Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/OA9Gy_ZQnOLVOm_Ce6Ra57gvXZY.roa
File: OA9Gy_ZQnOLVOm_Ce6Ra57gvXZY.roa (raw, json)
Hash identifier: DgjPfRFpLnr1UyTMPPD4lSa0FYfP1zsrA8KzFJ1y5Gw=
Subject key identifier: 38:0F:46:CB:F6:50:9C:E2:D5:3A:6F:C2:7B:A4:5A:E7:B8:2F:5D:96
Certificate issuer: /CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Certificate serial: 019E02401D87F77C4D2EFC6228F68369E0A7
Authority key identifier: AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/OA9Gy_ZQnOLVOm_Ce6Ra57gvXZY.roa
Signing time: Thu 07 May 2026 11:43:36 +0000
ROA not before: Thu 07 May 2026 11:43:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2a07:2440::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/q5qrE0J62MAHKuCNm7gKvBnT-YQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/q5qrE0J62MAHKuCNm7gKvBnT-YQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:02:40:1d:87:f7:7c:4d:2e:fc:62:28:f6:83:69:e0:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Validity
Not Before: May 7 11:43:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=380f46cbf6509ce2d53a6fc27ba45ae7b82f5d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9e:fb:2e:da:2c:c4:33:86:e1:34:59:7a:a4:
5b:08:d4:00:75:b1:e3:f8:75:a0:82:01:bf:73:47:
e9:d8:2f:6c:fc:45:87:13:1d:d2:07:2f:f8:62:8e:
7c:8f:16:b9:b5:b4:07:10:74:5b:96:dd:53:c6:ca:
c7:cf:cd:7f:a2:bc:e1:87:58:2a:20:28:55:3a:6b:
27:3e:a9:59:20:92:2f:f7:96:92:29:d6:fa:eb:cf:
67:93:2e:7f:40:f0:eb:6c:87:0f:85:20:ab:50:ad:
d7:bf:ff:8e:cf:f1:f8:5a:7c:d3:cc:08:39:6c:e5:
48:d3:f5:90:bc:df:47:c2:d1:11:c0:a1:04:5e:28:
14:7d:da:98:66:d5:da:71:76:f9:f8:b1:87:b4:b7:
8b:0e:4b:05:6a:6e:ea:71:70:d7:29:e2:c0:57:3f:
29:d9:a6:cb:df:49:98:01:16:6f:13:f0:c6:c3:5b:
29:b9:67:b9:80:e0:5e:93:85:55:de:3d:fa:88:3c:
d9:3b:d1:0d:8e:13:9d:04:55:f6:27:49:79:8a:bf:
1b:e5:f3:ac:8d:b4:86:08:13:c1:42:bb:99:6d:f0:
9f:91:ed:c4:e0:ac:25:82:78:54:8f:c5:58:f7:14:
52:7e:8e:fe:65:4d:8d:8d:03:7b:bb:99:5d:c0:19:
7e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0F:46:CB:F6:50:9C:E2:D5:3A:6F:C2:7B:A4:5A:E7:B8:2F:5D:96
X509v3 Authority Key Identifier:
keyid:AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/OA9Gy_ZQnOLVOm_Ce6Ra57gvXZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/q5qrE0J62MAHKuCNm7gKvBnT-YQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2440::/29
Signature Algorithm: sha256WithRSAEncryption
71:f7:49:b9:8e:f1:b8:02:fb:b2:5c:0f:dd:59:be:ab:2b:3e:
69:a9:3b:d9:13:55:67:85:f6:f4:68:4f:3c:a0:ad:1c:f5:4b:
50:4c:68:e2:84:6b:3a:ab:cb:68:4b:88:4e:59:74:a9:65:60:
4d:97:37:53:f5:c8:b0:3a:13:e0:8f:2c:71:44:6d:69:8a:6e:
3f:fc:fa:dc:9d:16:b0:7c:44:91:c5:93:15:e0:eb:2f:e8:ad:
d7:cd:02:b3:a8:b7:10:d9:03:8f:cb:3c:f7:75:5e:82:1a:1c:
c4:c2:9b:45:9d:cc:9d:49:c1:4b:d6:e4:3b:b9:03:08:57:cf:
fe:fa:15:a7:6b:30:7b:b9:a8:a7:68:f6:e6:5a:c0:5f:31:d9:
10:d9:6c:20:e2:d0:b6:31:14:15:6a:40:79:d8:d6:2c:55:d3:
fa:c9:15:7d:f1:6e:dc:84:59:a1:9c:7c:66:a7:e7:bd:bb:40:
1d:bf:65:61:ad:8b:4a:10:d0:cf:08:18:ba:dd:34:f7:fa:ff:
22:1f:48:f6:97:e8:59:03:ac:df:83:f8:0a:d4:86:cb:4f:0d:
e9:65:08:32:42:19:7e:07:a2:61:0c:3c:0b:e1:fa:95:86:fa:
98:c8:5c:fe:7d:50:8f:67:35:c1:0a:b3:e6:1a:db:12:51:8d:
9a:f8:f5:35
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ4CQB2H93xNLvxiKPaDaeCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWFhYjEzNDI3YWQ4YzAwNzJhZTA4ZDliYjgwYWJjMTlk
M2Y5ODQwHhcNMjYwNTA3MTE0MzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODBmNDZjYmY2NTA5Y2UyZDUzYTZmYzI3YmE0NWFlN2I4MmY1ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ77LtosxDOG4TRZeqRbCNQAdbHj
+HWgggG/c0fp2C9s/EWHEx3SBy/4Yo58jxa5tbQHEHRblt1TxsrHz81/orzhh1gq
IChVOmsnPqlZIJIv95aSKdb6689nky5/QPDrbIcPhSCrUK3Xv/+Oz/H4WnzTzAg5
bOVI0/WQvN9HwtERwKEEXigUfdqYZtXacXb5+LGHtLeLDksFam7qcXDXKeLAVz8p
2abL30mYARZvE/DGw1spuWe5gOBek4VV3j36iDzZO9ENjhOdBFX2J0l5ir8b5fOs
jbSGCBPBQruZbfCfke3E4KwlgnhUj8VY9xRSfo7+ZU2NjQN7u5ldwBl+pQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDgPRsv2UJzi1TpvwnukWue4L12WMB8GA1UdIwQY
MBaAFKuaqxNCetjAByrgjZu4CrwZ0/mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmIt
MzkyNjAzMTljN2JkLzEvT0E5R3lfWlFuT0xWT21fQ2U2UmE1N2d2WFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmItMzkyNjAzMTljN2Jk
LzEvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgckQDAN
BgkqhkiG9w0BAQsFAAOCAQEAcfdJuY7xuAL7slwP3Vm+qys+aak72RNVZ4X29GhP
PKCtHPVLUExo4oRrOqvLaEuITll0qWVgTZc3U/XIsDoT4I8scURtaYpuP/z63J0W
sHxEkcWTFeDrL+it180Cs6i3ENkDj8s893VeghocxMKbRZ3MnUnBS9bkO7kDCFfP
/voVp2swe7mop2j25lrAXzHZENlsIOLQtjEUFWpAedjWLFXT+skVffFu3IRZoZx8
ZqfnvbtAHb9lYa2LShDQzwgYut009/r/Ih9I9pfoWQOs34P4CtSGy08N6WUIMkIZ
fgeiYQw8C+H6lYb6mMhc/n1Qj2c1wQqz5hrbElGNmvj1NQ==
-----END CERTIFICATE-----
Generated at Tue May 12 21:38:27 2026 by rpki-client