Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/hCLN0Dmhu24EaCdkTFQPSWgDm5o.roa
File: hCLN0Dmhu24EaCdkTFQPSWgDm5o.roa (raw, json)
Hash identifier: s+yZz2TWpyK3VihP8IgrQtwgqv2Jm0VD0iqLGFFBHvs=
Subject key identifier: 84:22:CD:D0:39:A1:BB:6E:04:68:27:64:4C:54:0F:49:68:03:9B:9A
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019C9EC6A9B7A17BB9263062FEC83B71F449
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/hCLN0Dmhu24EaCdkTFQPSWgDm5o.roa
Signing time: Fri 27 Feb 2026 11:05:45 +0000
ROA not before: Fri 27 Feb 2026 11:05:45 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8772
IP address blocks: 2a0f:5ec0::/29 maxlen: 29
2a0f:7fc0::/29 maxlen: 29
2a0f:edc0::/29 maxlen: 29
2a0f:fb40::/29 maxlen: 29
2a11:3a80::/29 maxlen: 29
2a11:6600::/29 maxlen: 29
2a11:6780::/29 maxlen: 29
2a11:6880::/29 maxlen: 29
2a11:6980::/29 maxlen: 29
2a11:6c00::/29 maxlen: 29
2a11:a680::/29 maxlen: 29
2a11:d400::/29 maxlen: 29
2a11:f080::/29 maxlen: 29
2a12:3c80::/29 maxlen: 29
2a12:e4c0::/29 maxlen: 29
2a13:3a80::/29 maxlen: 29
2a13:3e80::/29 maxlen: 29
2a13:4680::/29 maxlen: 29
2a13:64c0::/29 maxlen: 29
2a13:6540::/29 maxlen: 29
2a13:6840::/29 maxlen: 29
2a13:68c0::/29 maxlen: 29
2a13:69c0::/29 maxlen: 29
2a13:6a40::/29 maxlen: 29
2a13:6ac0::/29 maxlen: 29
2a13:6bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:c6:a9:b7:a1:7b:b9:26:30:62:fe:c8:3b:71:f4:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Feb 27 11:05:45 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8422cdd039a1bb6e046827644c540f4968039b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:11:b4:0d:a3:ca:4a:e6:5b:70:37:5a:1e:d7:
c4:ed:f4:6d:c6:bd:5b:b7:d8:d9:60:2a:b5:2e:6a:
a5:b2:79:a4:9d:95:3e:80:22:b0:91:a0:48:bb:ef:
a2:fd:e3:ce:5f:87:9e:0e:fe:49:9a:bf:da:9c:7f:
b0:47:a7:2c:27:cd:ff:3d:a7:c0:e3:e0:57:a8:8c:
4e:ae:48:55:99:4e:0e:dd:77:43:2a:c3:8b:0a:e6:
91:de:39:e9:a4:43:9e:a8:65:3d:c9:5f:b6:79:44:
e3:9b:1f:fe:d1:e6:26:2f:8a:6c:2b:2d:51:e6:95:
e3:39:48:e3:40:ec:89:f4:52:14:10:05:36:29:e2:
96:ad:30:dd:f5:25:0b:c2:7e:ba:b0:ee:c8:ce:45:
3e:1b:13:bc:df:5c:f1:f2:50:d9:a8:05:3b:72:93:
3f:76:cd:cc:22:ca:83:e6:d0:f6:e5:cb:4d:99:91:
ae:18:b1:b7:4e:de:b9:3c:0c:aa:df:0c:29:b8:98:
9b:0d:3d:12:1a:08:47:ea:e2:62:ab:5f:63:7f:6e:
e4:2c:b8:0d:74:e3:aa:32:37:c5:52:95:03:19:b4:
d0:f6:fa:b4:71:a9:fa:48:07:fc:69:9b:80:53:a6:
90:bb:7a:04:0e:59:d2:65:70:ba:c0:06:f8:df:d1:
fb:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:22:CD:D0:39:A1:BB:6E:04:68:27:64:4C:54:0F:49:68:03:9B:9A
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/hCLN0Dmhu24EaCdkTFQPSWgDm5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:5ec0::/29
2a0f:7fc0::/29
2a0f:edc0::/29
2a0f:fb40::/29
2a11:3a80::/29
2a11:6600::/29
