Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/AetyGKO54scpAPensslnIb_A2PQ.roa
File: AetyGKO54scpAPensslnIb_A2PQ.roa (raw, json)
Hash identifier: zJsgfGfif4Mca28xL6pwxavBNqBbcMnQ/gx7SMq4y64=
Subject key identifier: 01:EB:72:18:A3:B9:E2:C7:29:00:F7:A7:B2:C9:67:21:BF:C0:D8:F4
Certificate issuer: /CN=a7a4e23482268475c1b935637d0002c2fd2993b8
Certificate serial: 019E17156BD5C6C030D1DD015DEFF50D149F
Authority key identifier: A7:A4:E2:34:82:26:84:75:C1:B9:35:63:7D:00:02:C2:FD:29:93:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/AetyGKO54scpAPensslnIb_A2PQ.roa
Signing time: Mon 11 May 2026 12:49:00 +0000
ROA not before: Mon 11 May 2026 12:49:00 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208850
IP address blocks: 2a14:ae00:106::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:15:6b:d5:c6:c0:30:d1:dd:01:5d:ef:f5:0d:14:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7a4e23482268475c1b935637d0002c2fd2993b8
Validity
Not Before: May 11 12:49:00 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=01eb7218a3b9e2c72900f7a7b2c96721bfc0d8f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3f:4e:04:2e:c4:f5:2a:a7:df:12:8f:61:50:
a7:5c:d5:09:b0:41:13:05:b5:ee:12:19:5e:45:0a:
1d:a8:7f:f8:da:ea:d6:22:1a:07:7b:b8:c6:c9:c7:
f8:85:03:88:c3:19:bd:4c:45:78:34:74:01:5e:fa:
fc:88:b9:07:fc:79:cc:9a:b4:f8:2d:02:23:5a:e2:
40:34:99:c1:33:57:71:45:53:7d:16:23:28:f7:79:
49:33:69:c7:2e:f1:f5:0f:d1:86:90:85:1d:62:a2:
67:8c:d2:aa:2f:d2:ce:29:4c:77:e5:7f:c2:26:88:
d4:a2:f2:6e:8b:0f:55:39:fb:c7:f1:c2:3f:13:55:
5a:94:17:7b:67:25:c3:a5:c2:ff:fa:37:2f:4b:48:
db:41:c9:e0:4c:3e:63:9b:ae:1b:93:65:37:0c:b8:
27:e6:39:95:2a:18:24:39:33:05:6b:c7:96:e0:a5:
b5:88:76:c5:77:5c:8e:2d:29:3a:21:9c:40:e9:6b:
d7:3b:a5:9b:21:14:73:9b:30:28:0e:73:1b:ea:12:
2e:08:67:e6:92:48:85:13:2f:39:5c:f5:07:39:92:
44:90:ef:c9:41:6a:e9:32:ee:ee:74:8c:fb:0b:46:
d4:06:7d:88:17:57:fd:1b:6d:be:ec:cf:61:8e:bf:
4e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:EB:72:18:A3:B9:E2:C7:29:00:F7:A7:B2:C9:67:21:BF:C0:D8:F4
X509v3 Authority Key Identifier:
keyid:A7:A4:E2:34:82:26:84:75:C1:B9:35:63:7D:00:02:C2:FD:29:93:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/AetyGKO54scpAPensslnIb_A2PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:ae00:106::/48
Signature Algorithm: sha256WithRSAEncryption
0d:72:ab:c3:55:e9:22:7c:3a:78:5a:71:5f:af:fb:00:7a:34:
d0:a5:7a:1e:ad:65:3d:55:fd:53:ff:71:0a:12:0a:6c:2e:a4:
