Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/iOqzgJoTeWWDRW3_X0AVxQgU_JA.roa
File: iOqzgJoTeWWDRW3_X0AVxQgU_JA.roa (raw, json)
Hash identifier: m5ArsI4q/NJVpHqu6VBn1hjRbGKg2hKoboaZxcqw/Xk=
Subject key identifier: 88:EA:B3:80:9A:13:79:65:83:45:6D:FF:5F:40:15:C5:08:14:FC:90
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019D2BE31EEBDBB64432A093104A394684AA
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/iOqzgJoTeWWDRW3_X0AVxQgU_JA.roa
Signing time: Thu 26 Mar 2026 20:43:17 +0000
ROA not before: Thu 26 Mar 2026 20:43:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34567
IP address blocks: 2a0d:8cc0::/29 maxlen: 29
2a0d:ad40::/29 maxlen: 29
2a0d:b840::/29 maxlen: 29
2a0e:af40::/29 maxlen: 29
2a0e:e9c0::/29 maxlen: 29
2a0f:e180::/29 maxlen: 29
2a11:17c0::/29 maxlen: 29
2a11:1c80::/29 maxlen: 29
2a11:2d00::/29 maxlen: 29
2a11:4540::/29 maxlen: 29
2a11:4f00::/29 maxlen: 29
2a11:64c0::/29 maxlen: 29
2a11:6b80::/29 maxlen: 29
2a11:77c0::/29 maxlen: 29
2a11:81c0::/29 maxlen: 29
2a11:86c0::/29 maxlen: 29
2a11:8740::/29 maxlen: 29
2a11:8980::/29 maxlen: 29
2a11:9040::/29 maxlen: 29
2a11:9580::/29 maxlen: 29
2a11:9640::/29 maxlen: 29
2a11:9f00::/29 maxlen: 29
2a11:a040::/29 maxlen: 29
2a11:a140::/29 maxlen: 29
2a11:b0c0::/29 maxlen: 29
2a11:b700::/29 maxlen: 29
2a11:bb00::/29 maxlen: 29
2a11:bbc0::/29 maxlen: 29
2a11:bdc0::/29 maxlen: 29
2a11:be40::/29 maxlen: 29
2a11:bf80::/29 maxlen: 29
2a11:c240::/29 maxlen: 29
2a11:c580::/29 maxlen: 29
2a11:c680::/29 maxlen: 29
2a11:cec0::/29 maxlen: 29
2a11:d340::/29 maxlen: 29
2a11:d880::/29 maxlen: 29
2a11:dac0::/29 maxlen: 29
2a11:df00::/29 maxlen: 29
2a11:e2c0::/29 maxlen: 29
2a11:e640::/29 maxlen: 29
2a11:e6c0::/29 maxlen: 29
2a11:e8c0::/29 maxlen: 29
2a11:eac0::/29 maxlen: 29
2a11:fa40::/29 maxlen: 29
2a11:fc40::/29 maxlen: 29
2a11:ff40::/29 maxlen: 29
2a12:580::/29 maxlen: 29
2a12:640::/29 maxlen: 29
2a12:900::/29 maxlen: 29
2a12:dc0::/29 maxlen: 29
2a12:e40::/29 maxlen: 29
2a12:e80::/29 maxlen: 29
2a12:11c0::/29 maxlen: 29
2a12:12c0::/29 maxlen: 29
2a12:1a80::/29 maxlen: 29
2a12:2b80::/29 maxlen: 29
2a12:2e80::/29 maxlen: 29
2a12:3c00::/29 maxlen: 29
2a12:6480::/29 maxlen: 29
2a12:8380::/29 maxlen: 29
2a12:8480::/29 maxlen: 29
2a12:8a00::/29 maxlen: 29
2a12:9200::/29 maxlen: 29
2a12:aa00::/29 maxlen: 29
2a12:af00::/29 maxlen: 29
2a12:b400::/29 maxlen: 29
2a12:b700::/29 maxlen: 29
2a12:bb00::/29 maxlen: 29
2a12:bc80::/29 maxlen: 29
2a12:c980::/29 maxlen: 29
2a12:cf80::/29 maxlen: 29
2a12:d080::/29 maxlen: 29
2a12:d200::/29 maxlen: 29
2a12:d800::/29 maxlen: 29
