Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/XRNvoKreqEdZEhJbOno-5BqPGEE.roa
File: XRNvoKreqEdZEhJbOno-5BqPGEE.roa (raw, json)
Hash identifier: z4A5c3Ug9WBluQD4ssGRXcELVIDjB7HhErsV07uP9GQ=
Subject key identifier: 5D:13:6F:A0:AA:DE:A8:47:59:12:12:5B:3A:7A:3E:E4:1A:8F:18:41
Certificate issuer: /CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Certificate serial: 019E57582CC9EF53B7BA21C8F864875F1191
Authority key identifier: 6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/XRNvoKreqEdZEhJbOno-5BqPGEE.roa
Signing time: Sun 24 May 2026 00:17:36 +0000
ROA not before: Sun 24 May 2026 00:17:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202525
IP address blocks: 2a13:d040::/48 maxlen: 48
2a13:d040:2::/48 maxlen: 48
2a13:d040:3::/48 maxlen: 48
2a13:d040:5::/48 maxlen: 48
2a13:d040:6::/48 maxlen: 48
2a13:d040:7::/48 maxlen: 48
2a13:d046:fffc::/48 maxlen: 48
2a13:d046:fffd::/48 maxlen: 48
2a13:d046:fffe::/48 maxlen: 48
2a13:d046:ffff::/48 maxlen: 48
2a13:d047::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:57:58:2c:c9:ef:53:b7:ba:21:c8:f8:64:87:5f:11:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Validity
Not Before: May 24 00:17:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5d136fa0aadea8475912125b3a7a3ee41a8f1841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:76:b4:d3:7a:9f:1d:62:8e:c7:1a:6f:4f:7d:
1c:1a:20:0b:55:0a:ec:48:f3:f4:d8:1c:d8:7b:45:
e6:b0:71:35:a4:3b:64:d2:be:a0:fb:cd:62:4a:e4:
b6:88:2a:77:98:49:c6:2b:27:86:dc:9f:99:98:ad:
d4:ff:e0:68:8d:66:ff:17:8f:1f:f5:02:1e:82:95:
f5:8c:27:ce:be:95:d4:4c:7c:b5:42:05:ef:34:5b:
82:50:b2:cc:86:4d:37:f8:7d:9c:ed:d0:84:4b:62:
b8:c2:56:10:eb:2e:75:ba:88:a1:cc:6b:38:c1:89:
f1:da:64:e4:47:66:85:b7:b5:a4:df:f5:76:6d:ee:
b6:58:8b:f8:26:b0:a6:64:26:c6:b0:07:92:ab:60:
b4:99:3a:9e:de:02:82:f0:1b:99:4c:ad:e6:9b:c8:
b2:5a:59:d5:08:91:e8:a8:84:65:95:41:a8:dc:4d:
fe:99:66:0b:6f:54:91:0f:99:e0:69:4a:d9:40:86:
f4:34:f6:ec:36:fb:a9:b9:04:26:63:dc:30:eb:ac:
2d:5d:36:9a:80:34:af:98:c0:6d:d8:28:70:a2:49:
fe:b2:6d:bf:41:e5:a2:b3:63:26:de:f8:01:ad:25:
c3:b3:aa:ad:8c:57:5c:2b:ce:40:56:ff:54:97:6e:
51:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:13:6F:A0:AA:DE:A8:47:59:12:12:5B:3A:7A:3E:E4:1A:8F:18:41
X509v3 Authority Key Identifier:
keyid:6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/XRNvoKreqEdZEhJbOno-5BqPGEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d040::/48
2a13:d040:2::/47
2a13:d040:5::-2a13:d040:7:ffff:ffff:ffff:ffff:ffff
