Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1-iXfg-U8SylhrLc2ZgN-IWOSj_I.roa
File: 1-iXfg-U8SylhrLc2ZgN-IWOSj_I.roa (raw, json)
Hash identifier: z403kyA755x4jzlOpyXfkDsTCsWGb4c36bDKZpoexk8=
Subject key identifier: FA:25:DF:83:E5:3C:4B:29:61:AC:B7:36:66:03:7E:21:63:92:8F:F2
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 019DF7AC2D86BC4259D88B22D88AEF7E4E82
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1-iXfg-U8SylhrLc2ZgN-IWOSj_I.roa
Signing time: Tue 05 May 2026 10:25:49 +0000
ROA not before: Tue 05 May 2026 10:25:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197974
IP address blocks: 2a0d:d940:120::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f7:ac:2d:86:bc:42:59:d8:8b:22:d8:8a:ef:7e:4e:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: May 5 10:25:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fa25df83e53c4b2961acb73666037e2163928ff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:46:39:15:21:da:8c:d4:a8:65:6c:c9:be:16:
c6:1d:ea:00:b1:62:ee:f4:44:2a:35:39:96:b1:18:
2b:32:ab:7f:b9:d6:ed:53:f0:b9:7c:ba:22:3f:e7:
dc:0f:0c:1c:a7:8f:ca:2d:58:fb:6c:45:c4:70:8c:
d7:1b:a9:c6:02:9f:5c:9b:6a:48:f6:7a:7e:bb:62:
ce:6d:08:f9:60:16:ad:ab:87:bd:41:b5:f9:37:78:
c6:d9:01:58:3e:f2:7f:e9:1f:6d:27:31:58:18:fb:
ee:9e:94:91:e1:f6:b7:96:30:88:30:30:57:49:1d:
23:4f:57:9c:3b:a4:97:de:51:aa:6f:a2:b1:cc:4c:
ee:6c:1f:f6:83:d7:26:83:9c:84:a5:89:ec:05:df:
5a:69:11:23:0f:c5:19:c4:52:20:a6:05:09:16:62:
5f:f7:21:8d:1f:99:32:9a:bb:b3:3d:cf:b6:a5:77:
c2:03:93:da:81:1b:38:67:ca:5c:75:e3:99:76:8a:
40:c1:0d:70:83:66:8c:79:68:63:77:b0:8d:1c:b2:
50:da:38:b0:33:18:1f:64:e6:a8:ee:42:ef:49:2e:
37:d1:f3:cf:96:28:fe:54:a4:ce:9a:bf:e0:e5:c7:
2d:64:46:52:a5:e0:95:37:a8:6b:ca:2c:e7:8c:33:
c8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:25:DF:83:E5:3C:4B:29:61:AC:B7:36:66:03:7E:21:63:92:8F:F2
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/1-iXfg-U8SylhrLc2ZgN-IWOSj_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:120::/44
Signature Algorithm: sha256WithRSAEncryption
cb:48:60:b1:84:ee:83:cc:08:f2:39:bc:f0:de:2c:a5:bc:20:
61:a9:c6:a2:ea:21:5e:ed:44:d3:5b:68:05:9b:5d:5f:ea:b1:
03:17:34:f8:d6:cf:ec:95:b7:b9:40:da:a6:f8:10:25:e8:60:
67:d2:55:11:1f:c8:37:17:fd:0d:44:ed:12:2f:91:59:f0:57:
b8:39:cf:23:20:02:5a:34:4e:01:60:a6:42:60:68:49:d8:8e:
c6:d3:6c:5d:f2:74:ba:a1:12:0f:b3:dc:a8:1e:ab:a2:15:66:
36:6d:8e:da:d9:94:54:45:8a:64:0a:14:5c:38:36:8b:1c:0a:
1e:c9:c7:d4:5a:67:5d:0c:67:91:a7:ad:f8:91:47:5d:6e:d5:
2a:38:e2:5e:09:68:b1:f2:0a:91:ae:5d:74:05:58:1b:00:8a:
e3:56:33:47:8b:7f:aa:73:c4:16:ed:ea:46:f9:42:bc:df:8f:
89:9f:54:a5:89:71:c7:ef:38:a2:3e:58:8b:de:10:54:a7:86:
6b:c4:2d:c4:6e:fa:ff:14:03:b8:91:8e:f4:0b:34:64:ff:f8:
c7:5a:72:28:be:a5:1f:2e:b8:55:64:cc:6e:67:71:dc:71:44:
8e:6c:95:fe:6a:c4:c2:ad:13:59:a8:17:cc:0f:67:04:58:48:
77:1c:b1:ed
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAZ33rC2GvEJZ2Isi2Irvfk6CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjYwNTA1MTAyNTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTI1ZGY4M2U1M2M0YjI5NjFhY2I3MzY2NjAzN2UyMTYzOTI4ZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkY5FSHajNSoZWzJvhbGHeoAsWLu
9EQqNTmWsRgrMqt/udbtU/C5fLoiP+fcDwwcp4/KLVj7bEXEcIzXG6nGAp9cm2pI
9np+u2LObQj5YBatq4e9QbX5N3jG2QFYPvJ/6R9tJzFYGPvunpSR4fa3ljCIMDBX
SR0jT1ecO6SX3lGqb6KxzEzubB/2g9cmg5yEpYnsBd9aaREjD8UZxFIgpgUJFmJf
9yGNH5kymruzPc+2pXfCA5PagRs4Z8pcdeOZdopAwQ1wg2aMeWhjd7CNHLJQ2jiw
MxgfZOao7kLvSS430fPPlij+VKTOmr/g5cctZEZSpeCVN6hryiznjDPIJQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFPol34PlPEspYay3NmYDfiFjko/yMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvMS1pWGZnLVU4U3lsaHJMYzJaZ04tSVdPU2pfSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDkvN2JhMWIxLTU1NjItNGEzMi05ZjVkLTE0ZDIzODUyNzgz
NS8xL0MwNDdPNFFrSWxpR01VTHRPaGw1TFpmTHZIUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoN2UAB
IDANBgkqhkiG9w0BAQsFAAOCAQEAy0hgsYTug8wI8jm88N4spbwgYanGouohXu1E
01toBZtdX+qxAxc0+NbP7JW3uUDapvgQJehgZ9JVER/INxf9DUTtEi+RWfBXuDnP
IyACWjROAWCmQmBoSdiOxtNsXfJ0uqESD7PcqB6rohVmNm2O2tmUVEWKZAoUXDg2
ixwKHsnH1FpnXQxnkaet+JFHXW7VKjjiXglosfIKka5ddAVYGwCK41YzR4t/qnPE
Fu3qRvlCvN+PiZ9UpYlxx+84oj5Yi94QVKeGa8QtxG76/xQDuJGO9As0ZP/4x1py
KL6lHy64VWTMbmdx3HFEjmyV/mrEwq0TWagXzA9nBFhIdxyx7Q==
-----END CERTIFICATE-----
Generated at Wed May 13 06:00:54 2026 by rpki-client