Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8d58e4-88f6-4aed-ba43-7ae6359d3110/1/gGmrxsYEiBAz5iT0Cg5DSkONxdc.roa
File: gGmrxsYEiBAz5iT0Cg5DSkONxdc.roa (raw, json)
Hash identifier: aO17Z6zYpEvQRwIoHUBEi8V4Xz6Zdb/oEt4kq67btZc=
Subject key identifier: 80:69:AB:C6:C6:04:88:10:33:E6:24:F4:0A:0E:43:4A:43:8D:C5:D7
Certificate issuer: /CN=53129d048deb2e0bf62271399a090b9010160b39
Certificate serial: 019DBBC115ACF489E40C2201B70064EE0A07
Authority key identifier: 53:12:9D:04:8D:EB:2E:0B:F6:22:71:39:9A:09:0B:90:10:16:0B:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UxKdBI3rLgv2InE5mgkLkBAWCzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8d58e4-88f6-4aed-ba43-7ae6359d3110/1/gGmrxsYEiBAz5iT0Cg5DSkONxdc.roa
Signing time: Thu 23 Apr 2026 19:11:26 +0000
ROA not before: Thu 23 Apr 2026 19:11:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2001:3580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/8d58e4-88f6-4aed-ba43-7ae6359d3110/1/UxKdBI3rLgv2InE5mgkLkBAWCzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/8d58e4-88f6-4aed-ba43-7ae6359d3110/1/UxKdBI3rLgv2InE5mgkLkBAWCzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UxKdBI3rLgv2InE5mgkLkBAWCzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bb:c1:15:ac:f4:89:e4:0c:22:01:b7:00:64:ee:0a:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53129d048deb2e0bf62271399a090b9010160b39
Validity
Not Before: Apr 23 19:11:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8069abc6c604881033e624f40a0e434a438dc5d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:97:b7:c0:f9:94:9e:e5:82:3b:d4:55:bf:c3:
8c:85:2a:7e:82:da:8e:1b:43:7b:11:24:86:19:a3:
0c:b0:b6:b6:37:f4:a7:f8:84:3d:8f:52:65:20:11:
5d:8e:dc:eb:dc:4d:6e:7f:41:81:43:99:77:fb:61:
28:14:5c:3c:50:2a:5d:2c:ef:4c:7a:fa:49:82:59:
b0:0b:c6:20:a1:9e:85:28:36:63:55:46:ca:d7:b7:
7b:d1:af:f0:a5:e8:60:2d:40:ae:13:43:cc:66:9c:
11:44:fe:33:67:b1:bb:a1:fa:0a:61:98:69:f7:ed:
82:37:13:3f:5a:16:91:87:c3:86:28:06:53:e7:f1:
0d:f4:95:a5:98:f2:99:b6:03:f5:15:e4:83:46:81:
50:3d:08:eb:b8:59:bf:45:cf:b6:e1:44:35:b6:bd:
48:ea:28:53:3a:7c:b8:17:5e:c0:2a:1d:ce:65:f4:
86:51:6b:0f:20:90:67:4e:f7:92:c2:65:22:21:b6:
f8:e2:4f:6d:d3:7a:85:4e:1b:41:70:58:60:59:18:
bd:33:3f:18:01:c0:53:bf:f0:2b:84:b2:9c:54:7c:
8f:f6:ae:df:7d:fb:20:20:41:d0:92:d0:ff:cd:1e:
33:5d:8f:22:2f:56:ad:e4:bb:a7:98:93:a3:a8:91:
50:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:69:AB:C6:C6:04:88:10:33:E6:24:F4:0A:0E:43:4A:43:8D:C5:D7
X509v3 Authority Key Identifier:
keyid:53:12:9D:04:8D:EB:2E:0B:F6:22:71:39:9A:09:0B:90:10:16:0B:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UxKdBI3rLgv2InE5mgkLkBAWCzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8d58e4-88f6-4aed-ba43-7ae6359d3110/1/gGmrxsYEiBAz5iT0Cg5DSkONxdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8d58e4-88f6-4aed-ba43-7ae6359d3110/1/UxKdBI3rLgv2InE5mgkLkBAWCzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3580::/29
