Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/3ksnX-b9p756dbOE37bJBUNxExM.roa
File: 3ksnX-b9p756dbOE37bJBUNxExM.roa (raw, json)
Hash identifier: tIxOiVZDZc42y9i9ILtzMkOcM/rAE5epjBMZVRc3RKQ=
Subject key identifier: DE:4B:27:5F:E6:FD:A7:BE:7A:75:B3:84:DF:B6:C9:05:43:71:13:13
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019E092F53D3D43550C41B35CCE1D7718336
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/3ksnX-b9p756dbOE37bJBUNxExM.roa
Signing time: Fri 08 May 2026 20:02:37 +0000
ROA not before: Fri 08 May 2026 20:02:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204909
IP address blocks: 2a0d:7140::/29 maxlen: 29
2a0d:97c0::/29 maxlen: 29
2a11:e2c2::/32 maxlen: 32
2a11:e2c5::/32 maxlen: 32
2a12:8785::/32 maxlen: 32
2a12:a506::/32 maxlen: 32
2a12:cf82::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:09:2f:53:d3:d4:35:50:c4:1b:35:cc:e1:d7:71:83:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: May 8 20:02:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=de4b275fe6fda7be7a75b384dfb6c90543711313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:25:7c:51:74:2b:d8:39:fe:ad:53:d7:7e:85:
83:20:d1:74:b2:3e:b6:ba:b4:4a:90:c8:88:13:3a:
5e:98:39:16:21:b1:96:e5:4a:a2:4c:33:d7:e0:33:
de:d1:d1:4a:6c:88:50:fe:df:b0:f3:02:8f:d1:2d:
b0:76:fc:e9:46:a1:60:31:49:cc:df:2c:3e:f8:16:
5f:fc:3a:26:7c:18:a4:8d:1e:fc:61:08:70:18:b6:
48:c4:cd:3c:7b:f3:9d:e9:1d:a9:04:2c:98:be:9a:
8d:45:fa:cd:85:fd:42:29:74:bd:06:bb:85:89:7c:
3c:68:4a:a2:81:e0:d8:cb:0d:9c:00:85:c0:b5:e9:
81:5c:b2:70:95:e2:7b:77:83:90:bb:f6:5a:29:38:
47:e3:10:06:9a:c5:bd:ea:bc:96:7b:36:6b:56:cc:
6d:91:4f:19:53:7c:2c:ba:ea:00:e9:44:a3:ee:f1:
6f:a1:0d:71:e8:e3:2b:29:f6:58:a1:55:cd:db:ec:
6f:c2:52:d8:08:46:67:dd:6f:9a:4c:cb:0b:80:09:
57:d8:08:8a:90:a3:29:f3:af:eb:91:26:eb:e5:0f:
ed:47:45:56:8f:0f:90:77:3c:91:86:82:4e:5b:10:
44:96:84:e8:a2:09:d3:01:42:bf:29:68:f2:e1:58:
7c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:4B:27:5F:E6:FD:A7:BE:7A:75:B3:84:DF:B6:C9:05:43:71:13:13
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/3ksnX-b9p756dbOE37bJBUNxExM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:7140::/29
2a0d:97c0::/29
2a11:e2c2::/32
2a11:e2c5::/32
2a12:8785::/32
2a12:a506::/32
2a12:cf82::/32
Signature Algorithm: sha256WithRSAEncryption
6e:d2:97:b1:72:5e:7a:62:67:e0:ac:2c:d0:09:e7:01:66:11:
2d:5b:85:8c:88:78:aa:84:1c:8c:90:c4:0f:ac:f8:49:ac:9e:
04:1b:9f:37:73:b8:7b:ae:6f:d5:a2:66:43:19:59:b5:0d:7d:
2a:fc:5d:6f:99:37:55:6b:42:1a:06:7e:b9:07:66:15:92:65:
3c:6b:69:5e:03:78:de:03:52:76:71:03:12:5a:78:e5:bf:e2:
f0:0e:4d:ae:5f:a0:37:93:42:98:8d:1a:7f:e2:b7:36:9f:82:
c5:02:79:a5:6a:5c:4b:33:2e:bc:f0:d5:6e:42:fc:78:ba:13:
de:03:a0:ff:e3:5c:c3:47:89:c5:a5:86:d8:b5:65:c5:48:ba:
5f:b9:95:72:16:3d:ba:6c:a8:22:2d:c7:de:7e:c8:23:8d:18:
a9:a1:32:6b:e6:41:9b:55:b5:e6:ce:d6:56:b3:83:0b:d5:1c:
19:c5:9e:81:8f:88:ce:68:2b:9d:51:62:bc:40:61:ae:0a:b0:
6f:e8:95:2e:dc:4a:03:f6:b0:09:ff:9d:cb:9c:b2:46:e1:7e:
0f:49:b9:62:e1:30:12:78:84:64:f2:ca:62:5b:96:c9:cb:f6:
62:63:df:c2:33:e7:9b:ae:4a:c6:15:b1:0a:da:dd:22:72:e5:
9c:b1:33:4a
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZ4JL1PT1DVQxBs1zOHXcYM2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNTA4MjAwMjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTRiMjc1ZmU2ZmRhN2JlN2E3NWIzODRkZmI2YzkwNTQzNzExMzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSV8UXQr2Dn+rVPXfoWDINF0sj62
urRKkMiIEzpemDkWIbGW5UqiTDPX4DPe0dFKbIhQ/t+w8wKP0S2wdvzpRqFgMUnM
3yw++BZf/DomfBikjR78YQhwGLZIxM08e/Od6R2pBCyYvpqNRfrNhf1CKXS9BruF
iXw8aEqigeDYyw2cAIXAtemBXLJwleJ7d4OQu/ZaKThH4xAGmsW96ryWezZrVsxt
kU8ZU3wsuuoA6USj7vFvoQ1x6OMrKfZYoVXN2+xvwlLYCEZn3W+aTMsLgAlX2AiK
kKMp86/rkSbr5Q/tR0VWjw+QdzyRhoJOWxBEloToognTAUK/KWjy4Vh8CQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFN5LJ1/m/ae+enWzhN+2yQVDcRMTMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvM2tzblgtYjlwNzU2ZGJPRTM3YkpCVU54RXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKg1xQAMF
AyoNl8ADBQAqEeLCAwUAKhHixQMFACoSh4UDBQAqEqUGAwUAKhLPgjANBgkqhkiG
9w0BAQsFAAOCAQEAbtKXsXJeemJn4Kws0AnnAWYRLVuFjIh4qoQcjJDED6z4Saye
BBufN3O4e65v1aJmQxlZtQ19Kvxdb5k3VWtCGgZ+uQdmFZJlPGtpXgN43gNSdnED
Elp45b/i8A5Nrl+gN5NCmI0af+K3Np+CxQJ5pWpcSzMuvPDVbkL8eLoT3gOg/+Nc
w0eJxaWG2LVlxUi6X7mVchY9umyoIi3H3n7II40YqaEya+ZBm1W15s7WVrODC9Uc
GcWegY+IzmgrnVFivEBhrgqwb+iVLtxKA/awCf+dy5yyRuF+D0m5YuEwEniEZPLK
YluWycv2YmPfwjPnm65KxhWxCtrdInLlnLEzSg==
-----END CERTIFICATE-----
Generated at Wed May 13 01:06:55 2026 by rpki-client