Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/fISbt3TEt5z7hvgEykaWZ1xKNyY.roa
File: fISbt3TEt5z7hvgEykaWZ1xKNyY.roa (raw, json)
Hash identifier: CfyvMhS9ewbjRLfiApY3927/WtEF1gMMScOXv02Vkr4=
Subject key identifier: 7C:84:9B:B7:74:C4:B7:9C:FB:86:F8:04:CA:46:96:67:5C:4A:37:26
Certificate issuer: /CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Certificate serial: 019C6C1CCE28768CB7B0DA83A8A8D30AF252
Authority key identifier: 7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/fISbt3TEt5z7hvgEykaWZ1xKNyY.roa
Signing time: Tue 17 Feb 2026 14:59:13 +0000
ROA not before: Tue 17 Feb 2026 14:59:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199152
IP address blocks: 2a09:da40::/32 maxlen: 32
2a0d:adc4::/32 maxlen: 32
2a11:3d01::/32 maxlen: 32
2a14:9705::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.mft
rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6c:1c:ce:28:76:8c:b7:b0:da:83:a8:a8:d3:0a:f2:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b9447fe9a4acc7d6ff72d6c798d43d66cd50c3f
Validity
Not Before: Feb 17 14:59:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7c849bb774c4b79cfb86f804ca4696675c4a3726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ec:32:78:05:dc:c5:fe:ab:f0:a5:8a:dc:6a:
06:c8:72:6e:0c:c7:b0:60:57:a3:ee:93:8e:18:a6:
32:8b:d6:4b:49:99:c2:1a:c3:db:ff:3c:31:41:b4:
66:b3:97:2f:57:92:34:3e:bf:45:7b:9a:6f:1c:55:
20:a7:e0:43:b1:fa:aa:dc:69:90:4e:56:3c:0d:7f:
7e:49:bf:5c:d0:20:a8:c1:83:4c:c1:e9:b8:2e:11:
20:aa:7b:6f:b7:d0:32:21:d1:a9:86:de:6c:69:c0:
92:d2:c0:29:af:32:e8:9b:3b:b7:f9:c3:70:6a:54:
e3:c9:e3:9a:99:bb:a9:d7:b6:61:ae:1a:c0:ad:42:
a9:eb:a3:38:36:1e:81:06:71:f1:ab:a1:8f:aa:cf:
55:e1:c2:42:c7:15:50:d3:d0:91:6a:80:46:bc:e6:
18:22:a7:fa:1c:f2:c3:46:00:a3:43:85:5c:41:51:
99:1e:92:69:3f:92:f9:67:cf:c1:c6:4b:b3:4d:79:
1d:98:df:c0:01:02:e9:fe:fa:33:f7:13:10:24:90:
ff:ff:97:60:3b:12:68:9e:b2:2d:ab:1f:85:2e:f2:
28:3d:3e:1e:fa:bb:53:d9:b5:98:af:19:07:e8:6e:
1b:79:b9:ef:5d:97:26:dc:5b:e6:b9:e5:98:4a:c3:
24:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:84:9B:B7:74:C4:B7:9C:FB:86:F8:04:CA:46:96:67:5C:4A:37:26
X509v3 Authority Key Identifier:
keyid:7B:94:47:FE:9A:4A:CC:7D:6F:F7:2D:6C:79:8D:43:D6:6C:D5:0C:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5RH_ppKzH1v9y1seY1D1mzVDD8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/fISbt3TEt5z7hvgEykaWZ1xKNyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/ac24df-09d6-4457-9d2e-9fceb45d6fdb/1/e5RH_ppKzH1v9y1seY1D1mzVDD8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:da40::/32
