Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/Cbh9dTp-3Cy4lgTwDmqeWN3sMU8.roa
File: Cbh9dTp-3Cy4lgTwDmqeWN3sMU8.roa (raw, json)
Hash identifier: jNPHrW3n9zuVbl+OCeOvx4EbhDNhT0wqb8YQdUfmVhY=
Subject key identifier: 09:B8:7D:75:3A:7E:DC:2C:B8:96:04:F0:0E:6A:9E:58:DD:EC:31:4F
Certificate issuer: /CN=9e6d1dc6caa41d3beffe8d1da2671a50e7f79a30
Certificate serial: 019D0FABC9BAACE68829D9F5FE83FFDBC889
Authority key identifier: 9E:6D:1D:C6:CA:A4:1D:3B:EF:FE:8D:1D:A2:67:1A:50:E7:F7:9A:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nm0dxsqkHTvv_o0domcaUOf3mjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/Cbh9dTp-3Cy4lgTwDmqeWN3sMU8.roa
Signing time: Sat 21 Mar 2026 09:13:29 +0000
ROA not before: Sat 21 Mar 2026 09:13:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34854
IP address blocks: 2.56.11.0/24 maxlen: 24
2a07:22c0::/48 maxlen: 48
2a0c:6500:1::/48 maxlen: 48
2a0c:6500:3::/48 maxlen: 48
2a0c:6500:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/nm0dxsqkHTvv_o0domcaUOf3mjA.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/nm0dxsqkHTvv_o0domcaUOf3mjA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nm0dxsqkHTvv_o0domcaUOf3mjA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 12:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0f:ab:c9:ba:ac:e6:88:29:d9:f5:fe:83:ff:db:c8:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e6d1dc6caa41d3beffe8d1da2671a50e7f79a30
Validity
Not Before: Mar 21 09:13:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=09b87d753a7edc2cb89604f00e6a9e58ddec314f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:64:0d:7f:08:57:77:c6:c5:bd:4a:b1:e2:4b:
ca:bf:44:8d:11:63:78:f6:46:d3:c8:31:85:70:46:
ff:ba:5a:38:f3:57:33:34:32:75:fe:11:08:5b:e0:
f6:4d:d5:22:8a:4c:03:df:ad:cb:b8:b6:9b:c0:56:
7d:54:fa:d1:99:31:26:6c:09:98:26:05:6a:06:3e:
6e:55:c2:58:c2:64:9a:81:bb:09:28:6a:a4:17:bb:
b9:9b:b2:cb:5d:c4:14:b6:8a:f5:8a:d4:98:13:09:
15:86:19:ed:99:28:ab:04:15:f0:d2:0d:86:6c:ed:
53:da:a2:73:ad:a0:ad:13:bb:ae:d5:a7:4e:55:51:
b8:89:8f:cf:55:5e:25:25:e6:e5:7d:3d:f0:5f:b7:
bc:7d:1e:b8:4d:b2:12:47:2e:01:56:85:cf:57:9c:
18:77:f4:a1:74:14:5c:87:ba:a4:b3:d7:8a:8d:f1:
8a:8e:b1:3c:64:4b:a2:10:4b:83:69:c5:7a:a8:8a:
d1:58:be:15:3b:ec:41:71:0a:d1:ad:72:39:d5:bd:
7f:f9:be:e9:35:84:f4:0d:e3:88:ae:07:92:99:e5:
8d:08:33:8f:1c:74:15:2b:a3:18:ad:0f:83:86:9f:
8b:fc:01:c8:3a:11:95:82:c9:0d:9d:64:3e:24:98:
6a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B8:7D:75:3A:7E:DC:2C:B8:96:04:F0:0E:6A:9E:58:DD:EC:31:4F
X509v3 Authority Key Identifier:
keyid:9E:6D:1D:C6:CA:A4:1D:3B:EF:FE:8D:1D:A2:67:1A:50:E7:F7:9A:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nm0dxsqkHTvv_o0domcaUOf3mjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/Cbh9dTp-3Cy4lgTwDmqeWN3sMU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/nm0dxsqkHTvv_o0domcaUOf3mjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.11.0/24
