Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/1-tR4A5hffBnz9j4r87UvdYXoRqA.roa
File: 1-tR4A5hffBnz9j4r87UvdYXoRqA.roa (raw, json)
Hash identifier: qrmx6A7F+GfIvT6hZp1xcIzaI/XX5ddtmc2tTeZs788=
Subject key identifier: FA:D4:78:03:98:5F:7C:19:F3:F6:3E:2B:F3:B5:2F:75:85:E8:46:A0
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019C91AF8D09D96225EDA989EADFDF9C783A
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/1-tR4A5hffBnz9j4r87UvdYXoRqA.roa
Signing time: Tue 24 Feb 2026 22:05:27 +0000
ROA not before: Tue 24 Feb 2026 22:05:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209562
IP address blocks: 2a09:b900::/29 maxlen: 29
2a09:c300::/29 maxlen: 29
2a0a:8f00::/29 maxlen: 29
2a0a:b800::/29 maxlen: 29
2a0a:d040::/29 maxlen: 29
2a0a:d600::/29 maxlen: 29
2a0b:8c0::/29 maxlen: 29
2a0b:1500::/29 maxlen: 29
2a0b:3d40::/29 maxlen: 29
2a0b:4e40::/29 maxlen: 29
2a0b:9240::/29 maxlen: 29
2a0b:9600::/29 maxlen: 29
2a0b:a0c0::/29 maxlen: 29
2a0b:c2c0::/29 maxlen: 29
2a0b:ce00::/29 maxlen: 29
2a0b:e380::/29 maxlen: 29
2a0b:f280::/29 maxlen: 29
2a0c:3e40::/29 maxlen: 29
2a0c:4bc0::/29 maxlen: 29
2a0c:cc40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:91:af:8d:09:d9:62:25:ed:a9:89:ea:df:df:9c:78:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Feb 24 22:05:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fad47803985f7c19f3f63e2bf3b52f7585e846a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f5:bb:25:cd:20:9d:da:3b:5e:2e:a3:b6:07:
0d:16:fc:92:52:1f:8a:78:62:a0:11:47:3a:b6:54:
95:10:b9:fe:59:aa:eb:d4:3f:c9:1a:af:d5:a1:7b:
b8:78:75:e3:43:4a:c1:36:98:ab:f0:cd:85:b9:5a:
ef:f8:b5:3f:f7:d9:92:d3:ad:89:c5:58:8a:52:78:
50:a7:d7:5f:0a:be:02:8c:6b:c3:8a:f3:ad:85:7f:
cc:94:75:1d:da:87:fe:e2:fb:81:b2:c5:94:50:ac:
f5:80:f6:99:ce:ca:b0:23:ad:e6:a6:3e:b4:5e:2f:
7f:9a:71:0e:d9:2a:43:94:84:e2:e4:0d:a9:b8:3f:
d2:31:d7:4d:e5:2b:1e:0c:da:50:e9:1a:e9:15:f5:
50:77:b6:7e:3f:d6:ec:05:3e:5b:bc:0e:1c:02:7b:
13:25:ca:aa:66:84:8f:1c:63:8f:93:4a:cb:99:b4:
36:a9:a5:f6:72:74:4d:57:2d:49:d3:ba:95:d1:b0:
1a:74:6d:76:76:a7:da:59:ee:b3:60:e6:38:1f:e4:
4a:b2:9a:1a:f2:b0:b7:ee:8e:ca:ab:44:7f:e5:02:
4a:ef:58:68:d4:4f:96:3f:f7:55:80:a1:76:a5:02:
f9:19:ed:1a:6b:3a:73:e4:f0:76:62:d4:40:4d:96:
c0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:D4:78:03:98:5F:7C:19:F3:F6:3E:2B:F3:B5:2F:75:85:E8:46:A0
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/1-tR4A5hffBnz9j4r87UvdYXoRqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:b900::/29
2a09:c300::/29
2a0a:8f00::/29
2a0a:b800::/29
2a0a:d040::/29
2a0a:d600::/29
2a0b:8c0::/29
2a0b:1500::/29
2a0b:3d40::/29
2a0b:4e40::/29
2a0b:9240::/29
2a0b:9600::/29
