Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/q2B96YIGVGpIPEJLJ2pEzB3DI0Y.roa
File: q2B96YIGVGpIPEJLJ2pEzB3DI0Y.roa (raw, json)
Hash identifier: fZRk+4DLl4sGiJi3+yveKpHh3HJeJdoULn6NTLY8jmU=
Subject key identifier: AB:60:7D:E9:82:06:54:6A:48:3C:42:4B:27:6A:44:CC:1D:C3:23:46
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019DB431AB5A2152A5C73E9E1BE2DC5E41B7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/q2B96YIGVGpIPEJLJ2pEzB3DI0Y.roa
Signing time: Wed 22 Apr 2026 07:57:27 +0000
ROA not before: Wed 22 Apr 2026 07:57:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 2a06:4d80::/29 maxlen: 29
2a07:a300::/29 maxlen: 29
2a0e:8880::/29 maxlen: 29
2a0f:29c0::/29 maxlen: 29
2a0f:2f40::/29 maxlen: 29
2a0f:3640::/29 maxlen: 29
2a0f:7280::/29 maxlen: 29
2a0f:9e00::/29 maxlen: 29
2a0f:ac00::/29 maxlen: 29
2a0f:dfc0::/29 maxlen: 29
2a0f:e4c0::/29 maxlen: 29
2a10:37c0::/29 maxlen: 29
2a10:3840::/29 maxlen: 29
2a10:5200::/29 maxlen: 29
2a10:6840::/29 maxlen: 29
2a11:4c40::/29 maxlen: 29
2a11:5c80::/29 maxlen: 29
2a12:ba00::/29 maxlen: 29
2a13:1480::/29 maxlen: 29
2a13:df00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 19:35:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b4:31:ab:5a:21:52:a5:c7:3e:9e:1b:e2:dc:5e:41:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 22 07:57:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ab607de98206546a483c424b276a44cc1dc32346
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:57:82:d1:c1:95:11:16:c6:b9:5a:3a:a2:0b:
88:0e:fd:d3:98:7d:a3:52:3f:eb:27:2f:c0:e3:20:
17:e3:39:45:51:34:5b:8c:fc:ca:61:d3:56:db:d6:
18:b7:e6:0a:a3:48:83:16:30:f0:b7:c6:32:99:f2:
30:7a:a1:a5:fa:a0:50:d4:b7:44:76:c2:65:0f:de:
f8:9e:d5:5e:25:57:21:66:a6:64:18:ab:cc:f3:e5:
01:05:bd:17:a7:89:dc:fc:33:c6:32:aa:e1:de:d0:
bd:26:7f:25:db:bc:05:5d:2c:1f:fe:b5:f1:b2:a2:
64:46:4d:80:28:6f:40:35:fa:fd:0f:d3:a0:cf:9a:
f1:09:b6:51:8e:7b:c8:c3:d1:e6:9e:39:a6:b2:e4:
b9:53:95:4d:e7:9e:58:15:1d:4c:19:ad:13:a1:33:
96:f1:c6:70:78:1e:14:0a:1c:13:be:65:18:c9:16:
cc:8a:e2:91:a1:cc:bf:79:4b:49:dd:4f:0a:f0:9c:
65:34:88:2e:f5:d7:a1:ab:1a:50:35:3a:8a:2b:08:
db:21:1b:90:db:f3:1d:25:fd:f9:eb:3c:bf:61:cb:
44:90:e5:93:c3:ac:0f:fb:b7:ab:de:3e:29:35:58:
c8:a4:ba:7d:a8:25:c1:20:dd:9b:1d:4e:ac:a7:d3:
f7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:60:7D:E9:82:06:54:6A:48:3C:42:4B:27:6A:44:CC:1D:C3:23:46
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/q2B96YIGVGpIPEJLJ2pEzB3DI0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:4d80::/29
2a07:a300::/29
2a0e:8880::/29
2a0f:29c0::/29
2a0f:2f40::/29
