Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nPOOwYf5craBa5pJV3sDijEqEIU.roa
File: nPOOwYf5craBa5pJV3sDijEqEIU.roa (raw, json)
Hash identifier: oRXI52t4vjZ1qeplVtg877WSCQSD8yX1nUIyIzygzFM=
Subject key identifier: 9C:F3:8E:C1:87:F9:72:B6:81:6B:9A:49:57:7B:03:8A:31:2A:10:85
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019CA020740717161789A81CE2D2C14FF22B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nPOOwYf5craBa5pJV3sDijEqEIU.roa
Signing time: Fri 27 Feb 2026 17:23:27 +0000
ROA not before: Fri 27 Feb 2026 17:23:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200546
IP address blocks: 2a06:35c1::/32 maxlen: 32
2a0f:e840::/32 maxlen: 32
2a10:68c5::/32 maxlen: 32
2a13:d45::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a0:20:74:07:17:16:17:89:a8:1c:e2:d2:c1:4f:f2:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 27 17:23:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9cf38ec187f972b6816b9a49577b038a312a1085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:86:74:2a:58:5b:ca:91:aa:ad:2b:92:66:34:
4a:90:a1:31:12:ed:03:23:c9:8b:7d:3e:33:f2:3f:
f2:b2:8d:ed:4f:e9:1f:46:40:d6:98:20:88:12:bf:
78:46:f3:fd:13:ff:92:a1:d2:45:84:3d:ee:0c:00:
c1:42:54:b9:72:2d:7c:be:8e:38:a5:bb:db:a3:52:
d7:89:31:80:6c:b4:0a:74:d4:ab:47:bd:07:58:73:
03:4d:68:e3:c6:14:13:e0:c8:7b:ef:e9:b7:27:31:
79:ac:33:09:6a:85:f9:a2:37:d5:c3:da:7c:cd:a1:
ee:e1:17:f5:de:16:53:a2:13:1f:08:1d:ab:50:f4:
c6:5a:ca:39:31:bb:8d:b8:cf:78:a5:0d:0a:13:f8:
ad:44:36:07:61:65:e0:8c:09:59:a9:a4:88:b2:5b:
4d:52:99:a4:5c:ae:ad:06:26:ed:d1:8c:40:15:1c:
88:9c:b4:43:bc:6d:cc:b8:38:d5:64:b9:bc:dd:89:
e2:36:14:25:93:e7:4a:e5:64:ac:21:ef:7d:10:c4:
84:7c:fb:e8:e3:55:14:af:f6:c3:17:91:ca:73:1d:
1f:ab:78:0c:fd:12:b3:1f:ba:cd:ed:49:78:0d:b5:
f6:21:3f:c1:8a:0c:ff:c5:96:41:91:ec:f3:3c:e1:
97:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:F3:8E:C1:87:F9:72:B6:81:6B:9A:49:57:7B:03:8A:31:2A:10:85
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/nPOOwYf5craBa5pJV3sDijEqEIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:35c1::/32
2a0f:e840::/32
2a10:68c5::/32
2a13:d45::/32
Signature Algorithm: sha256WithRSAEncryption
c7:6c:96:61:1c:f8:98:6f:aa:42:e9:68:a0:7f:23:a2:0e:f1:
cf:d3:2d:fb:d2:88:63:46:7b:6d:a3:be:88:6d:b1:70:24:e5:
8a:19:57:d6:47:88:04:52:10:fa:8d:1e:a8:de:71:75:e6:da:
55:93:76:dc:a6:25:1a:90:df:d5:27:03:fe:d6:d5:8c:b1:12:
60:cb:b8:7d:49:45:29:63:66:19:6d:2d:2e:3d:af:9e:64:0f:
63:15:7e:1c:87:18:9b:a1:ec:1f:98:02:67:00:3d:47:30:87:
8f:e6:33:8f:2b:a7:aa:ad:22:6f:b6:7a:21:b4:3a:8f:a5:39:
ff:77:8c:96:f5:13:ac:4a:e1:5c:02:37:fc:11:39:9b:ae:28:
60:1f:b5:8c:9a:51:92:6e:e8:b0:34:5a:b3:d9:9e:ce:2c:95:
c3:fe:b9:ac:8d:66:67:26:53:23:2e:16:c5:78:82:8b:0e:0a:
c3:35:a2:27:51:67:69:d3:23:49:16:c0:9a:58:0c:03:03:09:
ea:03:de:26:62:76:20:08:6c:2f:4b:13:e0:05:65:9b:12:21:
f1:cc:37:31:63:e0:f1:1a:47:1d:6e:ae:25:86:97:b5:86:8f:
0a:19:10:a4:9c:9f:28:c4:6f:c2:99:b3:5c:d5:85:e1:4d:9b:
e2:3c:19:d5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZygIHQHFxYXiagc4tLBT/IrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMjI3MTcyMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2YzOGVjMTg3Zjk3MmI2ODE2YjlhNDk1NzdiMDM4YTMxMmExMDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIZ0KlhbypGqrSuSZjRKkKExEu0D
I8mLfT4z8j/yso3tT+kfRkDWmCCIEr94RvP9E/+SodJFhD3uDADBQlS5ci18vo44
pbvbo1LXiTGAbLQKdNSrR70HWHMDTWjjxhQT4Mh77+m3JzF5rDMJaoX5ojfVw9p8
zaHu4Rf13hZTohMfCB2rUPTGWso5MbuNuM94pQ0KE/itRDYHYWXgjAlZqaSIsltN
UpmkXK6tBibt0YxAFRyInLRDvG3MuDjVZLm83YniNhQlk+dK5WSsIe99EMSEfPvo
41UUr/bDF5HKcx0fq3gM/RKzH7rN7Ul4DbX2IT/Bigz/xZZBkezzPOGX7wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJzzjsGH+XK2gWuaSVd7A4oxKhCFMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvblBPT3dZZjVjcmFCYTVwSlYzc0RpakVxRUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgY1wQMF
ACoP6EADBQAqEGjFAwUAKhMNRTANBgkqhkiG9w0BAQsFAAOCAQEAx2yWYRz4mG+q
QulooH8jog7xz9Mt+9KIY0Z7baO+iG2xcCTlihlX1keIBFIQ+o0eqN5xdebaVZN2
3KYlGpDf1ScD/tbVjLESYMu4fUlFKWNmGW0tLj2vnmQPYxV+HIcYm6HsH5gCZwA9
RzCHj+Yzjyunqq0ib7Z6IbQ6j6U5/3eMlvUTrErhXAI3/BE5m64oYB+1jJpRkm7o
sDRas9meziyVw/65rI1mZyZTIy4WxXiCiw4KwzWiJ1FnadMjSRbAmlgMAwMJ6gPe
JmJ2IAhsL0sT4AVlmxIh8cw3MWPg8RpHHW6uJYaXtYaPChkQpJyfKMRvwpmzXNWF
4U2b4jwZ1Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:16:16 2026 by rpki-client