Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/SiSEnL423I5XouzAs4pGsUImYcc.roa
File: SiSEnL423I5XouzAs4pGsUImYcc.roa (raw, json)
Hash identifier: iC//PVNeEFsKkA9yEdDKkfspSphwd8PgBs8UKUbdr94=
Subject key identifier: 4A:24:84:9C:BE:36:DC:8E:57:A2:EC:C0:B3:8A:46:B1:42:26:61:C7
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 019DFDF76839CA60BF238566A6499BB56F66
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/SiSEnL423I5XouzAs4pGsUImYcc.roa
Signing time: Wed 06 May 2026 15:45:42 +0000
ROA not before: Wed 06 May 2026 15:45:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216039
IP address blocks: 2a0d:d940:600::/40 maxlen: 40
2a0d:d940:900b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 18:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fd:f7:68:39:ca:60:bf:23:85:66:a6:49:9b:b5:6f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: May 6 15:45:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4a24849cbe36dc8e57a2ecc0b38a46b1422661c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ec:03:3e:48:b0:6b:2c:5f:cb:1f:6d:0c:89:
5b:d7:0a:f5:d1:d1:5f:3d:32:c3:30:d7:c2:42:13:
ab:60:73:a2:c2:da:78:3f:5e:3c:ab:8f:79:70:2f:
15:28:a0:d4:f9:8f:8a:13:2d:1e:b7:76:0c:25:9b:
a8:10:67:1d:7c:25:84:58:72:23:59:3e:04:65:2e:
a3:86:28:cc:28:8f:b3:25:a6:9f:ef:6e:51:bc:00:
e2:c1:f6:83:04:76:15:78:89:23:8c:66:bb:9b:17:
4a:05:96:e3:34:4a:89:63:ad:ec:7e:c2:85:14:33:
f6:2e:e6:d0:6b:1e:ca:db:1c:3b:4f:a9:b5:4d:4b:
50:f6:6d:c5:22:50:ea:e2:09:9e:e1:75:ac:1b:42:
09:bc:f8:03:38:41:d3:53:b8:78:bd:45:84:63:85:
6b:6b:25:d4:28:54:d5:08:40:ba:fc:c1:58:6a:a3:
f4:2f:58:9a:ad:bf:6d:f0:5e:6e:65:aa:3c:c1:ef:
01:a3:13:3c:49:d3:18:2a:1a:10:da:6c:a7:fd:35:
f4:19:57:6b:84:fa:e1:1d:b6:73:da:38:53:83:5c:
87:57:00:d1:57:3a:06:02:79:96:57:35:11:cd:6c:
19:c4:dc:e0:3d:bb:49:5c:70:38:00:46:c4:e9:f1:
cc:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:24:84:9C:BE:36:DC:8E:57:A2:EC:C0:B3:8A:46:B1:42:26:61:C7
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/SiSEnL423I5XouzAs4pGsUImYcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:600::/40
2a0d:d940:900b::/48
Signature Algorithm: sha256WithRSAEncryption
df:2e:55:ed:df:0b:a3:1a:6a:df:83:c1:9e:a0:ff:1f:8b:3b:
0b:59:a4:83:94:2c:65:06:8b:84:bf:97:b6:57:12:bf:b1:ed:
f8:9b:60:26:37:86:90:d0:fa:ba:70:7b:dc:fd:dc:3e:76:0e:
2b:c3:84:30:65:14:24:88:dd:96:d8:df:44:1e:da:5c:4d:b4:
c3:9d:fd:5c:f0:c4:56:a9:96:de:0e:cf:ea:a7:7b:2b:97:4c:
f5:90:fa:53:56:fb:95:ef:93:6f:e0:1a:a3:b0:3a:ce:d5:b5:
e2:49:fc:3a:be:23:3b:86:bd:0b:19:b0:57:f7:a8:29:55:18:
9d:a2:07:d0:b4:9c:29:fd:0a:e7:88:f7:6e:2c:2a:fb:15:00:
e3:0f:47:26:1e:8e:6c:b5:73:12:a6:88:22:03:89:56:f2:bb:
de:16:22:41:25:76:a4:ba:36:46:9d:eb:43:e1:68:df:3a:cf:
2c:d3:13:a3:7d:3a:f4:49:81:95:f6:b6:d6:e7:a6:a7:0e:23:
48:2c:7b:3a:d8:71:73:d8:93:1e:ca:8d:bb:b4:f7:c6:26:88:
6c:61:c9:51:80:8f:46:04:df:5c:6c:ea:6a:35:25:7d:ce:db:
d5:04:54:22:ee:5b:6e:bc:a0:af:c8:0f:ee:6a:6d:98:0c:c8:
72:2f:8e:5f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZ3992g5ymC/I4VmpkmbtW9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjYwNTA2MTU0NTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTI0ODQ5Y2JlMzZkYzhlNTdhMmVjYzBiMzhhNDZiMTQyMjY2MWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuwDPkiwayxfyx9tDIlb1wr10dFf
PTLDMNfCQhOrYHOiwtp4P148q495cC8VKKDU+Y+KEy0et3YMJZuoEGcdfCWEWHIj
WT4EZS6jhijMKI+zJaaf725RvADiwfaDBHYVeIkjjGa7mxdKBZbjNEqJY63sfsKF
FDP2LubQax7K2xw7T6m1TUtQ9m3FIlDq4gme4XWsG0IJvPgDOEHTU7h4vUWEY4Vr
ayXUKFTVCEC6/MFYaqP0L1iarb9t8F5uZao8we8BoxM8SdMYKhoQ2myn/TX0GVdr
hPrhHbZz2jhTg1yHVwDRVzoGAnmWVzURzWwZxNzgPbtJXHA4AEbE6fHMaQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFEokhJy+NtyOV6LswLOKRrFCJmHHMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvU2lTRW5MNDIzSTVYb3V6QXM0cEdzVUltWWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKg3ZQAYD
BwAqDdlAkAswDQYJKoZIhvcNAQELBQADggEBAN8uVe3fC6Maat+DwZ6g/x+LOwtZ
pIOULGUGi4S/l7ZXEr+x7fibYCY3hpDQ+rpwe9z93D52DivDhDBlFCSI3ZbY30Qe
2lxNtMOd/VzwxFaplt4Oz+qneyuXTPWQ+lNW+5Xvk2/gGqOwOs7VteJJ/Dq+IzuG
vQsZsFf3qClVGJ2iB9C0nCn9CueI924sKvsVAOMPRyYejmy1cxKmiCIDiVbyu94W
IkEldqS6Nkad60PhaN86zyzTE6N9OvRJgZX2ttbnpqcOI0gsezrYcXPYkx7Kjbu0
98YmiGxhyVGAj0YE31xs6mo1JX3O29UEVCLuW268oK/ID+5qbZgMyHIvjl8=
-----END CERTIFICATE-----
Generated at Wed May 13 04:19:06 2026 by rpki-client