2a0d:adc4::/32
2a11:3d01::/32
2a14:9705::/32
Signature Algorithm: sha256WithRSAEncryption
2c:00:66:96:47:5c:53:c2:7a:a3:c3:04:34:8c:1d:32:85:cd:
90:15:ac:66:81:a5:30:11:4b:76:02:2c:2e:e0:d7:53:0c:55:
a6:4f:76:ba:3f:27:04:d8:1a:99:85:66:49:f5:2b:74:32:3c:
46:20:3b:a2:96:7e:1c:45:ca:fe:83:e9:4e:b3:0a:02:60:27:
7a:e7:7e:12:b8:31:47:26:65:2f:65:d3:5a:9e:0d:2e:f0:15:
72:20:7f:32:75:ba:85:fe:37:62:1c:a6:51:d6:1a:51:c0:9c:
4d:81:74:b0:f4:e0:3d:96:9f:13:18:cb:d8:b5:39:db:df:0a:
e9:5a:22:cf:98:5b:0a:23:73:f8:1d:89:e9:69:c2:d2:68:79:
fa:e6:46:37:38:c7:5f:a4:40:9e:6a:4f:d7:72:54:8d:29:60:
d6:3b:de:07:1e:f9:d8:90:33:23:d6:6a:2e:c2:8b:50:17:d8:
15:e1:91:e1:63:2e:13:6c:0a:68:06:40:5c:33:6f:dc:e8:3b:
77:bd:50:9f:e2:81:cc:6a:3c:fc:4e:11:aa:71:64:df:28:41:
02:5b:67:5d:88:bb:3d:10:da:e9:cf:f9:f8:25:11:73:23:5c:
03:56:f1:e3:d5:65:5b:53:de:ee:c9:96:23:01:1e:38:e2:c9:
dc:7b:6b:0a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZxsHM4odoy3sNqDqKjTCvJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiOTQ0N2ZlOWE0YWNjN2Q2ZmY3MmQ2Yzc5OGQ0M2Q2NmNk
NTBjM2YwHhcNMjYwMjE3MTQ1OTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzg0OWJiNzc0YzRiNzljZmI4NmY4MDRjYTQ2OTY2NzVjNGEzNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOwyeAXcxf6r8KWK3GoGyHJuDMew
YFej7pOOGKYyi9ZLSZnCGsPb/zwxQbRms5cvV5I0Pr9Fe5pvHFUgp+BDsfqq3GmQ
TlY8DX9+Sb9c0CCowYNMwem4LhEgqntvt9AyIdGpht5sacCS0sAprzLomzu3+cNw
alTjyeOambup17ZhrhrArUKp66M4Nh6BBnHxq6GPqs9V4cJCxxVQ09CRaoBGvOYY
Iqf6HPLDRgCjQ4VcQVGZHpJpP5L5Z8/BxkuzTXkdmN/AAQLp/voz9xMQJJD//5dg
OxJonrItqx+FLvIoPT4e+rtT2bWYrxkH6G4bebnvXZcm3FvmueWYSsMkgwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHyEm7d0xLec+4b4BMpGlmdcSjcmMB8GA1UdIwQY
MBaAFHuUR/6aSsx9b/ctbHmNQ9Zs1Qw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUt
OWZjZWI0NWQ2ZmRiLzEvZklTYnQzVEV0NXo3aHZnRXlrYVdaMXhLTnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9hYzI0ZGYtMDlkNi00NDU3LTlkMmUtOWZjZWI0NWQ2ZmRi
LzEvZTVSSF9wcEt6SDF2OXkxc2VZMUQxbXpWREQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgnaQAMF
ACoNrcQDBQAqET0BAwUAKhSXBTANBgkqhkiG9w0BAQsFAAOCAQEALABmlkdcU8J6
o8MENIwdMoXNkBWsZoGlMBFLdgIsLuDXUwxVpk92uj8nBNgamYVmSfUrdDI8RiA7
opZ+HEXK/oPpTrMKAmAneud+ErgxRyZlL2XTWp4NLvAVciB/MnW6hf43YhymUdYa
UcCcTYF0sPTgPZafExjL2LU5298K6Voiz5hbCiNz+B2J6WnC0mh5+uZGNzjHX6RA
nmpP13JUjSlg1jveBx752JAzI9ZqLsKLUBfYFeGR4WMuE2wKaAZAXDNv3Og7d71Q
n+KBzGo8/E4RqnFk3yhBAltnXYi7PRDa6c/5+CURcyNcA1bx49VlW1Pe7smWIwEe
OOLJ3HtrCg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:38:44 2026 by rpki-client