Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IFbTZVOafC_edoPxjy8EOn0tFGE.roa
File: IFbTZVOafC_edoPxjy8EOn0tFGE.roa (raw, json)
Hash identifier: c9FqrK0CWA/3KdVIJ8/SS6Y+hNB96gOw4mIzdy/XoQ4=
Subject key identifier: 20:56:D3:65:53:9A:7C:2F:DE:76:83:F1:8F:2F:04:3A:7D:2D:14:61
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019CA07104B830B066F256C8C8EBAC854717
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IFbTZVOafC_edoPxjy8EOn0tFGE.roa
Signing time: Fri 27 Feb 2026 18:51:27 +0000
ROA not before: Fri 27 Feb 2026 18:51:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12389
IP address blocks: 2a06:a600::/29 maxlen: 29
2a06:bf40::/29 maxlen: 29
2a07:95c0::/29 maxlen: 29
2a09:17c3::/32 maxlen: 32
2a0c:d380::/29 maxlen: 29
2a0d:8f80::/29 maxlen: 29
2a0e:2440::/29 maxlen: 29
2a0e:f207::/32 maxlen: 32
2a0f:3d83::/32 maxlen: 32
2a0f:3d86:11::/48 maxlen: 48
2a0f:7d01::/32 maxlen: 32
2a0f:bc05::/32 maxlen: 32
2a0f:ee00::/29 maxlen: 29
2a10:3140::/29 maxlen: 29
2a11:4e80::/29 maxlen: 29
2a12:d100::/29 maxlen: 29
2a13:2bc0::/29 maxlen: 29
2a13:8f00::/29 maxlen: 29
2a13:9280::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a0:71:04:b8:30:b0:66:f2:56:c8:c8:eb:ac:85:47:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 27 18:51:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2056d365539a7c2fde7683f18f2f043a7d2d1461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:95:db:a1:3d:8b:5f:5c:fd:8c:bd:18:94:59:
0a:7f:01:a4:07:a8:c7:9d:fa:7f:36:0a:a7:4e:6b:
6f:2d:1c:67:06:d8:45:48:62:0c:59:58:d2:0c:bc:
4b:5a:4f:8e:84:d7:ac:8b:44:01:22:d7:92:68:c4:
16:b9:e9:33:0c:04:bc:19:54:af:e6:38:e6:58:04:
dd:01:be:ee:40:fa:39:a4:e0:14:ae:5d:67:d8:db:
d9:6a:ce:2c:c9:16:62:c6:b6:91:4f:22:2c:82:37:
67:c9:5c:f1:73:1c:37:ef:69:c4:16:58:3d:2c:05:
ed:a0:b4:9d:5d:09:47:7c:55:60:05:d1:3e:4f:69:
be:3b:68:63:cd:fc:57:74:3e:79:7c:f3:34:32:53:
a2:6b:0c:de:1b:3f:8e:62:f1:0a:ac:82:8a:68:16:
f0:80:de:22:73:56:7d:22:43:4a:25:83:c3:e1:f5:
4e:d0:c3:b1:bc:c8:2e:e8:bb:b3:74:16:77:38:e4:
35:4d:9a:1e:83:8c:53:6b:92:51:b0:c7:a1:ed:2d:
d1:29:fa:b8:ed:23:bc:c2:80:55:8b:e4:af:ea:9a:
49:d4:a8:6c:42:79:11:da:3a:ac:db:db:3e:5e:2d:
f7:db:20:51:10:a6:7b:3c:13:05:b7:33:ce:cb:65:
d5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:56:D3:65:53:9A:7C:2F:DE:76:83:F1:8F:2F:04:3A:7D:2D:14:61
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/IFbTZVOafC_edoPxjy8EOn0tFGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a600::/29
2a06:bf40::/29
2a07:95c0::/29
2a09:17c3::/32
2a0c:d380::/29
2a0d:8f80::/29
2a0e:2440::/29
