Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4ttO-4B3axGYTYHnu5BWM7g2BCs.roa
File: 4ttO-4B3axGYTYHnu5BWM7g2BCs.roa (raw, json)
Hash identifier: gfx3j2ScXVhE4B9i+aZPliq4dk1NRTixKZnu3cbD4UY=
Subject key identifier: E2:DB:4E:FB:80:77:6B:11:98:4D:81:E7:BB:90:56:33:B8:36:04:2B
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019C8F10792021C14AF4AA65856F4B01F813
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4ttO-4B3axGYTYHnu5BWM7g2BCs.roa
Signing time: Tue 24 Feb 2026 09:52:27 +0000
ROA not before: Tue 24 Feb 2026 09:52:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 132337
IP address blocks: 2a09:b700::/29 maxlen: 32
2a0a:2940::/29 maxlen: 32
2a0a:3200::/29 maxlen: 32
2a0f:2ec0::/29 maxlen: 32
2a0f:6d80::/29 maxlen: 29
2a0f:a200::/29 maxlen: 32
2a0f:dec0::/29 maxlen: 29
2a10:3440::/29 maxlen: 32
2a10:5c00::/29 maxlen: 32
2a11:5200::/29 maxlen: 32
2a11:b200::/29 maxlen: 32
2a12:4ac0::/29 maxlen: 32
2a13:540::/29 maxlen: 32
2a13:3040::/29 maxlen: 32
2a13:9480::/29 maxlen: 32
2a13:fa00::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8f:10:79:20:21:c1:4a:f4:aa:65:85:6f:4b:01:f8:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 24 09:52:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e2db4efb80776b11984d81e7bb905633b836042b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:33:90:38:20:e2:a4:de:46:db:8f:e0:76:4c:
aa:3c:3e:b3:96:96:37:a0:7e:f5:6b:5b:02:7d:9e:
2b:a4:11:6c:0d:42:55:d4:81:4c:fd:08:ce:4a:28:
f3:15:30:3d:60:d4:15:d1:07:68:f8:d4:25:6f:07:
c4:65:86:c2:8e:f7:28:af:03:8d:65:e0:50:c4:d0:
90:47:80:e3:cb:3e:e2:48:a4:e1:1d:01:dc:ef:0b:
8a:5f:f7:60:6a:c3:80:09:73:80:03:18:4c:f2:35:
9f:5d:b6:64:05:d4:66:35:a9:80:d9:00:0c:64:a0:
89:26:9f:b1:a4:ec:18:0d:96:eb:58:f5:33:9e:12:
79:e9:ca:05:c6:20:8d:bd:70:93:34:05:12:8c:2e:
57:44:2c:95:47:b6:54:3a:48:aa:9a:f0:70:10:02:
0c:dd:db:3a:b0:ce:b8:9a:57:ad:fd:10:32:c5:4e:
fd:40:ba:e7:9e:41:35:37:4a:a6:bc:5d:87:40:bf:
c1:95:23:ad:3d:bc:c9:18:7f:72:09:47:e1:c1:8c:
71:93:27:0b:a9:c0:44:ee:ef:e6:2f:6d:04:e4:b4:
fb:12:84:c4:ce:12:91:d8:17:83:a2:08:1e:02:ab:
4f:cd:98:ab:ee:eb:90:cd:bc:56:06:d1:a6:f4:67:
4d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:DB:4E:FB:80:77:6B:11:98:4D:81:E7:BB:90:56:33:B8:36:04:2B
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/4ttO-4B3axGYTYHnu5BWM7g2BCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:b700::/29
2a0a:2940::/29
2a0a:3200::/29
2a0f:2ec0::/29
2a0f:6d80::/29
2a0f:a200::/29
