Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/2de25a-c94e-4a49-a61f-43a194e9d98a/1/qVZeyuIJgAH_RvLNP7X_MFn3Jws.roa
File: qVZeyuIJgAH_RvLNP7X_MFn3Jws.roa (raw, json)
Hash identifier: e8ltV6uZOZ7loOT5ePx9DkMlZ9YWrSrqO4NGgl5qtP8=
Subject key identifier: A9:56:5E:CA:E2:09:80:01:FF:46:F2:CD:3F:B5:FF:30:59:F7:27:0B
Certificate issuer: /CN=f31e9dace9e7206309cb6c9e5b8617e9859ddc85
Certificate serial: 019B7EA50D8D073EF1348FE267A408750717
Authority key identifier: F3:1E:9D:AC:E9:E7:20:63:09:CB:6C:9E:5B:86:17:E9:85:9D:DC:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8x6drOnnIGMJy2yeW4YX6YWd3IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/2de25a-c94e-4a49-a61f-43a194e9d98a/1/qVZeyuIJgAH_RvLNP7X_MFn3Jws.roa
Signing time: Fri 02 Jan 2026 12:18:24 +0000
ROA not before: Fri 02 Jan 2026 12:18:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208279
IP address blocks: 2a05:e8c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/2de25a-c94e-4a49-a61f-43a194e9d98a/1/8x6drOnnIGMJy2yeW4YX6YWd3IU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/2de25a-c94e-4a49-a61f-43a194e9d98a/1/8x6drOnnIGMJy2yeW4YX6YWd3IU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8x6drOnnIGMJy2yeW4YX6YWd3IU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:a5:0d:8d:07:3e:f1:34:8f:e2:67:a4:08:75:07:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f31e9dace9e7206309cb6c9e5b8617e9859ddc85
Validity
Not Before: Jan 2 12:18:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a9565ecae2098001ff46f2cd3fb5ff3059f7270b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fa:de:f0:a7:cf:38:7d:b9:76:76:86:a9:08:
58:ab:e0:b4:98:e1:1c:07:59:c2:bb:3b:85:d3:39:
ef:7e:88:9a:73:d9:1e:57:90:bb:09:de:d4:00:61:
62:fb:44:e3:43:1d:85:14:44:47:e1:c9:84:82:e3:
d6:b0:ef:ef:15:a5:c6:c1:02:8d:9e:4a:86:0f:5a:
26:de:8d:6a:a8:48:e7:b8:e3:ff:62:05:66:42:9a:
1f:41:ad:f5:03:5d:d3:37:9f:29:39:5b:bd:1d:df:
74:8a:00:a4:e2:57:09:4e:eb:94:b9:ce:85:d8:b4:
fd:db:34:63:80:fc:03:dc:b1:c5:de:96:76:da:e0:
73:1c:32:7f:f9:93:13:a1:37:6a:01:9d:04:3e:e2:
e0:9d:8b:94:ab:f8:69:5b:06:0b:cb:1c:be:3e:b5:
cd:c4:b7:5f:5b:ca:98:6e:f8:ea:a3:68:d3:52:10:
18:5a:aa:99:2b:d1:d1:88:e5:d4:8d:0c:41:73:7a:
da:7a:6f:98:35:2a:19:bc:20:af:c8:b6:3b:ad:cb:
f2:9a:18:54:77:96:9c:b9:5b:b8:01:33:45:4f:49:
25:8e:a5:51:2c:72:9e:29:a1:20:2b:c4:c9:bb:40:
3a:7b:97:c2:98:a5:55:3e:4c:11:aa:08:80:a5:34:
5e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:56:5E:CA:E2:09:80:01:FF:46:F2:CD:3F:B5:FF:30:59:F7:27:0B
X509v3 Authority Key Identifier:
keyid:F3:1E:9D:AC:E9:E7:20:63:09:CB:6C:9E:5B:86:17:E9:85:9D:DC:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8x6drOnnIGMJy2yeW4YX6YWd3IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2de25a-c94e-4a49-a61f-43a194e9d98a/1/qVZeyuIJgAH_RvLNP7X_MFn3Jws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2de25a-c94e-4a49-a61f-43a194e9d98a/1/8x6drOnnIGMJy2yeW4YX6YWd3IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:e8c0::/29
