Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/8ixOCAhwWNDnq3ns0gAUwlgzmyk.roa
File: 8ixOCAhwWNDnq3ns0gAUwlgzmyk.roa (raw, json)
Hash identifier: wl/9bJRX8lYlM4jLjwEI20VfsWde6X8LQeHsRbukNDc=
Subject key identifier: F2:2C:4E:08:08:70:58:D0:E7:AB:79:EC:D2:00:14:C2:58:33:9B:29
Certificate issuer: /CN=5659b0ba8407be11cfc911bd31ed140cd1c6046c
Certificate serial: 019CA934F8B2446491DA55D50BD497BD59E1
Authority key identifier: 56:59:B0:BA:84:07:BE:11:CF:C9:11:BD:31:ED:14:0C:D1:C6:04:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/8ixOCAhwWNDnq3ns0gAUwlgzmyk.roa
Signing time: Sun 01 Mar 2026 11:42:26 +0000
ROA not before: Sun 01 Mar 2026 11:42:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205941
IP address blocks: 2a10:fa82::/48 maxlen: 48
2a10:fa82:1::/48 maxlen: 48
2a10:fa82:2::/48 maxlen: 48
2a10:fa82:f600::/40 maxlen: 40
2a10:fa82:f700::/40 maxlen: 40
2a10:fa82:f800::/40 maxlen: 40
2a10:fa82:f900::/40 maxlen: 40
2a10:fa82:fa00::/40 maxlen: 40
2a10:fa82:fb00::/40 maxlen: 40
2a10:fa82:fc00::/40 maxlen: 40
2a10:fa82:fd00::/40 maxlen: 40
2a10:fa82:fe00::/40 maxlen: 40
2a10:fa82:fef0::/44 maxlen: 44
2a10:fa82:ff00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.mft
rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 11:42:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:34:f8:b2:44:64:91:da:55:d5:0b:d4:97:bd:59:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5659b0ba8407be11cfc911bd31ed140cd1c6046c
Validity
Not Before: Mar 1 11:42:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f22c4e08087058d0e7ab79ecd20014c258339b29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6a:4f:57:f5:dd:11:a5:d0:01:65:51:7a:60:
94:2a:ae:cc:06:52:c5:27:31:6b:36:1c:33:d2:94:
39:b8:55:79:54:e3:a5:54:d6:d7:88:7b:da:76:49:
ed:16:86:1c:38:38:39:81:50:1a:fe:d3:a7:35:c2:
bd:cb:e7:78:b4:b3:51:70:be:86:65:0e:e4:23:06:
8a:7d:5c:d8:70:b0:cb:7a:30:92:9b:dd:fa:b6:77:
0b:46:08:9a:6c:bb:27:6c:18:26:dc:00:a7:61:9a:
62:ed:9c:1e:92:09:35:6a:4f:78:c7:41:11:49:52:
d2:1a:a0:1f:f7:1e:92:b5:e7:f5:5c:4d:9e:e2:77:
2d:cd:81:aa:87:66:2f:9f:bf:53:45:81:c8:0f:39:
28:2c:b9:d6:2f:92:25:0e:1c:12:81:ee:a1:d6:2a:
27:c2:f5:80:da:24:e7:9a:ee:dc:c3:26:cc:5d:8f:
68:00:35:65:52:9f:8f:05:6c:9c:60:bb:9c:b1:16:
db:70:34:af:ca:e5:c2:45:cb:7b:0f:81:f8:5a:63:
b4:b9:ac:77:99:00:70:92:f8:44:b3:54:5f:bd:5d:
ef:e5:20:b5:01:49:ff:20:7d:8f:28:e7:ba:03:43:
38:82:fc:36:77:8f:0b:ed:7e:f9:f3:f4:cd:18:3c:
32:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2C:4E:08:08:70:58:D0:E7:AB:79:EC:D2:00:14:C2:58:33:9B:29
X509v3 Authority Key Identifier:
keyid:56:59:B0:BA:84:07:BE:11:CF:C9:11:BD:31:ED:14:0C:D1:C6:04:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/8ixOCAhwWNDnq3ns0gAUwlgzmyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:fa82::-2a10:fa82:2:ffff:ffff:ffff:ffff:ffff
