Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/jnA7FyFn0Bwnz1Mt9Wtgl10J7xg.roa
File: jnA7FyFn0Bwnz1Mt9Wtgl10J7xg.roa (raw, json)
Hash identifier: BN2Z2i5sRIOUBHERNAoHq5gzh9ePkzqHgCOLUwXF9G8=
Subject key identifier: 8E:70:3B:17:21:67:D0:1C:27:CF:53:2D:F5:6B:60:97:5D:09:EF:18
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 019E190EC283FACA3D1157B47504AF829F9D
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/jnA7FyFn0Bwnz1Mt9Wtgl10J7xg.roa
Signing time: Mon 11 May 2026 22:00:58 +0000
ROA not before: Mon 11 May 2026 22:00:58 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202831
IP address blocks: 2a0d:d940:700::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:19:0e:c2:83:fa:ca:3d:11:57:b4:75:04:af:82:9f:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: May 11 22:00:58 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8e703b172167d01c27cf532df56b60975d09ef18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d1:e8:5e:33:4b:87:9f:d8:4d:48:d1:bc:b7:
ee:75:21:73:ff:91:33:8a:3d:99:05:74:b6:8d:27:
3b:f1:fb:34:63:13:a0:0f:f7:d8:9a:a5:26:e7:0f:
71:6e:ba:47:1a:1b:d1:68:b4:a4:9c:01:42:52:d6:
b5:7c:c9:b8:ad:c7:5d:75:a1:7c:b7:bb:cf:89:2a:
50:24:ca:5b:52:8f:fa:95:88:2c:3d:d1:6e:49:6f:
6d:f5:7d:ac:74:23:cf:fc:6c:59:5c:41:48:7c:52:
bb:69:65:e8:86:88:ea:b1:df:34:e9:15:70:12:80:
f8:3c:db:34:91:78:8a:54:ea:a0:99:da:24:7a:a5:
80:fd:e6:f3:1b:06:51:90:f4:d3:72:08:c5:af:23:
8c:cb:b7:18:86:e0:33:d5:ae:02:6a:5e:6b:30:7e:
4d:a4:fb:e9:c9:f8:73:45:98:0c:28:c3:b7:50:48:
46:df:8d:f7:0c:9b:63:a5:79:d5:38:f7:f0:e6:41:
90:df:e1:19:9d:23:2d:99:86:91:b4:48:16:5a:69:
0b:c0:51:42:38:85:d7:9b:94:4b:59:d9:bd:d9:17:
d3:4d:7b:bb:10:30:5a:3b:b5:21:fe:d8:50:b2:9b:
0e:aa:34:2f:fe:f7:3a:14:c2:2f:f4:81:da:ae:aa:
9f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:70:3B:17:21:67:D0:1C:27:CF:53:2D:F5:6B:60:97:5D:09:EF:18
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/jnA7FyFn0Bwnz1Mt9Wtgl10J7xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:700::/40
Signature Algorithm: sha256WithRSAEncryption
d6:17:e4:c6:c2:f4:dc:2b:08:fc:26:da:8d:2b:fb:1a:0e:1f:
96:7d:bc:e0:bc:98:81:65:62:cb:f4:c3:08:a8:f1:82:4e:db:
4e:60:c3:40:7a:75:1c:61:42:ea:b3:64:eb:3b:b0:3a:89:6f:
4c:1c:bc:0d:46:a2:e9:41:d0:2e:45:a6:44:31:22:ac:f5:4d:
b5:82:6e:c6:1e:75:21:60:d0:52:17:b7:27:89:62:61:9e:69:
cb:2e:25:b8:83:22:78:f8:c3:78:87:e1:7a:6c:89:f7:c8:e8:
45:89:ce:80:d7:55:35:43:46:bf:dc:05:11:87:20:67:8a:b8:
73:50:a8:f5:b0:4c:82:f5:2c:08:48:9a:8a:f2:04:5a:a6:9b:
c5:74:f6:af:c7:b0:b5:84:37:40:97:aa:94:fa:9a:e1:d8:93:
66:f1:04:43:d3:39:f0:c0:9d:ea:18:67:b9:3c:c1:ef:a7:56:
78:8d:b8:48:ab:a1:51:66:7c:44:e6:3a:53:f2:ee:47:0f:e9:
10:1c:71:41:da:a7:3a:f4:cd:8e:63:7f:80:5a:fd:e9:21:ea:
34:4f:ed:eb:fc:a1:e6:94:0c:7d:03:24:5d:7f:56:04:03:b7:
a2:ac:8d:af:96:3e:54:a2:36:10:d2:a4:b3:fa:37:a9:25:80:
40:4b:4f:60
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZ4ZDsKD+so9EVe0dQSvgp+dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjYwNTExMjIwMDU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTcwM2IxNzIxNjdkMDFjMjdjZjUzMmRmNTZiNjA5NzVkMDllZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9HoXjNLh5/YTUjRvLfudSFz/5Ez
ij2ZBXS2jSc78fs0YxOgD/fYmqUm5w9xbrpHGhvRaLSknAFCUta1fMm4rcdddaF8
t7vPiSpQJMpbUo/6lYgsPdFuSW9t9X2sdCPP/GxZXEFIfFK7aWXohojqsd806RVw
EoD4PNs0kXiKVOqgmdokeqWA/ebzGwZRkPTTcgjFryOMy7cYhuAz1a4Cal5rMH5N
pPvpyfhzRZgMKMO3UEhG3433DJtjpXnVOPfw5kGQ3+EZnSMtmYaRtEgWWmkLwFFC
OIXXm5RLWdm92RfTTXu7EDBaO7Uh/thQspsOqjQv/vc6FMIv9IHarqqfkwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFI5wOxchZ9AcJ89TLfVrYJddCe8YMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvam5BN0Z5Rm4wQnduejFNdDlXdGdsMTBKN3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg3ZQAcw
DQYJKoZIhvcNAQELBQADggEBANYX5MbC9NwrCPwm2o0r+xoOH5Z9vOC8mIFlYsv0
wwio8YJO205gw0B6dRxhQuqzZOs7sDqJb0wcvA1GoulB0C5FpkQxIqz1TbWCbsYe
dSFg0FIXtyeJYmGeacsuJbiDInj4w3iH4XpsiffI6EWJzoDXVTVDRr/cBRGHIGeK
uHNQqPWwTIL1LAhImoryBFqmm8V09q/HsLWEN0CXqpT6muHYk2bxBEPTOfDAneoY
Z7k8we+nVniNuEiroVFmfETmOlPy7kcP6RAccUHapzr0zY5jf4Ba/ekh6jRP7ev8
oeaUDH0DJF1/VgQDt6Ksja+WPlSiNhDSpLP6N6klgEBLT2A=
-----END CERTIFICATE-----
Generated at Wed May 13 15:56:52 2026 by rpki-client