Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/ie-ND0oVExvzvYhwmFVArLj-AMY.roa
File: ie-ND0oVExvzvYhwmFVArLj-AMY.roa (raw, json)
Hash identifier: Od8u7jKejJXtOk+CIl93KOdchrJwm8K4UwqgVlWjaBk=
Subject key identifier: 89:EF:8D:0F:4A:15:13:1B:F3:BD:88:70:98:55:40:AC:B8:FE:00:C6
Certificate issuer: /CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Certificate serial: 019D73C1969C1A4D095454B24699E39434F8
Authority key identifier: BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/ie-ND0oVExvzvYhwmFVArLj-AMY.roa
Signing time: Thu 09 Apr 2026 19:39:20 +0000
ROA not before: Thu 09 Apr 2026 19:39:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14789
IP address blocks: 2a09:bac0:431::/48 maxlen: 48
2a09:bac0:439::/48 maxlen: 48
2a09:bac0:450::/48 maxlen: 48
2a09:bac0:477::/48 maxlen: 48
2a09:bac0:483::/48 maxlen: 48
2a09:bac0:545::/48 maxlen: 48
2a09:bac0:566::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.mft
rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:73:c1:96:9c:1a:4d:09:54:54:b2:46:99:e3:94:34:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe9f12c96ba20683aff5c958bfad8e4c577f7fe
Validity
Not Before: Apr 9 19:39:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=89ef8d0f4a15131bf3bd8870985540acb8fe00c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:35:21:5d:ac:fc:a5:6a:f9:71:a7:b8:a6:80:
b9:35:02:d9:4b:01:34:79:60:7f:d9:ea:f7:dc:29:
7a:ff:24:e7:4b:64:56:ce:df:ef:92:94:68:4d:6d:
dc:1f:2a:f6:b1:95:e0:5d:f5:4f:e6:c9:a7:21:4c:
d4:d6:13:0d:96:79:03:13:da:2a:e1:e7:89:e5:8f:
fa:cb:86:97:e7:6a:01:d1:52:2f:a6:c8:5c:09:9e:
d9:e5:f5:f6:fd:87:5f:88:66:bc:6d:89:ae:16:a2:
10:22:ad:75:db:67:9d:f7:f2:2c:66:91:1a:2c:fe:
c8:16:06:73:68:6d:e0:2b:ca:95:b4:0a:cc:81:45:
f9:91:9d:ca:a8:46:47:9e:dd:70:69:e6:62:62:07:
cd:59:e3:c3:72:e8:ff:37:f9:80:ee:8f:a8:c4:8e:
e6:86:65:6d:41:36:89:67:75:d4:7d:3b:0b:39:27:
c9:d9:74:5e:93:b5:28:75:a0:4b:29:e4:a6:e7:4c:
9c:84:a3:11:b6:30:1d:f8:a7:b4:a5:4c:b6:7c:5c:
3b:ee:8d:1c:c5:8d:ea:cb:8c:9a:b6:04:d5:ad:a1:
f3:be:5d:12:cd:ee:a0:ec:e1:2d:b3:ec:85:f0:9f:
09:e8:09:d1:e2:32:14:00:1f:ad:78:0e:bf:01:76:
ed:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:EF:8D:0F:4A:15:13:1B:F3:BD:88:70:98:55:40:AC:B8:FE:00:C6
X509v3 Authority Key Identifier:
keyid:BF:E9:F1:2C:96:BA:20:68:3A:FF:5C:95:8B:FA:D8:E4:C5:77:F7:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-nxLJa6IGg6_1yVi_rY5MV39_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/ie-ND0oVExvzvYhwmFVArLj-AMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/4ce558-63d6-469a-bb5d-f7820c5e966a/1/v-nxLJa6IGg6_1yVi_rY5MV39_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:bac0:431::/48