2a13:d046:fffc::-2a13:d047:0:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b5:9c:4b:04:90:89:4f:fa:61:c3:37:fe:9c:8e:0c:b3:41:1b:
2d:9f:83:38:cf:fe:e2:fa:35:99:94:74:44:c7:fa:8d:a6:c8:
b2:c3:b6:2e:58:b8:d3:4e:66:f8:f1:fa:8e:a1:d3:cb:d7:ea:
55:bf:d2:a0:a7:d4:1f:68:0d:2d:0d:8c:06:18:32:75:03:68:
50:a7:a5:f2:34:76:32:08:54:bb:3d:71:fa:e2:b4:d3:7a:82:
80:cd:4d:da:55:0b:d0:95:2d:67:80:96:56:0d:ae:fa:20:cc:
1a:9b:7a:5a:bd:20:95:6f:1e:b3:0c:ad:0c:63:7e:5d:9f:60:
5b:3e:95:49:ed:a4:4b:93:fc:17:3f:19:47:66:ab:2c:07:87:
19:6e:88:be:09:bf:b4:7f:b3:a9:c2:67:1d:b3:35:51:a0:62:
2f:f2:05:bd:fa:3b:36:42:82:42:8e:20:55:42:e1:7a:22:da:
ea:f8:41:3a:a2:90:6a:60:ef:55:41:2b:eb:d6:37:33:24:42:
01:71:43:ed:a4:cf:3c:f2:dd:31:55:09:53:2f:02:8d:89:f4:
a2:b1:a8:07:08:d2:5f:92:43:9b:20:68:13:fb:8f:ba:b7:ce:
85:61:68:bc:c5:f0:18:08:e0:9d:9c:f2:e2:85:6d:e9:f1:3a:
68:03:13:44
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZ5XWCzJ71O3uiHI+GSHXxGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYThmYTc1YzUwMjBjZDYyMThjZjdmMTA5ZGU0MjAyNjUy
MDRiYWMwHhcNMjYwNTI0MDAxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDEzNmZhMGFhZGVhODQ3NTkxMjEyNWIzYTdhM2VlNDFhOGYxODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHa003qfHWKOxxpvT30cGiALVQrs
SPP02BzYe0XmsHE1pDtk0r6g+81iSuS2iCp3mEnGKyeG3J+ZmK3U/+BojWb/F48f
9QIegpX1jCfOvpXUTHy1QgXvNFuCULLMhk03+H2c7dCES2K4wlYQ6y51uoihzGs4
wYnx2mTkR2aFt7Wk3/V2be62WIv4JrCmZCbGsAeSq2C0mTqe3gKC8BuZTK3mm8iy
WlnVCJHoqIRllUGo3E3+mWYLb1SRD5ngaUrZQIb0NPbsNvupuQQmY9ww66wtXTaa
gDSvmMBt2Chwokn+sm2/QeWis2Mm3vgBrSXDs6qtjFdcK85AVv9Ul25RAQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFF0Tb6Cq3qhHWRISWzp6PuQajxhBMB8GA1UdIwQY
MBaAFGqo+nXFAgzWIYz38QneQgJlIEusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAt
MzVjNjNmYTc2NWEyLzEvWFJOdm9LcmVxRWRaRWhKYk9uby01QnFQR0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAtMzVjNjNmYTc2NWEy
LzEvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAAjA6AwcAKhPQQAAA
AwcBKhPQQAACMBIDBwAqE9BAAAUDBwMqE9BAAAAwEgMHAioT0Eb//AMHACoT0EcA
ADANBgkqhkiG9w0BAQsFAAOCAQEAtZxLBJCJT/phwzf+nI4Ms0EbLZ+DOM/+4vo1
mZR0RMf6jabIssO2Lli4005m+PH6jqHTy9fqVb/SoKfUH2gNLQ2MBhgydQNoUKel
8jR2MghUuz1x+uK003qCgM1N2lUL0JUtZ4CWVg2u+iDMGpt6Wr0glW8eswytDGN+
XZ9gWz6VSe2kS5P8Fz8ZR2arLAeHGW6Ivgm/tH+zqcJnHbM1UaBiL/IFvfo7NkKC
Qo4gVULheiLa6vhBOqKQamDvVUEr69Y3MyRCAXFD7aTPPPLdMVUJUy8CjYn0orGo
BwjSX5JDmyBoE/uPurfOhWFovMXwGAjgnZzy4oVt6fE6aAMTRA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:49:49 2026 by rpki-client