Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/0lSRM7qDhOZiOXKHMwGCb-hXHmE.roa
File: 0lSRM7qDhOZiOXKHMwGCb-hXHmE.roa (raw, json)
Hash identifier: 358iuPEslrR58AI4K+vvhkoi+TPzlwcO10pAAKOCURM=
Subject key identifier: D2:54:91:33:BA:83:84:E6:62:39:72:87:33:01:82:6F:E8:57:1E:61
Certificate issuer: /CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Certificate serial: 019C51B2B85F33D9752C6DE9BA80999F81B8
Authority key identifier: 9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/0lSRM7qDhOZiOXKHMwGCb-hXHmE.roa
Signing time: Thu 12 Feb 2026 11:53:12 +0000
ROA not before: Thu 12 Feb 2026 11:53:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 2a09:a702:24::/48 maxlen: 48
2a09:a702:ae::/48 maxlen: 48
2a09:a702:af::/48 maxlen: 48
2a09:a702:b2::/48 maxlen: 48
2a09:a702:b3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.mft
rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:51:b2:b8:5f:33:d9:75:2c:6d:e9:ba:80:99:9f:81:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Validity
Not Before: Feb 12 11:53:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d2549133ba8384e6623972873301826fe8571e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:15:4d:82:f3:ac:fd:1a:fc:ce:d3:78:1d:b0:
e7:c2:57:5d:9d:54:bb:6e:74:a3:90:5d:06:ab:79:
32:a9:44:dc:d3:1d:4f:fe:37:36:bc:bc:bc:aa:ea:
da:5a:5b:0f:16:75:69:7f:b3:cd:e1:b6:d0:30:80:
f0:5a:88:67:eb:df:4f:e5:1e:a5:5f:46:2b:35:de:
b4:de:90:f4:c0:1b:7b:15:fd:90:94:b2:13:51:22:
44:df:09:46:1f:21:0c:dc:ea:e5:a9:36:4c:da:2b:
cb:44:ed:b8:e8:cf:25:07:50:82:4f:cb:1c:17:fb:
8b:f8:a3:6b:43:6a:ae:51:c9:ef:f9:95:db:70:60:
b3:22:fe:6a:3d:4f:68:a2:f7:c1:10:06:51:3a:88:
2d:bc:97:e6:cc:d0:4e:d4:ff:ae:c8:cb:9c:08:98:
c1:c8:64:78:85:a1:71:8f:d1:58:8f:45:60:3d:4a:
dd:69:e6:52:54:97:45:ab:42:0c:1d:8f:79:e2:72:
b5:b2:65:ee:b2:5d:fa:83:96:d2:95:f9:34:08:98:
1d:b1:69:0e:45:55:3d:b9:58:bc:c3:91:af:77:c8:
15:9e:d6:26:7e:0e:0a:fc:76:de:b1:2a:d7:83:17:
5a:fb:04:86:d9:ce:3f:03:b9:11:e4:d6:64:ee:e4:
35:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:54:91:33:BA:83:84:E6:62:39:72:87:33:01:82:6F:E8:57:1E:61
X509v3 Authority Key Identifier:
keyid:9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/0lSRM7qDhOZiOXKHMwGCb-hXHmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:a702:24::/48
2a09:a702:ae::/47
2a09:a702:b2::/47
Signature Algorithm: sha256WithRSAEncryption
8c:ba:a6:db:72:97:8d:a4:2c:0e:33:ff:9a:fa:d8:47:02:86:
4a:f4:e9:a1:e3:7b:04:b2:2d:51:18:53:9b:17:92:93:0c:5d:
a3:8f:6a:a9:1e:61:88:d8:04:bd:14:cf:13:51:d0:1e:f2:6f:
b8:f0:1f:72:8f:69:cf:a0:0b:14:1c:98:b0:2f:2f:56:9a:ad:
5a:df:24:d2:64:d0:a4:d5:aa:55:76:26:8f:a1:67:e6:1a:65:
f2:22:b6:1f:fb:1c:41:78:cb:38:a0:ad:09:57:f2:3e:0a:bf:
c0:2d:f1:25:2d:a9:73:b5:89:91:b7:16:13:6a:35:14:7b:ab:
f7:3a:9f:bc:9b:31:1a:92:10:2e:e1:90:4a:88:76:85:9c:70:
e3:76:f4:d0:4b:50:4a:3a:29:8c:09:a2:80:58:a4:0d:17:91:
45:af:6e:c5:4c:4e:d0:43:10:51:14:55:1d:a5:b9:4a:c2:3b:
c8:19:7a:ee:4a:d1:8c:09:54:89:8e:7c:5d:90:cf:82:5c:8e:
31:e4:36:6d:38:86:b3:3a:78:ec:10:08:98:2b:f2:d8:89:76:
c8:22:7b:d9:c9:3f:5a:ba:ef:4e:64:01:cc:e3:fb:11:51:ff:
7e:59:c9:3b:71:60:10:f1:79:87:c9:03:61:58:d8:6a:10:57:
1c:90:22:75
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZxRsrhfM9l1LG3puoCZn4G4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjRiMjdkOWYzZGY2ZTE0ZWJjNzllMTQ2ZThiZTMyNzU0
YmY4MDAwHhcNMjYwMjEyMTE1MzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjU0OTEzM2JhODM4NGU2NjIzOTcyODczMzAxODI2ZmU4NTcxZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxVNgvOs/Rr8ztN4HbDnwlddnVS7
bnSjkF0Gq3kyqUTc0x1P/jc2vLy8quraWlsPFnVpf7PN4bbQMIDwWohn699P5R6l
X0YrNd603pD0wBt7Ff2QlLITUSJE3wlGHyEM3OrlqTZM2ivLRO246M8lB1CCT8sc
F/uL+KNrQ2quUcnv+ZXbcGCzIv5qPU9oovfBEAZROogtvJfmzNBO1P+uyMucCJjB
yGR4haFxj9FYj0VgPUrdaeZSVJdFq0IMHY954nK1smXusl36g5bSlfk0CJgdsWkO
RVU9uVi8w5Gvd8gVntYmfg4K/HbesSrXgxda+wSG2c4/A7kR5NZk7uQ1+wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNJUkTO6g4TmYjlyhzMBgm/oVx5hMB8GA1UdIwQY
MBaAFJoksn2fPfbhTrx54UbovjJ1S/gAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgt
NDhkNWZmNGJhMjU1LzEvMGxTUk03cURoT1ppT1hLSE13R0NiLWhYSG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgtNDhkNWZmNGJhMjU1
LzEvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgmnAgAk
AwcBKgmnAgCuAwcBKgmnAgCyMA0GCSqGSIb3DQEBCwUAA4IBAQCMuqbbcpeNpCwO
M/+a+thHAoZK9Omh43sEsi1RGFObF5KTDF2jj2qpHmGI2AS9FM8TUdAe8m+48B9y
j2nPoAsUHJiwLy9Wmq1a3yTSZNCk1apVdiaPoWfmGmXyIrYf+xxBeMs4oK0JV/I+
Cr/ALfElLalztYmRtxYTajUUe6v3Op+8mzEakhAu4ZBKiHaFnHDjdvTQS1BKOimM
CaKAWKQNF5FFr27FTE7QQxBRFFUdpblKwjvIGXruStGMCVSJjnxdkM+CXI4x5DZt
OIazOnjsEAiYK/LYiXbIInvZyT9auu9OZAHM4/sRUf9+Wck7cWAQ8XmHyQNhWNhq
EFcckCJ1
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:28:04 2026 by rpki-client