2a09:bac0:439::/48
2a09:bac0:450::/48
2a09:bac0:477::/48
2a09:bac0:483::/48
2a09:bac0:545::/48
2a09:bac0:566::/48
Signature Algorithm: sha256WithRSAEncryption
42:c3:54:55:fd:f7:37:ae:47:b4:fb:9d:a8:aa:84:3d:6e:f2:
ea:40:cb:4a:96:57:fc:f1:ad:1e:e7:2f:ab:46:24:5b:50:0e:
a8:7b:fb:90:5d:45:88:f5:68:c9:ae:04:5b:48:78:08:12:fa:
f7:58:4d:01:3e:7b:d4:22:48:1c:5b:b0:84:8b:e7:d4:15:3f:
2c:eb:6f:b2:e6:1a:67:98:af:6d:47:18:91:81:2e:e6:32:77:
2f:ef:0e:c5:ba:e3:e0:6b:21:4f:b4:73:ec:d5:be:fd:cd:c6:
1b:12:7b:24:aa:cd:24:fe:31:0b:d1:df:e3:11:52:55:2a:76:
49:43:30:b8:e0:63:6f:88:80:5f:7a:6d:4e:2d:9a:4d:8f:e4:
b5:da:8d:de:c9:aa:4f:a0:68:70:37:45:3d:71:73:3f:5d:dc:
6c:8a:0b:97:e4:28:36:e7:ac:48:aa:ed:66:67:c8:a8:88:87:
20:bd:9f:19:9d:98:65:55:99:a4:bf:2d:f2:e3:19:0b:71:d7:
95:e2:ea:7f:67:62:b4:2d:64:28:b6:45:5e:f4:9e:be:5f:6c:
6f:ce:99:2d:c7:d3:98:18:b0:99:99:2f:ee:38:ab:ee:cc:c5:
26:b3:f7:d4:20:24:a7:7c:4f:c1:08:e0:26:66:73:57:ec:45:
94:8a:07:bd
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZ1zwZacGk0JVFSyRpnjlDT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTlmMTJjOTZiYTIwNjgzYWZmNWM5NThiZmFkOGU0YzU3
N2Y3ZmUwHhcNMjYwNDA5MTkzOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWVmOGQwZjRhMTUxMzFiZjNiZDg4NzA5ODU1NDBhY2I4ZmUwMGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzUhXaz8pWr5cae4poC5NQLZSwE0
eWB/2er33Cl6/yTnS2RWzt/vkpRoTW3cHyr2sZXgXfVP5smnIUzU1hMNlnkDE9oq
4eeJ5Y/6y4aX52oB0VIvpshcCZ7Z5fX2/YdfiGa8bYmuFqIQIq1122ed9/IsZpEa
LP7IFgZzaG3gK8qVtArMgUX5kZ3KqEZHnt1waeZiYgfNWePDcuj/N/mA7o+oxI7m
hmVtQTaJZ3XUfTsLOSfJ2XRek7UodaBLKeSm50ychKMRtjAd+Ke0pUy2fFw77o0c
xY3qy4yatgTVraHzvl0Sze6g7OEts+yF8J8J6AnR4jIUAB+teA6/AXbtAwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFInvjQ9KFRMb872IcJhVQKy4/gDGMB8GA1UdIwQY
MBaAFL/p8SyWuiBoOv9clYv62OTFd/f+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQt
Zjc4MjBjNWU5NjZhLzEvaWUtTkQwb1ZFeHZ6dllod21GVkFyTGotQU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80Y2U1NTgtNjNkNi00NjlhLWJiNWQtZjc4MjBjNWU5NjZh
LzEvdi1ueExKYTZJR2c2XzF5Vmlfclk1TVYzOV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwcAKgm6wAQx
AwcAKgm6wAQ5AwcAKgm6wARQAwcAKgm6wAR3AwcAKgm6wASDAwcAKgm6wAVFAwcA
Kgm6wAVmMA0GCSqGSIb3DQEBCwUAA4IBAQBCw1RV/fc3rke0+52oqoQ9bvLqQMtK
llf88a0e5y+rRiRbUA6oe/uQXUWI9WjJrgRbSHgIEvr3WE0BPnvUIkgcW7CEi+fU
FT8s62+y5hpnmK9tRxiRgS7mMncv7w7FuuPgayFPtHPs1b79zcYbEnskqs0k/jEL
0d/jEVJVKnZJQzC44GNviIBfem1OLZpNj+S12o3eyapPoGhwN0U9cXM/XdxsiguX
5Cg256xIqu1mZ8ioiIcgvZ8ZnZhlVZmkvy3y4xkLcdeV4up/Z2K0LWQotkVe9J6+
X2xvzpktx9OYGLCZmS/uOKvuzMUms/fUICSnfE/BCOAmZnNX7EWUige9
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:16:42 2026 by rpki-client