Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/rX_A-cHaq31r7CdQRvIuhqDwdcg.roa
File: rX_A-cHaq31r7CdQRvIuhqDwdcg.roa (raw, json)
Hash identifier: udSNFN2vA0OHuD3neyhq5hGpINpKa1vnSq1sti9ymf8=
Subject key identifier: AD:7F:C0:F9:C1:DA:AB:7D:6B:EC:27:50:46:F2:2E:86:A0:F0:75:C8
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019E072DB7748FBE827B630BF146566FC10E
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/rX_A-cHaq31r7CdQRvIuhqDwdcg.roa
Signing time: Fri 08 May 2026 10:41:37 +0000
ROA not before: Fri 08 May 2026 10:41:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35682
IP address blocks: 138.249.7.0/24 maxlen: 24
170.168.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:07:2d:b7:74:8f:be:82:7b:63:0b:f1:46:56:6f:c1:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: May 8 10:41:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ad7fc0f9c1daab7d6bec275046f22e86a0f075c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f3:25:53:e2:b6:68:58:54:86:0e:d9:cc:11:
0d:1f:d7:3b:12:ee:a5:17:a6:1e:30:cf:26:77:98:
d2:15:4b:d7:26:14:40:64:47:f7:c7:db:b4:1d:f6:
9c:8b:9d:d0:8b:0b:a4:70:1c:84:82:63:96:89:4d:
56:30:de:3d:1d:28:62:9d:fd:77:1f:41:47:57:89:
eb:f0:6c:af:df:ff:d8:49:99:13:ee:7c:ca:3f:62:
0d:07:ab:65:19:87:7a:45:3e:ee:aa:55:ac:8e:d9:
4e:f0:71:38:4a:a3:e6:aa:23:30:c9:ae:7c:ed:00:
08:0b:f8:e7:f9:56:8a:06:5d:1e:7e:97:b9:d7:e9:
f4:14:15:65:d0:ea:c8:89:9c:2c:bc:66:be:48:cc:
9f:3b:3c:f3:25:7a:ef:06:46:94:ba:3d:6a:97:9c:
20:64:10:79:2e:34:70:fb:c0:40:b2:59:03:31:0d:
1b:25:bb:ea:55:9d:b8:67:d1:d5:a9:33:89:37:e0:
af:62:39:67:56:fa:e7:1b:a7:17:b8:3f:b0:59:57:
5f:84:f4:b4:cc:c3:5a:70:b0:b9:42:8b:03:fc:d1:
be:61:95:40:50:e9:e1:a2:e3:0f:3c:33:b5:dc:2d:
3b:3d:a0:1a:df:42:9b:9f:2f:3c:e8:b8:6d:54:cf:
2f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:7F:C0:F9:C1:DA:AB:7D:6B:EC:27:50:46:F2:2E:86:A0:F0:75:C8
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/rX_A-cHaq31r7CdQRvIuhqDwdcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.249.7.0/24
170.168.6.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:d1:b0:47:d9:73:f1:e4:98:94:ef:2e:a0:87:90:9a:ab:ba:
26:46:47:40:8f:33:6c:20:59:20:22:2c:4b:a5:c0:89:7f:7f:
73:1f:1c:53:fd:11:e0:9d:1a:77:7c:97:6a:75:a5:dc:0e:6a:
5b:23:3f:fe:f6:6d:67:b9:7c:b4:ff:b8:00:11:87:5d:32:5e:
0d:79:61:92:f2:40:1a:07:39:b4:a0:a6:04:8f:ba:10:d0:74:
93:e1:9d:dc:70:37:cb:9f:05:af:0b:c9:58:b4:93:3f:34:19:
c3:1e:f8:5f:0d:69:f5:05:e0:7f:b9:e4:e6:ce:58:79:74:3c:
f8:4d:44:e4:20:ea:7d:50:c6:ef:7b:70:72:13:fb:42:82:2f:
11:b1:37:55:01:be:7d:39:d9:d4:c9:d3:fe:3a:c1:88:6e:90:
19:46:80:81:6f:82:00:51:6e:24:d5:e2:fa:bf:90:98:4e:b0:
27:c0:96:90:dd:d9:50:1a:70:56:68:bb:25:bf:a4:ba:c1:ae:
75:b0:7c:50:3c:04:70:27:81:1a:58:6e:40:af:a4:ed:2b:9d:
7b:88:71:16:03:b2:06:d9:5b:78:af:c5:45:43:f2:dc:81:12:
77:3b:ac:3b:9f:5e:d7:c8:10:c6:d8:31:37:37:05:c3:44:2d:
bd:f3:26:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ4HLbd0j76Ce2ML8UZWb8EOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjYwNTA4MTA0MTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDdmYzBmOWMxZGFhYjdkNmJlYzI3NTA0NmYyMmU4NmEwZjA3NWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvMlU+K2aFhUhg7ZzBENH9c7Eu6l
F6YeMM8md5jSFUvXJhRAZEf3x9u0Hfaci53QiwukcByEgmOWiU1WMN49HShinf13
H0FHV4nr8Gyv3//YSZkT7nzKP2INB6tlGYd6RT7uqlWsjtlO8HE4SqPmqiMwya58
7QAIC/jn+VaKBl0efpe51+n0FBVl0OrIiZwsvGa+SMyfOzzzJXrvBkaUuj1ql5wg
ZBB5LjRw+8BAslkDMQ0bJbvqVZ24Z9HVqTOJN+CvYjlnVvrnG6cXuD+wWVdfhPS0
zMNacLC5QosD/NG+YZVAUOnhouMPPDO13C07PaAa30Kbny886LhtVM8vNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK1/wPnB2qt9a+wnUEbyLoag8HXIMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvclhfQS1jSGFxMzFyN0NkUVJ2SXVocUR3ZGNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAivkHAwQA
qqgGMA0GCSqGSIb3DQEBCwUAA4IBAQB60bBH2XPx5JiU7y6gh5Caq7omRkdAjzNs
IFkgIixLpcCJf39zHxxT/RHgnRp3fJdqdaXcDmpbIz/+9m1nuXy0/7gAEYddMl4N
eWGS8kAaBzm0oKYEj7oQ0HST4Z3ccDfLnwWvC8lYtJM/NBnDHvhfDWn1BeB/ueTm
zlh5dDz4TUTkIOp9UMbve3ByE/tCgi8RsTdVAb59OdnUydP+OsGIbpAZRoCBb4IA
UW4k1eL6v5CYTrAnwJaQ3dlQGnBWaLslv6S6wa51sHxQPARwJ4EaWG5Ar6TtK517
iHEWA7IG2Vt4r8VFQ/LcgRJ3O6w7n17XyBDG2DE3NwXDRC298yb9
-----END CERTIFICATE-----
Generated at Wed May 13 04:19:00 2026 by rpki-client