2a12:f980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 08:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:e3:1e:eb:db:b6:44:32:a0:93:10:4a:39:46:84:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 26 20:43:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=88eab3809a13796583456dff5f4015c50814fc90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:3a:93:66:b8:4d:e2:b5:e7:a5:37:5b:ee:ca:
02:2b:c9:68:db:54:1b:a1:61:35:61:fd:95:75:74:
5d:5d:a0:f9:ea:c6:38:41:ed:76:3b:7b:7d:30:7c:
ed:76:48:a1:79:b9:cc:84:db:4f:e2:1f:23:c4:18:
0f:ff:d5:6d:5a:02:36:45:d3:1f:c9:55:38:74:20:
5b:22:aa:57:eb:30:7f:6a:3b:81:c1:41:9a:45:93:
96:34:02:51:32:b7:21:69:0b:07:68:ab:c9:4b:05:
05:a5:78:98:f4:d8:b3:40:12:22:a2:30:77:eb:67:
17:fb:76:f1:13:ed:29:74:d1:19:87:5e:ac:76:af:
08:1b:f8:5d:35:09:8e:a6:06:94:43:a9:f8:c5:e3:
12:f8:44:30:8b:7a:bb:95:65:35:43:a2:e4:df:3a:
94:2c:4e:4f:01:d9:39:d1:93:af:fe:b1:c7:c1:44:
41:0b:76:96:8c:74:d0:9a:9e:49:00:6d:89:6f:92:
bd:1f:b3:4d:5c:2d:d5:33:6a:b5:6f:8b:a2:06:4c:
b5:30:0e:fb:21:a3:1c:7a:92:1d:74:e6:22:62:a6:
c0:82:b6:5c:cd:36:69:ec:07:05:3a:18:34:37:ab:
6c:7d:08:ae:3e:a5:12:75:9a:84:81:c4:e6:a6:c2:
e3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:EA:B3:80:9A:13:79:65:83:45:6D:FF:5F:40:15:C5:08:14:FC:90
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/iOqzgJoTeWWDRW3_X0AVxQgU_JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8cc0::/29
2a0d:ad40::/29
2a0d:b840::/29
2a0e:af40::/29
2a0e:e9c0::/29
2a0f:e180::/29
2a11:17c0::/29
2a11:1c80::/29
2a11:2d00::/29
2a11:4540::/29
2a11:4f00::/29
2a11:64c0::/29
2a11:6b80::/29
2a11:77c0::/29
2a11:81c0::/29
2a11:86c0::/29
2a11:8740::/29
2a11:8980::/29
2a11:9040::/29
2a11:9580::/29
2a11:9640::/29
2a11:9f00::/29
2a11:a040::/29
2a11:a140::/29
2a11:b0c0::/29
2a11:b700::/29
2a11:bb00::/29
2a11:bbc0::/29
2a11:bdc0::/29
2a11:be40::/29
2a11:bf80::/29
2a11:c240::/29
2a11:c580::/29
2a11:c680::/29
2a11:cec0::/29
2a11:d340::/29
2a11:d880::/29
2a11:dac0::/29
2a11:df00::/29
2a11:e2c0::/29
2a11:e640::/29
2a11:e6c0::/29
2a11:e8c0::/29
2a11:eac0::/29
2a11:fa40::/29
2a11:fc40::/29
2a11:ff40::/29
2a12:580::/29
2a12:640::/29
2a12:900::/29
2a12:dc0::/29
2a12:e40::/29
2a12:e80::/29
2a12:11c0::/29
2a12:12c0::/29
2a12:1a80::/29
2a12:2b80::/29
2a12:2e80::/29
2a12:3c00::/29
2a12:6480::/29
2a12:8380::/29
2a12:8480::/29
2a12:8a00::/29
2a12:9200::/29
2a12:aa00::/29
2a12:af00::/29
2a12:b400::/29
2a12:b700::/29
2a12:bb00::/29
2a12:bc80::/29
2a12:c980::/29
2a12:cf80::/29
2a12:d080::/29
2a12:d200::/29
2a12:d800::/29
2a12:f980::/29
Signature Algorithm: sha256WithRSAEncryption
84:6b:cf:31:7d:86:4a:5a:cb:19:f3:0d:3b:4c:9f:3a:44:c4:
b7:19:b7:ef:69:c9:60:c1:c2:aa:ef:e8:e5:f5:9f:bc:a2:f4:
2c:18:24:c0:f0:79:2a:95:c2:e2:cd:41:3b:09:b7:dc:e5:70:
