Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4ec8ac-00db-4793-9174-cd1ca727288b/1/797n5tNvO4FTahlhh50sMolaFFk.roa
File: 797n5tNvO4FTahlhh50sMolaFFk.roa (raw, json)
Hash identifier: epHzyMWa5qoGZ2kXq/ODWaLhqBNZGkxNuRScN/tpqOk=
Subject key identifier: EF:DE:E7:E6:D3:6F:3B:81:53:6A:19:61:87:9D:2C:32:89:5A:14:59
Certificate issuer: /CN=5504d4a9a786c8149dac52ac5da3721203ac3a37
Certificate serial: 019D1EC85AAFCFEC917D28B20A541E0503A0
Authority key identifier: 55:04:D4:A9:A7:86:C8:14:9D:AC:52:AC:5D:A3:72:12:03:AC:3A:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VQTUqaeGyBSdrFKsXaNyEgOsOjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4ec8ac-00db-4793-9174-cd1ca727288b/1/797n5tNvO4FTahlhh50sMolaFFk.roa
Signing time: Tue 24 Mar 2026 07:39:00 +0000
ROA not before: Tue 24 Mar 2026 07:39:00 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200211
IP address blocks: 2a12:e040:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/4ec8ac-00db-4793-9174-cd1ca727288b/1/VQTUqaeGyBSdrFKsXaNyEgOsOjc.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/4ec8ac-00db-4793-9174-cd1ca727288b/1/VQTUqaeGyBSdrFKsXaNyEgOsOjc.mft
rsync://rpki.ripe.net/repository/DEFAULT/VQTUqaeGyBSdrFKsXaNyEgOsOjc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1e:c8:5a:af:cf:ec:91:7d:28:b2:0a:54:1e:05:03:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5504d4a9a786c8149dac52ac5da3721203ac3a37
Validity
Not Before: Mar 24 07:39:00 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=efdee7e6d36f3b81536a1961879d2c32895a1459
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b8:aa:44:f5:6e:b8:61:6b:b1:21:49:48:ee:
15:e4:bf:cc:38:fa:ed:74:55:6a:35:9d:ba:e6:da:
6a:54:a1:b4:f4:5a:ce:91:0b:4c:96:cc:27:ca:a0:
7f:32:ce:49:19:8e:01:55:7f:96:fe:34:13:0a:cf:
ac:97:c4:cf:75:b7:ab:ca:b1:0a:2b:49:c4:1e:0a:
e4:db:f3:12:64:33:52:97:dd:74:03:09:f2:c9:4f:
fc:1a:4c:ec:c9:6e:e7:9c:fa:1b:14:21:56:07:84:
35:f9:e7:2b:9a:88:3c:8f:6c:54:65:78:67:c1:68:
67:16:31:73:b4:04:2b:3b:0d:97:6d:34:8e:d3:86:
ec:2c:85:0f:27:2b:75:b6:d4:cf:65:59:50:b4:85:
d2:83:98:40:b2:34:2d:30:fb:0b:f4:9a:9d:2e:ce:
ef:9e:7e:2c:4d:84:f6:8e:83:09:84:ba:7a:54:0f:
74:83:e8:b7:5b:72:a9:81:6f:b8:41:78:fe:72:d4:
a4:2e:93:8c:0b:5d:f5:57:46:df:e9:b0:94:71:e3:
ee:ba:4e:06:2c:7b:73:e7:df:9f:c7:4a:a8:86:c3:
9b:15:b4:99:08:19:dc:56:8a:9b:31:41:41:e9:70:
cb:0f:be:00:53:ae:aa:f1:0f:33:ab:24:0d:05:40:
6b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:DE:E7:E6:D3:6F:3B:81:53:6A:19:61:87:9D:2C:32:89:5A:14:59
X509v3 Authority Key Identifier:
keyid:55:04:D4:A9:A7:86:C8:14:9D:AC:52:AC:5D:A3:72:12:03:AC:3A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VQTUqaeGyBSdrFKsXaNyEgOsOjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4ec8ac-00db-4793-9174-cd1ca727288b/1/797n5tNvO4FTahlhh50sMolaFFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4ec8ac-00db-4793-9174-cd1ca727288b/1/VQTUqaeGyBSdrFKsXaNyEgOsOjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:e040:1::/48
