17:ad:99:e5:d0:79:a5:93:2a:5d:2a:
a3:35:2d:1e:a6:c5:96:61:dc:7f:c6:9b:72:67:33:
20:80:3e:3b:6f:95:01:20:2e:ec:c4:83:7d:40:7c:
02:36:19:4e:3f:e6:82:51:a6:e2:e5:ff:fd:f6:8f:
29:84:5a:00:72:44:38:da:16:f5:3b:c8:99:4d:7b:
4f:3b:82:cf:f9:88:23:45:df:05:54:05:27:ea:61:
a4:70:54:33:f7:9a:d6:7e:5d:32:d4:6e:5a:d4:16:
c4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:F4:50:69:1B:33:8A:AA:D1:24:24:02:89:44:18:8F:22:95:AE:7D
X509v3 Authority Key Identifier:
keyid:1F:FA:05:7B:BC:4D:09:B9:C6:71:C4:3F:F9:6F:35:C0:0D:E9:FB:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H_oFe7xNCbnGccQ_-W81wA3p-7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/45c300-85ed-4549-851a-e60908eb7c8d/1/TvRQaRsziqrRJCQCiUQYjyKVrn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/45c300-85ed-4549-851a-e60908eb7c8d/1/H_oFe7xNCbnGccQ_-W81wA3p-7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:b80::/42
Signature Algorithm: sha256WithRSAEncryption
da:dd:cc:6b:59:30:e3:45:c4:c5:ca:ad:51:f5:fa:08:b3:7c:
e9:9b:94:dc:0d:3e:e6:6e:a2:fc:08:15:40:8f:07:61:51:c2:
78:cc:0c:e3:63:f4:c1:d7:1f:06:0b:bc:9e:58:21:75:fd:30:
15:ce:7c:ba:38:dc:25:fa:81:91:61:9f:65:16:b6:56:d2:57:
d5:e9:7d:c4:16:6e:6a:c6:89:fd:9b:a8:77:f6:c8:c3:4d:41:
ec:d2:d9:12:f2:28:92:be:6e:79:54:09:0d:de:73:aa:c0:a8:
b9:9a:0b:69:10:af:d9:95:90:7f:7d:df:d5:cf:29:fa:7b:68:
2a:17:07:72:ca:c6:2c:a6:26:7a:f4:e0:2b:c3:3c:e1:21:1b:
70:cc:53:0a:2f:70:d1:b6:4f:89:8d:22:b5:60:67:70:cf:fa:
05:01:46:1f:26:36:0b:47:8c:de:dd:de:a4:96:8f:09:41:c0:
87:fa:cf:87:64:d6:c6:c7:90:8c:17:ad:09:e2:cc:8c:2b:0c:
bc:e7:07:ca:e7:f5:0c:81:62:b4:c0:20:a5:cb:44:7a:3c:7c:
4c:52:81:57:b2:2b:3b:53:f3:89:0d:1b:8a:13:f5:99:c4:cb:
51:e2:e3:02:29:80:37:90:47:b7:8f:ca:9d:41:a4:0e:5f:fe:
ec:09:7a:a1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ6wwOK+AcdXaQ8R5LTAvPvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZmEwNTdiYmM0ZDA5YjljNjcxYzQzZmY5NmYzNWMwMGRl
OWZiYmIwHhcNMjYwNjEwMDg1ODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWY0NTA2OTFiMzM4YWFhZDEyNDI0MDI4OTQ0MTg4ZjIyOTVhZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUSAOlXtbSmTC464fJ71Erx8SOp4
41kcbZ07BXte994/WRUE027esFDqayA6ph/4wu2aefdpSf51aAH66RYVbHIdjkPa
hJxyPNI7QRXnIqyZ8argzz3bH0+AbfCU+DOv/PjkeDfVGCeXzLpYkMt05us2GaxG
1JPy1DZwSbHDD/trRiDPcoMnf5xvw4w3NyqVSPDVTiHxRzofF62Z5dB5pZMqXSqj
NS0epsWWYdx/xptyZzMggD47b5UBIC7sxIN9QHwCNhlOP+aCUabi5f/99o8phFoA
ckQ42hb1O8iZTXtPO4LP+YgjRd8FVAUn6mGkcFQz95rWfl0y1G5a1BbEyQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE70UGkbM4qq0SQkAolEGI8ila59MB8GA1UdIwQY
MBaAFB/6BXu8TQm5xnHEP/lvNcAN6fu7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSF9vRmU3eE5DYm5HY2NRXy1XODF3QTNwLTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi80NWMzMDAtODVlZC00NTQ5LTg1MWEt
ZTYwOTA4ZWI3YzhkLzEvVHZSUWFSc3ppcXJSSkNRQ2lVUVlqeUtWcm4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi80NWMzMDAtODVlZC00NTQ5LTg1MWEtZTYwOTA4ZWI3Yzhk
LzEvSF9vRmU3eE5DYm5HY2NRXy1XODF3QTNwLTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcGKgELgAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQDa3cxrWTDjRcTFyq1R9foIs3zpm5TcDT7mbqL8
CBVAjwdhUcJ4zAzjY/TB1x8GC7yeWCF1/TAVzny6ONwl+oGRYZ9lFrZW0lfV6X3E
Fm5qxon9m6h39sjDTUHs0tkS8iiSvm55VAkN3nOqwKi5mgtpEK/ZlZB/fd/Vzyn6
e2gqFwdyysYspiZ69OArwzzhIRtwzFMKL3DRtk+JjSK1YGdwz/oFAUYfJjYLR4ze
3d6klo8JQcCH+s+HZNbGx5CMF60J4syMKwy85wfK5/UMgWK0wCCly0R6PHxMUoFX
sis7U/OJDRuKE/WZxMtR4uMCKYA3kEe3j8qdQaQOX/7sCXqh
-----END CERTIFICATE-----
Generated at Sat Jun 13 18:28:30 2026 by rpki-client