a7:f7:d5:33:ec:eb:8f:78:5d:04:1c:95:c2:dd:d1:91:e8:5b:
2b:6b:58:b7:62:76:0a:64:2e:4b:a9:fc:80:a8:1f:2d:0b:ab:
31:f8:94:9f:45:3c:1b:13:ec:ce:96:56:53:20:e1:5d:4a:c2:
1a:85:07:ea:c2:c7:5b:ac:80:b9:ba:4c:b2:de:52:e9:7c:f3:
cd:51:3c:30:ab:05:9a:c2:35:16:67:0b:26:21:db:18:f4:6f:
d2:1b:b0:6b:fc:22:9d:0c:33:ad:e8:24:2c:cf:68:e8:57:3f:
19:ce:8b:32:e8:1f:74:aa:26:fa:4b:b1:ea:0f:bb:42:f3:23:
2c:a2:7e:09:9d:24:6a:73:79:6d:80:c3:6b:78:17:8a:52:8b:
f4:c0:a6:d6:46:5e:e4:a3:ad:59:62:38:bf:d8:ae:e1:d8:b6:
93:8d:55:b3:55:3d:b5:57:e2:3a:f2:97:e2:bf:ff:96:f4:90:
d4:89:5b:73:ee:59:e9:69:bb:0a:45:9c:8f:ad:5a:74:d7:6a:
c4:71:1d:7b
-----BEGIN CERTIFICATE-----
MIIHFTCCBf2gAwIBAgISAZ0r4x7r27ZEMqCTEEo5RoSqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMzI2MjA0MzE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGVhYjM4MDlhMTM3OTY1ODM0NTZkZmY1ZjQwMTVjNTA4MTRmYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jqTZrhN4rXnpTdb7soCK8lo21Qb
oWE1Yf2VdXRdXaD56sY4Qe12O3t9MHztdkihebnMhNtP4h8jxBgP/9VtWgI2RdMf
yVU4dCBbIqpX6zB/ajuBwUGaRZOWNAJRMrchaQsHaKvJSwUFpXiY9NizQBIiojB3
62cX+3bxE+0pdNEZh16sdq8IG/hdNQmOpgaUQ6n4xeMS+EQwi3q7lWU1Q6Lk3zqU
LE5PAdk50ZOv/rHHwURBC3aWjHTQmp5JAG2Jb5K9H7NNXC3VM2q1b4uiBky1MA77
IaMcepIddOYiYqbAgrZczTZp7AcFOhg0N6tsfQiuPqUSdZqEgcTmpsLjKwIDAQAB
o4IEITCCBB0wHQYDVR0OBBYEFIjqs4CaE3llg0Vt/19AFcUIFPyQMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvaU9xemdKb1RlV1dEUlczX1gwQVZ4UWdVX0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICNQYIKwYBBQUHAQcBAf8EggIkMIICIDCCAhwEAgACMIIC
FAMFAyoNjMADBQMqDa1AAwUDKg24QAMFAyoOr0ADBQMqDunAAwUDKg/hgAMFAyoR
F8ADBQMqERyAAwUDKhEtAAMFAyoRRUADBQMqEU8AAwUDKhFkwAMFAyoRa4ADBQMq
EXfAAwUDKhGBwAMFAyoRhsADBQMqEYdAAwUDKhGJgAMFAyoRkEADBQMqEZWAAwUD
KhGWQAMFAyoRnwADBQMqEaBAAwUDKhGhQAMFAyoRsMADBQMqEbcAAwUDKhG7AAMF
AyoRu8ADBQMqEb3AAwUDKhG+QAMFAyoRv4ADBQMqEcJAAwUDKhHFgAMFAyoRxoAD
BQMqEc7AAwUDKhHTQAMFAyoR2IADBQMqEdrAAwUDKhHfAAMFAyoR4sADBQMqEeZA
AwUDKhHmwAMFAyoR6MADBQMqEerAAwUDKhH6QAMFAyoR/EADBQMqEf9AAwUDKhIF
gAMFAyoSBkADBQMqEgkAAwUDKhINwAMFAyoSDkADBQMqEg6AAwUDKhIRwAMFAyoS
EsADBQMqEhqAAwUDKhIrgAMFAyoSLoADBQMqEjwAAwUDKhJkgAMFAyoSg4ADBQMq
EoSAAwUDKhKKAAMFAyoSkgADBQMqEqoAAwUDKhKvAAMFAyoStAADBQMqErcAAwUD
KhK7AAMFAyoSvIADBQMqEsmAAwUDKhLPgAMFAyoS0IADBQMqEtIAAwUDKhLYAAMF
AyoS+YAwDQYJKoZIhvcNAQELBQADggEBAIRrzzF9hkpayxnzDTtMnzpExLcZt+9p
yWDBwqrv6OX1n7yi9CwYJMDweSqVwuLNQTsJt9zlcKf31TPs6494XQQclcLd0ZHo
WytrWLdidgpkLkup/ICoHy0LqzH4lJ9FPBsT7M6WVlMg4V1KwhqFB+rCx1usgLm6
TLLeUul8881RPDCrBZrCNRZnCyYh2xj0b9IbsGv8Ip0MM63oJCzPaOhXPxnOizLo
H3SqJvpLseoPu0LzIyyifgmdJGpzeW2Aw2t4F4pSi/TAptZGXuSjrVliOL/YruHY
tpONVbNVPbVX4jryl+K//5b0kNSJW3PuWelpuwpFnI+tWnTXasRxHXs=
-----END CERTIFICATE-----
Generated at Sat Mar 28 15:55:11 2026 by rpki-client