Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/b1132f-9f65-4725-818d-0bc733bcdbec/1/0sCu5HT-A8jPZROESYUFxpP6asM.roa
File: 0sCu5HT-A8jPZROESYUFxpP6asM.roa (raw, json)
Hash identifier: nALUbJ+t8eROkLtFfrmOdOmi065ffn5EuNrtaHcvc38=
Subject key identifier: D2:C0:AE:E4:74:FE:03:C8:CF:65:13:84:49:85:05:C6:93:FA:6A:C3
Certificate issuer: /CN=227027c031c419b9ad89eb37b7f27f9c8672f482
Certificate serial: 019DFE930B0C5FE8E57E873004C183E1925D
Authority key identifier: 22:70:27:C0:31:C4:19:B9:AD:89:EB:37:B7:F2:7F:9C:86:72:F4:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/InAnwDHEGbmties3t_J_nIZy9II.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/b1132f-9f65-4725-818d-0bc733bcdbec/1/0sCu5HT-A8jPZROESYUFxpP6asM.roa
Signing time: Wed 06 May 2026 18:35:42 +0000
ROA not before: Wed 06 May 2026 18:35:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47292
IP address blocks: 2001:678:824::/48 maxlen: 48
2001:678:1268::/48 maxlen: 48
2001:678:126c::/48 maxlen: 48
2001:678:1270::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/b1132f-9f65-4725-818d-0bc733bcdbec/1/InAnwDHEGbmties3t_J_nIZy9II.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/b1132f-9f65-4725-818d-0bc733bcdbec/1/InAnwDHEGbmties3t_J_nIZy9II.mft
rsync://rpki.ripe.net/repository/DEFAULT/InAnwDHEGbmties3t_J_nIZy9II.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fe:93:0b:0c:5f:e8:e5:7e:87:30:04:c1:83:e1:92:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=227027c031c419b9ad89eb37b7f27f9c8672f482
Validity
Not Before: May 6 18:35:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d2c0aee474fe03c8cf651384498505c693fa6ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:18:43:e0:e7:3e:0b:be:b3:f9:67:ae:aa:41:
a7:f2:a5:db:86:91:b9:1f:2c:fb:dd:8d:f5:c3:cf:
82:47:6f:37:f4:95:0e:b3:0d:35:92:81:7a:ad:3d:
60:f4:f5:50:2b:1b:f8:3c:2b:d4:51:96:85:89:ad:
55:a8:19:f4:07:c5:46:97:57:31:2e:8e:a5:ef:9c:
de:30:87:c6:4e:1c:b1:8d:a1:d9:5f:61:d5:fb:7e:
27:73:3a:db:31:f0:c9:ef:3b:1e:c2:44:10:ef:6f:
00:3a:04:e7:59:79:d8:97:11:3b:5c:b6:c3:6b:ab:
0e:f1:8a:6c:22:7c:d3:0f:98:25:d9:10:3f:5a:e3:
5e:be:da:18:1a:0d:71:08:7e:0d:7d:11:0b:c1:cd:
bb:37:74:ee:73:38:aa:74:79:82:86:77:c9:94:17:
e1:47:04:70:8f:fb:21:a1:c4:48:74:57:cd:06:5f:
e3:ed:9d:fa:88:f9:0a:89:2e:2b:27:b3:50:d3:90:
81:37:1c:a8:55:b9:9e:58:f6:ef:5d:05:39:35:49:
ae:f9:11:b2:fe:3a:05:a2:62:3f:cb:d9:a4:02:1a:
2e:35:77:c6:01:5c:69:32:27:fd:6d:58:6f:d2:60:
9e:2c:5b:bc:ff:5b:31:fe:4b:df:be:54:25:38:f0:
42:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C0:AE:E4:74:FE:03:C8:CF:65:13:84:49:85:05:C6:93:FA:6A:C3
X509v3 Authority Key Identifier:
keyid:22:70:27:C0:31:C4:19:B9:AD:89:EB:37:B7:F2:7F:9C:86:72:F4:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/InAnwDHEGbmties3t_J_nIZy9II.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/b1132f-9f65-4725-818d-0bc733bcdbec/1/0sCu5HT-A8jPZROESYUFxpP6asM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/b1132f-9f65-4725-818d-0bc733bcdbec/1/InAnwDHEGbmties3t_J_nIZy9II.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:824::/48