d8:b8:6b:bb:c9:4b:7d:bb:23:42:8a:32:b2:b6:64:78:5d:1d:
85:97:11:c6:50:99:8b:33:cb:92:56:8e:2e:6d:f3:1f:f8:ac:
d0:58:35:2f:ba:af:46:e1:d4:d5:35:d6:ea:b4:5c:62:b2:2d:
ac:79:6e:3b:d0:31:30:cf:45:bf:8c:c2:5e:5c:b6:6c:56:96:
b4:e2:9d:99:64:1c:f1:a5:27:4a:c8:58:c8:75:94:9c:cc:75:
9f:43:5d:83:18:d9:8f:9e:77:51:aa:44:17:13:70:32:9f:ec:
e3:ea:00:31:7a:e5:57:c2:8f:3a:b9:ac:ff:4a:64:9a:2f:64:
04:c6:fe:e1:d1:98:60:d6:86:e5:43:3f:7e:0b:65:cc:e5:b7:
6a:0f:db:d4:32:53:d2:64:0f:c1:cf:23:ac:d5:d7:a3:fa:1b:
98:d0:3a:3c:19:ff:c4:ca:d0:77:64:33:1b:06:71:f4:e0:7d:
3c:86:bc:c6:8c:91:58:7d:1c:a6:c8:90:c1:8d:b8:9f:98:d2:
13:e5:44:f5:5b:87:01:7d:16:ac:cc:28:5e:f7:eb:02:90:90:
c6:f0:a1:2e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ4XFWvVxsAw0d0BXe/1DRSfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YTRlMjM0ODIyNjg0NzVjMWI5MzU2MzdkMDAwMmMyZmQy
OTkzYjgwHhcNMjYwNTExMTI0OTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWViNzIxOGEzYjllMmM3MjkwMGY3YTdiMmM5NjcyMWJmYzBkOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz9OBC7E9Sqn3xKPYVCnXNUJsEET
BbXuEhleRQodqH/42urWIhoHe7jGycf4hQOIwxm9TEV4NHQBXvr8iLkH/HnMmrT4
LQIjWuJANJnBM1dxRVN9FiMo93lJM2nHLvH1D9GGkIUdYqJnjNKqL9LOKUx35X/C
JojUovJuiw9VOfvH8cI/E1ValBd7ZyXDpcL/+jcvS0jbQcngTD5jm64bk2U3DLgn
5jmVKhgkOTMFa8eW4KW1iHbFd1yOLSk6IZxA6WvXO6WbIRRzmzAoDnMb6hIuCGfm
kkiFEy85XPUHOZJEkO/JQWrpMu7udIz7C0bUBn2IF1f9G22+7M9hjr9O4QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFAHrchijueLHKQD3p7LJZyG/wNj0MB8GA1UdIwQY
MBaAFKek4jSCJoR1wbk1Y30AAsL9KZO4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDZUaU5JSW1oSFhCdVRWamZRQUN3djBwazdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wN2Y2MjMtMTRmYi00YTgwLTlmNDYt
MjMzMzFiNjQ5MTZjLzEvQWV0eUdLTzU0c2NwQVBlbnNzbG5JYl9BMlBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wN2Y2MjMtMTRmYi00YTgwLTlmNDYtMjMzMzFiNjQ5MTZj
LzEvcDZUaU5JSW1oSFhCdVRWamZRQUN3djBwazdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhSuAAEG
MA0GCSqGSIb3DQEBCwUAA4IBAQANcqvDVekifDp4WnFfr/sAejTQpXoerWU9Vf1T
/3EKEgpsLqTYuGu7yUt9uyNCijKytmR4XR2FlxHGUJmLM8uSVo4ubfMf+KzQWDUv
uq9G4dTVNdbqtFxisi2seW470DEwz0W/jMJeXLZsVpa04p2ZZBzxpSdKyFjIdZSc
zHWfQ12DGNmPnndRqkQXE3Ayn+zj6gAxeuVXwo86uaz/SmSaL2QExv7h0Zhg1obl
Qz9+C2XM5bdqD9vUMlPSZA/BzyOs1dej+huY0Do8Gf/EytB3ZDMbBnH04H08hrzG
jJFYfRymyJDBjbifmNIT5UT1W4cBfRaszChe9+sCkJDG8KEu
-----END CERTIFICATE-----
Generated at Wed May 13 12:40:30 2026 by rpki-client