Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/0ld9oICrjkM9PiOBYi7PkCMaP7g.roa
File: 0ld9oICrjkM9PiOBYi7PkCMaP7g.roa (raw, json)
Hash identifier: 7pPoPeKMxfAld72vWaWuaU3WiGoLWbNKS8HJfbCj2GY=
Subject key identifier: D2:57:7D:A0:80:AB:8E:43:3D:3E:23:81:62:2E:CF:90:23:1A:3F:B8
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 019B7F1522715C4AD9AFEC1C3FF37551A322
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/0ld9oICrjkM9PiOBYi7PkCMaP7g.roa
Signing time: Fri 02 Jan 2026 14:20:50 +0000
ROA not before: Fri 02 Jan 2026 14:20:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51699
IP address blocks: 2a05:4741:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:15:22:71:5c:4a:d9:af:ec:1c:3f:f3:75:51:a3:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Jan 2 14:20:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d2577da080ab8e433d3e2381622ecf90231a3fb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:88:91:85:95:78:4d:49:13:29:cc:c3:07:0d:
6e:68:19:9a:24:dd:ee:54:c6:86:b5:bf:2b:cc:aa:
e8:ba:47:07:54:7f:01:85:74:7f:b2:5e:4b:33:ff:
ea:1f:40:b4:35:fd:41:ff:b1:1f:74:4a:8c:b0:27:
d7:6f:85:c1:e1:ee:1f:15:ec:f7:69:bb:24:70:02:
53:bf:cc:0d:25:75:78:fe:c7:dd:89:62:5c:69:74:
16:f2:23:07:08:5f:bc:96:be:95:a6:f7:27:76:73:
38:0d:5c:b6:26:bb:c7:be:5a:d4:8c:9f:0c:8f:16:
6b:b6:67:03:6a:03:8f:6a:3c:9c:2c:cb:66:e1:d5:
a4:36:5e:04:4b:f5:cf:94:8f:8a:63:18:ec:08:a4:
7a:87:99:86:9e:a1:a2:08:c6:30:c9:27:3b:63:a2:
1e:fb:24:ec:9c:68:99:b7:a2:71:18:a0:fb:40:05:
d0:13:a4:c6:26:78:8e:41:5b:16:5c:df:87:f0:92:
5d:69:6f:e3:b4:b9:a2:b4:17:1b:b8:4e:9e:cc:72:
4e:92:31:25:63:fb:ac:3a:90:05:9f:52:1f:56:01:
50:49:81:99:4b:bd:b7:6d:a9:27:3e:ed:d8:0f:44:
28:8f:ce:db:60:ca:bc:ac:3b:e3:69:52:b5:50:a4:
8f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:57:7D:A0:80:AB:8E:43:3D:3E:23:81:62:2E:CF:90:23:1A:3F:B8
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/0ld9oICrjkM9PiOBYi7PkCMaP7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:4741:6::/48
Signature Algorithm: sha256WithRSAEncryption
dc:fa:cb:ed:79:1b:1a:98:f4:33:9d:a5:19:a2:2f:73:ac:1d:
57:58:43:91:46:2b:41:2d:d0:74:be:ea:d4:0f:54:94:68:f8:
17:39:66:ba:72:76:66:ba:80:cb:dd:43:77:24:91:07:fa:15:
4c:03:53:5c:90:c0:b3:50:4d:16:c8:2b:33:6a:1f:1c:6f:1e:
94:95:f1:80:c6:e5:ef:cd:04:49:16:87:59:62:35:fe:89:b3:
40:aa:64:57:43:b4:49:03:b8:56:94:9d:54:5f:3a:83:df:a7:
3d:18:11:4f:d8:af:6a:24:54:63:06:de:44:c0:de:4a:82:4d:
c2:4e:d2:35:85:41:ad:49:38:77:a5:5d:64:18:ba:79:3c:bf:
c8:12:32:c6:21:6b:3f:e8:fe:fb:6e:8b:a6:cc:bc:bc:66:40:
81:b9:ad:30:cf:4a:e7:20:c9:82:53:f6:4d:0a:7c:6f:4a:d8:
3f:57:88:88:17:90:cc:f6:53:10:87:cf:49:37:f1:2e:25:2d:
51:25:47:cd:9f:b1:8d:1e:43:49:f4:78:c2:21:83:de:e1:29:
4b:71:82:77:2f:3c:7f:4e:95:7f:8e:47:9d:59:7f:12:55:0b:
df:36:a4:22:17:ed:f1:3f:b5:ac:bd:a9:ff:cc:54:bf:e6:96:
73:67:05:ab
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZt/FSJxXErZr+wcP/N1UaMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNDc0YWM3Y2E4NWUwOWMyZDQ4YjMzZTdiZjY2ZjhlZDc2
NGRlMGYwHhcNMjYwMTAyMTQyMDUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjU3N2RhMDgwYWI4ZTQzM2QzZTIzODE2MjJlY2Y5MDIzMWEzZmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYiRhZV4TUkTKczDBw1uaBmaJN3u
VMaGtb8rzKroukcHVH8BhXR/sl5LM//qH0C0Nf1B/7EfdEqMsCfXb4XB4e4fFez3
abskcAJTv8wNJXV4/sfdiWJcaXQW8iMHCF+8lr6VpvcndnM4DVy2JrvHvlrUjJ8M
jxZrtmcDagOPajycLMtm4dWkNl4ES/XPlI+KYxjsCKR6h5mGnqGiCMYwySc7Y6Ie
+yTsnGiZt6JxGKD7QAXQE6TGJniOQVsWXN+H8JJdaW/jtLmitBcbuE6ezHJOkjEl
Y/usOpAFn1IfVgFQSYGZS723baknPu3YD0Qoj87bYMq8rDvjaVK1UKSPdwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFNJXfaCAq45DPT4jgWIuz5AjGj+4MB8GA1UdIwQY
MBaAFDJHSsfKheCcLUizPnv2b47XZN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzkt
MTJlYzIyYzljNWEyLzEvMGxkOW9JQ3Jqa005UGlPQllpN1BrQ01hUDdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xZmQwYTYtNDUxNy00YTBiLWIzYzktMTJlYzIyYzljNWEy
LzEvTWtkS3g4cUY0Snd0U0xNLWVfWnZqdGRrM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgVHQQAG
MA0GCSqGSIb3DQEBCwUAA4IBAQDc+svteRsamPQznaUZoi9zrB1XWEORRitBLdB0
vurUD1SUaPgXOWa6cnZmuoDL3UN3JJEH+hVMA1NckMCzUE0WyCszah8cbx6UlfGA
xuXvzQRJFodZYjX+ibNAqmRXQ7RJA7hWlJ1UXzqD36c9GBFP2K9qJFRjBt5EwN5K
gk3CTtI1hUGtSTh3pV1kGLp5PL/IEjLGIWs/6P77boumzLy8ZkCBua0wz0rnIMmC
U/ZNCnxvStg/V4iIF5DM9lMQh89JN/EuJS1RJUfNn7GNHkNJ9HjCIYPe4SlLcYJ3
Lzx/TpV/jkedWX8SVQvfNqQiF+3xP7Wsvan/zFS/5pZzZwWr
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:10:21 2026 by rpki-client