Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/14337c-174e-4e0a-893a-b9898f4ef77e/1/u3zxwv8aiDPFhl4Oxz0_bf9g92U.roa
File: u3zxwv8aiDPFhl4Oxz0_bf9g92U.roa (raw, json)
Hash identifier: wBX3vONdNDvp84LOZvpcknzsgcTIkj6k0n194mkJDS8=
Subject key identifier: BB:7C:F1:C2:FF:1A:88:33:C5:86:5E:0E:C7:3D:3F:6D:FF:60:F7:65
Certificate issuer: /CN=0e42c2e7fb021b111a719feda93c61e5c3537fa7
Certificate serial: 019CE756783513101078224DBB239DFEA196
Authority key identifier: 0E:42:C2:E7:FB:02:1B:11:1A:71:9F:ED:A9:3C:61:E5:C3:53:7F:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkLC5_sCGxEacZ_tqTxh5cNTf6c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/14337c-174e-4e0a-893a-b9898f4ef77e/1/u3zxwv8aiDPFhl4Oxz0_bf9g92U.roa
Signing time: Fri 13 Mar 2026 13:15:29 +0000
ROA not before: Fri 13 Mar 2026 13:15:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41088
IP address blocks: 2001:678:e8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/14337c-174e-4e0a-893a-b9898f4ef77e/1/DkLC5_sCGxEacZ_tqTxh5cNTf6c.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/14337c-174e-4e0a-893a-b9898f4ef77e/1/DkLC5_sCGxEacZ_tqTxh5cNTf6c.mft
rsync://rpki.ripe.net/repository/DEFAULT/DkLC5_sCGxEacZ_tqTxh5cNTf6c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e7:56:78:35:13:10:10:78:22:4d:bb:23:9d:fe:a1:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e42c2e7fb021b111a719feda93c61e5c3537fa7
Validity
Not Before: Mar 13 13:15:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bb7cf1c2ff1a8833c5865e0ec73d3f6dff60f765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:33:2c:7e:df:1b:0b:0e:67:bd:36:2d:fd:92:
b3:fe:c8:25:bc:1e:01:cf:0e:a3:1a:7e:ba:e9:23:
5f:23:22:70:b4:4a:92:66:ce:7d:ec:e2:22:fc:d8:
f6:5d:41:78:07:4b:a8:a0:fd:67:b9:fd:f0:62:8d:
6a:70:c1:5b:06:2f:b2:df:a6:7a:b0:b1:ff:24:d3:
36:6e:e0:22:ac:7e:58:0f:7b:59:63:3a:3e:9d:ed:
6a:63:a3:fd:6f:84:92:1a:63:9a:cc:0a:c0:76:af:
9e:83:29:35:5e:09:5b:0a:d9:45:e2:84:ee:a3:4e:
1a:4f:85:41:ff:8d:93:6c:69:ad:d5:37:cf:fc:f2:
09:64:6e:d2:c6:af:c9:8c:2a:1b:79:f8:9a:e8:41:
da:a9:81:0f:a5:f7:ac:8d:0b:bf:9d:c9:47:1f:85:
b9:31:dc:c0:07:cf:13:cb:16:d4:48:f4:8f:f9:ba:
07:b8:46:ac:71:45:cb:ba:87:90:74:9e:7b:15:b4:
b1:a6:7a:ea:4e:31:91:ab:b6:cd:65:51:d0:42:ae:
2c:92:78:80:40:c2:a6:28:a3:41:96:04:07:9f:97:
b7:9f:c2:ec:fa:a0:13:55:77:87:4f:d2:fe:02:6a:
53:f3:ab:1e:a7:a4:8d:a3:a9:be:ed:13:69:7d:55:
24:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:7C:F1:C2:FF:1A:88:33:C5:86:5E:0E:C7:3D:3F:6D:FF:60:F7:65
X509v3 Authority Key Identifier:
keyid:0E:42:C2:E7:FB:02:1B:11:1A:71:9F:ED:A9:3C:61:E5:C3:53:7F:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkLC5_sCGxEacZ_tqTxh5cNTf6c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/14337c-174e-4e0a-893a-b9898f4ef77e/1/u3zxwv8aiDPFhl4Oxz0_bf9g92U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/14337c-174e-4e0a-893a-b9898f4ef77e/1/DkLC5_sCGxEacZ_tqTxh5cNTf6c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:e8::/48
