Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1-EuxhZ0RM2Rlz901h1PLvdPTwU8.roa
File: 1-EuxhZ0RM2Rlz901h1PLvdPTwU8.roa (raw, json)
Hash identifier: +idvdMg/8ayz7irrDT/t/rLErqmHon19WYnesZJwag8=
Subject key identifier: F8:4B:B1:85:9D:11:33:64:65:CF:DD:35:87:53:CB:BD:D3:D3:C1:4F
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019D0253F59B6F0295397297F01B98D23CDA
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1-EuxhZ0RM2Rlz901h1PLvdPTwU8.roa
Signing time: Wed 18 Mar 2026 19:02:29 +0000
ROA not before: Wed 18 Mar 2026 19:02:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204968
IP address blocks: 2a0d:6ec0::/29 maxlen: 29
2a0d:9740::/29 maxlen: 29
2a0d:b540::/29 maxlen: 29
2a0d:b845::/32 maxlen: 32
2a0e:19c2::/32 maxlen: 32
2a12:a504::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:02:53:f5:9b:6f:02:95:39:72:97:f0:1b:98:d2:3c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 18 19:02:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f84bb1859d11336465cfdd358753cbbdd3d3c14f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:76:b5:65:70:f3:a7:43:c6:1e:52:21:6e:ff:
78:44:c2:97:aa:ae:55:07:43:85:4f:3f:51:57:5f:
9a:a2:46:0d:aa:6a:e0:ce:0e:49:c2:25:99:cc:1d:
f8:40:10:93:c9:bc:b4:ee:41:d0:08:bc:1f:f3:7a:
13:e6:a5:88:d4:3a:3a:b2:01:56:98:bf:2c:a2:3e:
f1:c2:50:38:5a:e3:10:17:c9:8e:35:f4:b8:dc:66:
e1:50:cc:5c:06:28:79:c3:51:8c:18:2b:87:71:da:
9f:1f:91:0f:dd:9a:a3:2a:1d:71:b1:3b:08:af:a4:
47:79:6f:3c:0a:20:30:d0:14:f8:e5:d7:be:ea:37:
56:3f:3c:e9:03:e8:85:ab:5a:e2:8b:8e:c8:55:a0:
36:62:3d:ca:7c:bd:cd:03:fb:b8:a3:56:5c:5c:72:
37:4e:ac:f6:b4:8f:6b:1b:20:e4:cd:ec:0c:3a:8f:
2b:da:fe:4b:81:5c:69:a5:c2:9d:96:25:53:8b:60:
2d:85:db:34:c2:d6:9a:50:85:25:18:d6:27:c4:c0:
26:4f:42:16:dc:e2:46:c4:28:52:00:d0:30:f2:3e:
ae:e2:88:dc:1a:0f:8d:fc:89:96:7e:35:f5:0e:00:
04:49:16:6f:5d:f8:16:28:a4:04:15:35:8b:10:67:
d0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:4B:B1:85:9D:11:33:64:65:CF:DD:35:87:53:CB:BD:D3:D3:C1:4F
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/1-EuxhZ0RM2Rlz901h1PLvdPTwU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:6ec0::/29
2a0d:9740::/29
2a0d:b540::/29
2a0d:b845::/32
2a0e:19c2::/32
2a12:a504::/32
Signature Algorithm: sha256WithRSAEncryption
10:4f:b5:53:7f:63:9d:30:43:d6:07:7a:13:6b:20:7a:16:4e:
a6:9d:e0:0b:b1:fc:d6:34:5e:b3:46:5e:b2:3c:e2:ac:b5:e3:
63:b7:70:35:bf:66:4b:78:25:cc:99:10:ab:03:51:3f:6c:e9:
98:6a:50:1c:13:b1:11:83:4d:60:d2:c0:ee:94:5d:09:60:69:
01:53:55:11:cc:bc:c2:5d:62:d6:c4:e5:10:58:f5:18:2c:f3:
00:d2:42:14:a6:a0:6e:9e:0d:e5:81:24:d3:92:30:e8:5f:f5:
c9:95:b6:24:73:6c:f3:72:1d:cc:da:42:2d:94:25:e0:e8:5c:
d7:00:02:44:74:13:1f:35:07:b2:f0:ab:40:b5:00:06:94:db:
42:99:6f:30:1b:a6:c8:13:7b:4b:ad:1c:27:50:ca:ff:c9:b2:
ae:f1:43:70:54:94:06:c3:ed:c3:65:2e:66:0a:e9:0d:d4:55:
e1:8a:18:c9:b6:6b:a7:4a:38:bc:b5:7a:9d:c6:55:31:8b:42:
b6:e9:e4:3d:b5:58:cc:4b:61:89:bd:d0:33:53:aa:62:fd:6e:
9c:a6:df:d6:29:7e:9e:31:b7:2b:af:3a:65:5d:66:23:61:cf:
85:a6:71:d3:af:10:98:26:6f:51:de:cd:ee:80:b9:12:d5:12:
d1:d7:16:e3
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZ0CU/WbbwKVOXKX8BuY0jzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMzE4MTkwMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODRiYjE4NTlkMTEzMzY0NjVjZmRkMzU4NzUzY2JiZGQzZDNjMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXa1ZXDzp0PGHlIhbv94RMKXqq5V
B0OFTz9RV1+aokYNqmrgzg5JwiWZzB34QBCTyby07kHQCLwf83oT5qWI1Do6sgFW
mL8soj7xwlA4WuMQF8mONfS43GbhUMxcBih5w1GMGCuHcdqfH5EP3ZqjKh1xsTsI
r6RHeW88CiAw0BT45de+6jdWPzzpA+iFq1rii47IVaA2Yj3KfL3NA/u4o1ZcXHI3
Tqz2tI9rGyDkzewMOo8r2v5LgVxppcKdliVTi2Athds0wtaaUIUlGNYnxMAmT0IW
3OJGxChSANAw8j6u4ojcGg+N/ImWfjX1DgAESRZvXfgWKKQEFTWLEGfQywIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPhLsYWdETNkZc/dNYdTy73T08FPMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvMS1FdXhoWjBSTTJSbHo5MDFoMVBMdmRQVHdVOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvN2I5MzM2LWU5ZjgtNGUyNy1hZjRiLTIzOWQyZmUzOThi
MS8xL0NUTlR3ZnEtaVdyNHVGX25ZQTVHTkphUHpFdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAIwKgMFAyoNbsAD
BQMqDZdAAwUDKg21QAMFACoNuEUDBQAqDhnCAwUAKhKlBDANBgkqhkiG9w0BAQsF
AAOCAQEAEE+1U39jnTBD1gd6E2sgehZOpp3gC7H81jRes0ZesjzirLXjY7dwNb9m
S3glzJkQqwNRP2zpmGpQHBOxEYNNYNLA7pRdCWBpAVNVEcy8wl1i1sTlEFj1GCzz
ANJCFKagbp4N5YEk05Iw6F/1yZW2JHNs83IdzNpCLZQl4Ohc1wACRHQTHzUHsvCr
QLUABpTbQplvMBumyBN7S60cJ1DK/8myrvFDcFSUBsPtw2UuZgrpDdRV4YoYybZr
p0o4vLV6ncZVMYtCtunkPbVYzEthib3QM1OqYv1unKbf1il+njG3K686ZV1mI2HP
haZx068QmCZvUd7N7oC5EtUS0dcW4w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:06:22 2026 by rpki-client