Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/QSYxSVtscv0lySYe-ZUQhIllSAI.roa
File: QSYxSVtscv0lySYe-ZUQhIllSAI.roa (raw, json)
Hash identifier: zsSyKxwGF4J3UsIcw1eEWwVoeb+49cbuURMMT4GplQQ=
Subject key identifier: 41:26:31:49:5B:6C:72:FD:25:C9:26:1E:F9:95:10:84:89:65:48:02
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 019E892DE61E7FB79196F632CB3A7CC08752
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/QSYxSVtscv0lySYe-ZUQhIllSAI.roa
Signing time: Tue 02 Jun 2026 16:32:27 +0000
ROA not before: Tue 02 Jun 2026 16:32:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60262
IP address blocks: 2a11:c40::/29 maxlen: 29
2a11:1100::/29 maxlen: 29
2a11:1e80::/29 maxlen: 29
2a11:37c0::/29 maxlen: 29
2a11:4300::/29 maxlen: 29
2a11:4600::/29 maxlen: 29
2a11:4ec0::/29 maxlen: 29
2a11:74c0::/29 maxlen: 29
2a11:8580::/29 maxlen: 29
2a11:9100::/29 maxlen: 29
2a11:d780::/29 maxlen: 29
2a11:e240::/29 maxlen: 29
2a11:ea40::/29 maxlen: 29
2a12:980::/29 maxlen: 29
2a12:6080::/29 maxlen: 29
2a12:6f80::/29 maxlen: 29
2a12:7b00::/29 maxlen: 29
2a12:c780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 03:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:89:2d:e6:1e:7f:b7:91:96:f6:32:cb:3a:7c:c0:87:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Jun 2 16:32:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=412631495b6c72fd25c9261ef995108489654802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:31:e1:86:23:98:b0:c2:02:32:b2:b0:56:3b:
47:0f:7d:9a:92:4a:91:d0:b9:d4:5c:f1:ad:74:fd:
5b:24:81:d4:55:d4:5e:48:3e:c2:0c:86:35:da:3d:
89:3f:2d:42:66:bf:56:9a:98:71:1a:9a:48:d6:a6:
d7:7b:5a:75:58:c1:9f:3a:e3:e7:27:b2:59:1e:f6:
45:cb:c1:89:65:c8:7e:37:ad:f2:a9:c0:39:fa:7f:
de:95:7e:53:06:64:e4:14:b1:50:f5:b4:58:1f:06:
e6:5a:80:af:8c:91:77:03:ea:c7:f1:19:86:df:dc:
d3:85:55:49:ca:5e:56:c5:46:b1:6a:e9:0f:9a:25:
23:43:37:f8:a5:e4:ee:a6:38:14:1d:32:a3:d8:ec:
f6:15:b6:2a:b6:3f:49:38:7a:62:b5:80:8f:48:d5:
67:a7:a3:90:68:14:9d:f6:a9:68:32:61:b1:d6:4d:
a4:d8:33:cc:c9:d0:a8:d1:2d:0f:98:5b:da:0a:34:
48:4f:51:5b:af:55:98:f6:18:36:11:94:a8:53:77:
86:08:10:af:45:70:a6:b7:33:f4:ac:82:58:e2:60:
a9:96:7a:fc:21:04:b9:e3:3a:53:bf:bf:42:53:16:
bf:ee:bd:cd:d0:71:a1:c0:73:29:b5:3f:ee:28:4a:
c8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:26:31:49:5B:6C:72:FD:25:C9:26:1E:F9:95:10:84:89:65:48:02
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/QSYxSVtscv0lySYe-ZUQhIllSAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:c40::/29
2a11:1100::/29
2a11:1e80::/29
2a11:37c0::/29
2a11:4300::/29
