Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/b1132f-9f65-4725-818d-0bc733bcdbec/1/KUu499jW5aUG8OhinIXqufK9zKs.roa
File: KUu499jW5aUG8OhinIXqufK9zKs.roa (raw, json)
Hash identifier: /orIVD9RY3dCs0SFyYtQgQOz1abF43yTxtMPBD67KlI=
Subject key identifier: 29:4B:B8:F7:D8:D6:E5:A5:06:F0:E8:62:9C:85:EA:B9:F2:BD:CC:AB
Certificate issuer: /CN=227027c031c419b9ad89eb37b7f27f9c8672f482
Certificate serial: 019DFE7D11995ACE4D7A7B8267AD2DD6849C
Authority key identifier: 22:70:27:C0:31:C4:19:B9:AD:89:EB:37:B7:F2:7F:9C:86:72:F4:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/InAnwDHEGbmties3t_J_nIZy9II.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/b1132f-9f65-4725-818d-0bc733bcdbec/1/KUu499jW5aUG8OhinIXqufK9zKs.roa
Signing time: Wed 06 May 2026 18:11:42 +0000
ROA not before: Wed 06 May 2026 18:11:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197861
IP address blocks: 2001:678:824::/48 maxlen: 48
2001:678:1268::/48 maxlen: 48
2001:678:126c::/48 maxlen: 48
2001:678:1270::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/b1132f-9f65-4725-818d-0bc733bcdbec/1/InAnwDHEGbmties3t_J_nIZy9II.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/b1132f-9f65-4725-818d-0bc733bcdbec/1/InAnwDHEGbmties3t_J_nIZy9II.mft
rsync://rpki.ripe.net/repository/DEFAULT/InAnwDHEGbmties3t_J_nIZy9II.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fe:7d:11:99:5a:ce:4d:7a:7b:82:67:ad:2d:d6:84:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=227027c031c419b9ad89eb37b7f27f9c8672f482
Validity
Not Before: May 6 18:11:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=294bb8f7d8d6e5a506f0e8629c85eab9f2bdccab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c2:31:4c:95:2a:8a:53:ed:7a:25:18:66:16:
9f:5b:2f:0a:65:d9:d8:03:58:b7:1f:84:b2:0f:9d:
8a:58:c4:40:6f:31:16:f2:9e:c1:62:78:18:38:4c:
ec:e6:ff:53:f1:bf:cd:e3:79:bd:67:55:4b:04:e6:
9b:3c:92:55:22:ee:f4:40:38:23:79:cc:c2:c7:f9:
84:7d:07:33:93:f1:a2:6f:e2:64:8d:a7:77:e0:87:
3a:32:bf:0e:76:f5:4e:73:03:4f:7c:70:25:72:8e:
fc:e1:f1:4b:08:85:62:17:3c:3a:26:e6:33:60:05:
02:9f:44:c2:2c:c2:5b:65:43:7a:e4:9c:e0:68:93:
a7:38:f4:d8:ac:45:80:0f:81:67:5c:ed:29:68:ff:
b8:a1:90:45:0a:ed:da:1d:c5:d7:0a:32:76:11:14:
f8:09:eb:65:1c:0f:87:01:04:22:8a:a0:1f:2f:ae:
78:1a:0c:a0:a6:b2:2c:1a:4d:dd:f5:10:c2:db:da:
f5:34:ff:95:98:dc:fe:3a:b0:61:01:e4:24:ee:78:
80:b4:42:70:60:1f:59:fa:7c:17:e4:f2:a7:2e:4b:
44:54:c9:0d:2b:48:bd:75:0a:56:47:63:94:42:eb:
cd:9d:91:7d:77:f0:f7:84:96:25:e9:e3:02:3c:06:
92:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:4B:B8:F7:D8:D6:E5:A5:06:F0:E8:62:9C:85:EA:B9:F2:BD:CC:AB
X509v3 Authority Key Identifier:
keyid:22:70:27:C0:31:C4:19:B9:AD:89:EB:37:B7:F2:7F:9C:86:72:F4:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/InAnwDHEGbmties3t_J_nIZy9II.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/b1132f-9f65-4725-818d-0bc733bcdbec/1/KUu499jW5aUG8OhinIXqufK9zKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/b1132f-9f65-4725-818d-0bc733bcdbec/1/InAnwDHEGbmties3t_J_nIZy9II.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:824::/48