Signature Algorithm: sha256WithRSAEncryption
28:af:fc:20:d9:fc:94:9b:aa:78:f2:53:01:ac:3a:ec:d2:9a:
d1:ed:71:8b:df:36:23:1d:08:fb:b7:de:ee:61:8f:c7:9d:93:
81:49:fc:a9:dc:7c:6e:97:67:04:df:ae:79:7b:4d:ba:78:89:
80:fa:35:1a:78:7d:34:6c:dc:e2:7a:86:85:96:7e:2f:19:b3:
11:13:e3:79:95:3e:5b:0b:3d:97:1e:fb:1f:32:c4:fa:2f:16:
85:23:02:bb:dd:55:37:9b:c0:e3:a3:15:c1:8b:55:e9:44:06:
23:6b:f6:83:e5:33:ed:c2:e8:5b:12:44:34:b6:b8:f5:ce:11:
61:fa:a8:2d:16:3a:aa:f3:2d:12:62:3a:ae:d7:cc:fc:b5:db:
6d:ee:79:ad:c8:41:d2:e8:e9:e9:80:ab:f5:56:6a:5f:cc:61:
ff:6d:74:e6:04:a2:02:98:21:db:01:63:a3:1e:1c:97:9a:da:
5f:08:43:33:0d:f9:1d:82:de:9e:4f:6a:af:3f:d3:54:80:c4:
83:7a:2f:62:a4:8e:b0:8b:6d:aa:26:15:6d:25:ef:d1:8b:d8:
e2:e3:a8:43:ea:43:eb:0f:42:39:cf:d3:5d:bf:ef:67:0c:30:
bd:6f:af:d5:a7:b2:e6:ea:7d:5c:1c:b4:d9:27:86:0c:0f:67:
e7:1e:bd:c8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZznVng1ExAQeCJNuyOd/qGWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDJjMmU3ZmIwMjFiMTExYTcxOWZlZGE5M2M2MWU1YzM1
MzdmYTcwHhcNMjYwMzEzMTMxNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjdjZjFjMmZmMWE4ODMzYzU4NjVlMGVjNzNkM2Y2ZGZmNjBmNzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljMsft8bCw5nvTYt/ZKz/sglvB4B
zw6jGn666SNfIyJwtEqSZs597OIi/Nj2XUF4B0uooP1nuf3wYo1qcMFbBi+y36Z6
sLH/JNM2buAirH5YD3tZYzo+ne1qY6P9b4SSGmOazArAdq+egyk1XglbCtlF4oTu
o04aT4VB/42TbGmt1TfP/PIJZG7Sxq/JjCobefia6EHaqYEPpfesjQu/nclHH4W5
MdzAB88TyxbUSPSP+boHuEascUXLuoeQdJ57FbSxpnrqTjGRq7bNZVHQQq4skniA
QMKmKKNBlgQHn5e3n8Ls+qATVXeHT9L+AmpT86sep6SNo6m+7RNpfVUk6QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFLt88cL/GogzxYZeDsc9P23/YPdlMB8GA1UdIwQY
MBaAFA5Cwuf7AhsRGnGf7ak8YeXDU3+nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtMQzVfc0NHeEVhY1pfdHFUeGg1Y05UZjZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8xNDMzN2MtMTc0ZS00ZTBhLTg5M2Et
Yjk4OThmNGVmNzdlLzEvdTN6eHd2OGFpRFBGaGw0T3h6MF9iZjlnOTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8xNDMzN2MtMTc0ZS00ZTBhLTg5M2EtYjk4OThmNGVmNzdl
LzEvRGtMQzVfc0NHeEVhY1pfdHFUeGg1Y05UZjZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeADo
MA0GCSqGSIb3DQEBCwUAA4IBAQAor/wg2fyUm6p48lMBrDrs0prR7XGL3zYjHQj7
t97uYY/HnZOBSfyp3Hxul2cE3655e026eImA+jUaeH00bNzieoaFln4vGbMRE+N5
lT5bCz2XHvsfMsT6LxaFIwK73VU3m8DjoxXBi1XpRAYja/aD5TPtwuhbEkQ0trj1
zhFh+qgtFjqq8y0SYjqu18z8tdtt7nmtyEHS6OnpgKv1VmpfzGH/bXTmBKICmCHb
AWOjHhyXmtpfCEMzDfkdgt6eT2qvP9NUgMSDei9ipI6wi22qJhVtJe/Ri9ji46hD
6kPrD0I5z9Ndv+9nDDC9b6/Vp7Lm6n1cHLTZJ4YMD2fnHr3I
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:00:49 2026 by rpki-client