Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/EMwXut0lCxr0yZxLLlT8loPfQYU.roa
File: EMwXut0lCxr0yZxLLlT8loPfQYU.roa (raw, json)
Hash identifier: s1jngIe6+NV1iMXfpd3MQcvfoxkWRUUhjGoclP3EHwo=
Subject key identifier: 10:CC:17:BA:DD:25:0B:1A:F4:C9:9C:4B:2E:54:FC:96:83:DF:41:85
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019D215C21200B067720BE8F401B0359AF7B
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/EMwXut0lCxr0yZxLLlT8loPfQYU.roa
Signing time: Tue 24 Mar 2026 19:39:39 +0000
ROA not before: Tue 24 Mar 2026 19:39:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206174
IP address blocks: 2a0d:d3c0::/29 maxlen: 29
2a0d:e240::/32 maxlen: 32
2a0d:e246::/32 maxlen: 32
2a0d:f5c0::/29 maxlen: 29
2a0e:8c0::/29 maxlen: 29
2a11:ec1::/32 maxlen: 32
2a12:2801::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:21:5c:21:20:0b:06:77:20:be:8f:40:1b:03:59:af:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 24 19:39:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=10cc17badd250b1af4c99c4b2e54fc9683df4185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ad:a0:27:6b:76:fd:eb:87:59:48:34:22:46:
cd:35:72:29:08:9b:56:88:6f:6e:a1:0b:94:89:8f:
e2:75:10:23:c6:2f:f0:5e:aa:d8:0c:1d:8e:18:be:
e8:c6:bc:c9:4c:59:8a:31:8f:5d:45:d0:09:d4:8e:
72:88:b1:0c:b9:5e:53:e5:ca:80:ad:4f:89:eb:1e:
fb:a5:cd:01:d6:68:1b:dc:fd:d7:9d:dc:d7:95:6e:
09:36:42:b6:81:d4:be:41:63:9d:52:54:61:45:b3:
72:fc:a8:07:e7:57:1c:5f:87:db:32:c5:ec:5e:c5:
56:eb:63:50:a1:5c:44:83:e6:46:43:5c:d7:bd:4b:
7d:61:a1:d3:24:b2:f3:38:97:cb:dd:c7:f5:48:91:
57:7b:85:af:1a:0b:fa:86:d4:60:34:cc:11:34:a2:
a5:43:55:27:14:f6:f9:eb:f0:96:21:61:33:74:30:
d7:26:0e:c4:59:f3:f3:c3:35:40:d7:ba:57:21:dc:
96:cb:92:34:e3:c7:7b:b1:9a:5a:7b:50:ea:79:35:
21:c3:61:54:56:0b:0d:52:eb:0d:47:74:e0:14:56:
26:9f:12:bc:3e:01:e3:91:0f:a8:5f:ec:78:e9:d0:
15:9b:b3:95:4f:e8:b4:33:73:96:58:84:36:0f:21:
e3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:CC:17:BA:DD:25:0B:1A:F4:C9:9C:4B:2E:54:FC:96:83:DF:41:85
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/EMwXut0lCxr0yZxLLlT8loPfQYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d3c0::/29
2a0d:e240::/32
2a0d:e246::/32
2a0d:f5c0::/29
2a0e:8c0::/29
2a11:ec1::/32
2a12:2801::/32
Signature Algorithm: sha256WithRSAEncryption
8f:11:a6:16:2e:4e:1e:e9:0b:60:bb:6d:3f:a3:ec:1c:d4:f4:
a3:e9:f7:56:f1:2e:c1:b5:24:f1:a1:b0:93:16:24:ad:da:1d:
af:ad:4d:b4:ba:ef:23:15:b1:74:09:2d:a4:02:d4:91:04:9a:
75:c4:20:41:98:94:9e:e8:4f:3b:fd:cc:10:6f:2b:a7:19:e7:
7a:20:46:a9:63:fe:bd:56:3e:98:47:c7:5a:90:af:ec:b0:80:
bc:bf:20:2b:c4:d7:64:84:98:e4:3b:78:a2:1a:97:17:af:1f:
4e:55:2b:78:31:a1:1a:ef:30:8d:7c:1d:94:71:ae:7b:be:fe:
8a:59:47:e9:95:62:12:7b:6e:65:8a:35:fb:a7:b9:62:29:ab:
af:2d:15:b2:cc:01:91:75:1d:18:fe:de:b6:c3:ab:46:d9:10:
7e:ee:18:42:be:33:57:d0:6c:bb:59:a6:8b:d1:35:25:c1:61:
35:74:19:7a:11:3f:60:67:45:f5:05:34:07:d1:73:b1:3d:40:
1a:50:3c:0b:33:eb:2c:46:fb:1a:a4:0a:5f:a3:f3:05:4b:55:
c4:a9:e4:fb:a0:b8:c9:ab:48:d5:fd:86:a4:09:3f:a1:97:88:
cf:a4:4c:ee:38:8e:e0:0d:13:3b:d1:8d:ad:9a:1d:6a:c0:c7:
0a:57:52:f7
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZ0hXCEgCwZ3IL6PQBsDWa97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMzI0MTkzOTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGNjMTdiYWRkMjUwYjFhZjRjOTljNGIyZTU0ZmM5NjgzZGY0MTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvK2gJ2t2/euHWUg0IkbNNXIpCJtW
iG9uoQuUiY/idRAjxi/wXqrYDB2OGL7oxrzJTFmKMY9dRdAJ1I5yiLEMuV5T5cqA
rU+J6x77pc0B1mgb3P3XndzXlW4JNkK2gdS+QWOdUlRhRbNy/KgH51ccX4fbMsXs
XsVW62NQoVxEg+ZGQ1zXvUt9YaHTJLLzOJfL3cf1SJFXe4WvGgv6htRgNMwRNKKl
Q1UnFPb56/CWIWEzdDDXJg7EWfPzwzVA17pXIdyWy5I048d7sZpae1DqeTUhw2FU
VgsNUusNR3TgFFYmnxK8PgHjkQ+oX+x46dAVm7OVT+i0M3OWWIQ2DyHjdQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFBDMF7rdJQsa9MmcSy5U/JaD30GFMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvRU13WHV0MGxDeHIweVp4TExsVDhsb1BmUVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAAjAxAwUDKg3TwAMF
ACoN4kADBQAqDeJGAwUDKg31wAMFAyoOCMADBQAqEQ7BAwUAKhIoATANBgkqhkiG
9w0BAQsFAAOCAQEAjxGmFi5OHukLYLttP6PsHNT0o+n3VvEuwbUk8aGwkxYkrdod
r61NtLrvIxWxdAktpALUkQSadcQgQZiUnuhPO/3MEG8rpxnneiBGqWP+vVY+mEfH
WpCv7LCAvL8gK8TXZISY5Dt4ohqXF68fTlUreDGhGu8wjXwdlHGue77+illH6ZVi
EntuZYo1+6e5Yimrry0VsswBkXUdGP7etsOrRtkQfu4YQr4zV9Bsu1mmi9E1JcFh
NXQZehE/YGdF9QU0B9FzsT1AGlA8CzPrLEb7GqQKX6PzBUtVxKnk+6C4yatI1f2G
pAk/oZeIz6RM7jiO4A0TO9GNrZodasDHCldS9w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:01:17 2026 by rpki-client