Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/ngSCY49O_mT-dNpyOVQKhVJSLwQ.roa
File: ngSCY49O_mT-dNpyOVQKhVJSLwQ.roa (raw, json)
Hash identifier: ZilE0fq3G5M9AxMZkqsG0tgNl6iWH0Th9K5AUbmTVUg=
Subject key identifier: 9E:04:82:63:8F:4E:FE:64:FE:74:DA:72:39:54:0A:85:52:52:2F:04
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019D22A6A2501C25DC76C1F49286924D72CE
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/ngSCY49O_mT-dNpyOVQKhVJSLwQ.roa
Signing time: Wed 25 Mar 2026 01:40:38 +0000
ROA not before: Wed 25 Mar 2026 01:40:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200085
IP address blocks: 2a06:9801:218::/48 maxlen: 48
2a06:9801:240::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:22:a6:a2:50:1c:25:dc:76:c1:f4:92:86:92:4d:72:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: Mar 25 01:40:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9e0482638f4efe64fe74da7239540a8552522f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f7:dd:d6:e1:bd:91:91:a7:d5:a0:c4:03:55:
29:fd:2c:73:33:91:f7:19:01:50:e1:41:97:11:f1:
ea:c6:2d:4d:79:9c:bf:cf:a8:1d:6f:05:f2:a4:0e:
de:19:42:ea:ef:f6:57:5f:b4:77:bd:ee:22:85:c8:
ea:33:12:8f:ad:7f:cc:7d:d9:a5:72:b7:c2:22:e2:
d4:5d:d2:1f:0f:ae:16:22:d8:54:f4:cd:f2:1d:d8:
55:9a:f8:74:e9:1a:4e:03:2e:25:4c:4a:39:c1:9d:
83:56:2c:46:8c:09:ea:02:92:e5:91:e9:73:78:d7:
e3:77:9d:20:06:10:bb:a2:b3:cf:bb:2c:a4:9c:36:
9f:0e:51:0e:b9:0f:e9:65:0d:17:29:11:87:c7:fe:
76:05:91:bf:9d:cf:c0:41:30:e0:d6:1d:05:e9:57:
ac:e1:83:25:72:68:20:df:be:4d:92:fa:6d:e2:aa:
3e:d1:bb:c4:2c:b8:99:28:56:80:14:a3:61:9d:88:
9f:8b:1b:b4:d2:95:99:97:c2:c8:2c:aa:d2:01:6a:
b9:cb:93:dc:d5:6d:7b:18:16:5a:6d:1e:99:82:31:
24:49:91:6e:9f:8b:ca:4f:09:02:c6:66:03:97:c0:
9e:c6:c1:ac:fd:07:41:6e:ab:e5:27:17:e2:05:ef:
b4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:04:82:63:8F:4E:FE:64:FE:74:DA:72:39:54:0A:85:52:52:2F:04
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/ngSCY49O_mT-dNpyOVQKhVJSLwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:218::/48
2a06:9801:240::/44
Signature Algorithm: sha256WithRSAEncryption
92:ba:30:ce:2b:98:4a:f9:9d:50:f8:ff:a1:41:c1:37:b8:cc:
2c:cf:8e:09:b2:ea:09:f9:d4:15:ad:ea:c0:aa:81:c4:dd:20:
bc:d8:b5:0f:40:ff:01:28:50:13:35:c2:f6:fa:cc:98:cd:ea:
13:97:3f:2a:4c:ec:99:52:86:94:25:5b:f0:2b:be:20:d7:55:
b7:5a:10:fa:fd:88:e2:1a:1d:88:eb:05:fe:d1:2c:0b:00:55:
ed:2a:8a:ff:09:89:e5:b1:b5:b6:a2:a2:5b:be:da:e1:88:bb:
60:52:61:82:48:c7:6b:27:f2:d9:52:b8:59:54:69:83:2f:6e:
08:99:22:51:52:a5:24:ac:f3:83:fc:0f:f1:3a:8f:40:59:b6:
bf:82:d6:16:7b:ee:38:16:44:bc:a6:5b:b2:35:37:bb:a1:0c:
38:02:db:0a:a8:64:86:09:b4:bc:82:53:2a:68:9e:3b:19:2c:
29:b4:72:b6:13:07:71:a5:6d:d9:18:2b:c4:f6:8f:2e:b5:cf:
48:0d:b3:5f:0d:bb:5b:7e:5e:a5:39:e8:8a:cb:1c:7a:0e:ba:
51:91:48:d1:c3:08:1f:12:3c:45:f3:5c:24:02:5e:06:22:60:
a9:1e:c4:3d:17:1e:22:4f:86:6a:2a:ee:c8:7c:0d:23:64:a3:
54:21:7e:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ0ipqJQHCXcdsH0koaSTXLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwMzI1MDE0MDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTA0ODI2MzhmNGVmZTY0ZmU3NGRhNzIzOTU0MGE4NTUyNTIyZjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvfd1uG9kZGn1aDEA1Up/SxzM5H3
GQFQ4UGXEfHqxi1NeZy/z6gdbwXypA7eGULq7/ZXX7R3ve4ihcjqMxKPrX/Mfdml
crfCIuLUXdIfD64WIthU9M3yHdhVmvh06RpOAy4lTEo5wZ2DVixGjAnqApLlkelz
eNfjd50gBhC7orPPuyyknDafDlEOuQ/pZQ0XKRGHx/52BZG/nc/AQTDg1h0F6Ves
4YMlcmgg375Nkvpt4qo+0bvELLiZKFaAFKNhnYifixu00pWZl8LILKrSAWq5y5Pc
1W17GBZabR6ZgjEkSZFun4vKTwkCxmYDl8CexsGs/QdBbqvlJxfiBe+0dwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ4EgmOPTv5k/nTacjlUCoVSUi8EMB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvbmdTQ1k0OU9fbVQtZE5weU9WUUtoVkpTTHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgaYAQIY
AwcEKgaYAQJAMA0GCSqGSIb3DQEBCwUAA4IBAQCSujDOK5hK+Z1Q+P+hQcE3uMws
z44JsuoJ+dQVrerAqoHE3SC82LUPQP8BKFATNcL2+syYzeoTlz8qTOyZUoaUJVvw
K74g11W3WhD6/YjiGh2I6wX+0SwLAFXtKor/CYnlsbW2oqJbvtrhiLtgUmGCSMdr
J/LZUrhZVGmDL24ImSJRUqUkrPOD/A/xOo9AWba/gtYWe+44FkS8pluyNTe7oQw4
AtsKqGSGCbS8glMqaJ47GSwptHK2EwdxpW3ZGCvE9o8utc9IDbNfDbtbfl6lOeiK
yxx6DrpRkUjRwwgfEjxF81wkAl4GImCpHsQ9Fx4iT4ZqKu7IfA0jZKNUIX7e
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:18:37 2026 by rpki-client