Signature Algorithm: sha256WithRSAEncryption
96:77:92:b3:5c:b9:92:08:67:c2:42:9d:fb:4e:68:a6:87:79:
9b:73:e7:80:b5:25:95:50:f4:c5:3d:22:96:20:f8:44:56:36:
cc:51:fb:6d:f3:2a:9f:cf:40:7e:2e:4e:84:b6:30:66:3a:0b:
48:d2:0c:ea:7a:c6:6e:8c:4a:76:11:91:e2:4f:89:e6:ae:85:
94:83:09:59:54:e6:ca:97:6d:7e:96:a9:b4:fe:56:b4:76:4c:
21:dc:8b:62:5d:75:a6:b0:f8:1b:1a:c8:bb:bf:8b:bb:48:74:
d0:5f:59:42:c4:30:82:76:3d:0e:2a:42:23:45:b2:17:b0:7e:
9f:f0:71:47:ff:94:ba:e5:ad:a7:34:7e:ca:03:6c:c6:5c:e9:
a0:b5:04:50:50:7f:3d:6b:28:ca:23:b5:ed:54:5a:8f:1a:27:
01:d9:d0:68:2a:94:8a:9d:54:07:07:fa:f0:ad:ea:6a:0c:75:
0b:11:40:e2:0b:c8:7d:e1:ef:4e:b1:f0:4e:42:0e:8f:a0:34:
f2:f0:17:4b:33:0f:2e:83:9e:4c:55:d8:01:8b:6f:80:3e:e6:
b2:54:b1:7d:4c:e6:89:e9:38:dc:40:5a:fe:bf:2c:eb:8b:23:
65:cf:6a:97:cb:7d:82:52:1e:83:5e:68:1c:78:70:0f:1c:b6:
41:e2:70:15
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZt+pQ2NBz7xNI/iZ6QIdQcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMWU5ZGFjZTllNzIwNjMwOWNiNmM5ZTViODYxN2U5ODU5
ZGRjODUwHhcNMjYwMTAyMTIxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTU2NWVjYWUyMDk4MDAxZmY0NmYyY2QzZmI1ZmYzMDU5ZjcyNzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/re8KfPOH25dnaGqQhYq+C0mOEc
B1nCuzuF0znvfoiac9keV5C7Cd7UAGFi+0TjQx2FFERH4cmEguPWsO/vFaXGwQKN
nkqGD1om3o1qqEjnuOP/YgVmQpofQa31A13TN58pOVu9Hd90igCk4lcJTuuUuc6F
2LT92zRjgPwD3LHF3pZ22uBzHDJ/+ZMToTdqAZ0EPuLgnYuUq/hpWwYLyxy+PrXN
xLdfW8qYbvjqo2jTUhAYWqqZK9HRiOXUjQxBc3raem+YNSoZvCCvyLY7rcvymhhU
d5acuVu4ATNFT0kljqVRLHKeKaEgK8TJu0A6e5fCmKVVPkwRqgiApTRe1wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKlWXsriCYAB/0byzT+1/zBZ9ycLMB8GA1UdIwQY
MBaAFPMenazp5yBjCctsnluGF+mFndyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHg2ZHJPbm5JR01KeTJ5ZVc0WVg2WVdkM0lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8yZGUyNWEtYzk0ZS00YTQ5LWE2MWYt
NDNhMTk0ZTlkOThhLzEvcVZaZXl1SUpnQUhfUnZMTlA3WF9NRm4zSndzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8yZGUyNWEtYzk0ZS00YTQ5LWE2MWYtNDNhMTk0ZTlkOThh
LzEvOHg2ZHJPbm5JR01KeTJ5ZVc0WVg2WVdkM0lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgXowDAN
BgkqhkiG9w0BAQsFAAOCAQEAlneSs1y5kghnwkKd+05opod5m3PngLUllVD0xT0i
liD4RFY2zFH7bfMqn89Afi5OhLYwZjoLSNIM6nrGboxKdhGR4k+J5q6FlIMJWVTm
ypdtfpaptP5WtHZMIdyLYl11prD4GxrIu7+Lu0h00F9ZQsQwgnY9DipCI0WyF7B+
n/BxR/+UuuWtpzR+ygNsxlzpoLUEUFB/PWsoyiO17VRajxonAdnQaCqUip1UBwf6
8K3qagx1CxFA4gvIfeHvTrHwTkIOj6A08vAXSzMPLoOeTFXYAYtvgD7mslSxfUzm
iek43EBa/r8s64sjZc9ql8t9glIeg15oHHhwDxy2QeJwFQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:12:37 2026 by rpki-client