2a0e:f207::/32
2a0f:3d83::/32
2a0f:3d86:11::/48
2a0f:7d01::/32
2a0f:bc05::/32
2a0f:ee00::/29
2a10:3140::/29
2a11:4e80::/29
2a12:d100::/29
2a13:2bc0::/29
2a13:8f00::/29
2a13:9280::/32
Signature Algorithm: sha256WithRSAEncryption
c3:d8:a4:58:07:87:42:4f:f3:e9:30:36:33:b6:b8:8e:52:13:
5e:a8:39:c6:b0:10:a7:0d:10:7b:c5:ae:b2:03:76:d5:db:78:
40:5f:65:ec:a4:f3:be:ed:6f:ee:e4:c6:4a:a3:15:e5:d4:9f:
5a:19:b4:4b:f6:08:7c:bc:0e:76:92:91:f6:0c:05:80:2c:8d:
d1:0f:ac:6a:6f:d1:cf:39:cc:47:1a:cc:1f:17:7e:ce:4d:78:
62:5a:a3:f3:d3:ba:66:e3:6b:5a:ce:4f:ad:08:fc:d1:79:3d:
4e:2a:cd:97:0e:e7:21:3a:ab:b4:53:ae:65:82:1d:98:74:46:
81:cb:8f:b6:06:0d:ba:c0:86:6a:fe:13:c5:49:f1:e1:60:58:
3c:35:49:95:1d:e7:35:4d:24:23:98:6a:a6:87:a5:e4:a0:b8:
ff:61:36:35:15:5c:d0:86:c2:c6:4f:b0:bc:b6:db:07:bf:82:
bf:86:24:f2:15:eb:a8:86:0e:6d:6a:bd:45:8f:d5:0c:74:af:
d6:a8:24:5e:7e:08:3b:5e:e4:1a:ab:bc:39:9e:93:5b:5b:08:
38:e7:09:40:23:e1:2d:01:49:9d:22:28:32:49:9c:01:ae:44:
d7:f6:32:ee:bb:09:d5:9f:ca:f8:d2:ce:e9:4f:2f:72:3e:7c:
89:dd:54:eb
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAZygcQS4MLBm8lbIyOushUcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMjI3MTg1MTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDU2ZDM2NTUzOWE3YzJmZGU3NjgzZjE4ZjJmMDQzYTdkMmQxNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0pXboT2LX1z9jL0YlFkKfwGkB6jH
nfp/NgqnTmtvLRxnBthFSGIMWVjSDLxLWk+OhNesi0QBIteSaMQWuekzDAS8GVSv
5jjmWATdAb7uQPo5pOAUrl1n2NvZas4syRZixraRTyIsgjdnyVzxcxw372nEFlg9
LAXtoLSdXQlHfFVgBdE+T2m+O2hjzfxXdD55fPM0MlOiawzeGz+OYvEKrIKKaBbw
gN4ic1Z9IkNKJYPD4fVO0MOxvMgu6LuzdBZ3OOQ1TZoeg4xTa5JRsMeh7S3RKfq4
7SO8woBVi+Sv6ppJ1KhsQnkR2jqs29s+Xi332yBREKZ7PBMFtzPOy2XVwQIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFCBW02VTmnwv3naD8Y8vBDp9LRRhMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSUZiVFpWT2FmQ19lZG9QeGp5OEVPbjB0RkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTCBjgQCAAIwgYcDBQMq
BqYAAwUDKga/QAMFAyoHlcADBQAqCRfDAwUDKgzTgAMFAyoNj4ADBQMqDiRAAwUA
Kg7yBwMFACoPPYMDBwAqDz2GABEDBQAqD30BAwUAKg+8BQMFAyoP7gADBQMqEDFA
AwUDKhFOgAMFAyoS0QADBQMqEyvAAwUDKhOPAAMFACoTkoAwDQYJKoZIhvcNAQEL
BQADggEBAMPYpFgHh0JP8+kwNjO2uI5SE16oOcawEKcNEHvFrrIDdtXbeEBfZeyk
877tb+7kxkqjFeXUn1oZtEv2CHy8DnaSkfYMBYAsjdEPrGpv0c85zEcazB8Xfs5N
eGJao/PTumbja1rOT60I/NF5PU4qzZcO5yE6q7RTrmWCHZh0RoHLj7YGDbrAhmr+
E8VJ8eFgWDw1SZUd5zVNJCOYaqaHpeSguP9hNjUVXNCGwsZPsLy22we/gr+GJPIV
66iGDm1qvUWP1Qx0r9aoJF5+CDte5BqrvDmek1tbCDjnCUAj4S0BSZ0iKDJJnAGu
RNf2Mu67CdWfyvjSzulPL3I+fIndVOs=
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:33:02 2026 by rpki-client