Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/TI5NQlcFAbNZH-dnPBLXKd7yrNM.roa
File: TI5NQlcFAbNZH-dnPBLXKd7yrNM.roa (raw, json)
Hash identifier: 7ppLSQ7cbKVUF9QHAHEzatHJtQoCgxcTxw8awYZ0/yY=
Subject key identifier: 4C:8E:4D:42:57:05:01:B3:59:1F:E7:67:3C:12:D7:29:DE:F2:AC:D3
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 019E1A6880462DDDCDEDE8090132E066A0FE
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/TI5NQlcFAbNZH-dnPBLXKd7yrNM.roa
Signing time: Tue 12 May 2026 04:18:36 +0000
ROA not before: Tue 12 May 2026 04:18:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2a0b:a4c0::/29 maxlen: 32
2a0f:89c0::/29 maxlen: 32
2a0f:e3c0::/29 maxlen: 29
2a10:a9c0::/29 maxlen: 29
2a13:b740::/29 maxlen: 29
2a13:bd40::/29 maxlen: 29
2a13:be40::/29 maxlen: 29
2a13:bec0::/29 maxlen: 29
2a13:d0c0::/29 maxlen: 29
2a13:dd40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 13:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1a:68:80:46:2d:dd:cd:ed:e8:09:01:32:e0:66:a0:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: May 12 04:18:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4c8e4d42570501b3591fe7673c12d729def2acd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e3:df:59:4c:65:0a:b8:d8:ba:44:e2:39:51:
42:d6:0d:3a:12:4f:ae:7b:63:df:9d:47:ad:34:b4:
f8:c6:37:c6:11:28:36:be:dc:f7:08:b4:f8:5c:86:
79:e6:68:8f:76:c9:12:7d:c8:9f:61:ab:5a:4b:ed:
c0:a0:c8:81:3d:05:c3:90:2c:c4:23:62:bd:3e:83:
71:ec:8f:7d:1b:25:a6:3d:f7:45:fc:15:3c:48:06:
fd:d4:f6:df:15:0a:0e:36:3a:1c:f4:fd:6a:b2:81:
9c:ba:05:ef:47:58:f4:d6:6a:e8:27:36:66:1a:83:
75:ab:c3:87:f8:2c:22:eb:b0:9e:ea:4d:e9:5c:ff:
c0:e5:b8:9e:51:7b:e1:af:2c:1e:43:69:c6:db:41:
55:45:f5:3e:8b:64:b3:58:a1:10:85:c8:f6:91:a4:
1d:09:3c:89:9d:fd:ed:fb:e4:55:67:5b:d8:75:85:
b9:80:22:15:61:a9:ac:07:84:a0:9c:51:c0:6c:57:
0c:1b:72:9f:f3:ea:fc:44:a8:82:1a:54:8c:91:c9:
ab:ed:2e:a2:50:f5:5e:8b:e9:f3:3b:06:3e:57:62:
1c:a6:dd:0a:17:9a:f2:2c:cd:2d:39:85:f9:5c:dd:
7e:2e:f7:6b:6f:79:10:37:60:07:18:0f:d4:c6:82:
2f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:8E:4D:42:57:05:01:B3:59:1F:E7:67:3C:12:D7:29:DE:F2:AC:D3
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/TI5NQlcFAbNZH-dnPBLXKd7yrNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:a4c0::/29
2a0f:89c0::/29
2a0f:e3c0::/29
2a10:a9c0::/29
2a13:b740::/29
2a13:bd40::/29
