Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/395be9-d525-4e65-a018-e02f22eb48f2/1/3yJeSpT4LVuEpyqncYAk_aiFPL8.roa
File: 3yJeSpT4LVuEpyqncYAk_aiFPL8.roa (raw, json)
Hash identifier: cPA4w0XeR2h1dlYvo9g80oVslkyr43gk5H+w6QPSLn8=
Subject key identifier: DF:22:5E:4A:94:F8:2D:5B:84:A7:2A:A7:71:80:24:FD:A8:85:3C:BF
Certificate issuer: /CN=f99c4057ff25094159c2b1fa042716b85811164d
Certificate serial: 019DF2A14797AC1CBD20A71B7F5B24E9F42F
Authority key identifier: F9:9C:40:57:FF:25:09:41:59:C2:B1:FA:04:27:16:B8:58:11:16:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ZxAV_8lCUFZwrH6BCcWuFgRFk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/395be9-d525-4e65-a018-e02f22eb48f2/1/3yJeSpT4LVuEpyqncYAk_aiFPL8.roa
Signing time: Mon 04 May 2026 10:55:49 +0000
ROA not before: Mon 04 May 2026 10:55:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199156
IP address blocks: 2001:678:1248::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/395be9-d525-4e65-a018-e02f22eb48f2/1/1-ZxAV_8lCUFZwrH6BCcWuFgRFk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/395be9-d525-4e65-a018-e02f22eb48f2/1/1-ZxAV_8lCUFZwrH6BCcWuFgRFk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-ZxAV_8lCUFZwrH6BCcWuFgRFk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f2:a1:47:97:ac:1c:bd:20:a7:1b:7f:5b:24:e9:f4:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f99c4057ff25094159c2b1fa042716b85811164d
Validity
Not Before: May 4 10:55:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=df225e4a94f82d5b84a72aa7718024fda8853cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2c:ef:aa:50:0a:ec:ac:58:59:56:cc:6c:3c:
5c:95:52:1c:1b:0f:27:fa:eb:b8:90:f3:56:16:0a:
3d:75:74:08:28:23:1f:ca:39:d2:d9:e1:76:eb:51:
2e:31:69:39:a7:55:7a:6b:da:92:83:8e:9c:24:fa:
7a:7b:be:ae:d1:98:7c:ed:ae:fa:9d:ae:d8:60:b3:
01:8d:71:24:b3:1b:17:52:58:a1:fa:61:5a:17:7d:
a2:2f:65:0a:d1:e5:70:fb:2c:d7:06:f6:17:df:2c:
5e:3d:72:79:be:27:ef:07:96:fd:ef:f3:9d:aa:a4:
0d:3e:70:1b:03:58:a7:b6:19:06:1a:5e:dc:36:a6:
38:47:de:25:9c:c9:06:c2:94:3e:74:28:76:4b:82:
6d:47:ef:5c:40:93:99:9c:9f:4d:db:31:7c:4d:b4:
00:d5:6e:88:44:9c:ef:0e:48:24:d5:aa:6f:d4:41:
36:cf:9d:ee:e5:90:ad:f9:23:07:14:05:88:fd:0a:
31:10:0e:99:be:76:74:51:06:31:bc:0d:70:77:34:
fe:cc:a2:d2:60:69:53:bb:9a:f8:4f:59:70:a7:82:
7a:b1:99:b9:9c:a5:7d:3c:92:88:27:7c:76:91:94:
ff:54:3c:31:48:37:1f:20:b3:cc:e3:2d:db:8c:10:
5f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:22:5E:4A:94:F8:2D:5B:84:A7:2A:A7:71:80:24:FD:A8:85:3C:BF
X509v3 Authority Key Identifier:
keyid:F9:9C:40:57:FF:25:09:41:59:C2:B1:FA:04:27:16:B8:58:11:16:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ZxAV_8lCUFZwrH6BCcWuFgRFk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/395be9-d525-4e65-a018-e02f22eb48f2/1/3yJeSpT4LVuEpyqncYAk_aiFPL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/395be9-d525-4e65-a018-e02f22eb48f2/1/1-ZxAV_8lCUFZwrH6BCcWuFgRFk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:1248::/48
