Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/4kwKLdh3RM_T2CHdwfr7djNqFPw.roa
File: 4kwKLdh3RM_T2CHdwfr7djNqFPw.roa (raw, json)
Hash identifier: fMhCuCyOrPdsWFDfGoHBSeCFarYrpqQUzcCOvftK41o=
Subject key identifier: E2:4C:0A:2D:D8:77:44:CF:D3:D8:21:DD:C1:FA:FB:76:33:6A:14:FC
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 019C95D58F3CC898618BE9BF1C2155CF223C
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/4kwKLdh3RM_T2CHdwfr7djNqFPw.roa
Signing time: Wed 25 Feb 2026 17:25:26 +0000
ROA not before: Wed 25 Feb 2026 17:25:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204843
IP address blocks: 2a09:8b80::/29 maxlen: 29
2a0a:bbc0::/29 maxlen: 29
2a0e:6740::/29 maxlen: 29
2a0e:8840::/29 maxlen: 29
2a0e:c440::/29 maxlen: 29
2a0f:c00::/29 maxlen: 29
2a0f:72c0::/29 maxlen: 29
2a0f:da80::/29 maxlen: 29
2a11:1840::/29 maxlen: 29
2a11:2d80::/29 maxlen: 29
2a11:3f00::/29 maxlen: 29
2a11:41c0::/29 maxlen: 29
2a12:1a40::/29 maxlen: 29
2a12:35c0::/29 maxlen: 29
2a12:3cc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.mft
rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:95:d5:8f:3c:c8:98:61:8b:e9:bf:1c:21:55:cf:22:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Feb 25 17:25:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e24c0a2dd87744cfd3d821ddc1fafb76336a14fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:88:06:6c:d7:7f:b9:51:53:20:44:17:07:62:
85:4b:29:9f:d4:63:8e:3d:ba:19:62:74:bd:87:d1:
99:dd:1d:e7:a9:1f:e8:e3:82:75:f9:56:0a:b7:f9:
44:79:c8:3b:1c:f5:31:8c:c3:39:b0:15:55:ed:b5:
aa:98:ff:82:b6:8f:f5:c2:74:fc:ff:f5:64:8d:9e:
8e:66:cf:de:be:48:c8:52:4e:73:b8:9d:f5:23:22:
af:4d:57:21:f8:37:70:0d:4f:a6:f8:36:f0:6f:ae:
45:ff:e3:12:9e:ec:f1:42:be:57:a1:2b:dc:fa:71:
62:d8:e7:e6:eb:53:0c:dc:15:d6:d6:4e:80:8a:b1:
aa:f7:71:50:7c:cb:65:97:99:ab:d4:82:05:fe:fb:
a0:a0:d9:59:3c:0b:ee:1f:05:5e:11:71:30:c3:3f:
c6:b8:ec:0c:da:8f:e1:c4:69:dc:b7:8a:85:8c:b7:
9e:77:0a:6c:ae:3c:b8:b7:50:3f:a6:68:5b:37:fe:
de:0f:b6:e3:69:6f:9e:3f:dd:3e:31:b1:c2:4d:4c:
01:18:4e:5c:7d:d8:04:8f:37:13:49:04:b1:18:96:
de:5d:6b:38:c0:df:58:e8:44:b8:1f:eb:9c:88:ac:
8f:2f:80:22:3f:c5:7c:d9:2a:c5:2b:86:17:e2:df:
fb:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:4C:0A:2D:D8:77:44:CF:D3:D8:21:DD:C1:FA:FB:76:33:6A:14:FC
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/4kwKLdh3RM_T2CHdwfr7djNqFPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:8b80::/29
2a0a:bbc0::/29
2a0e:6740::/29
2a0e:8840::/29
2a0e:c440::/29
