Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/KB86XYFqZOH3EtvBVWhIn_guFjI.roa
File: KB86XYFqZOH3EtvBVWhIn_guFjI.roa (raw, json)
Hash identifier: EoboZK7XlateJfFd2Ch7MCGrvt/S53xsG3Jbw1LGQVM=
Subject key identifier: 28:1F:3A:5D:81:6A:64:E1:F7:12:DB:C1:55:68:48:9F:F8:2E:16:32
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019CFD9E3707B059FCF10D79321D72004B05
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/KB86XYFqZOH3EtvBVWhIn_guFjI.roa
Signing time: Tue 17 Mar 2026 21:05:30 +0000
ROA not before: Tue 17 Mar 2026 21:05:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12389
IP address blocks: 2a06:a600::/29 maxlen: 29
2a06:bf40::/29 maxlen: 29
2a07:95c0::/29 maxlen: 29
2a09:17c3::/32 maxlen: 32
2a0c:d380::/29 maxlen: 29
2a0d:8f80::/29 maxlen: 29
2a0e:2440::/29 maxlen: 29
2a0e:f207::/32 maxlen: 32
2a0f:3d83::/32 maxlen: 32
2a0f:3d86:11::/48 maxlen: 48
2a0f:7d01::/32 maxlen: 32
2a0f:ee00::/29 maxlen: 29
2a10:3140::/29 maxlen: 29
2a11:4e80::/29 maxlen: 29
2a12:d100::/29 maxlen: 29
2a13:2bc0::/29 maxlen: 29
2a13:8f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fd:9e:37:07:b0:59:fc:f1:0d:79:32:1d:72:00:4b:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 17 21:05:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=281f3a5d816a64e1f712dbc15568489ff82e1632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d8:56:e7:24:c3:52:6c:35:12:f3:3c:1d:97:
94:66:d0:7e:1e:ba:ca:c9:0f:d0:f8:91:ef:da:96:
73:90:0d:f0:f0:34:93:1d:79:55:8d:50:f1:05:3a:
a6:0c:b7:b8:20:30:b4:21:a8:5d:5e:ed:c6:19:ee:
86:ca:10:5b:f1:2d:d5:54:64:8d:12:c1:77:0b:bc:
86:6c:50:65:ee:39:05:16:44:75:62:c6:b2:c7:78:
9a:dc:6b:c5:7b:8e:00:6d:4d:15:03:28:89:d4:e6:
d2:b2:7e:87:c6:ef:50:be:37:cd:5d:a0:de:52:5e:
97:b8:91:bc:e3:c4:8b:b6:ce:cd:03:c3:37:c1:36:
d0:95:db:91:01:92:da:80:32:81:a3:3b:6a:f5:9a:
f8:5a:58:53:21:28:5f:dd:22:bd:39:1e:58:0a:1d:
2b:b8:4a:ed:56:6f:9f:bd:b2:5e:68:b9:2f:26:e9:
d0:57:f4:14:31:ce:85:b1:ea:82:70:53:f7:58:81:
9c:54:cb:8b:c1:20:a5:20:23:b2:d0:ad:aa:29:f2:
12:67:6d:fd:4c:41:82:95:9b:84:fb:87:f7:12:df:
5a:cc:75:1b:9f:83:2a:9a:80:10:66:cc:ad:a9:1e:
e0:cc:3f:a0:be:58:c2:6e:0a:85:91:aa:1e:35:77:
64:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:1F:3A:5D:81:6A:64:E1:F7:12:DB:C1:55:68:48:9F:F8:2E:16:32
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/KB86XYFqZOH3EtvBVWhIn_guFjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a600::/29
2a06:bf40::/29
2a07:95c0::/29
2a09:17c3::/32
2a0c:d380::/29
2a0d:8f80::/29
2a0e:2440::/29