Signature Algorithm: sha256WithRSAEncryption
88:c5:2a:3c:a5:87:50:d3:cf:2f:84:26:7c:54:27:24:d1:cc:
cf:14:bc:d3:89:fd:8a:e9:d2:40:c7:e8:8f:08:c1:59:62:09:
42:62:ef:0f:22:c5:cd:e5:50:3b:f1:4f:cd:9d:aa:d8:47:38:
2e:84:ab:4a:21:fa:12:15:d1:26:94:8b:f2:c4:6e:db:e1:8b:
3e:6e:8a:72:3e:1f:86:be:b5:2b:6a:66:f0:a6:c3:b4:c0:8a:
01:a6:5a:70:80:dc:ba:06:5b:04:cb:68:ac:19:8f:a4:92:d3:
c5:13:4c:26:6b:25:83:68:7b:4b:cb:bf:c0:94:d8:b4:e1:bb:
f2:c0:ad:61:4d:fd:fb:51:df:63:31:2e:ea:07:b0:d9:16:fb:
55:f5:1b:da:38:03:e7:2c:dd:9a:7a:89:de:ba:c0:e5:5d:69:
2b:f6:f0:96:a0:54:ed:1a:7d:8a:06:7c:35:19:72:b5:23:b6:
1f:97:53:35:eb:a2:a7:9c:84:5c:8f:97:2d:36:e8:b8:32:33:
4a:25:43:af:a0:b2:28:5e:0e:d7:2f:3a:42:b2:23:db:6f:d6:
18:d7:04:06:3e:bd:1d:f8:0d:4b:3c:d3:24:50:6a:c9:c0:08:
44:ef:e5:e0:2a:dd:38:2b:35:3a:60:e3:1f:b9:0f:af:64:fc:
91:d2:fe:19
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ27wRWs9InkDCIBtwBk7goHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMTI5ZDA0OGRlYjJlMGJmNjIyNzEzOTlhMDkwYjkwMTAx
NjBiMzkwHhcNMjYwNDIzMTkxMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDY5YWJjNmM2MDQ4ODEwMzNlNjI0ZjQwYTBlNDM0YTQzOGRjNWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ze3wPmUnuWCO9RVv8OMhSp+gtqO
G0N7ESSGGaMMsLa2N/Sn+IQ9j1JlIBFdjtzr3E1uf0GBQ5l3+2EoFFw8UCpdLO9M
evpJglmwC8YgoZ6FKDZjVUbK17d70a/wpehgLUCuE0PMZpwRRP4zZ7G7ofoKYZhp
9+2CNxM/WhaRh8OGKAZT5/EN9JWlmPKZtgP1FeSDRoFQPQjruFm/Rc+24UQ1tr1I
6ihTOny4F17AKh3OZfSGUWsPIJBnTveSwmUiIbb44k9t03qFThtBcFhgWRi9Mz8Y
AcBTv/ArhLKcVHyP9q7fffsgIEHQktD/zR4zXY8iL1at5LunmJOjqJFQNQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFIBpq8bGBIgQM+Yk9AoOQ0pDjcXXMB8GA1UdIwQY
MBaAFFMSnQSN6y4L9iJxOZoJC5AQFgs5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXhLZEJJM3JMZ3YySW5FNW1na0xrQkFXQ3prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84ZDU4ZTQtODhmNi00YWVkLWJhNDMt
N2FlNjM1OWQzMTEwLzEvZ0dtcnhzWUVpQkF6NWlUMENnNURTa09OeGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84ZDU4ZTQtODhmNi00YWVkLWJhNDMtN2FlNjM1OWQzMTEw
LzEvVXhLZEJJM3JMZ3YySW5FNW1na0xrQkFXQ3prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDIAE1gDAN
BgkqhkiG9w0BAQsFAAOCAQEAiMUqPKWHUNPPL4QmfFQnJNHMzxS804n9iunSQMfo
jwjBWWIJQmLvDyLFzeVQO/FPzZ2q2Ec4LoSrSiH6EhXRJpSL8sRu2+GLPm6Kcj4f
hr61K2pm8KbDtMCKAaZacIDcugZbBMtorBmPpJLTxRNMJmslg2h7S8u/wJTYtOG7
8sCtYU39+1HfYzEu6gew2Rb7VfUb2jgD5yzdmnqJ3rrA5V1pK/bwlqBU7Rp9igZ8
NRlytSO2H5dTNeuip5yEXI+XLTbouDIzSiVDr6CyKF4O1y86QrIj22/WGNcEBj69
HfgNSzzTJFBqycAIRO/l4CrdOCs1OmDjH7kPr2T8kdL+GQ==
-----END CERTIFICATE-----
Generated at Wed May 13 07:52:43 2026 by rpki-client