Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/1eDthHxyBs30v9PDwTMv1prYvao.roa
File: 1eDthHxyBs30v9PDwTMv1prYvao.roa (raw, json)
Hash identifier: ppA9SkwGUbB4Vlu1p0LhsagFdBtCRPcp3uRMUiBj2DI=
Subject key identifier: D5:E0:ED:84:7C:72:06:CD:F4:BF:D3:C3:C1:33:2F:D6:9A:D8:BD:AA
Certificate issuer: /CN=94948e5f2fa04b222a6e96883b840f7124531556
Certificate serial: 019E8725E0CEE37C12F9B89A3F8131E7B805
Authority key identifier: 94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/1eDthHxyBs30v9PDwTMv1prYvao.roa
Signing time: Tue 02 Jun 2026 07:04:27 +0000
ROA not before: Tue 02 Jun 2026 07:04:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214266
IP address blocks: 2a0f:b380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 21:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:87:25:e0:ce:e3:7c:12:f9:b8:9a:3f:81:31:e7:b8:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94948e5f2fa04b222a6e96883b840f7124531556
Validity
Not Before: Jun 2 07:04:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d5e0ed847c7206cdf4bfd3c3c1332fd69ad8bdaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a0:63:0a:a2:2c:dc:bc:05:a0:bc:d0:2f:4d:
2a:99:f5:45:61:0e:e4:c5:e6:5e:d6:26:51:2d:30:
7d:09:f0:c5:1f:49:b0:c2:df:8b:48:91:9c:56:b1:
e8:82:0d:ba:1c:91:0c:13:9a:de:5b:61:49:05:6c:
09:fb:5d:28:02:22:cd:42:64:f0:b2:e4:81:21:bb:
fc:8f:67:8d:7f:d6:d0:d0:27:61:eb:a1:8e:13:52:
80:58:6c:62:b2:45:55:e1:49:79:6d:37:81:9e:98:
94:46:e0:e9:96:49:52:66:4c:f0:ea:d1:63:54:6c:
30:d0:97:75:cf:7a:20:38:f3:e8:a4:46:b1:8e:e3:
1f:ee:57:ab:a8:d7:c2:3e:63:37:0d:cc:75:79:37:
57:63:64:21:d8:65:31:88:cf:17:57:5e:04:df:0e:
7d:6e:b1:7c:eb:de:df:9b:66:41:27:aa:aa:3f:87:
70:08:02:f7:c0:4c:0c:1f:1b:8d:a7:64:f1:a9:2b:
7f:cb:1e:b4:33:37:f5:de:89:7c:c6:92:84:f2:ef:
41:2c:f0:65:ca:af:61:5a:39:d2:a2:cc:af:02:c1:
54:ca:5a:6c:67:90:d0:78:54:b7:17:91:f5:9f:d5:
61:3c:5a:ff:6b:c2:b9:84:b6:d9:b6:55:5a:b6:58:
d3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E0:ED:84:7C:72:06:CD:F4:BF:D3:C3:C1:33:2F:D6:9A:D8:BD:AA
X509v3 Authority Key Identifier:
keyid:94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/1eDthHxyBs30v9PDwTMv1prYvao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b380::/29
Signature Algorithm: sha256WithRSAEncryption
7d:97:18:1e:ca:76:64:30:fa:ad:ba:1e:79:32:76:96:4f:77:
f9:96:e6:7c:9b:c9:4e:f8:31:f1:05:c6:a3:bc:f3:bc:e3:c4:
4f:ad:b3:d4:7f:d4:42:0d:ce:33:f1:4c:6d:27:a2:3f:c6:0c:
0c:d1:f6:20:72:ca:a4:4f:a3:1c:4e:cc:38:00:f4:c9:83:bb:
c2:7a:a6:d7:e7:d2:e2:7f:cc:e0:56:ce:ad:fb:41:0e:7a:a1:
9f:00:10:f9:90:ad:9c:9c:9d:f5:5a:2f:d3:f0:79:b0:92:f3:
1d:c7:21:aa:cf:a4:d2:2c:3c:7f:9d:59:fa:7d:ef:bc:19:60:
da:b2:c4:b7:82:65:dd:07:20:ec:e2:a9:8b:dc:74:57:01:a6:
08:f9:db:cd:c2:b7:50:ce:eb:7f:41:15:f2:8c:ca:d5:18:ad:
77:19:a5:22:e8:3a:99:54:e2:f0:6e:d0:d0:c9:16:d7:9a:51:
30:1d:45:3b:c3:ba:fd:c2:ea:88:00:40:99:b9:c2:94:7e:22:
82:c1:93:0c:9a:db:de:e0:86:d7:a0:e6:ef:8b:72:27:e9:7c:
6b:15:40:2f:ef:9d:d0:93:4e:12:69:96:03:62:28:4c:54:2f:
af:e9:30:0b:2e:75:6a:6c:af:3d:0a:32:44:b1:f2:f4:87:c5:
d6:b9:05:f7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ6HJeDO43wS+biaP4Ex57gFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTQ4ZTVmMmZhMDRiMjIyYTZlOTY4ODNiODQwZjcxMjQ1
MzE1NTYwHhcNMjYwNjAyMDcwNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWUwZWQ4NDdjNzIwNmNkZjRiZmQzYzNjMTMzMmZkNjlhZDhiZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqBjCqIs3LwFoLzQL00qmfVFYQ7k
xeZe1iZRLTB9CfDFH0mwwt+LSJGcVrHogg26HJEME5reW2FJBWwJ+10oAiLNQmTw
suSBIbv8j2eNf9bQ0Cdh66GOE1KAWGxiskVV4Ul5bTeBnpiURuDplklSZkzw6tFj
VGww0Jd1z3ogOPPopEaxjuMf7lerqNfCPmM3Dcx1eTdXY2Qh2GUxiM8XV14E3w59
brF8697fm2ZBJ6qqP4dwCAL3wEwMHxuNp2TxqSt/yx60Mzf13ol8xpKE8u9BLPBl
yq9hWjnSosyvAsFUylpsZ5DQeFS3F5H1n9VhPFr/a8K5hLbZtlVatljTTQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFNXg7YR8cgbN9L/Tw8EzL9aa2L2qMB8GA1UdIwQY
MBaAFJSUjl8voEsiKm6WiDuED3EkUxVWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODct
NjQxYjhlNjBkM2UyLzEvMWVEdGhIeHlCczMwdjlQRHdUTXYxcHJZdmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODctNjQxYjhlNjBkM2Uy
LzEvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg+zgDAN
BgkqhkiG9w0BAQsFAAOCAQEAfZcYHsp2ZDD6rboeeTJ2lk93+ZbmfJvJTvgx8QXG
o7zzvOPET62z1H/UQg3OM/FMbSeiP8YMDNH2IHLKpE+jHE7MOAD0yYO7wnqm1+fS
4n/M4FbOrftBDnqhnwAQ+ZCtnJyd9Vov0/B5sJLzHcchqs+k0iw8f51Z+n3vvBlg
2rLEt4Jl3Qcg7OKpi9x0VwGmCPnbzcK3UM7rf0EV8ozK1RitdxmlIug6mVTi8G7Q
0MkW15pRMB1FO8O6/cLqiABAmbnClH4igsGTDJrb3uCG16Dm74tyJ+l8axVAL++d
0JNOEmmWA2IoTFQvr+kwCy51amyvPQoyRLHy9IfF1rkF9w==
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:39:46 2026 by rpki-client