2a0b:a0c0::/29
2a0b:c2c0::/29
2a0b:ce00::/29
2a0b:e380::/29
2a0b:f280::/29
2a0c:3e40::/29
2a0c:4bc0::/29
2a0c:cc40::/29
Signature Algorithm: sha256WithRSAEncryption
3a:2e:cf:47:fc:e4:e4:6f:64:d5:e3:e1:02:6c:f4:ed:5b:1c:
87:c2:d0:1c:79:48:8d:6b:93:ad:b6:bb:e3:fa:99:81:9c:90:
65:6e:f4:8c:fd:01:9c:e3:8f:5d:49:52:39:03:b4:3e:83:60:
6d:6e:ae:84:9e:7e:cd:ae:d9:70:af:11:88:9b:fc:db:fa:33:
ca:41:87:57:be:03:0d:cb:3e:0e:1b:36:8f:2c:57:5d:5c:dc:
b3:16:58:b2:7c:d9:f7:48:a5:ad:ce:5d:25:1f:69:fc:1e:fb:
67:f7:2a:62:e0:2b:ea:5a:ea:22:43:8c:98:18:fc:f7:ad:6d:
d1:a5:ff:c0:c9:3e:4e:24:17:b2:ff:2b:d5:bf:89:9a:14:b6:
7c:05:64:ad:0a:ad:d5:e6:4f:dd:8b:42:90:59:61:52:22:44:
c2:57:49:b2:0e:69:d2:8b:00:44:b9:d2:19:27:2d:e1:86:6d:
f7:fb:1a:2a:38:d6:5b:e7:12:b5:2d:66:26:99:52:8b:bd:20:
79:4e:e9:00:8e:9a:a1:49:ef:3f:9f:c7:d1:47:63:86:3c:01:
ba:8d:1c:61:70:3c:26:47:81:63:13:2f:4d:95:45:9a:71:cb:
57:a1:cf:4e:e9:7b:6c:19:50:ef:b6:5c:85:8c:3d:9f:d1:58:
1b:5c:9b:12
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAZyRr40J2WIl7amJ6t/fnHg6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwMjI0MjIwNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWQ0NzgwMzk4NWY3YzE5ZjNmNjNlMmJmM2I1MmY3NTg1ZTg0NmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvW7Jc0gndo7Xi6jtgcNFvySUh+K
eGKgEUc6tlSVELn+Warr1D/JGq/VoXu4eHXjQ0rBNpir8M2FuVrv+LU/99mS062J
xViKUnhQp9dfCr4CjGvDivOthX/MlHUd2of+4vuBssWUUKz1gPaZzsqwI63mpj60
Xi9/mnEO2SpDlITi5A2puD/SMddN5SseDNpQ6RrpFfVQd7Z+P9bsBT5bvA4cAnsT
JcqqZoSPHGOPk0rLmbQ2qaX2cnRNVy1J07qV0bAadG12dqfaWe6zYOY4H+RKspoa
8rC37o7Kq0R/5QJK71ho1E+WP/dVgKF2pQL5Ge0aazpz5PB2YtRATZbAnQIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFPrUeAOYX3wZ8/Y+K/O1L3WF6EagMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvMS10UjRBNWhmZkJuejlqNHI4N1V2ZFlYb1JxQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjIvNzA0MDcxLThkYzAtNGVkNi05NDU3LWU4NjEyMWM1OTRk
Zi8xL1l2MjJkbFRmWVlUbjFneEJVT3FWTThMUGx3US5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBqQYIKwYBBQUHAQcBAf8EgZkwgZYwgZMEAgACMIGMAwUD
Kgm5AAMFAyoJwwADBQMqCo8AAwUDKgq4AAMFAyoK0EADBQMqCtYAAwUDKgsIwAMF
AyoLFQADBQMqCz1AAwUDKgtOQAMFAyoLkkADBQMqC5YAAwUDKgugwAMFAyoLwsAD
BQMqC84AAwUDKgvjgAMFAyoL8oADBQMqDD5AAwUDKgxLwAMFAyoMzEAwDQYJKoZI
hvcNAQELBQADggEBADouz0f85ORvZNXj4QJs9O1bHIfC0Bx5SI1rk622u+P6mYGc
kGVu9Iz9AZzjj11JUjkDtD6DYG1uroSefs2u2XCvEYib/Nv6M8pBh1e+Aw3LPg4b
No8sV11c3LMWWLJ82fdIpa3OXSUfafwe+2f3KmLgK+pa6iJDjJgY/PetbdGl/8DJ
Pk4kF7L/K9W/iZoUtnwFZK0KrdXmT92LQpBZYVIiRMJXSbIOadKLAES50hknLeGG
bff7Gio41lvnErUtZiaZUou9IHlO6QCOmqFJ7z+fx9FHY4Y8AbqNHGFwPCZHgWMT
L02VRZpxy1ehz07pe2wZUO+2XIWMPZ/RWBtcmxI=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:31:22 2026 by rpki-client