Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/je8iP9dUl08qgxgAslqfZYv7iOo.roa
File: je8iP9dUl08qgxgAslqfZYv7iOo.roa (raw, json)
Hash identifier: v74JbNbQ+SokVW9m6wGF7iwuvp6gmHdFSfMQ9ke1Kyo=
Subject key identifier: 8D:EF:22:3F:D7:54:97:4F:2A:83:18:00:B2:5A:9F:65:8B:FB:88:EA
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019CF92C34EEC351F045001F320467DA0A98
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/je8iP9dUl08qgxgAslqfZYv7iOo.roa
Signing time: Tue 17 Mar 2026 00:22:29 +0000
ROA not before: Tue 17 Mar 2026 00:22:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214128
IP address blocks: 2a06:9801:21e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f9:2c:34:ee:c3:51:f0:45:00:1f:32:04:67:da:0a:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: Mar 17 00:22:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8def223fd754974f2a831800b25a9f658bfb88ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:68:9a:af:25:93:de:5c:cf:35:49:b8:12:ef:
ed:23:e9:09:41:0e:59:61:74:a0:d8:7f:4b:14:46:
c3:e2:65:d1:09:d6:a5:d6:06:27:61:81:15:89:1b:
b6:99:4a:fe:34:da:c2:fd:ae:03:c8:de:e5:2e:a4:
1d:dc:ca:e1:e4:7f:3b:e1:b7:95:10:30:19:63:c1:
fa:f1:3b:f7:3d:85:3f:e2:07:a7:d4:62:d1:85:f0:
20:12:36:15:58:31:0b:4a:1f:8a:99:7b:1a:12:e8:
e5:ff:05:9a:87:87:ea:2d:7c:95:30:9d:7b:5a:2e:
bd:3f:85:30:53:47:d7:a9:91:ae:92:d9:aa:b1:65:
f1:b0:53:23:f6:af:4f:7d:2c:d4:17:e7:2b:8d:67:
83:cd:d7:11:ae:08:b4:73:f8:39:c5:26:9c:82:37:
a4:bc:63:05:0d:e3:b2:84:ac:70:a6:0c:b7:30:eb:
70:59:c0:c5:53:82:52:35:60:a1:af:b1:f8:34:55:
ea:3b:7d:38:ba:b4:38:d4:aa:2d:11:e0:20:d7:8d:
96:83:6c:04:85:74:aa:67:55:66:a3:f3:7b:ef:b1:
0a:d1:f1:0c:6c:11:e2:41:97:f3:d2:06:4f:3c:d8:
19:8a:2e:fd:b3:87:ee:f9:ba:e7:c0:89:13:92:c0:
f6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:EF:22:3F:D7:54:97:4F:2A:83:18:00:B2:5A:9F:65:8B:FB:88:EA
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/je8iP9dUl08qgxgAslqfZYv7iOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:21e::/48
Signature Algorithm: sha256WithRSAEncryption
95:b1:62:bc:36:ca:95:6a:0d:63:d5:5c:34:0f:78:f5:7a:88:
e3:41:ee:4d:56:25:39:ee:34:55:b5:fb:35:88:57:9c:b2:0e:
1f:1e:4a:c1:02:ec:98:fe:67:2f:bd:9e:d9:65:e3:94:1e:a6:
5e:d3:97:57:4e:5c:4f:4b:1c:e3:03:75:f4:74:de:79:72:21:
25:70:bf:b3:82:bb:e8:e6:e3:e8:4f:c4:57:60:0b:79:56:77:
e0:c0:69:a6:95:9f:80:68:c1:53:28:8f:98:7f:e6:ab:8a:88:
76:28:d3:b2:ac:c1:7a:b1:17:8f:bb:fd:c5:4f:15:b9:0f:a3:
4d:3c:68:f6:dc:ce:d3:82:73:b9:8d:bf:8b:a0:70:1b:3e:ed:
1e:fa:a9:62:48:8a:02:6a:46:b7:15:f4:38:c3:10:b3:3f:fd:
17:40:f0:fa:5a:59:e3:16:9a:12:b1:a3:f5:23:bf:eb:8a:85:
1d:d7:f4:3a:df:af:c4:c9:ed:23:5d:90:a9:94:24:ca:21:c3:
26:2a:2f:be:a6:bc:aa:ac:87:33:1d:31:c1:b5:68:f9:0a:8d:
65:46:16:a0:a1:81:66:05:11:7b:4e:7f:b8:5b:37:ff:9b:15:
93:3f:40:e5:cf:1c:40:13:fc:0a:20:0a:5b:97:4a:d6:70:81:
d2:50:1b:61
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZz5LDTuw1HwRQAfMgRn2gqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwMzE3MDAyMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGVmMjIzZmQ3NTQ5NzRmMmE4MzE4MDBiMjVhOWY2NThiZmI4OGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmiaryWT3lzPNUm4Eu/tI+kJQQ5Z
YXSg2H9LFEbD4mXRCdal1gYnYYEViRu2mUr+NNrC/a4DyN7lLqQd3Mrh5H874beV
EDAZY8H68Tv3PYU/4gen1GLRhfAgEjYVWDELSh+KmXsaEujl/wWah4fqLXyVMJ17
Wi69P4UwU0fXqZGuktmqsWXxsFMj9q9PfSzUF+crjWeDzdcRrgi0c/g5xSacgjek
vGMFDeOyhKxwpgy3MOtwWcDFU4JSNWChr7H4NFXqO304urQ41KotEeAg142Wg2wE
hXSqZ1Vmo/N777EK0fEMbBHiQZfz0gZPPNgZii79s4fu+brnwIkTksD25QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFI3vIj/XVJdPKoMYALJan2WL+4jqMB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvamU4aVA5ZFVsMDhxZ3hnQXNscWZaWXY3aU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgaYAQIe
MA0GCSqGSIb3DQEBCwUAA4IBAQCVsWK8NsqVag1j1Vw0D3j1eojjQe5NViU57jRV
tfs1iFecsg4fHkrBAuyY/mcvvZ7ZZeOUHqZe05dXTlxPSxzjA3X0dN55ciElcL+z
grvo5uPoT8RXYAt5VnfgwGmmlZ+AaMFTKI+Yf+arioh2KNOyrMF6sRePu/3FTxW5
D6NNPGj23M7TgnO5jb+LoHAbPu0e+qliSIoCaka3FfQ4wxCzP/0XQPD6WlnjFpoS
saP1I7/rioUd1/Q636/Eye0jXZCplCTKIcMmKi++pryqrIczHTHBtWj5Co1lRhag
oYFmBRF7Tn+4Wzf/mxWTP0DlzxxAE/wKIApbl0rWcIHSUBth
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:18:25 2026 by rpki-client