2a0f:c00::/29
2a0f:72c0::/29
2a0f:da80::/29
2a11:1840::/29
2a11:2d80::/29
2a11:3f00::/29
2a11:41c0::/29
2a12:1a40::/29
2a12:35c0::/29
2a12:3cc0::/29
Signature Algorithm: sha256WithRSAEncryption
0b:3e:2e:10:fc:e3:4f:d2:02:f6:c2:c4:ee:14:fa:cc:17:bf:
46:54:19:d6:ca:11:63:16:3e:5f:4a:bf:20:67:53:44:ed:aa:
7d:2d:aa:87:b9:22:34:4c:7e:8b:59:b2:b9:16:ee:b4:52:f8:
56:77:d0:e4:32:c0:46:0c:60:1a:c0:a0:60:f1:2c:ba:e3:c3:
7c:9b:91:d5:f5:20:bc:7e:a7:56:70:6a:19:dd:bf:7e:97:cc:
f4:85:35:42:36:82:6e:12:fb:18:08:89:f6:02:bf:c5:d2:8e:
a1:48:61:d9:f8:bc:cb:f5:d1:45:63:c4:95:e9:35:bb:cd:4c:
bd:a5:a2:59:18:a8:45:6e:b7:8c:0e:85:ee:7f:ca:3d:da:aa:
ba:78:6b:38:37:2b:52:2a:83:c9:c9:e5:2d:c5:b6:b0:26:27:
16:64:91:10:ed:dd:20:05:20:e0:9c:b9:0b:30:45:f5:22:e7:
cb:6d:12:32:6d:bd:55:64:de:db:94:67:7f:bc:1b:7e:ab:c7:
d4:ae:05:df:09:fe:38:cf:0f:0f:d9:dd:56:7b:dc:ad:9d:51:
d5:65:8a:5a:d2:46:6a:99:59:68:7c:ac:05:a2:36:dd:55:7e:
c0:8a:e0:87:a1:36:81:ee:45:fb:28:ca:2b:31:52:d7:88:a7:
5c:6f:bb:dc
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZyV1Y88yJhhi+m/HCFVzyI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjYwMjI1MTcyNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjRjMGEyZGQ4Nzc0NGNmZDNkODIxZGRjMWZhZmI3NjMzNmExNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIgGbNd/uVFTIEQXB2KFSymf1GOO
PboZYnS9h9GZ3R3nqR/o44J1+VYKt/lEecg7HPUxjMM5sBVV7bWqmP+Cto/1wnT8
//VkjZ6OZs/evkjIUk5zuJ31IyKvTVch+DdwDU+m+Dbwb65F/+MSnuzxQr5XoSvc
+nFi2Ofm61MM3BXW1k6AirGq93FQfMtll5mr1IIF/vugoNlZPAvuHwVeEXEwwz/G
uOwM2o/hxGnct4qFjLeedwpsrjy4t1A/pmhbN/7eD7bjaW+eP90+MbHCTUwBGE5c
fdgEjzcTSQSxGJbeXWs4wN9Y6ES4H+uciKyPL4AiP8V82SrFK4YX4t/73QIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFOJMCi3Yd0TP09gh3cH6+3YzahT8MB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvNGt3S0xkaDNSTV9UMkNIZHdmcjdkak5xRlB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwbwQCAAIwaQMFAyoJi4AD
BQMqCrvAAwUDKg5nQAMFAyoOiEADBQMqDsRAAwUDKg8MAAMFAyoPcsADBQMqD9qA
AwUDKhEYQAMFAyoRLYADBQMqET8AAwUDKhFBwAMFAyoSGkADBQMqEjXAAwUDKhI8
wDANBgkqhkiG9w0BAQsFAAOCAQEACz4uEPzjT9IC9sLE7hT6zBe/RlQZ1soRYxY+
X0q/IGdTRO2qfS2qh7kiNEx+i1myuRbutFL4VnfQ5DLARgxgGsCgYPEsuuPDfJuR
1fUgvH6nVnBqGd2/fpfM9IU1QjaCbhL7GAiJ9gK/xdKOoUhh2fi8y/XRRWPElek1
u81MvaWiWRioRW63jA6F7n/KPdqqunhrODcrUiqDycnlLcW2sCYnFmSREO3dIAUg
4Jy5CzBF9SLny20SMm29VWTe25Rnf7wbfqvH1K4F3wn+OM8PD9ndVnvcrZ1R1WWK
WtJGaplZaHysBaI23VV+wIrgh6E2ge5F+yjKKzFS14inXG+73A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:23:54 2026 by rpki-client