2a11:6780::/29
2a11:6880::/29
2a11:6980::/29
2a11:6c00::/29
2a11:a680::/29
2a11:d400::/29
2a11:f080::/29
2a12:3c80::/29
2a12:e4c0::/29
2a13:3a80::/29
2a13:3e80::/29
2a13:4680::/29
2a13:64c0::/29
2a13:6540::/29
2a13:6840::/29
2a13:68c0::/29
2a13:69c0::/29
2a13:6a40::/29
2a13:6ac0::/29
2a13:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
0b:c2:f1:66:27:3b:7d:c1:f7:6e:d4:cf:d1:dd:cf:16:ff:f5:
fb:c1:9a:8d:bb:d1:e4:d0:fd:26:a6:47:fd:8c:29:df:f1:b1:
a4:6d:f8:85:41:1f:e9:24:c7:4a:01:e2:31:06:bd:fe:d6:c0:
f6:61:0e:af:81:d6:03:8b:45:29:4b:54:d0:19:28:09:7b:b2:
e4:ff:32:8e:c8:d3:dc:67:22:5c:75:11:58:37:b6:29:f4:d0:
58:9e:75:65:df:8f:94:3f:95:3b:36:d2:9c:4f:31:f5:46:6e:
d5:ce:83:c6:3b:a2:24:47:6c:8c:a0:8e:bb:80:37:8f:42:99:
04:6b:04:ad:5c:26:30:09:35:a5:69:b7:29:e5:64:56:15:24:
99:4d:2a:20:f1:d3:75:f8:08:1d:b4:70:d6:70:4f:36:4b:e0:
41:0a:0e:cf:23:99:1c:0e:c4:3c:6a:e5:e9:5b:05:2e:a3:65:
b4:48:e5:83:fc:aa:3a:62:22:ce:bb:a6:f7:b6:20:09:3c:f1:
06:85:ad:17:72:70:6b:6f:a7:36:ce:ce:26:75:9e:5f:1f:e0:
8b:8a:71:72:db:0a:47:92:ce:e1:38:32:4f:9f:55:47:74:75:
38:ff:11:c6:22:2a:f8:1a:28:f7:57:da:41:5c:6d:02:06:e6:
6a:fc:13:89
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZyexqm3oXu5JjBi/sg7cfRJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwMjI3MTEwNTQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDIyY2RkMDM5YTFiYjZlMDQ2ODI3NjQ0YzU0MGY0OTY4MDM5YjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRG0DaPKSuZbcDdaHtfE7fRtxr1b
t9jZYCq1LmqlsnmknZU+gCKwkaBIu++i/ePOX4eeDv5Jmr/anH+wR6csJ83/PafA
4+BXqIxOrkhVmU4O3XdDKsOLCuaR3jnppEOeqGU9yV+2eUTjmx/+0eYmL4psKy1R
5pXjOUjjQOyJ9FIUEAU2KeKWrTDd9SULwn66sO7IzkU+GxO831zx8lDZqAU7cpM/
ds3MIsqD5tD25ctNmZGuGLG3Tt65PAyq3wwpuJibDT0SGghH6uJiq19jf27kLLgN
dOOqMjfFUpUDGbTQ9vq0can6SAf8aZuAU6aQu3oEDlnSZXC6wAb439H7xwIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFIQizdA5obtuBGgnZExUD0loA5uaMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvaENMTjBEbWh1MjRFYUNka1RGUVBTV2dEbTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAIwgbYDBQMq
D17AAwUDKg9/wAMFAyoP7cADBQMqD/tAAwUDKhE6gAMFAyoRZgADBQMqEWeAAwUD
KhFogAMFAyoRaYADBQMqEWwAAwUDKhGmgAMFAyoR1AADBQMqEfCAAwUDKhI8gAMF
AyoS5MADBQMqEzqAAwUDKhM+gAMFAyoTRoADBQMqE2TAAwUDKhNlQAMFAyoTaEAD
BQMqE2jAAwUDKhNpwAMFAyoTakADBQMqE2rAAwUDKhNrwDANBgkqhkiG9w0BAQsF
AAOCAQEAC8LxZic7fcH3btTP0d3PFv/1+8GajbvR5ND9JqZH/Ywp3/GxpG34hUEf
6STHSgHiMQa9/tbA9mEOr4HWA4tFKUtU0BkoCXuy5P8yjsjT3GciXHURWDe2KfTQ
WJ51Zd+PlD+VOzbSnE8x9UZu1c6DxjuiJEdsjKCOu4A3j0KZBGsErVwmMAk1pWm3
KeVkVhUkmU0qIPHTdfgIHbRw1nBPNkvgQQoOzyOZHA7EPGrl6VsFLqNltEjlg/yq
OmIizrum97YgCTzxBoWtF3Jwa2+nNs7OJnWeXx/gi4pxctsKR5LO4TgyT59VR3R1
OP8RxiIq+Boo91faQVxtAgbmavwTiQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:37:30 2026 by rpki-client