Signature Algorithm: sha256WithRSAEncryption
33:03:72:1e:ae:e5:33:13:bf:96:11:2c:07:26:4c:99:aa:5c:
7a:fe:12:73:a1:ae:fb:b7:6f:f8:f4:ce:6f:04:57:3a:ac:97:
38:e6:d0:0e:a0:3a:bf:80:ed:78:10:90:c7:a0:3a:1e:d7:4d:
55:a2:cd:61:25:60:9f:b1:a5:5a:84:5e:76:39:8d:63:3e:f0:
80:02:8d:dd:d9:51:dc:ac:93:59:1d:bf:38:e4:89:d5:91:7f:
e5:e6:e7:22:3c:21:5c:04:25:0c:cc:f0:5e:4a:34:47:23:00:
10:ec:8d:53:e4:bc:35:3e:05:00:4b:4c:0c:5b:ca:08:e9:71:
b6:4f:52:d3:48:cc:23:da:1d:2c:ef:74:58:13:95:4f:33:62:
80:52:00:09:44:0e:4c:d0:1a:9a:74:e2:9d:e9:9f:cd:06:d8:
f4:ab:18:43:29:c1:3e:d2:dd:f4:52:1d:27:f3:83:f0:23:7e:
f3:9f:65:c1:3c:7c:a3:a4:72:4d:41:5e:1b:ec:7d:6e:3b:26:
d2:81:fb:77:6f:4c:9c:97:14:c7:71:9f:1b:a9:ce:56:14:35:
3a:20:94:b5:e4:a5:4f:14:fb:b2:5a:17:1f:5d:c5:4c:a6:a9:
4e:eb:68:2a:f3:dc:d7:db:a7:d2:d6:7e:31:4c:9a:f1:47:20:
10:e9:ac:13
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZ3yoUeXrBy9IKcbf1sk6fQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OWM0MDU3ZmYyNTA5NDE1OWMyYjFmYTA0MjcxNmI4NTgx
MTE2NGQwHhcNMjYwNTA0MTA1NTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjIyNWU0YTk0ZjgyZDViODRhNzJhYTc3MTgwMjRmZGE4ODUzY2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyzvqlAK7KxYWVbMbDxclVIcGw8n
+uu4kPNWFgo9dXQIKCMfyjnS2eF261EuMWk5p1V6a9qSg46cJPp6e76u0Zh87a76
na7YYLMBjXEksxsXUlih+mFaF32iL2UK0eVw+yzXBvYX3yxePXJ5vifvB5b97/Od
qqQNPnAbA1inthkGGl7cNqY4R94lnMkGwpQ+dCh2S4JtR+9cQJOZnJ9N2zF8TbQA
1W6IRJzvDkgk1apv1EE2z53u5ZCt+SMHFAWI/QoxEA6ZvnZ0UQYxvA1wdzT+zKLS
YGlTu5r4T1lwp4J6sZm5nKV9PJKIJ3x2kZT/VDwxSDcfILPM4y3bjBBfKQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFN8iXkqU+C1bhKcqp3GAJP2ohTy/MB8GA1UdIwQY
MBaAFPmcQFf/JQlBWcKx+gQnFrhYERZNMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1aeEFWXzhsQ1VGWndySDZCQ2NXdUZnUkZrMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgvMzk1YmU5LWQ1MjUtNGU2NS1hMDE4
LWUwMmYyMmViNDhmMi8xLzN5SmVTcFQ0TFZ1RXB5cW5jWUFrX2FpRlBMOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTgvMzk1YmU5LWQ1MjUtNGU2NS1hMDE4LWUwMmYyMmViNDhm
Mi8xLzEtWnhBVl84bENVRlp3ckg2QkNjV3VGZ1JGazAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQZ4
EkgwDQYJKoZIhvcNAQELBQADggEBADMDch6u5TMTv5YRLAcmTJmqXHr+EnOhrvu3
b/j0zm8EVzqslzjm0A6gOr+A7XgQkMegOh7XTVWizWElYJ+xpVqEXnY5jWM+8IAC
jd3ZUdysk1kdvzjkidWRf+Xm5yI8IVwEJQzM8F5KNEcjABDsjVPkvDU+BQBLTAxb
ygjpcbZPUtNIzCPaHSzvdFgTlU8zYoBSAAlEDkzQGpp04p3pn80G2PSrGEMpwT7S
3fRSHSfzg/AjfvOfZcE8fKOkck1BXhvsfW47JtKB+3dvTJyXFMdxnxupzlYUNTog
lLXkpU8U+7JaFx9dxUymqU7raCrz3Nfbp9LWfjFMmvFHIBDprBM=
-----END CERTIFICATE-----
Generated at Tue May 12 21:24:52 2026 by rpki-client