IPv6:
2a07:22c0::/48
2a0c:6500:1::/48
2a0c:6500:3::/48
2a0c:6500:100::/40
Signature Algorithm: sha256WithRSAEncryption
1f:93:84:16:0a:8f:e1:26:ed:87:cf:11:a2:26:7d:7e:f7:57:
58:24:9b:17:a8:4e:3b:a0:46:d6:52:5d:a8:1f:f9:7b:90:12:
a2:5f:13:e5:43:b6:57:fd:5f:d3:20:e2:52:80:d0:56:55:8a:
99:7c:3a:c0:3a:9c:37:cb:f1:4b:ac:02:e3:7d:2e:5a:64:d9:
33:d9:aa:de:f6:1b:1e:18:5e:33:b0:1c:ac:9d:0b:87:04:ad:
7b:01:23:e4:14:90:ab:85:d7:75:59:89:b0:c8:2e:a3:92:fc:
fc:f5:17:a0:14:40:5d:83:c9:0c:65:78:33:41:30:12:04:a2:
43:92:65:51:b2:74:21:74:f1:df:16:37:0c:15:62:b8:66:d2:
c4:83:92:9d:e8:7c:c4:c7:e3:33:b2:6f:3e:8e:a4:6a:e9:66:
4b:3d:ea:90:e8:bc:ed:a9:5c:86:e7:e5:4e:31:81:e1:7e:92:
76:0c:a3:8f:ca:87:08:30:80:ee:77:41:4e:b1:c5:73:b4:0a:
e1:6d:88:87:b4:e4:05:4d:47:25:3a:57:ab:74:d6:62:43:a7:
de:49:0d:dc:b9:5a:70:3a:42:6a:d6:ea:1a:a7:01:62:b5:9f:
b4:b8:63:4b:7a:d8:0e:f8:8c:3e:60:c2:13:fb:2c:2a:ac:5a:
45:66:49:70
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZ0Pq8m6rOaIKdn1/oP/28iJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNmQxZGM2Y2FhNDFkM2JlZmZlOGQxZGEyNjcxYTUwZTdm
NzlhMzAwHhcNMjYwMzIxMDkxMzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWI4N2Q3NTNhN2VkYzJjYjg5NjA0ZjAwZTZhOWU1OGRkZWMzMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmQNfwhXd8bFvUqx4kvKv0SNEWN4
9kbTyDGFcEb/ulo481czNDJ1/hEIW+D2TdUiikwD363LuLabwFZ9VPrRmTEmbAmY
JgVqBj5uVcJYwmSagbsJKGqkF7u5m7LLXcQUtor1itSYEwkVhhntmSirBBXw0g2G
bO1T2qJzraCtE7uu1adOVVG4iY/PVV4lJeblfT3wX7e8fR64TbISRy4BVoXPV5wY
d/ShdBRch7qks9eKjfGKjrE8ZEuiEEuDacV6qIrRWL4VO+xBcQrRrXI51b1/+b7p
NYT0DeOIrgeSmeWNCDOPHHQVK6MYrQ+Dhp+L/AHIOhGVgskNnWQ+JJhq4QIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFAm4fXU6ftwsuJYE8A5qnljd7DFPMB8GA1UdIwQY
MBaAFJ5tHcbKpB077/6NHaJnGlDn95owMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm0wZHhzcWtIVHZ2X28wZG9tY2FVT2YzbWpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xNDkxZjktZGM3Ni00Nzc3LWI1YmUt
ODNmOWE4ZDFkNGQ2LzEvQ2JoOWRUcC0zQ3k0bGdUd0RtcWVXTjNzTVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xNDkxZjktZGM3Ni00Nzc3LWI1YmUtODNmOWE4ZDFkNGQ2
LzEvbm0wZHhzcWtIVHZ2X28wZG9tY2FVT2YzbWpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAMBAIAATAGAwQAAjgLMCkE
AgACMCMDBwAqByLAAAADBwAqDGUAAAEDBwAqDGUAAAMDBgAqDGUAATANBgkqhkiG
9w0BAQsFAAOCAQEAH5OEFgqP4Sbth88RoiZ9fvdXWCSbF6hOO6BG1lJdqB/5e5AS
ol8T5UO2V/1f0yDiUoDQVlWKmXw6wDqcN8vxS6wC430uWmTZM9mq3vYbHhheM7Ac
rJ0LhwStewEj5BSQq4XXdVmJsMguo5L8/PUXoBRAXYPJDGV4M0EwEgSiQ5JlUbJ0
IXTx3xY3DBViuGbSxIOSneh8xMfjM7JvPo6kaulmSz3qkOi87alchuflTjGB4X6S
dgyjj8qHCDCA7ndBTrHFc7QK4W2Ih7TkBU1HJTpXq3TWYkOn3kkN3LlacDpCatbq
GqcBYrWftLhjS3rYDviMPmDCE/ssKqxaRWZJcA==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:02:12 2026 by rpki-client