Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/8OPf-TYppgb-lWxDdXUmvn4lAOc.roa
File: 8OPf-TYppgb-lWxDdXUmvn4lAOc.roa (raw, json)
Hash identifier: hCC9pcZlwckfG4uw3UFpwoter9oKt9FivUAlBWxQl7Y=
Subject key identifier: F0:E3:DF:F9:36:29:A6:06:FE:95:6C:43:75:75:26:BE:7E:25:00:E7
Certificate issuer: /CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
Certificate serial: 019D6DFBED9852C83AFA6DBE9E3134D7CC46
Authority key identifier: CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/8OPf-TYppgb-lWxDdXUmvn4lAOc.roa
Signing time: Wed 08 Apr 2026 16:45:20 +0000
ROA not before: Wed 08 Apr 2026 16:45:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 2a07:e00:19f::/48 maxlen: 48
2a07:e02:41::/48 maxlen: 48
2a07:e02:1001::/48 maxlen: 48
2a07:e02:1010::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/zC61s4u2Lt5cmMv7z_lTKFIYBRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/zC61s4u2Lt5cmMv7z_lTKFIYBRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6d:fb:ed:98:52:c8:3a:fa:6d:be:9e:31:34:d7:cc:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
Validity
Not Before: Apr 8 16:45:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f0e3dff93629a606fe956c43757526be7e2500e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:98:47:1c:30:fe:eb:f5:78:03:96:d2:06:f0:
1c:4b:04:d2:37:3d:33:fb:9c:a1:80:fb:61:d6:7c:
fb:79:bd:0e:ee:1f:5d:88:6d:55:b6:bd:c4:6a:64:
62:0d:6a:69:8d:5e:0f:62:6c:1d:f4:03:82:29:8d:
72:16:8f:c5:92:18:29:bb:81:4f:db:59:5b:fc:e2:
33:5b:1e:7b:05:d4:ab:d4:42:37:b3:ec:30:f7:e6:
4a:59:36:d0:f0:50:ea:e5:16:9f:6e:eb:a6:0d:5f:
3e:8d:7d:ea:bd:38:7c:e4:41:b1:1e:16:37:aa:68:
6b:7d:a7:82:d4:c9:2d:e0:86:c1:17:88:a7:77:e5:
b9:12:d6:26:14:fa:d7:4f:68:59:5e:2f:22:fd:92:
34:7b:d0:b1:8a:c4:95:90:00:6b:90:3e:1f:9e:63:
27:00:68:cb:27:4d:8d:ed:46:fe:2e:54:32:16:81:
6f:52:11:f9:0f:db:71:dc:df:18:b7:02:4d:5e:4f:
fd:6c:12:64:61:1f:ef:d7:cb:60:fd:ea:d1:7b:bc:
01:54:7c:ea:a0:00:d8:18:34:a0:38:86:fa:dc:c1:
d0:c4:dd:98:60:08:a6:ed:f0:0d:8c:d3:64:b9:b4:
7c:cf:17:3e:36:0a:91:81:e8:54:a8:92:1b:a5:4e:
73:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E3:DF:F9:36:29:A6:06:FE:95:6C:43:75:75:26:BE:7E:25:00:E7
X509v3 Authority Key Identifier:
keyid:CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/8OPf-TYppgb-lWxDdXUmvn4lAOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/zC61s4u2Lt5cmMv7z_lTKFIYBRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:e00:19f::/48
2a07:e02:41::/48