2a0e:f207::/32
2a0f:3d83::/32
2a0f:3d86:11::/48
2a0f:7d01::/32
2a0f:ee00::/29
2a10:3140::/29
2a11:4e80::/29
2a12:d100::/29
2a13:2bc0::/29
2a13:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
06:da:7b:eb:11:48:7e:cb:3c:08:d4:b7:bd:9a:7b:c0:cf:f4:
88:f8:6e:c0:ee:8f:12:90:5b:d8:c3:d2:85:d7:8c:4d:36:5c:
f5:65:c1:1d:e7:60:74:17:97:5c:b1:ce:ed:6a:97:a7:9c:85:
72:6a:f3:d1:c0:76:84:0c:8b:61:51:6e:b0:6a:84:06:cd:b6:
1a:e9:b5:92:bd:f4:8c:bd:52:a9:90:82:e0:59:01:9b:a9:23:
54:1a:94:eb:23:aa:46:a1:b3:90:26:09:3a:a3:fd:27:44:13:
9e:bd:a6:57:b8:18:e7:df:7c:34:a1:bb:72:49:04:92:ea:b3:
43:d4:e9:8a:24:c3:22:25:b6:13:dc:ab:b2:83:16:ff:b3:4e:
9d:55:03:14:95:7b:3d:61:ba:ab:10:6d:b3:d9:09:13:35:94:
c0:99:31:81:08:c8:f2:64:45:d1:6b:6c:2b:fa:dc:fc:37:78:
54:1f:ac:24:d2:13:ed:ec:2a:f6:0c:3a:5b:17:4c:b3:9c:3b:
4a:a7:74:07:ef:7d:fc:ff:dc:ce:58:74:16:60:f1:cf:8c:af:
a9:5e:ee:9b:bc:9d:89:55:8a:ab:c8:98:8d:2e:0a:15:e6:4b:
22:52:82:d9:47:0c:7b:69:47:5c:84:34:2a:18:ec:d2:df:30:
1f:34:59:2c
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZz9njcHsFn88Q15Mh1yAEsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzE3MjEwNTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODFmM2E1ZDgxNmE2NGUxZjcxMmRiYzE1NTY4NDg5ZmY4MmUxNjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9hW5yTDUmw1EvM8HZeUZtB+HrrK
yQ/Q+JHv2pZzkA3w8DSTHXlVjVDxBTqmDLe4IDC0IahdXu3GGe6GyhBb8S3VVGSN
EsF3C7yGbFBl7jkFFkR1Ysayx3ia3GvFe44AbU0VAyiJ1ObSsn6Hxu9QvjfNXaDe
Ul6XuJG848SLts7NA8M3wTbQlduRAZLagDKBoztq9Zr4WlhTIShf3SK9OR5YCh0r
uErtVm+fvbJeaLkvJunQV/QUMc6FseqCcFP3WIGcVMuLwSClICOy0K2qKfISZ239
TEGClZuE+4f3Et9azHUbn4MqmoAQZsytqR7gzD+gvljCbgqFkaoeNXdkswIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFCgfOl2BamTh9xLbwVVoSJ/4LhYyMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvS0I4NlhZRnFaT0gzRXR2QlZXaEluX2d1RmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTB/BAIAAjB5AwUDKgam
AAMFAyoGv0ADBQMqB5XAAwUAKgkXwwMFAyoM04ADBQMqDY+AAwUDKg4kQAMFACoO
8gcDBQAqDz2DAwcAKg89hgARAwUAKg99AQMFAyoP7gADBQMqEDFAAwUDKhFOgAMF
AyoS0QADBQMqEyvAAwUDKhOPADANBgkqhkiG9w0BAQsFAAOCAQEABtp76xFIfss8
CNS3vZp7wM/0iPhuwO6PEpBb2MPShdeMTTZc9WXBHedgdBeXXLHO7WqXp5yFcmrz
0cB2hAyLYVFusGqEBs22Gum1kr30jL1SqZCC4FkBm6kjVBqU6yOqRqGzkCYJOqP9
J0QTnr2mV7gY5998NKG7ckkEkuqzQ9TpiiTDIiW2E9yrsoMW/7NOnVUDFJV7PWG6
qxBts9kJEzWUwJkxgQjI8mRF0WtsK/rc/Dd4VB+sJNIT7ewq9gw6WxdMs5w7Sqd0
B+99/P/czlh0FmDxz4yvqV7um7ydiVWKq8iYjS4KFeZLIlKC2UcMe2lHXIQ0Khjs
0t8wHzRZLA==
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:47:05 2026 by rpki-client