Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/OyZDKLcx9SVn6ukw6jfV-4ITzOQ.roa
File: OyZDKLcx9SVn6ukw6jfV-4ITzOQ.roa (raw, json)
Hash identifier: /Mu7HPQdIImfgaw9kz9iWRZ/LhnkVP0BA5F1MDYQFG8=
Subject key identifier: 3B:26:43:28:B7:31:F5:25:67:EA:E9:30:EA:37:D5:FB:82:13:CC:E4
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019DD50ECB1DA2C4183327BFDBD94355F7F9
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/OyZDKLcx9SVn6ukw6jfV-4ITzOQ.roa
Signing time: Tue 28 Apr 2026 17:06:49 +0000
ROA not before: Tue 28 Apr 2026 17:06:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205866
IP address blocks: 2a0d:cc40::/29 maxlen: 29
2a0d:e1c0::/29 maxlen: 29
2a0d:e241::/32 maxlen: 32
2a11:ec2::/32 maxlen: 32
2a11:e2c7::/32 maxlen: 32
2a12:2806::/32 maxlen: 32
2a12:8781::/32 maxlen: 32
2a12:cf83::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d5:0e:cb:1d:a2:c4:18:33:27:bf:db:d9:43:55:f7:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 28 17:06:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3b264328b731f52567eae930ea37d5fb8213cce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ff:cf:4f:36:19:5b:15:a0:bf:a1:dc:df:56:
55:40:f3:a7:80:b6:8c:b6:c3:09:c4:38:3a:74:21:
d6:ac:73:a3:7a:b2:6d:b2:77:97:96:02:5b:40:13:
57:84:64:ea:b7:df:b7:9b:d9:7d:ab:41:ee:6b:e1:
82:9b:20:43:35:51:34:6d:11:14:7b:e1:0d:cb:93:
7c:7f:8d:e5:07:e2:ac:ed:06:d0:2f:5f:60:59:cf:
4f:8c:5d:27:ee:6b:31:14:07:34:f6:0f:ad:e8:4f:
67:a6:c1:3c:18:f0:de:f9:a4:dd:03:8f:db:24:7c:
8b:1c:34:1d:76:ce:71:ae:91:ae:ea:5d:37:51:6b:
50:ec:04:4d:f0:04:47:d7:ff:59:13:d6:fa:53:39:
88:aa:0d:e2:dd:d6:02:5d:d2:7d:91:e7:06:cf:4e:
f0:b0:9f:7a:c5:c2:91:51:63:f2:ea:d2:96:2c:9a:
c0:1b:c5:4a:33:90:8f:c1:dd:7c:2e:dd:d1:be:f1:
0e:60:35:fa:ba:ea:2e:20:16:d8:f3:98:ea:c5:b6:
24:5b:54:7e:45:ab:e6:a1:b3:9e:6c:31:73:a3:4b:
59:50:c9:06:c5:e9:ec:1f:cf:2c:f3:af:20:f8:24:
64:12:aa:71:9d:ee:a1:21:3b:99:c0:5a:df:ca:c5:
3a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:26:43:28:B7:31:F5:25:67:EA:E9:30:EA:37:D5:FB:82:13:CC:E4
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/OyZDKLcx9SVn6ukw6jfV-4ITzOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:cc40::/29
2a0d:e1c0::/29
2a0d:e241::/32
2a11:ec2::/32
2a11:e2c7::/32
2a12:2806::/32
2a12:8781::/32
2a12:cf83::/32
Signature Algorithm: sha256WithRSAEncryption
83:d9:96:0d:10:d8:2d:8c:a8:86:dd:82:51:f0:7a:2e:19:8e:
55:b2:dd:8c:6d:fe:32:4c:d3:80:89:81:db:f5:3c:cb:9f:c4:
a9:aa:62:c5:94:8f:7c:84:3e:6e:df:41:59:bc:22:66:a7:b9:
5c:d2:88:da:0b:c0:34:88:36:10:80:40:a1:f0:82:96:72:2e:
60:80:31:ee:cb:ed:1d:10:80:26:5e:17:f3:c7:fd:7a:96:87:
4a:fa:14:5f:57:36:53:ff:0e:0a:34:94:12:9d:ec:b4:d9:fc:
60:51:9a:88:37:99:d0:55:68:ba:fc:fc:8c:ef:4a:d3:96:6c:
bd:e8:d5:48:b0:42:ab:bb:97:7b:31:b8:07:fc:6d:5a:e9:bb:
5e:ba:a8:35:01:39:b3:07:bf:a5:3e:63:23:a1:e2:5b:76:ff:
fd:2d:13:a7:17:c8:48:88:fd:82:56:b1:81:6d:e8:04:af:f6:
e5:b6:e8:35:1d:ec:d5:92:c7:44:19:88:99:a4:b3:a7:86:f0:
68:57:69:a3:a0:ff:f0:c6:d6:e2:05:5f:07:ba:d6:a5:76:58:
b8:50:87:9d:6c:ce:60:53:75:f9:b9:9e:80:b5:bf:3d:22:f8:
12:0c:08:af:ef:2a:c6:22:98:59:ca:1f:f1:d3:35:18:a1:c3:
9d:57:14:a7
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ3VDssdosQYMye/29lDVff5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNDI4MTcwNjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjI2NDMyOGI3MzFmNTI1NjdlYWU5MzBlYTM3ZDVmYjgyMTNjY2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1//PTzYZWxWgv6Hc31ZVQPOngLaM
tsMJxDg6dCHWrHOjerJtsneXlgJbQBNXhGTqt9+3m9l9q0Hua+GCmyBDNVE0bREU
e+ENy5N8f43lB+Ks7QbQL19gWc9PjF0n7msxFAc09g+t6E9npsE8GPDe+aTdA4/b
JHyLHDQdds5xrpGu6l03UWtQ7ARN8ARH1/9ZE9b6UzmIqg3i3dYCXdJ9kecGz07w
sJ96xcKRUWPy6tKWLJrAG8VKM5CPwd18Lt3RvvEOYDX6uuouIBbY85jqxbYkW1R+
RavmobOebDFzo0tZUMkGxensH88s868g+CRkEqpxne6hITuZwFrfysU6NQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDsmQyi3MfUlZ+rpMOo31fuCE8zkMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvT3laREtMY3g5U1ZuNnVrdzZqZlYtNElUek9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKg3MQAMF
AyoN4cADBQAqDeJBAwUAKhEOwgMFACoR4scDBQAqEigGAwUAKhKHgQMFACoSz4Mw
DQYJKoZIhvcNAQELBQADggEBAIPZlg0Q2C2MqIbdglHwei4ZjlWy3Yxt/jJM04CJ
gdv1PMufxKmqYsWUj3yEPm7fQVm8ImanuVzSiNoLwDSINhCAQKHwgpZyLmCAMe7L
7R0QgCZeF/PH/XqWh0r6FF9XNlP/Dgo0lBKd7LTZ/GBRmog3mdBVaLr8/IzvStOW
bL3o1UiwQqu7l3sxuAf8bVrpu166qDUBObMHv6U+YyOh4lt2//0tE6cXyEiI/YJW
sYFt6ASv9uW26DUd7NWSx0QZiJmks6eG8GhXaaOg//DG1uIFXwe61qV2WLhQh51s
zmBTdfm5noC1vz0i+BIMCK/vKsYimFnKH/HTNRihw51XFKc=
-----END CERTIFICATE-----
Generated at Wed May 13 02:13:32 2026 by rpki-client