2a0f:3640::/29
2a0f:7280::/29
2a0f:9e00::/29
2a0f:ac00::/29
2a0f:dfc0::/29
2a0f:e4c0::/29
2a10:37c0::/29
2a10:3840::/29
2a10:5200::/29
2a10:6840::/29
2a11:4c40::/29
2a11:5c80::/29
2a12:ba00::/29
2a13:1480::/29
2a13:df00::/29
Signature Algorithm: sha256WithRSAEncryption
33:6f:50:be:39:f9:e2:84:53:32:bf:df:d6:88:8f:5c:df:95:
8c:f4:02:4a:bc:71:08:98:2c:e9:f5:12:0a:45:0d:66:8a:cb:
d6:35:1f:a0:21:23:00:03:d3:5b:ac:86:b3:e8:4f:68:8d:f9:
7c:e9:33:04:82:13:d5:ea:01:f0:cd:b3:22:eb:22:60:71:70:
ed:3b:75:27:52:8c:d5:f7:ea:71:e4:b3:fa:69:87:38:13:e8:
de:90:b1:1e:07:7f:41:73:3c:50:5a:2a:1c:67:c4:46:5b:e0:
81:d3:d3:18:62:4a:9c:0a:b2:18:d4:b2:7d:45:ff:81:9c:de:
12:72:cc:e2:89:5b:23:67:ad:20:c6:63:30:47:3f:04:eb:88:
7b:05:ec:65:c1:2a:98:3a:fe:9c:59:b0:12:56:f6:59:6a:09:
86:9b:1a:48:b4:de:d8:77:de:6f:86:4a:32:d5:4e:44:e2:e0:
db:fb:7a:08:0d:b9:ec:a6:f6:8e:75:91:4f:24:d8:b4:ff:99:
95:d9:f9:c3:4f:95:00:c5:4b:d0:ee:21:bc:87:14:3d:e6:8f:
26:47:2a:79:2e:94:39:e1:bc:3a:52:f5:ca:71:c0:82:83:48:
89:3c:12:67:ed:3a:db:1d:c4:4a:4a:6b:2a:f1:9d:42:18:7b:
b5:48:e6:92
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZ20MataIVKlxz6eG+LcXkG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNDIyMDc1NzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjYwN2RlOTgyMDY1NDZhNDgzYzQyNGIyNzZhNDRjYzFkYzMyMzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5FeC0cGVERbGuVo6oguIDv3TmH2j
Uj/rJy/A4yAX4zlFUTRbjPzKYdNW29YYt+YKo0iDFjDwt8YymfIweqGl+qBQ1LdE
dsJlD974ntVeJVchZqZkGKvM8+UBBb0Xp4nc/DPGMqrh3tC9Jn8l27wFXSwf/rXx
sqJkRk2AKG9ANfr9D9Ogz5rxCbZRjnvIw9HmnjmmsuS5U5VN555YFR1MGa0ToTOW
8cZweB4UChwTvmUYyRbMiuKRocy/eUtJ3U8K8JxlNIgu9dehqxpQNTqKKwjbIRuQ
2/MdJf356zy/YctEkOWTw6wP+7er3j4pNVjIpLp9qCXBIN2bHU6sp9P3JwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFKtgfemCBlRqSDxCSydqRMwdwyNGMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvcTJCOTZZSUdWR3BJUEVKTEoycEV6QjNESTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAIwgYwDBQMq
Bk2AAwUDKgejAAMFAyoOiIADBQMqDynAAwUDKg8vQAMFAyoPNkADBQMqD3KAAwUD
Kg+eAAMFAyoPrAADBQMqD9/AAwUDKg/kwAMFAyoQN8ADBQMqEDhAAwUDKhBSAAMF
AyoQaEADBQMqEUxAAwUDKhFcgAMFAyoSugADBQMqExSAAwUDKhPfADANBgkqhkiG
9w0BAQsFAAOCAQEAM29Qvjn54oRTMr/f1oiPXN+VjPQCSrxxCJgs6fUSCkUNZorL
1jUfoCEjAAPTW6yGs+hPaI35fOkzBIIT1eoB8M2zIusiYHFw7Tt1J1KM1ffqceSz
+mmHOBPo3pCxHgd/QXM8UFoqHGfERlvggdPTGGJKnAqyGNSyfUX/gZzeEnLM4olb
I2etIMZjMEc/BOuIewXsZcEqmDr+nFmwElb2WWoJhpsaSLTe2Hfeb4ZKMtVOROLg
2/t6CA257Kb2jnWRTyTYtP+Zldn5w0+VAMVL0O4hvIcUPeaPJkcqeS6UOeG8OlL1
ynHAgoNIiTwSZ+062x3ESkprKvGdQhh7tUjmkg==
-----END CERTIFICATE-----
Generated at Wed May 13 02:37:30 2026 by rpki-client