Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/4dbd63-76b1-4b03-9dea-50c16bdd5c24/1/1Ydtwyp0RxTqwFwlZLQC9pjEjck.roa
File: 1Ydtwyp0RxTqwFwlZLQC9pjEjck.roa (raw, json)
Hash identifier: lddKsSWBtsmYYjZdvA43DNL49znHbCiLIeDmyKFXUS8=
Subject key identifier: D5:87:6D:C3:2A:74:47:14:EA:C0:5C:25:64:B4:02:F6:98:C4:8D:C9
Certificate issuer: /CN=49f7c1a4677eb7826dae69de01a699b6201d6244
Certificate serial: 019C9F695782132B550CDB80DF2E2CEAE30C
Authority key identifier: 49:F7:C1:A4:67:7E:B7:82:6D:AE:69:DE:01:A6:99:B6:20:1D:62:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SffBpGd-t4JtrmneAaaZtiAdYkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/4dbd63-76b1-4b03-9dea-50c16bdd5c24/1/1Ydtwyp0RxTqwFwlZLQC9pjEjck.roa
Signing time: Fri 27 Feb 2026 14:03:26 +0000
ROA not before: Fri 27 Feb 2026 14:03:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207592
IP address blocks: 141.5.96.0/19 maxlen: 19
2a02:d480:700::/42 maxlen: 42
2a02:d480:700::/48 maxlen: 48
2a02:d480:708::/48 maxlen: 48
2a02:d480:70c::/48 maxlen: 48
2a02:d480:710::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/4dbd63-76b1-4b03-9dea-50c16bdd5c24/1/SffBpGd-t4JtrmneAaaZtiAdYkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/4dbd63-76b1-4b03-9dea-50c16bdd5c24/1/SffBpGd-t4JtrmneAaaZtiAdYkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/SffBpGd-t4JtrmneAaaZtiAdYkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9f:69:57:82:13:2b:55:0c:db:80:df:2e:2c:ea:e3:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49f7c1a4677eb7826dae69de01a699b6201d6244
Validity
Not Before: Feb 27 14:03:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d5876dc32a744714eac05c2564b402f698c48dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2d:64:1b:7a:d9:6b:0c:f9:a6:02:14:69:7a:
f3:52:f7:84:ad:04:3b:fe:8b:48:16:49:36:ba:f6:
ef:95:d9:8e:78:38:f5:aa:d3:b6:45:80:72:f2:23:
b0:09:8b:28:46:aa:8b:76:e1:13:62:06:2a:8b:28:
34:bd:22:f0:99:1e:ca:b6:83:8b:27:02:dc:df:49:
49:be:14:30:83:59:dc:46:12:64:d1:68:e0:80:cc:
6c:4f:cc:1f:b3:0e:8d:30:fb:f6:03:de:31:e7:4d:
f3:40:b5:d9:fc:54:f9:0d:a1:b4:1d:4d:72:65:de:
a4:72:f0:ce:7b:be:e1:09:de:e2:6b:e5:9e:9e:96:
96:f5:ec:cb:6a:35:1e:8b:82:d2:cc:e5:7f:dc:22:
90:25:64:74:fb:c4:e2:35:70:b3:35:e3:38:72:3d:
24:84:2c:71:9a:fd:4d:b0:a9:59:67:0b:be:a7:bf:
fd:0d:a8:c5:bb:09:d7:1e:a2:85:83:0b:7b:6c:46:
98:42:d0:64:dd:b9:a9:8b:0a:2d:8c:40:d7:12:2f:
01:d3:e4:b4:42:27:b0:ea:87:ff:55:c3:e3:98:23:
73:b1:3f:44:6d:91:14:d3:88:4a:02:be:90:e3:43:
ca:1d:fb:1d:0d:63:2b:ae:fe:15:61:11:58:5e:47:
39:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:87:6D:C3:2A:74:47:14:EA:C0:5C:25:64:B4:02:F6:98:C4:8D:C9
X509v3 Authority Key Identifier:
