Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/Rl5thw--PPWjlUuyFPtqcW7xIk0.roa
File: Rl5thw--PPWjlUuyFPtqcW7xIk0.roa (raw, json)
Hash identifier: ezFHZBFbRWD8AtVpw92tsjABUHUDYQehuJ/mG0SmtSw=
Subject key identifier: 46:5E:6D:87:0F:BE:3C:F5:A3:95:4B:B2:14:FB:6A:71:6E:F1:22:4D
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019DF9376D63CBAA68A503EF1C7F28203BDA
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/Rl5thw--PPWjlUuyFPtqcW7xIk0.roa
Signing time: Tue 05 May 2026 17:37:32 +0000
ROA not before: Tue 05 May 2026 17:37:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 2a06:9801:214::/48 maxlen: 48
2a06:9801:267::/48 maxlen: 48
2a06:9801:280::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 13:34:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f9:37:6d:63:cb:aa:68:a5:03:ef:1c:7f:28:20:3b:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: May 5 17:37:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=465e6d870fbe3cf5a3954bb214fb6a716ef1224d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2c:70:f0:0e:ac:84:11:78:cc:86:08:da:df:
13:2a:04:92:51:60:ae:ba:a5:68:c5:cf:94:4b:ee:
2d:fc:1c:4f:89:6f:9a:c4:3d:57:34:99:0a:9f:18:
08:5b:10:13:46:ce:b2:8f:7e:8d:64:f1:5e:f6:e9:
09:a3:23:45:e0:c7:58:bf:33:04:b9:5e:29:bc:de:
9f:e0:65:5c:8c:b3:5e:f4:5c:ae:1d:4b:35:5b:2c:
c1:96:ff:31:00:1a:fc:2c:db:4d:2e:1f:32:34:6b:
85:c1:19:67:57:26:25:ab:0f:97:c6:d2:46:c9:23:
d1:0f:db:95:0f:5b:12:3f:e1:75:18:f5:a6:8c:e6:
29:78:65:cc:c8:49:bb:15:7c:5b:32:5e:04:b8:c1:
37:1e:07:b8:f5:3e:4d:69:9c:f5:e6:f7:8d:c2:3c:
1f:ec:75:1c:fc:26:4d:3f:3a:b0:d9:68:cb:3a:0a:
6a:82:4d:2c:1f:72:7a:70:54:55:5d:24:71:7b:a2:
d7:19:7f:31:ee:0b:04:53:12:ef:17:1c:6b:75:9c:
98:e5:92:de:51:f4:09:29:7e:70:ad:00:a7:57:f1:
d2:42:91:78:10:cd:a7:5c:ae:d1:82:57:8e:d9:d4:
ea:0d:d1:f5:0f:2d:e5:66:9a:9e:15:4e:04:2f:b9:
9b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:5E:6D:87:0F:BE:3C:F5:A3:95:4B:B2:14:FB:6A:71:6E:F1:22:4D
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/Rl5thw--PPWjlUuyFPtqcW7xIk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:214::/48
2a06:9801:267::/48
2a06:9801:280::/48
Signature Algorithm: sha256WithRSAEncryption
c3:cf:52:21:50:68:0c:aa:64:2c:e6:3a:9a:10:87:d0:13:22:
1b:cc:4d:74:2f:ce:ed:a0:ec:bc:7f:41:f3:80:27:e5:a0:d8:
2f:d2:77:13:72:07:0c:fc:7d:19:aa:06:82:75:5e:a3:d1:58:
f7:8c:ff:46:e3:55:6f:aa:d5:ba:14:e4:25:b1:3b:4b:ed:aa:
7a:5b:da:a8:6f:30:f6:52:51:87:81:25:21:99:05:31:47:3b:
fc:04:3c:a5:17:9a:8d:a9:89:d2:45:05:26:31:52:9d:8a:1b:
90:62:52:db:72:86:c2:0c:86:cd:af:2d:6e:74:49:72:b1:0b:
25:38:9b:8c:90:28:5d:56:4b:c8:90:62:ef:84:d9:ac:9e:5c:
42:36:86:7b:9a:35:11:8b:77:e3:41:5f:09:a5:f7:5d:7d:d5:
e2:33:e9:85:13:00:08:45:34:4b:b3:6e:6c:06:47:f1:dc:01:
9c:dc:24:ee:3e:cb:c0:54:f9:da:6e:b0:60:43:c6:43:15:9a:
a9:28:3f:b4:e9:82:66:f1:cb:ae:39:e6:8b:45:ea:93:9d:c0:
8c:e5:a5:11:7f:3b:8c:da:2b:17:e8:da:00:37:77:db:8d:7d:
66:7a:66:66:4b:05:14:b6:ca:80:b6:ad:bc:ec:82:3f:97:5f:
7f:49:74:b5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ35N21jy6popQPvHH8oIDvaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwNTA1MTczNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjVlNmQ4NzBmYmUzY2Y1YTM5NTRiYjIxNGZiNmE3MTZlZjEyMjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yxw8A6shBF4zIYI2t8TKgSSUWCu
uqVoxc+US+4t/BxPiW+axD1XNJkKnxgIWxATRs6yj36NZPFe9ukJoyNF4MdYvzME
uV4pvN6f4GVcjLNe9FyuHUs1WyzBlv8xABr8LNtNLh8yNGuFwRlnVyYlqw+XxtJG
ySPRD9uVD1sSP+F1GPWmjOYpeGXMyEm7FXxbMl4EuME3Hge49T5NaZz15veNwjwf
7HUc/CZNPzqw2WjLOgpqgk0sH3J6cFRVXSRxe6LXGX8x7gsEUxLvFxxrdZyY5ZLe
UfQJKX5wrQCnV/HSQpF4EM2nXK7RgleO2dTqDdH1Dy3lZpqeFU4EL7mbJwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEZebYcPvjz1o5VLshT7anFu8SJNMB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvUmw1dGh3LS1QUFdqbFV1eUZQdHFjVzd4SWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgaYAQIU
AwcAKgaYAQJnAwcAKgaYAQKAMA0GCSqGSIb3DQEBCwUAA4IBAQDDz1IhUGgMqmQs
5jqaEIfQEyIbzE10L87toOy8f0HzgCfloNgv0ncTcgcM/H0ZqgaCdV6j0Vj3jP9G
41VvqtW6FOQlsTtL7ap6W9qobzD2UlGHgSUhmQUxRzv8BDylF5qNqYnSRQUmMVKd
ihuQYlLbcobCDIbNry1udElysQslOJuMkChdVkvIkGLvhNmsnlxCNoZ7mjURi3fj
QV8JpfddfdXiM+mFEwAIRTRLs25sBkfx3AGc3CTuPsvAVPnabrBgQ8ZDFZqpKD+0
6YJm8cuuOeaLReqTncCM5aURfzuM2isX6NoAN3fbjX1memZmSwUUtsqAtq287II/
l19/SXS1
-----END CERTIFICATE-----
Generated at Tue May 12 21:44:52 2026 by rpki-client