Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hnCQAOtJZdLpQGAQgftXujF45Uw.roa
File: hnCQAOtJZdLpQGAQgftXujF45Uw.roa (raw, json)
Hash identifier: Wpc5Q+5qn9sI+SRim7mbfCHvVp5IA8Ze1mhbFkkbfhw=
Subject key identifier: 86:70:90:00:EB:49:65:D2:E9:40:60:10:81:FB:57:BA:31:78:E5:4C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019D2611E1BE9D265F568F5786865BFBAAD9
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hnCQAOtJZdLpQGAQgftXujF45Uw.roa
Signing time: Wed 25 Mar 2026 17:36:39 +0000
ROA not before: Wed 25 Mar 2026 17:36:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34665
IP address blocks: 2a06:35c1::/32 maxlen: 32
2a07:a300::/29 maxlen: 29
2a13:d44::/32 maxlen: 32
2a13:8c80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:11:e1:be:9d:26:5f:56:8f:57:86:86:5b:fb:aa:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 25 17:36:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=86709000eb4965d2e940601081fb57ba3178e54c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:91:6d:df:fd:60:00:df:36:45:14:c8:0a:63:
d1:a3:92:83:c5:2b:ec:2a:1d:cc:ee:47:8f:f0:50:
eb:12:ed:21:16:09:72:f5:45:0d:f8:3a:80:92:b4:
bc:2c:de:d1:a0:44:ee:e1:d3:8e:a1:8d:c9:58:24:
b4:ef:63:07:ad:ee:88:c2:8e:51:39:60:ee:d0:e8:
c8:9a:56:4f:90:ff:df:ac:8b:da:20:ba:db:33:33:
f0:37:39:b2:03:10:87:f0:1b:f0:90:61:af:eb:4b:
ea:b8:06:00:95:c3:2a:05:d6:26:73:d2:03:52:8e:
c0:cc:40:cf:a9:dd:3e:c9:1a:80:15:6d:2a:2e:9b:
ab:3c:69:07:7e:0c:8f:c8:ac:56:71:f0:f7:d2:e2:
df:fa:0f:aa:c1:8f:c3:d4:45:ed:7d:b9:ce:73:5b:
a5:a1:a8:3f:4a:40:00:50:06:9e:f6:83:12:2f:4b:
7f:6f:c3:bc:28:f2:63:40:62:f7:9b:67:60:da:bb:
44:9a:99:24:07:ad:6b:9e:30:6c:e5:08:09:7d:f6:
c5:da:3a:d4:70:72:a9:aa:3f:fd:56:d1:4b:1d:0f:
88:31:05:d4:9f:86:b5:80:28:2e:09:b0:2a:12:92:
53:ec:f4:ea:7f:1d:b0:b8:5d:3d:29:c5:4e:06:d5:
9b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:70:90:00:EB:49:65:D2:E9:40:60:10:81:FB:57:BA:31:78:E5:4C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hnCQAOtJZdLpQGAQgftXujF45Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:35c1::/32
2a07:a300::/29
2a13:d44::/32
2a13:8c80::/32
Signature Algorithm: sha256WithRSAEncryption
16:2f:4f:93:5f:65:1c:71:35:ec:f3:77:e7:65:0c:98:b7:2b:
66:5c:80:6c:27:6a:d3:16:fd:c9:6f:d6:71:a9:11:38:fd:0b:
be:1d:6b:1f:2d:c2:68:fd:b3:7a:3d:44:ee:03:32:3c:bb:1c:
7d:ae:2f:48:df:e0:c4:dd:06:ca:9d:30:dd:25:79:5b:ce:50:
3d:fc:4d:6e:25:9b:b8:88:bd:34:65:70:27:88:e8:d0:c8:16:
f1:22:c5:38:74:e0:e7:9f:20:7a:3e:a8:94:17:42:2c:29:2b:
2a:fb:b8:2f:bf:cf:9f:45:a2:aa:d7:61:4f:00:b4:a6:6c:26:
28:d3:eb:96:58:75:c8:1e:98:9b:68:b5:2d:02:ea:d6:f8:6c:
e5:b6:91:c6:bb:8a:07:e4:1a:df:93:92:bd:9b:15:d5:11:ca:
3d:30:54:e7:5a:01:f2:c9:d0:69:ca:1a:db:45:5e:48:f0:5b:
6b:b5:50:e3:70:7b:f2:1b:69:7c:ff:95:87:a2:97:73:e8:12:
81:b1:1e:f6:65:46:c1:96:6f:f0:77:31:c5:09:b2:7a:ab:3f:
81:51:71:f3:61:48:e0:8d:f5:64:2f:c1:cf:7b:4c:28:03:cb:
15:23:f4:de:27:b2:36:2a:56:98:63:75:bd:4f:bc:4f:71:45:
6b:1b:f6:96
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZ0mEeG+nSZfVo9XhoZb+6rZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzI1MTczNjM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjcwOTAwMGViNDk2NWQyZTk0MDYwMTA4MWZiNTdiYTMxNzhlNTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZFt3/1gAN82RRTICmPRo5KDxSvs
Kh3M7keP8FDrEu0hFgly9UUN+DqAkrS8LN7RoETu4dOOoY3JWCS072MHre6Iwo5R
OWDu0OjImlZPkP/frIvaILrbMzPwNzmyAxCH8BvwkGGv60vquAYAlcMqBdYmc9ID
Uo7AzEDPqd0+yRqAFW0qLpurPGkHfgyPyKxWcfD30uLf+g+qwY/D1EXtfbnOc1ul
oag/SkAAUAae9oMSL0t/b8O8KPJjQGL3m2dg2rtEmpkkB61rnjBs5QgJffbF2jrU
cHKpqj/9VtFLHQ+IMQXUn4a1gCguCbAqEpJT7PTqfx2wuF09KcVOBtWbfwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFIZwkADrSWXS6UBgEIH7V7oxeOVMMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvaG5DUUFPdEpaZExwUUdBUWdmdFh1akY0NVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUAKgY1wQMF
AyoHowADBQAqEw1EAwUAKhOMgDANBgkqhkiG9w0BAQsFAAOCAQEAFi9Pk19lHHE1
7PN352UMmLcrZlyAbCdq0xb9yW/WcakROP0Lvh1rHy3CaP2zej1E7gMyPLscfa4v
SN/gxN0Gyp0w3SV5W85QPfxNbiWbuIi9NGVwJ4jo0MgW8SLFOHTg558gej6olBdC
LCkrKvu4L7/Pn0WiqtdhTwC0pmwmKNPrllh1yB6Ym2i1LQLq1vhs5baRxruKB+Qa
35OSvZsV1RHKPTBU51oB8snQacoa20VeSPBba7VQ43B78htpfP+Vh6KXc+gSgbEe
9mVGwZZv8HcxxQmyeqs/gVFx82FI4I31ZC/Bz3tMKAPLFSP03ieyNipWmGN1vU+8
T3FFaxv2lg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:49:37 2026 by rpki-client