2a10:fa82:f600::-2a10:fa82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0e:6b:c3:89:54:75:5f:e0:6a:4b:b2:c5:4d:f3:eb:95:02:62:
77:34:86:84:c0:ca:a2:79:97:b6:0c:98:ed:33:bd:af:a6:f5:
6e:50:26:f8:07:ee:c0:12:1f:0e:6c:3f:4f:77:ec:3b:9c:9d:
2a:d2:53:59:8a:c0:9f:2c:07:8c:e5:0f:43:02:d7:55:ac:16:
cf:bd:fd:84:1f:36:c3:f2:ef:92:41:e7:d8:1c:45:ea:92:3e:
9f:c6:61:7b:84:61:0e:5c:1f:9a:13:44:e3:b9:0f:35:3b:e2:
1b:6e:4d:b4:b8:b2:ff:4d:32:11:e6:bf:ce:60:9f:8b:ae:f3:
8e:0e:b8:9d:33:ea:19:e9:d0:07:3b:f2:98:1f:ba:6f:c3:73:
8c:25:17:3f:e7:55:a4:18:e9:95:4e:c1:be:a3:85:f3:9b:18:
47:1e:f1:d5:12:95:09:a2:e0:57:5a:62:d7:96:64:fa:4c:b3:
67:57:6a:39:0b:17:47:66:32:98:ea:88:26:0b:03:e1:f3:ce:
e2:fc:7d:46:0c:fd:c9:83:d5:25:e4:87:28:e6:12:fb:98:e6:
cf:a7:b8:b2:72:32:0b:7c:ff:24:22:b3:8b:55:1b:1e:70:30:
93:a2:3a:dd:27:1a:94:d9:77:72:0f:d7:68:be:28:0a:e7:3e:
27:49:7e:2b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZypNPiyRGSR2lXVC9SXvVnhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NTliMGJhODQwN2JlMTFjZmM5MTFiZDMxZWQxNDBjZDFj
NjA0NmMwHhcNMjYwMzAxMTE0MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjJjNGUwODA4NzA1OGQwZTdhYjc5ZWNkMjAwMTRjMjU4MzM5YjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWpPV/XdEaXQAWVRemCUKq7MBlLF
JzFrNhwz0pQ5uFV5VOOlVNbXiHvadkntFoYcODg5gVAa/tOnNcK9y+d4tLNRcL6G
ZQ7kIwaKfVzYcLDLejCSm936tncLRgiabLsnbBgm3ACnYZpi7Zwekgk1ak94x0ER
SVLSGqAf9x6Stef1XE2e4nctzYGqh2Yvn79TRYHIDzkoLLnWL5IlDhwSge6h1ion
wvWA2iTnmu7cwybMXY9oADVlUp+PBWycYLucsRbbcDSvyuXCRct7D4H4WmO0uax3
mQBwkvhEs1RfvV3v5SC1AUn/IH2PKOe6A0M4gvw2d48L7X758/TNGDwyaQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPIsTggIcFjQ56t57NIAFMJYM5spMB8GA1UdIwQY
MBaAFFZZsLqEB74Rz8kRvTHtFAzRxgRsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmxtd3VvUUh2aEhQeVJHOU1lMFVETkhHQkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kZDhlMzEtMDBiNS00MjEyLTllMDEt
MjM5NGM2NjAwMDIyLzEvOGl4T0NBaHdXTkRucTNuczBnQVV3bGd6bXlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kZDhlMzEtMDBiNS00MjEyLTllMDEtMjM5NGM2NjAwMDIy
LzEvVmxtd3VvUUh2aEhQeVJHOU1lMFVETkhHQkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjMBADBQEqEPqC
AwcAKhD6ggACMA8DBgEqEPqC9gMFACoQ+oIwDQYJKoZIhvcNAQELBQADggEBAA5r
w4lUdV/gakuyxU3z65UCYnc0hoTAyqJ5l7YMmO0zva+m9W5QJvgH7sASHw5sP093
7DucnSrSU1mKwJ8sB4zlD0MC11WsFs+9/YQfNsPy75JB59gcReqSPp/GYXuEYQ5c
H5oTROO5DzU74htuTbS4sv9NMhHmv85gn4uu844OuJ0z6hnp0Ac78pgfum/Dc4wl
Fz/nVaQY6ZVOwb6jhfObGEce8dUSlQmi4FdaYteWZPpMs2dXajkLF0dmMpjqiCYL
A+HzzuL8fUYM/cmD1SXkhyjmEvuY5s+nuLJyMgt8/yQis4tVGx5wMJOiOt0nGpTZ
d3IP12i+KArnPidJfis=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:51:38 2026 by rpki-client