Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/fqUNDI6t_3vHuRV0IiI8x2Azyzs.roa
File: fqUNDI6t_3vHuRV0IiI8x2Azyzs.roa (raw, json)
Hash identifier: aUGvGt8Cav72LbJhZwgwPmCyzoe8Sjtup/IbUBpY99s=
Subject key identifier: 7E:A5:0D:0C:8E:AD:FF:7B:C7:B9:15:74:22:22:3C:C7:60:33:CB:3B
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019DD50ECABF62AAC34E171FBEBF37B50E52
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/fqUNDI6t_3vHuRV0IiI8x2Azyzs.roa
Signing time: Tue 28 Apr 2026 17:06:49 +0000
ROA not before: Tue 28 Apr 2026 17:06:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205828
IP address blocks: 2a0d:5340::/29 maxlen: 29
2a0d:b844::/32 maxlen: 32
2a0d:e245::/32 maxlen: 32
2a0f:2200::/29 maxlen: 29
2a0f:cb80::/29 maxlen: 29
2a11:ec4::/32 maxlen: 32
2a11:b4c3::/32 maxlen: 32
2a12:cf85::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d5:0e:ca:bf:62:aa:c3:4e:17:1f:be:bf:37:b5:0e:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 28 17:06:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7ea50d0c8eadff7bc7b9157422223cc76033cb3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:22:5a:22:3b:f4:5f:1e:3f:e1:29:95:f6:65:
b9:56:f2:4e:90:7d:5f:a0:2c:4a:3a:c9:61:05:ba:
cd:4c:55:70:ba:d1:ca:0b:69:59:48:e1:e5:29:44:
f3:f6:1f:d1:95:63:b5:de:74:84:ba:fd:44:01:7e:
b5:7f:2e:9f:35:0a:15:40:74:01:a8:f8:f8:bc:99:
02:ed:59:d1:55:52:8b:14:6a:eb:79:63:15:18:43:
22:64:a1:1e:b0:37:e7:85:e2:f4:65:4d:c8:e3:67:
16:b9:7b:5f:ab:fc:2a:1e:7a:66:cd:da:e0:55:c0:
d8:f8:5b:89:41:e9:27:15:52:27:ec:62:f1:36:8b:
e6:9b:ee:db:51:c5:cc:96:37:f2:22:1b:d4:1b:cf:
08:5b:54:1e:21:df:9c:02:77:11:96:8b:b8:5f:c5:
ce:25:99:79:13:53:b8:1d:a5:4c:42:13:90:0a:b1:
00:6b:37:5f:fd:75:24:a7:e8:af:88:c7:d4:bb:78:
dd:8e:f9:c1:87:7b:a2:0f:dc:0b:43:59:4d:25:21:
f6:fa:6b:50:c9:80:1d:0a:bd:9c:b4:d8:7a:db:f6:
1d:1a:f7:62:cb:37:26:d2:65:af:0c:a6:40:1c:c1:
df:ec:a2:24:fd:dc:4c:a3:9a:95:73:4f:b2:77:81:
a5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:A5:0D:0C:8E:AD:FF:7B:C7:B9:15:74:22:22:3C:C7:60:33:CB:3B
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/fqUNDI6t_3vHuRV0IiI8x2Azyzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:5340::/29
2a0d:b844::/32
2a0d:e245::/32
2a0f:2200::/29
2a0f:cb80::/29
2a11:ec4::/32
2a11:b4c3::/32
2a12:cf85::/32
Signature Algorithm: sha256WithRSAEncryption
3b:a7:13:60:09:1f:fb:33:15:50:4b:05:12:cc:71:62:38:6c:
c7:ab:93:84:9c:98:83:8e:5c:31:a4:c1:18:2f:58:07:6f:ac:
41:3e:26:0a:44:6b:4c:37:5e:f3:04:7e:c8:eb:0f:e7:cf:23:
e9:86:26:c8:27:fd:f6:74:94:05:5a:e0:95:2e:70:f0:d3:b7:
12:bb:84:9a:de:0d:9a:77:24:6c:99:98:c4:f7:4d:3d:9d:08:
76:f1:73:a2:bb:32:4a:43:df:24:02:c9:20:cd:52:5c:9c:82:
fd:0e:18:a2:aa:eb:32:2d:27:93:e9:9c:54:17:2a:dd:2c:00:
f5:91:97:b7:61:93:66:72:fe:0f:ce:7a:56:25:53:b5:5c:2c:
ae:11:8c:e6:32:05:91:46:72:25:0d:16:40:f1:ae:ad:58:45:
60:0a:a2:f8:a5:93:74:20:b1:26:35:7f:36:cd:1a:52:1e:09:
50:d2:1e:ad:12:c6:1b:0a:d5:b7:b6:02:0a:9f:08:58:76:49:
72:59:79:7a:52:21:e6:f8:0c:ce:9c:12:88:8c:6b:49:14:ce:
94:9a:08:df:4f:b2:11:ae:6e:0d:d1:f3:d7:80:e5:1e:4c:43:
59:1c:4f:40:5d:0c:7c:57:08:86:e1:9d:06:4e:4e:30:49:d8:
ba:de:04:91
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ3VDsq/YqrDThcfvr83tQ5SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNDI4MTcwNjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWE1MGQwYzhlYWRmZjdiYzdiOTE1NzQyMjIyM2NjNzYwMzNjYjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSJaIjv0Xx4/4SmV9mW5VvJOkH1f
oCxKOslhBbrNTFVwutHKC2lZSOHlKUTz9h/RlWO13nSEuv1EAX61fy6fNQoVQHQB
qPj4vJkC7VnRVVKLFGrreWMVGEMiZKEesDfnheL0ZU3I42cWuXtfq/wqHnpmzdrg
VcDY+FuJQeknFVIn7GLxNovmm+7bUcXMljfyIhvUG88IW1QeId+cAncRlou4X8XO
JZl5E1O4HaVMQhOQCrEAazdf/XUkp+iviMfUu3jdjvnBh3uiD9wLQ1lNJSH2+mtQ
yYAdCr2ctNh62/YdGvdiyzcm0mWvDKZAHMHf7KIk/dxMo5qVc0+yd4GlkQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFH6lDQyOrf97x7kVdCIiPMdgM8s7MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvZnFVTkRJNnRfM3ZIdVJWMElpSTh4MkF6eXpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKg1TQAMF
ACoNuEQDBQAqDeJFAwUDKg8iAAMFAyoPy4ADBQAqEQ7EAwUAKhG0wwMFACoSz4Uw
DQYJKoZIhvcNAQELBQADggEBADunE2AJH/szFVBLBRLMcWI4bMerk4ScmIOOXDGk
wRgvWAdvrEE+JgpEa0w3XvMEfsjrD+fPI+mGJsgn/fZ0lAVa4JUucPDTtxK7hJre
DZp3JGyZmMT3TT2dCHbxc6K7MkpD3yQCySDNUlycgv0OGKKq6zItJ5PpnFQXKt0s
APWRl7dhk2Zy/g/OelYlU7VcLK4RjOYyBZFGciUNFkDxrq1YRWAKovilk3QgsSY1
fzbNGlIeCVDSHq0SxhsK1be2AgqfCFh2SXJZeXpSIeb4DM6cEoiMa0kUzpSaCN9P
shGubg3R89eA5R5MQ1kcT0BdDHxXCIbhnQZOTjBJ2LreBJE=
-----END CERTIFICATE-----
Generated at Wed May 13 01:41:19 2026 by rpki-client