2a07:e02:1001::/48
2a07:e02:1010::/44
Signature Algorithm: sha256WithRSAEncryption
76:75:3b:90:91:20:e8:2e:e6:c5:6e:10:e8:2b:1a:38:b5:a4:
6f:75:04:d7:c3:e8:5f:34:e8:c0:fb:00:ad:b0:1e:1f:37:56:
f9:5e:37:0b:47:6d:30:fd:c6:f7:7b:c7:11:d5:14:6b:9f:7e:
43:1c:1a:64:9c:02:ba:6f:09:36:3c:fa:cd:be:06:92:68:7b:
2a:92:24:98:fb:cc:3a:2a:26:d0:c6:76:19:ee:66:8f:5a:b8:
58:d1:20:b2:8c:45:1b:6f:57:2f:4a:c6:c1:b3:53:f0:d5:0a:
07:0d:c9:39:bd:02:d0:c4:4f:b5:ce:37:51:aa:70:85:f2:77:
91:be:3d:a0:5e:1a:b6:29:9d:6b:cc:48:c5:72:e9:a8:da:fc:
8a:eb:09:34:80:ae:e2:c5:55:41:89:da:66:52:18:b1:ee:e2:
a6:a7:81:8e:7e:31:3d:f0:81:70:13:47:ec:91:7b:e6:19:2e:
5e:51:8c:2c:80:d9:fe:02:97:e3:38:5a:7e:31:47:04:bc:6e:
70:06:40:15:58:a2:ba:66:fd:b7:e3:61:f7:ae:46:ab:e3:1b:
f2:4d:50:48:17:63:b3:80:6d:0f:a9:68:7d:29:3c:ec:04:0c:
98:3b:95:b3:bc:9a:1e:2a:f0:f6:ef:08:b7:0a:16:f0:8d:df:
bf:5c:3d:b8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ1t++2YUsg6+m2+njE018xGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMmViNWIzOGJiNjJlZGU1Yzk4Y2JmYmNmZjk1MzI4NTIx
ODA1MTYwHhcNMjYwNDA4MTY0NTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGUzZGZmOTM2MjlhNjA2ZmU5NTZjNDM3NTc1MjZiZTdlMjUwMGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArphHHDD+6/V4A5bSBvAcSwTSNz0z
+5yhgPth1nz7eb0O7h9diG1Vtr3EamRiDWppjV4PYmwd9AOCKY1yFo/Fkhgpu4FP
21lb/OIzWx57BdSr1EI3s+ww9+ZKWTbQ8FDq5RafbuumDV8+jX3qvTh85EGxHhY3
qmhrfaeC1Mkt4IbBF4ind+W5EtYmFPrXT2hZXi8i/ZI0e9CxisSVkABrkD4fnmMn
AGjLJ02N7Ub+LlQyFoFvUhH5D9tx3N8YtwJNXk/9bBJkYR/v18tg/erRe7wBVHzq
oADYGDSgOIb63MHQxN2YYAim7fANjNNkubR8zxc+NgqRgehUqJIbpU5zBwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPDj3/k2KaYG/pVsQ3V1Jr5+JQDnMB8GA1UdIwQY
MBaAFMwutbOLti7eXJjL+8/5UyhSGAUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEt
ZjFmODAyZTY2MTNiLzEvOE9QZi1UWXBwZ2ItbFd4RGRYVW12bjRsQU9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEtZjFmODAyZTY2MTNi
LzEvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAKgcOAAGf
AwcAKgcOAgBBAwcAKgcOAhABAwcEKgcOAhAQMA0GCSqGSIb3DQEBCwUAA4IBAQB2
dTuQkSDoLubFbhDoKxo4taRvdQTXw+hfNOjA+wCtsB4fN1b5XjcLR20w/cb3e8cR
1RRrn35DHBpknAK6bwk2PPrNvgaSaHsqkiSY+8w6KibQxnYZ7maPWrhY0SCyjEUb
b1cvSsbBs1Pw1QoHDck5vQLQxE+1zjdRqnCF8neRvj2gXhq2KZ1rzEjFcumo2vyK
6wk0gK7ixVVBidpmUhix7uKmp4GOfjE98IFwE0fskXvmGS5eUYwsgNn+ApfjOFp+
MUcEvG5wBkAVWKK6Zv2342H3rkar4xvyTVBIF2OzgG0PqWh9KTzsBAyYO5WzvJoe
KvD27wi3Chbwjd+/XD24
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:35:48 2026 by rpki-client