2a0f:dec0::/29
2a10:3440::/29
2a10:5c00::/29
2a11:5200::/29
2a11:b200::/29
2a12:4ac0::/29
2a13:540::/29
2a13:3040::/29
2a13:9480::/29
2a13:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
61:14:0b:45:31:e0:5f:c2:3a:f8:5f:ea:22:4d:22:de:11:2f:
63:51:d0:34:db:da:b7:1f:20:1a:74:cc:8d:e6:a8:4a:40:2e:
c2:a2:30:74:35:39:ac:4c:17:ec:20:36:f8:4d:27:de:1b:74:
44:fa:97:b8:7c:6b:98:ad:0e:67:39:a0:60:85:3e:7a:e4:45:
2e:db:a6:be:cd:8b:6a:d2:b7:a8:5b:dc:4a:35:de:52:38:3a:
6f:2e:d5:e3:f2:0b:fd:9f:25:7c:b0:60:9b:95:60:96:5a:03:
ef:fe:97:fe:ec:13:34:8f:5c:02:84:99:ca:37:35:a3:48:fa:
2b:bf:0c:00:3f:71:a7:4c:ea:e3:61:c5:33:0f:c2:d8:52:de:
c4:2f:a0:f2:c6:8d:5a:4c:76:e0:93:a2:24:dc:fd:ea:da:a8:
4e:dc:0b:f2:60:28:0a:b5:f9:b4:1f:ac:31:6e:3e:7d:0f:60:
57:01:5d:12:b7:e0:95:98:e5:42:0b:31:87:49:73:a6:2a:7a:
69:e9:bf:d8:0c:6f:05:7a:86:11:8b:bd:1d:6d:e9:2d:ca:f9:
d3:05:aa:ea:e8:bc:0f:8e:30:26:9a:f6:40:c1:e2:44:1c:74:
0e:55:85:8b:d9:9e:f1:4f:bf:d3:39:d6:05:f9:85:ca:47:fd:
2e:2f:e4:23
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZyPEHkgIcFK9KplhW9LAfgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMjI0MDk1MjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmRiNGVmYjgwNzc2YjExOTg0ZDgxZTdiYjkwNTYzM2I4MzYwNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DOQOCDipN5G24/gdkyqPD6zlpY3
oH71a1sCfZ4rpBFsDUJV1IFM/QjOSijzFTA9YNQV0Qdo+NQlbwfEZYbCjvcorwON
ZeBQxNCQR4Djyz7iSKThHQHc7wuKX/dgasOACXOAAxhM8jWfXbZkBdRmNamA2QAM
ZKCJJp+xpOwYDZbrWPUznhJ56coFxiCNvXCTNAUSjC5XRCyVR7ZUOkiqmvBwEAIM
3ds6sM64mlet/RAyxU79QLrnnkE1N0qmvF2HQL/BlSOtPbzJGH9yCUfhwYxxkycL
qcBE7u/mL20E5LT7EoTEzhKR2BeDoggeAqtPzZir7uuQzbxWBtGm9GdNkwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFOLbTvuAd2sRmE2B57uQVjO4NgQrMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNHR0Ty00QjNheEdZVFlIbnU1QldNN2cyQkNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAIwcAMFAyoJtwAD
BQMqCilAAwUDKgoyAAMFAyoPLsADBQMqD22AAwUDKg+iAAMFAyoP3sADBQMqEDRA
AwUDKhBcAAMFAyoRUgADBQMqEbIAAwUDKhJKwAMFAyoTBUADBQMqEzBAAwUDKhOU
gAMFAyoT+gAwDQYJKoZIhvcNAQELBQADggEBAGEUC0Ux4F/COvhf6iJNIt4RL2NR
0DTb2rcfIBp0zI3mqEpALsKiMHQ1OaxMF+wgNvhNJ94bdET6l7h8a5itDmc5oGCF
PnrkRS7bpr7Ni2rSt6hb3Eo13lI4Om8u1ePyC/2fJXywYJuVYJZaA+/+l/7sEzSP
XAKEmco3NaNI+iu/DAA/cadM6uNhxTMPwthS3sQvoPLGjVpMduCToiTc/eraqE7c
C/JgKAq1+bQfrDFuPn0PYFcBXRK34JWY5UILMYdJc6Yqemnpv9gMbwV6hhGLvR1t
6S3K+dMFqurovA+OMCaa9kDB4kQcdA5VhYvZnvFPv9M51gX5hcpH/S4v5CM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:50:11 2026 by rpki-client