2a11:4600::/29
2a11:4ec0::/29
2a11:74c0::/29
2a11:8580::/29
2a11:9100::/29
2a11:d780::/29
2a11:e240::/29
2a11:ea40::/29
2a12:980::/29
2a12:6080::/29
2a12:6f80::/29
2a12:7b00::/29
2a12:c780::/29
Signature Algorithm: sha256WithRSAEncryption
7a:8d:d3:8b:2f:e7:27:47:75:18:d0:4e:6a:fb:15:ad:43:d2:
1f:30:94:ec:db:e2:54:50:e2:c6:89:be:c7:1f:3a:de:c3:1e:
12:c8:9e:9b:af:ac:c5:94:8a:2e:cf:49:01:bd:ea:38:20:5e:
95:9f:e7:db:8a:30:95:99:ac:39:16:2a:2f:ba:58:29:20:4c:
2d:50:8a:6c:d3:31:74:c1:e8:bf:73:6c:d1:b0:d2:d3:01:69:
c7:7c:f1:0c:be:c3:f8:ad:85:17:c8:74:4d:bb:48:03:5f:70:
a9:ac:72:2a:ec:f6:08:95:5f:f4:92:d8:3e:33:ca:56:12:86:
72:0d:f5:30:c9:d3:05:59:87:d0:da:48:ab:1c:93:dd:b7:17:
1e:28:06:a6:a7:f6:02:c7:fa:eb:d5:9f:c6:4d:f8:89:ab:5a:
85:6f:67:84:63:60:66:d2:22:99:cb:56:47:9b:46:f7:1d:7b:
de:c6:7c:34:66:00:6f:64:71:87:ec:4e:61:cb:49:75:8b:f1:
34:2f:4d:56:b2:74:6f:ba:93:e1:9e:49:31:14:40:c9:48:05:
5f:6f:eb:59:be:98:01:d0:9e:a8:dc:5c:a5:8c:2f:71:f0:44:
57:88:76:88:2a:27:70:49:54:da:fb:25:31:f0:5b:1f:7a:d4:
67:19:63:76
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZ6JLeYef7eRlvYyyzp8wIdSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjYwNjAyMTYzMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTI2MzE0OTViNmM3MmZkMjVjOTI2MWVmOTk1MTA4NDg5NjU0ODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzHhhiOYsMICMrKwVjtHD32akkqR
0LnUXPGtdP1bJIHUVdReSD7CDIY12j2JPy1CZr9WmphxGppI1qbXe1p1WMGfOuPn
J7JZHvZFy8GJZch+N63yqcA5+n/elX5TBmTkFLFQ9bRYHwbmWoCvjJF3A+rH8RmG
39zThVVJyl5WxUaxaukPmiUjQzf4peTupjgUHTKj2Oz2FbYqtj9JOHpitYCPSNVn
p6OQaBSd9qloMmGx1k2k2DPMydCo0S0PmFvaCjRIT1Fbr1WY9hg2EZSoU3eGCBCv
RXCmtzP0rIJY4mCplnr8IQS54zpTv79CUxa/7r3N0HGhwHMptT/uKErI/QIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFEEmMUlbbHL9JckmHvmVEISJZUgCMB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvUVNZeFNWdHNjdjBseVNZZS1aVVFoSWxsU0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAIwfgMFAyoR
DEADBQMqEREAAwUDKhEegAMFAyoRN8ADBQMqEUMAAwUDKhFGAAMFAyoRTsADBQMq
EXTAAwUDKhGFgAMFAyoRkQADBQMqEdeAAwUDKhHiQAMFAyoR6kADBQMqEgmAAwUD
KhJggAMFAyoSb4ADBQMqEnsAAwUDKhLHgDANBgkqhkiG9w0BAQsFAAOCAQEAeo3T
iy/nJ0d1GNBOavsVrUPSHzCU7NviVFDixom+xx863sMeEsiem6+sxZSKLs9JAb3q
OCBelZ/n24owlZmsORYqL7pYKSBMLVCKbNMxdMHov3Ns0bDS0wFpx3zxDL7D+K2F
F8h0TbtIA19wqaxyKuz2CJVf9JLYPjPKVhKGcg31MMnTBVmH0NpIqxyT3bcXHigG
pqf2Asf669Wfxk34iatahW9nhGNgZtIimctWR5tG9x173sZ8NGYAb2Rxh+xOYctJ
dYvxNC9NVrJ0b7qT4Z5JMRRAyUgFX2/rWb6YAdCeqNxcpYwvcfBEV4h2iConcElU
2vslMfBbH3rUZxljdg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:41:54 2026 by rpki-client