Signature Algorithm: sha256WithRSAEncryption
09:e6:04:61:1b:6c:e4:33:8a:f5:00:0b:a2:dc:dd:a6:b5:ae:
bd:9a:98:79:40:cc:55:21:79:1d:fe:24:06:39:07:e6:29:7c:
fe:64:84:2a:1a:ea:7f:57:6f:7c:dd:33:e8:6f:3b:22:81:21:
47:4c:fb:52:82:4b:c7:5f:8f:69:81:85:f5:07:22:5f:73:54:
ab:66:a3:29:48:45:69:42:2e:5d:32:f0:eb:21:54:51:68:79:
16:9a:1a:fd:6e:0e:db:b1:3e:db:f0:e1:b6:9e:01:1a:bf:35:
5d:5e:32:3f:2b:b9:8a:0b:54:60:d8:f8:f0:96:6c:98:ad:2c:
5d:ef:28:09:4c:93:1e:c2:a6:40:a2:83:fd:07:d7:c1:f9:04:
3e:95:5d:b7:b9:dc:d8:c4:9e:a3:94:7d:4d:8a:81:47:cf:b5:
ba:1a:e1:34:57:03:44:46:c2:e8:7e:40:0a:e8:37:fe:d5:17:
a3:02:d7:fe:57:b9:a5:eb:30:20:bb:06:1e:af:82:8f:2d:ec:
c8:7a:31:45:a5:ef:8f:bc:e0:9a:9e:c8:8a:b0:04:13:99:72:
71:db:0c:67:d3:00:31:cd:f5:46:71:27:b6:bc:49:31:1c:07:
94:ad:c2:d7:70:4a:79:1d:00:a0:a8:a5:a0:54:16:c0:d4:c0:
fe:96:35:ab
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ0eyFqvz+yRfSiyClQeBQOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MDRkNGE5YTc4NmM4MTQ5ZGFjNTJhYzVkYTM3MjEyMDNh
YzNhMzcwHhcNMjYwMzI0MDczOTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmRlZTdlNmQzNmYzYjgxNTM2YTE5NjE4NzlkMmMzMjg5NWExNDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqriqRPVuuGFrsSFJSO4V5L/MOPrt
dFVqNZ265tpqVKG09FrOkQtMlswnyqB/Ms5JGY4BVX+W/jQTCs+sl8TPdberyrEK
K0nEHgrk2/MSZDNSl910AwnyyU/8GkzsyW7nnPobFCFWB4Q1+ecrmog8j2xUZXhn
wWhnFjFztAQrOw2XbTSO04bsLIUPJyt1ttTPZVlQtIXSg5hAsjQtMPsL9JqdLs7v
nn4sTYT2joMJhLp6VA90g+i3W3KpgW+4QXj+ctSkLpOMC131V0bf6bCUcePuuk4G
LHtz59+fx0qohsObFbSZCBncVoqbMUFB6XDLD74AU66q8Q8zqyQNBUBrzwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFO/e5+bTbzuBU2oZYYedLDKJWhRZMB8GA1UdIwQY
MBaAFFUE1KmnhsgUnaxSrF2jchIDrDo3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlFUVXFhZUd5QlNkckZLc1hhTnlFZ09zT2pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS80ZWM4YWMtMDBkYi00NzkzLTkxNzQt
Y2QxY2E3MjcyODhiLzEvNzk3bjV0TnZPNEZUYWhsaGg1MHNNb2xhRkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS80ZWM4YWMtMDBkYi00NzkzLTkxNzQtY2QxY2E3MjcyODhi
LzEvVlFUVXFhZUd5QlNkckZLc1hhTnlFZ09zT2pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhLgQAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQAJ5gRhG2zkM4r1AAui3N2mta69mph5QMxVIXkd
/iQGOQfmKXz+ZIQqGup/V2983TPobzsigSFHTPtSgkvHX49pgYX1ByJfc1SrZqMp
SEVpQi5dMvDrIVRRaHkWmhr9bg7bsT7b8OG2ngEavzVdXjI/K7mKC1Rg2PjwlmyY
rSxd7ygJTJMewqZAooP9B9fB+QQ+lV23udzYxJ6jlH1NioFHz7W6GuE0VwNERsLo
fkAK6Df+1RejAtf+V7ml6zAguwYer4KPLezIejFFpe+PvOCansiKsAQTmXJx2wxn
0wAxzfVGcSe2vEkxHAeUrcLXcEp5HQCgqKWgVBbA1MD+ljWr
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:00:58 2026 by rpki-client