2001:678:1268::/48
2001:678:126c::/48
2001:678:1270::/48
Signature Algorithm: sha256WithRSAEncryption
07:e5:dc:53:f2:ee:4e:c8:5b:a9:52:ab:3a:b1:40:84:13:ac:
72:a3:aa:2f:80:31:da:94:17:35:7a:9a:15:52:33:c2:87:b4:
91:05:82:05:17:bb:cd:40:e0:0d:d1:65:42:f8:a1:c8:ba:8b:
6b:4e:84:9f:9b:d9:31:f9:5b:5b:25:ca:4e:fe:9b:aa:95:c2:
02:63:ce:1d:86:85:6f:ea:59:71:27:7c:a5:3b:3e:b1:7d:93:
3a:b7:2a:c5:85:05:5f:23:66:d7:10:2f:80:c6:fe:dc:b9:f4:
57:d6:91:9c:00:fa:67:83:45:c8:23:04:72:32:0e:d3:bd:d5:
38:8c:cb:16:c6:65:cb:47:d6:f4:0d:13:d9:d8:1c:47:86:b3:
9d:df:ff:45:e6:f4:18:17:3c:40:d4:2c:e1:2b:ed:f1:1a:9c:
fb:23:7f:20:80:fc:1b:2c:5b:dd:ad:7b:ac:8d:cd:71:0a:af:
a8:09:95:dd:d9:da:6f:b4:da:3f:9a:2b:d1:79:d5:08:d5:89:
42:ab:99:c7:88:8a:cc:08:b7:f6:3e:43:6b:b3:d3:b6:1b:e5:
10:33:bd:53:76:c5:2e:e1:72:21:ce:1f:4a:3c:83:55:0e:5e:
75:eb:9c:f5:f3:0b:89:88:5c:5e:0f:20:52:59:d9:a7:6e:62:
48:11:a6:8b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ3+fRGZWs5NenuCZ60t1oScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNzAyN2MwMzFjNDE5YjlhZDg5ZWIzN2I3ZjI3ZjljODY3
MmY0ODIwHhcNMjYwNTA2MTgxMTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTRiYjhmN2Q4ZDZlNWE1MDZmMGU4NjI5Yzg1ZWFiOWYyYmRjY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcIxTJUqilPteiUYZhafWy8KZdnY
A1i3H4SyD52KWMRAbzEW8p7BYngYOEzs5v9T8b/N43m9Z1VLBOabPJJVIu70QDgj
eczCx/mEfQczk/Gib+Jkjad34Ic6Mr8OdvVOcwNPfHAlco784fFLCIViFzw6JuYz
YAUCn0TCLMJbZUN65JzgaJOnOPTYrEWAD4FnXO0paP+4oZBFCu3aHcXXCjJ2ERT4
CetlHA+HAQQiiqAfL654GgygprIsGk3d9RDC29r1NP+VmNz+OrBhAeQk7niAtEJw
YB9Z+nwX5PKnLktEVMkNK0i9dQpWR2OUQuvNnZF9d/D3hJYl6eMCPAaSEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFClLuPfY1uWlBvDoYpyF6rnyvcyrMB8GA1UdIwQY
MBaAFCJwJ8AxxBm5rYnrN7fyf5yGcvSCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW5BbndESEVHYm10aWVzM3RfSl9uSVp5OUlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9iMTEzMmYtOWY2NS00NzI1LTgxOGQt
MGJjNzMzYmNkYmVjLzEvS1V1NDk5alc1YVVHOE9oaW5JWHF1Zks5ektzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9iMTEzMmYtOWY2NS00NzI1LTgxOGQtMGJjNzMzYmNkYmVj
LzEvSW5BbndESEVHYm10aWVzM3RfSl9uSVp5OUlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcAIAEGeAgk
AwcAIAEGeBJoAwcAIAEGeBJsAwcAIAEGeBJwMA0GCSqGSIb3DQEBCwUAA4IBAQAH
5dxT8u5OyFupUqs6sUCEE6xyo6ovgDHalBc1epoVUjPCh7SRBYIFF7vNQOAN0WVC
+KHIuotrToSfm9kx+VtbJcpO/puqlcICY84dhoVv6llxJ3ylOz6xfZM6tyrFhQVf
I2bXEC+Axv7cufRX1pGcAPpng0XIIwRyMg7TvdU4jMsWxmXLR9b0DRPZ2BxHhrOd
3/9F5vQYFzxA1CzhK+3xGpz7I38ggPwbLFvdrXusjc1xCq+oCZXd2dpvtNo/mivR
edUI1YlCq5nHiIrMCLf2PkNrs9O2G+UQM71TdsUu4XIhzh9KPINVDl5165z18wuJ
iFxeDyBSWdmnbmJIEaaL
-----END CERTIFICATE-----
Generated at Tue May 12 21:39:04 2026 by rpki-client