Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/prgj1oXvwWC0sM7Ft5oF9Cxe5KY.roa
File: prgj1oXvwWC0sM7Ft5oF9Cxe5KY.roa (raw, json)
Hash identifier: ioJewMTD2dS5oVrlrAMzHn6XNAAhfHw8VN2sudmlEoI=
Subject key identifier: A6:B8:23:D6:85:EF:C1:60:B4:B0:CE:C5:B7:9A:05:F4:2C:5E:E4:A6
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 019DE871DC76971A91F2BC7B58B08FDEEC38
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/prgj1oXvwWC0sM7Ft5oF9Cxe5KY.roa
Signing time: Sat 02 May 2026 11:27:49 +0000
ROA not before: Sat 02 May 2026 11:27:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199133
IP address blocks: 2a0d:d940:50::/46 maxlen: 46
2a0d:d940:5e::/48 maxlen: 48
2a0d:d940:1100::/40 maxlen: 40
2a0d:d940:1300::/40 maxlen: 40
2a0d:d940:1f00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e8:71:dc:76:97:1a:91:f2:bc:7b:58:b0:8f:de:ec:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: May 2 11:27:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a6b823d685efc160b4b0cec5b79a05f42c5ee4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a1:37:31:91:f6:28:31:fd:55:5d:1a:da:02:
a5:e8:0c:c9:c5:bc:cf:ac:01:46:79:2f:70:f2:30:
8c:64:41:ca:27:85:23:09:8f:33:73:13:db:82:5e:
88:f8:9a:78:64:56:d3:f6:1f:3a:f1:1e:1e:c5:8e:
1e:ee:f3:d6:6e:b6:1c:09:87:dc:d2:67:1d:57:1e:
15:8a:f3:2e:3a:e0:ea:54:eb:5c:ed:2e:f4:b5:85:
54:bf:3d:7d:5c:19:1d:b2:18:c7:19:dc:bd:2b:6b:
ad:11:1c:8e:6e:63:b0:52:0e:e4:e6:bd:8b:18:f9:
86:65:9a:be:55:31:d8:74:ea:67:97:e4:28:a7:eb:
1f:95:83:f3:a6:10:0a:af:42:a0:ea:df:a1:f6:e7:
fe:b2:a2:97:5e:4d:4e:88:b3:bd:c0:df:07:18:a5:
6d:ce:6b:04:46:27:7a:6e:ae:09:9a:eb:df:af:03:
3a:52:8f:82:1c:ab:f4:8b:a7:34:18:a0:b6:9f:f5:
fc:b8:3a:d6:c8:a8:a1:35:d2:c5:3e:6c:a2:9f:35:
31:3f:30:0c:c2:94:2c:e9:55:d2:25:39:51:29:5d:
5c:8b:f3:c2:9d:5f:fc:92:cc:a1:d3:78:77:f0:4f:
4e:98:23:ea:53:e7:40:a9:53:86:05:35:a8:c6:a9:
d8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B8:23:D6:85:EF:C1:60:B4:B0:CE:C5:B7:9A:05:F4:2C:5E:E4:A6
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/prgj1oXvwWC0sM7Ft5oF9Cxe5KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:50::/46
2a0d:d940:5e::/48
2a0d:d940:1100::/40
2a0d:d940:1300::/40
2a0d:d940:1f00::/40
Signature Algorithm: sha256WithRSAEncryption
c7:13:19:42:b4:fe:c3:e4:84:82:4e:94:2b:aa:c4:31:68:51:
13:be:e8:77:86:a8:37:05:a7:31:7b:0c:1f:08:1e:8b:b7:13:
2d:a5:e8:26:af:7f:4e:9e:33:1d:1a:2c:bb:2b:c3:15:c4:f8:
65:aa:43:a5:a1:8c:ae:30:65:8c:88:e0:a5:c4:5c:46:ee:6b:
6f:ab:8a:8d:5a:f8:ce:d3:6a:0e:ed:17:eb:d0:a5:b0:28:17:
7b:1e:49:10:a8:31:68:c8:ca:ca:3f:51:65:17:0b:cb:0e:9a:
6c:e0:79:6d:61:02:8c:52:18:18:5b:ea:df:23:45:e0:0e:f0:
06:9d:21:df:6b:a0:47:0e:21:96:d9:37:d1:3f:e8:4d:6b:80:
25:e3:44:e0:2f:a7:6d:30:f5:8c:ab:3d:3d:ed:1e:58:e4:e3:
30:f3:50:01:b5:0d:d3:08:44:26:71:f1:4b:49:d4:2a:fa:5e:
da:33:c6:1d:9d:9e:24:c9:94:fb:3c:07:ff:09:06:14:38:67:
78:39:2a:4e:65:88:76:c5:50:fa:42:41:8b:71:63:8e:60:d4:
54:f7:94:48:74:fb:a4:c7:88:30:8d:0d:17:e5:7c:05:21:d7:
ac:94:31:0d:86:5b:7c:b2:6e:bf:4a:f4:4a:ce:c9:ce:13:93:
69:d6:81:0b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ3ocdx2lxqR8rx7WLCP3uw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjYwNTAyMTEyNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmI4MjNkNjg1ZWZjMTYwYjRiMGNlYzViNzlhMDVmNDJjNWVlNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKE3MZH2KDH9VV0a2gKl6AzJxbzP
rAFGeS9w8jCMZEHKJ4UjCY8zcxPbgl6I+Jp4ZFbT9h868R4exY4e7vPWbrYcCYfc
0mcdVx4VivMuOuDqVOtc7S70tYVUvz19XBkdshjHGdy9K2utERyObmOwUg7k5r2L
GPmGZZq+VTHYdOpnl+Qop+sflYPzphAKr0Kg6t+h9uf+sqKXXk1OiLO9wN8HGKVt
zmsERid6bq4JmuvfrwM6Uo+CHKv0i6c0GKC2n/X8uDrWyKihNdLFPmyinzUxPzAM
wpQs6VXSJTlRKV1ci/PCnV/8ksyh03h38E9OmCPqU+dAqVOGBTWoxqnY/QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKa4I9aF78FgtLDOxbeaBfQsXuSmMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvcHJnajFvWHZ3V0Mwc003RnQ1b0Y5Q3hlNUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwcCKg3ZQABQ
AwcAKg3ZQABeAwYAKg3ZQBEDBgAqDdlAEwMGACoN2UAfMA0GCSqGSIb3DQEBCwUA
A4IBAQDHExlCtP7D5ISCTpQrqsQxaFETvuh3hqg3BacxewwfCB6LtxMtpegmr39O
njMdGiy7K8MVxPhlqkOloYyuMGWMiOClxFxG7mtvq4qNWvjO02oO7Rfr0KWwKBd7
HkkQqDFoyMrKP1FlFwvLDpps4HltYQKMUhgYW+rfI0XgDvAGnSHfa6BHDiGW2TfR
P+hNa4Al40TgL6dtMPWMqz097R5Y5OMw81ABtQ3TCEQmcfFLSdQq+l7aM8YdnZ4k
yZT7PAf/CQYUOGd4OSpOZYh2xVD6QkGLcWOOYNRU95RIdPukx4gwjQ0X5XwFIdes
lDENhlt8sm6/SvRKzsnOE5Np1oEL
-----END CERTIFICATE-----
Generated at Tue May 12 21:32:40 2026 by rpki-client