2a13:be40::/29
2a13:bec0::/29
2a13:d0c0::/29
2a13:dd40::/29
Signature Algorithm: sha256WithRSAEncryption
33:05:3b:6f:b8:65:69:1b:97:71:a7:ce:83:7c:54:6c:82:9a:
d7:b2:85:a2:51:b7:df:f7:8c:45:4c:85:44:e9:12:a4:5f:9c:
db:81:e3:43:6e:7f:14:20:63:13:76:ed:3e:11:40:f1:7b:dc:
40:a3:a4:cd:4c:db:16:55:2d:61:bd:4e:d2:a0:d9:e9:77:f6:
a7:af:57:8b:bd:3b:87:2b:01:ab:f4:e8:1c:7d:c1:d5:25:0e:
db:9d:e4:39:05:ad:69:2e:a4:65:41:ec:e7:67:d9:6c:de:89:
ef:20:8f:5d:d2:ca:cc:8f:f5:6f:f1:bc:29:59:bf:37:17:cd:
67:e2:e7:37:ce:fa:02:e8:19:51:a0:32:c2:28:ca:8a:51:bd:
a3:db:95:ba:71:77:7d:53:3b:47:a9:4e:e0:db:76:53:0c:50:
23:41:c7:c9:08:c7:72:00:cf:d6:c1:58:50:1b:0d:c0:60:ec:
f6:31:cf:a7:2a:95:45:b9:68:d3:70:a0:5d:53:59:f8:90:58:
89:7c:d0:36:c4:d6:67:75:2f:38:7d:cc:64:43:37:27:a3:45:
95:32:89:35:27:ab:dc:b2:d1:dd:18:1d:43:ae:7f:8d:7a:64:
cb:c1:af:e0:11:a2:0a:5f:0c:fd:e3:64:7a:d4:37:ac:66:47:
09:dc:0e:c9
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZ4aaIBGLd3N7egJATLgZqD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjYwNTEyMDQxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzhlNGQ0MjU3MDUwMWIzNTkxZmU3NjczYzEyZDcyOWRlZjJhY2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApePfWUxlCrjYukTiOVFC1g06Ek+u
e2PfnUetNLT4xjfGESg2vtz3CLT4XIZ55miPdskSfcifYataS+3AoMiBPQXDkCzE
I2K9PoNx7I99GyWmPfdF/BU8SAb91PbfFQoONjoc9P1qsoGcugXvR1j01mroJzZm
GoN1q8OH+Cwi67Ce6k3pXP/A5bieUXvhryweQ2nG20FVRfU+i2SzWKEQhcj2kaQd
CTyJnf3t++RVZ1vYdYW5gCIVYamsB4SgnFHAbFcMG3Kf8+r8RKiCGlSMkcmr7S6i
UPVei+nzOwY+V2Icpt0KF5ryLM0tOYX5XN1+Lvdrb3kQN2AHGA/UxoIvAwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFEyOTUJXBQGzWR/nZzwS1yne8qzTMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvVEk1TlFsY0ZBYk5aSC1kblBCTFhLZDd5ck5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKgukwAMF
AyoPicADBQMqD+PAAwUDKhCpwAMFAyoTt0ADBQMqE71AAwUDKhO+QAMFAyoTvsAD
BQMqE9DAAwUDKhPdQDANBgkqhkiG9w0BAQsFAAOCAQEAMwU7b7hlaRuXcafOg3xU
bIKa17KFolG33/eMRUyFROkSpF+c24HjQ25/FCBjE3btPhFA8XvcQKOkzUzbFlUt
Yb1O0qDZ6Xf2p69Xi707hysBq/ToHH3B1SUO253kOQWtaS6kZUHs52fZbN6J7yCP
XdLKzI/1b/G8KVm/NxfNZ+LnN876AugZUaAywijKilG9o9uVunF3fVM7R6lO4Nt2
UwxQI0HHyQjHcgDP1sFYUBsNwGDs9jHPpyqVRblo03CgXVNZ+JBYiXzQNsTWZ3Uv
OH3MZEM3J6NFlTKJNSer3LLR3RgdQ65/jXpky8Gv4BGiCl8M/eNketQ3rGZHCdwO
yQ==
-----END CERTIFICATE-----
Generated at Tue May 12 21:39:28 2026 by rpki-client