Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/tpruxi4WfnJbBB5IjFb5ybMY3jg.roa
File: tpruxi4WfnJbBB5IjFb5ybMY3jg.roa (raw, json)
Hash identifier: Q0taTJKgI/MX/UvsvMDePMKEwoMw7JMzAzcey8JjxXw=
Subject key identifier: B6:9A:EE:C6:2E:16:7E:72:5B:04:1E:48:8C:56:F9:C9:B3:18:DE:38
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 019DBBC869C02611C22C93F4496B75503FE3
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/tpruxi4WfnJbBB5IjFb5ybMY3jg.roa
Signing time: Thu 23 Apr 2026 19:19:26 +0000
ROA not before: Thu 23 Apr 2026 19:19:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 399486
IP address blocks: 2a0f:63c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 13:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bb:c8:69:c0:26:11:c2:2c:93:f4:49:6b:75:50:3f:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Apr 23 19:19:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b69aeec62e167e725b041e488c56f9c9b318de38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d5:fd:f6:47:6d:34:fb:6e:e8:b5:04:43:6a:
c9:1c:d7:d4:6e:82:e1:ad:93:cf:70:19:c3:a7:d4:
54:69:ef:d5:c8:84:59:27:c0:f0:8a:f3:d4:9b:80:
9c:76:07:ad:4e:c3:ba:dc:5f:cc:dc:b9:0a:11:ef:
0c:45:82:77:e9:56:09:e3:74:95:7e:26:4a:d8:d8:
a6:84:a2:af:54:7f:ab:8e:b9:b4:77:8b:a9:b4:f4:
a6:79:e1:e9:db:f5:9f:ae:b1:36:e3:95:f1:a6:70:
fc:48:62:20:3b:91:f3:3b:42:d5:32:2b:07:5c:c6:
87:7c:0c:91:31:69:5d:12:fd:45:94:16:ba:da:a4:
3f:a5:66:38:6e:89:ea:c3:bd:a2:02:35:e4:79:40:
90:ff:73:38:2f:98:4e:aa:a9:93:d5:93:f1:bf:7a:
e2:d4:44:e2:c5:77:72:59:03:67:86:11:06:95:35:
a2:54:c3:5b:80:20:65:aa:99:7d:64:0d:d1:c1:23:
cc:a4:66:b3:82:b8:4b:99:1b:1a:6c:da:65:b4:8e:
01:01:2d:1d:bc:b5:a7:83:f4:19:36:0b:a4:02:24:
19:db:69:00:42:a9:56:cb:f4:d9:fc:10:e2:20:d4:
3f:cd:3e:40:e2:e5:fd:e4:79:19:ee:d7:f0:7c:fe:
99:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:9A:EE:C6:2E:16:7E:72:5B:04:1E:48:8C:56:F9:C9:B3:18:DE:38
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/tpruxi4WfnJbBB5IjFb5ybMY3jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
2c:07:4b:b2:d5:ac:f4:d7:bd:23:75:c2:af:6f:fb:8f:c8:60:
d3:7c:58:df:15:d1:8d:9a:9b:3a:1e:e0:3f:43:d7:44:95:a5:
bf:ad:51:7c:c1:48:6c:4c:bb:f1:18:f6:0b:53:f6:48:bb:9f:
4a:d8:74:78:1e:27:2f:5f:ce:62:0b:f8:bd:43:fd:ec:82:a6:
f2:a3:a6:33:c4:db:8c:ba:9a:dc:72:4c:80:88:e0:4f:7a:3d:
00:fe:42:75:63:cc:a6:38:c0:ba:6a:96:09:0b:54:1d:cc:8f:
f5:72:5d:e8:1b:31:6f:3a:61:5c:14:9e:ec:a3:ec:8f:96:a6:
e4:93:bf:3d:f4:21:35:27:6f:fd:d3:20:1d:8c:a5:92:05:c9:
90:90:5d:d7:fa:88:f8:dd:4d:01:7b:be:05:0d:f9:12:e6:5d:
8c:f4:5f:ef:bd:ca:26:b1:e5:a2:58:08:65:d1:74:32:15:11:
7f:51:33:c6:76:6b:c2:86:8d:4a:20:4c:12:c7:18:c4:73:f2:
79:e5:c2:d7:8b:2d:58:6b:2f:d3:4e:5c:9d:57:76:05:cf:a7:
be:18:96:6b:d8:2e:0a:4f:60:8c:64:04:17:33:57:cc:06:1f:
2c:dd:b7:ac:93:4b:b2:bc:80:75:06:de:39:95:36:ab:2e:44:
8a:30:01:5b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ27yGnAJhHCLJP0SWt1UD/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjYwNDIzMTkxOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjlhZWVjNjJlMTY3ZTcyNWIwNDFlNDg4YzU2ZjljOWIzMThkZTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtX99kdtNPtu6LUEQ2rJHNfUboLh
rZPPcBnDp9RUae/VyIRZJ8DwivPUm4CcdgetTsO63F/M3LkKEe8MRYJ36VYJ43SV
fiZK2NimhKKvVH+rjrm0d4uptPSmeeHp2/WfrrE245XxpnD8SGIgO5HzO0LVMisH
XMaHfAyRMWldEv1FlBa62qQ/pWY4bonqw72iAjXkeUCQ/3M4L5hOqqmT1ZPxv3ri
1ETixXdyWQNnhhEGlTWiVMNbgCBlqpl9ZA3RwSPMpGazgrhLmRsabNpltI4BAS0d
vLWng/QZNgukAiQZ22kAQqlWy/TZ/BDiINQ/zT5A4uX95HkZ7tfwfP6ZMwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLaa7sYuFn5yWwQeSIxW+cmzGN44MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvdHBydXhpNFdmbkpiQkI1SWpGYjV5Yk1ZM2pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg9jwDAN
BgkqhkiG9w0BAQsFAAOCAQEALAdLstWs9Ne9I3XCr2/7j8hg03xY3xXRjZqbOh7g
P0PXRJWlv61RfMFIbEy78Rj2C1P2SLufSth0eB4nL1/OYgv4vUP97IKm8qOmM8Tb
jLqa3HJMgIjgT3o9AP5CdWPMpjjAumqWCQtUHcyP9XJd6BsxbzphXBSe7KPsj5am
5JO/PfQhNSdv/dMgHYylkgXJkJBd1/qI+N1NAXu+BQ35EuZdjPRf773KJrHlolgI
ZdF0MhURf1EzxnZrwoaNSiBMEscYxHPyeeXC14stWGsv005cnVd2Bc+nvhiWa9gu
Ck9gjGQEFzNXzAYfLN23rJNLsryAdQbeOZU2qy5EijABWw==
-----END CERTIFICATE-----
Generated at Tue May 12 22:16:53 2026 by rpki-client