Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/3aV4uR6YCpNCMqEmRj5_444Decg.roa
File: 3aV4uR6YCpNCMqEmRj5_444Decg.roa (raw, json)
Hash identifier: xsNIDZCx48PVAmUl5doiKpgYGjB7eG/SLI/mAjLaIh8=
Subject key identifier: DD:A5:78:B9:1E:98:0A:93:42:32:A1:26:46:3E:7F:E3:8E:03:79:C8
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 019EAC03D1116813DBCAA244310327C6BBA8
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/3aV4uR6YCpNCMqEmRj5_444Decg.roa
Signing time: Tue 09 Jun 2026 10:53:11 +0000
ROA not before: Tue 09 Jun 2026 10:53:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13335
IP address blocks: 57.250.49.0/24 maxlen: 24
57.250.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ac:03:d1:11:68:13:db:ca:a2:44:31:03:27:c6:bb:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Jun 9 10:53:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dda578b91e980a934232a126463e7fe38e0379c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ab:13:ae:d9:83:95:2e:4c:0d:05:1e:e4:77:
0c:1d:8e:9d:26:b0:e3:73:a6:90:7d:42:c0:ed:f4:
81:49:35:26:a8:f9:ea:77:75:37:a2:16:ca:24:92:
4f:e2:6c:36:1f:07:d1:fc:2f:1c:41:ce:49:87:92:
36:fd:e0:05:b6:9b:28:e1:e1:27:e4:a2:21:82:5c:
fb:51:94:fc:d5:3b:60:ed:13:c0:19:75:e1:48:d8:
ff:b2:ff:8f:ee:00:15:01:be:a0:54:30:6b:fc:3f:
62:c5:b9:58:94:18:24:ce:87:8c:58:5b:81:ab:61:
b6:aa:3a:55:c4:95:3f:55:29:10:df:4c:53:0b:6a:
1c:24:71:3d:1f:9f:23:fb:38:4f:80:ab:79:50:58:
1a:ba:cb:32:b5:96:9f:a9:54:6a:4e:aa:d4:42:72:
fc:43:24:66:12:b6:da:d0:7d:89:59:fc:7d:e3:ca:
82:f3:90:67:94:95:99:39:d3:97:ac:57:04:79:82:
ad:a3:85:40:62:bd:cd:c7:a5:0c:b3:b5:cd:a4:28:
95:f1:d2:fa:21:ab:71:f6:d1:09:98:47:af:a7:be:
34:33:1d:ef:e3:12:50:6b:f9:66:4a:54:14:76:8f:
50:71:7d:86:5d:51:dc:3d:a0:f5:8a:b1:d4:19:fa:
75:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A5:78:B9:1E:98:0A:93:42:32:A1:26:46:3E:7F:E3:8E:03:79:C8
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/3aV4uR6YCpNCMqEmRj5_444Decg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.250.49.0/24
57.250.51.0/24
Signature Algorithm: sha256WithRSAEncryption
06:ad:47:ce:f3:8a:c5:e5:a4:5d:5e:ef:3c:2a:1d:9c:e5:4a:
f9:67:ed:0f:b9:25:fe:1c:b9:56:d9:ad:79:44:db:b5:c4:f8:
76:af:99:b6:c1:21:9d:b4:be:41:4d:30:24:5c:ec:54:60:2b:
dd:22:37:ad:8c:94:a7:7c:f6:7c:68:5c:11:28:ff:53:9a:8a:
bd:14:46:44:c8:d5:8e:f4:32:a0:15:a9:d0:44:ed:aa:48:f2:
02:09:93:11:09:48:9a:fc:eb:15:05:73:0b:f1:cb:46:04:61:
ec:4d:59:84:4c:c7:5c:c9:ab:8c:a3:52:ae:e8:88:85:3b:3b:
3e:0b:95:d8:f4:d4:32:2b:14:d4:e6:ea:1c:5e:1d:8c:a2:87:
a5:23:e5:06:3d:a6:19:26:0f:76:d1:9d:5a:30:67:81:ee:64:
09:77:28:0c:90:19:a5:81:fb:88:d8:fa:3e:66:90:0d:02:fa:
9f:c3:b7:54:60:f3:80:90:ff:67:ce:18:73:88:d4:3c:ac:cf:
90:39:21:19:1c:cd:c7:62:bb:42:d0:22:f4:a1:5c:c9:2b:cf:
09:04:45:81:7f:97:53:43:51:3e:3c:17:6c:f4:f4:e1:a7:41:
3f:b1:dd:93:df:5e:2f:6c:4b:65:ec:f4:2e:fe:e3:ed:af:6b:
c7:db:33:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ6sA9ERaBPbyqJEMQMnxruoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjYwNjA5MTA1MzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGE1NzhiOTFlOTgwYTkzNDIzMmExMjY0NjNlN2ZlMzhlMDM3OWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqsTrtmDlS5MDQUe5HcMHY6dJrDj
c6aQfULA7fSBSTUmqPnqd3U3ohbKJJJP4mw2HwfR/C8cQc5Jh5I2/eAFtpso4eEn
5KIhglz7UZT81Ttg7RPAGXXhSNj/sv+P7gAVAb6gVDBr/D9ixblYlBgkzoeMWFuB
q2G2qjpVxJU/VSkQ30xTC2ocJHE9H58j+zhPgKt5UFgaussytZafqVRqTqrUQnL8
QyRmErba0H2JWfx948qC85BnlJWZOdOXrFcEeYKto4VAYr3Nx6UMs7XNpCiV8dL6
Iatx9tEJmEevp740Mx3v4xJQa/lmSlQUdo9QcX2GXVHcPaD1irHUGfp17QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN2leLkemAqTQjKhJkY+f+OOA3nIMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvM2FWNHVSNllDcE5DTXFFbVJqNV80NDREZWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAOfoxAwQA
OfozMA0GCSqGSIb3DQEBCwUAA4IBAQAGrUfO84rF5aRdXu88Kh2c5Ur5Z+0PuSX+
HLlW2a15RNu1xPh2r5m2wSGdtL5BTTAkXOxUYCvdIjetjJSnfPZ8aFwRKP9Tmoq9
FEZEyNWO9DKgFanQRO2qSPICCZMRCUia/OsVBXML8ctGBGHsTVmETMdcyauMo1Ku
6IiFOzs+C5XY9NQyKxTU5uocXh2MooelI+UGPaYZJg920Z1aMGeB7mQJdygMkBml
gfuI2Po+ZpANAvqfw7dUYPOAkP9nzhhziNQ8rM+QOSEZHM3HYrtC0CL0oVzJK88J
BEWBf5dTQ1E+PBds9PThp0E/sd2T314vbEtl7PQu/uPtr2vH2zOS
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:27:55 2026 by rpki-client