2001:678:1268::/48
2001:678:126c::/48
2001:678:1270::/48
Signature Algorithm: sha256WithRSAEncryption
3c:b6:3a:65:72:45:c6:d1:e1:67:58:15:0b:7b:99:ad:cb:ab:
e8:8f:8b:b2:b1:bb:f1:04:c7:a6:61:c6:89:0a:20:d7:a1:8f:
61:f3:36:b0:cb:92:ef:c7:88:2f:f0:e7:d7:d1:41:a9:7d:00:
a0:7f:3b:b1:a5:a9:89:2f:e1:8f:da:9d:78:1b:c5:f7:c9:a8:
d6:4f:bc:d4:f8:46:e8:f5:d6:ad:31:df:5a:4c:ba:34:31:8f:
08:ae:e5:72:c1:c1:f0:28:40:4a:8d:ad:6e:8e:71:fe:25:ab:
db:90:7c:95:5b:c6:fc:eb:b7:4e:a7:96:8d:9c:74:0c:cd:25:
4d:4d:ca:aa:aa:1c:f8:3e:c2:a9:d2:a4:8e:06:e6:c8:f3:9f:
90:98:9d:fe:6e:f7:13:6a:84:c6:07:7b:98:d0:81:bc:92:72:
8b:91:2a:97:b9:52:9f:d9:fa:cd:97:5f:79:80:ee:89:df:08:
d6:7c:fa:ab:53:96:db:61:6e:15:67:2d:5d:a0:ee:64:b6:f7:
a3:29:95:21:4b:01:ec:3e:db:fe:3f:c5:02:69:c6:99:fe:47:
47:56:a9:6a:31:b1:56:c6:22:2f:c9:0f:7f:f3:a9:fb:d5:d8:
1e:53:a9:16:8e:49:a7:ca:5f:ac:e1:63:fd:43:d4:76:bb:1d:
b1:cf:66:43
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ3+kwsMX+jlfocwBMGD4ZJdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNzAyN2MwMzFjNDE5YjlhZDg5ZWIzN2I3ZjI3ZjljODY3
MmY0ODIwHhcNMjYwNTA2MTgzNTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmMwYWVlNDc0ZmUwM2M4Y2Y2NTEzODQ0OTg1MDVjNjkzZmE2YWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRhD4Oc+C76z+WeuqkGn8qXbhpG5
Hyz73Y31w8+CR2839JUOsw01koF6rT1g9PVQKxv4PCvUUZaFia1VqBn0B8VGl1cx
Lo6l75zeMIfGThyxjaHZX2HV+34nczrbMfDJ7zsewkQQ728AOgTnWXnYlxE7XLbD
a6sO8YpsInzTD5gl2RA/WuNevtoYGg1xCH4NfRELwc27N3TucziqdHmChnfJlBfh
RwRwj/shocRIdFfNBl/j7Z36iPkKiS4rJ7NQ05CBNxyoVbmeWPbvXQU5NUmu+RGy
/joFomI/y9mkAhouNXfGAVxpMif9bVhv0mCeLFu8/1sx/kvfvlQlOPBCxwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNLAruR0/gPIz2UThEmFBcaT+mrDMB8GA1UdIwQY
MBaAFCJwJ8AxxBm5rYnrN7fyf5yGcvSCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW5BbndESEVHYm10aWVzM3RfSl9uSVp5OUlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9iMTEzMmYtOWY2NS00NzI1LTgxOGQt
MGJjNzMzYmNkYmVjLzEvMHNDdTVIVC1BOGpQWlJPRVNZVUZ4cFA2YXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9iMTEzMmYtOWY2NS00NzI1LTgxOGQtMGJjNzMzYmNkYmVj
LzEvSW5BbndESEVHYm10aWVzM3RfSl9uSVp5OUlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGeAgk
AwcAIAEGeBJoAwcAIAEGeBJsAwcAIAEGeBJwMA0GCSqGSIb3DQEBCwUAA4IBAQA8
tjplckXG0eFnWBULe5mty6voj4uysbvxBMemYcaJCiDXoY9h8zawy5Lvx4gv8OfX
0UGpfQCgfzuxpamJL+GP2p14G8X3yajWT7zU+Ebo9datMd9aTLo0MY8IruVywcHw
KEBKja1ujnH+JavbkHyVW8b867dOp5aNnHQMzSVNTcqqqhz4PsKp0qSOBubI85+Q
mJ3+bvcTaoTGB3uY0IG8knKLkSqXuVKf2frNl195gO6J3wjWfPqrU5bbYW4VZy1d
oO5ktvejKZUhSwHsPtv+P8UCacaZ/kdHVqlqMbFWxiIvyQ9/86n71dgeU6kWjkmn
yl+s4WP9Q9R2ux2xz2ZD
-----END CERTIFICATE-----
Generated at Tue May 12 21:39:22 2026 by rpki-client