keyid:49:F7:C1:A4:67:7E:B7:82:6D:AE:69:DE:01:A6:99:B6:20:1D:62:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SffBpGd-t4JtrmneAaaZtiAdYkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/4dbd63-76b1-4b03-9dea-50c16bdd5c24/1/1Ydtwyp0RxTqwFwlZLQC9pjEjck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/4dbd63-76b1-4b03-9dea-50c16bdd5c24/1/SffBpGd-t4JtrmneAaaZtiAdYkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.5.96.0/19
IPv6:
2a02:d480:700::/42
Signature Algorithm: sha256WithRSAEncryption
0d:02:bb:69:a9:84:f1:59:b6:8c:05:d6:ee:1b:88:91:e7:dd:
85:7c:a5:19:72:e5:18:23:fc:31:3e:95:54:28:43:88:b0:85:
9e:f2:69:11:53:70:75:3a:c2:c4:0a:2b:ed:69:e4:22:58:e6:
79:fe:f7:4b:c2:33:ac:ac:68:21:91:8c:87:ad:02:3e:37:95:
61:64:9f:01:cf:52:51:93:92:4e:2f:51:c5:c2:74:48:1b:53:
a5:82:ce:1b:24:48:5e:1b:13:c3:92:5c:2a:d1:2d:a5:e4:94:
4c:ff:86:4a:46:25:2e:68:31:12:b9:62:1a:7b:7f:45:eb:41:
b1:6a:e2:6c:72:91:4d:e6:50:94:f2:fd:e4:a4:c2:5f:bb:10:
b5:e7:80:bf:d9:9e:27:05:ab:cb:5e:0b:fe:31:bd:e3:73:9d:
e3:4f:11:fa:04:01:96:5a:48:fc:7b:ec:90:24:34:fc:23:5d:
f3:8e:65:14:1b:af:4c:f4:c4:df:b0:61:91:81:20:e0:20:29:
4f:0a:ad:0b:03:c5:1d:c6:6c:0a:57:f4:72:f6:cb:6c:6d:81:
9e:57:87:44:5b:f6:81:93:16:65:40:ed:8f:62:f9:c8:9e:8c:
2b:d5:1e:6c:c6:53:d5:28:9f:a6:33:e3:94:4f:34:43:f9:ef:
71:ce:7c:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZyfaVeCEytVDNuA3y4s6uMMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjdjMWE0Njc3ZWI3ODI2ZGFlNjlkZTAxYTY5OWI2MjAx
ZDYyNDQwHhcNMjYwMjI3MTQwMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTg3NmRjMzJhNzQ0NzE0ZWFjMDVjMjU2NGI0MDJmNjk4YzQ4ZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwi1kG3rZawz5pgIUaXrzUveErQQ7
/otIFkk2uvbvldmOeDj1qtO2RYBy8iOwCYsoRqqLduETYgYqiyg0vSLwmR7KtoOL
JwLc30lJvhQwg1ncRhJk0WjggMxsT8wfsw6NMPv2A94x503zQLXZ/FT5DaG0HU1y
Zd6kcvDOe77hCd7ia+WenpaW9ezLajUei4LSzOV/3CKQJWR0+8TiNXCzNeM4cj0k
hCxxmv1NsKlZZwu+p7/9DajFuwnXHqKFgwt7bEaYQtBk3bmpiwotjEDXEi8B0+S0
Qiew6of/VcPjmCNzsT9EbZEU04hKAr6Q40PKHfsdDWMrrv4VYRFYXkc5oQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNWHbcMqdEcU6sBcJWS0AvaYxI3JMB8GA1UdIwQY
MBaAFEn3waRnfreCba5p3gGmmbYgHWJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZmQnBHZC10NEp0cm1uZUFhYVp0aUFkWWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS80ZGJkNjMtNzZiMS00YjAzLTlkZWEt
NTBjMTZiZGQ1YzI0LzEvMVlkdHd5cDBSeFRxd0Z3bFpMUUM5cGpFamNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS80ZGJkNjMtNzZiMS00YjAzLTlkZWEtNTBjMTZiZGQ1YzI0
LzEvU2ZmQnBHZC10NEp0cm1uZUFhYVp0aUFkWWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQFjQVgMA8E
AgACMAkDBwYqAtSABwAwDQYJKoZIhvcNAQELBQADggEBAA0Cu2mphPFZtowF1u4b
iJHn3YV8pRly5Rgj/DE+lVQoQ4iwhZ7yaRFTcHU6wsQKK+1p5CJY5nn+90vCM6ys
aCGRjIetAj43lWFknwHPUlGTkk4vUcXCdEgbU6WCzhskSF4bE8OSXCrRLaXklEz/
hkpGJS5oMRK5Yhp7f0XrQbFq4mxykU3mUJTy/eSkwl+7ELXngL/ZnicFq8teC/4x
veNzneNPEfoEAZZaSPx77JAkNPwjXfOOZRQbr0z0xN+wYZGBIOAgKU8KrQsDxR3G
bApX9HL2y2xtgZ5Xh0Rb9oGTFmVA7Y9i+ciejCvVHmzGU9Uon6Yz45RPNEP573HO
fPY=
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:53:50 2026 by rpki-client