Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/cMhJe9vMQdQscfbNYoY-RkxcY2s.roa
File: cMhJe9vMQdQscfbNYoY-RkxcY2s.roa (raw, json)
Hash identifier: 93wi+LrRWDjLqjvMhMNKSnr4mEg4br0bsv0cTgfuNiY=
Subject key identifier: 70:C8:49:7B:DB:CC:41:D4:2C:71:F6:CD:62:86:3E:46:4C:5C:63:6B
Certificate issuer: /CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Certificate serial: 019E57582C034E438BEDAC098ACEC668EE6F
Authority key identifier: 6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/cMhJe9vMQdQscfbNYoY-RkxcY2s.roa
Signing time: Sun 24 May 2026 00:17:36 +0000
ROA not before: Sun 24 May 2026 00:17:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 2a13:d040:1::/48 maxlen: 48
2a13:d040:2::/48 maxlen: 48
2a13:d040:3::/48 maxlen: 48
2a13:d040:10::/48 maxlen: 48
2a13:d040:11::/48 maxlen: 48
2a13:d040:12::/48 maxlen: 48
2a13:d040:13::/48 maxlen: 48
2a13:d040:14::/48 maxlen: 48
2a13:d040:15::/48 maxlen: 48
2a13:d040:16::/48 maxlen: 48
2a13:d040:17::/48 maxlen: 48
2a13:d040:18::/48 maxlen: 48
2a13:d040:19::/48 maxlen: 48
2a13:d040:1a::/48 maxlen: 48
2a13:d040:1b::/48 maxlen: 48
2a13:d040:1c::/48 maxlen: 48
2a13:d040:1d::/48 maxlen: 48
2a13:d040:1e::/48 maxlen: 48
2a13:d040:1f::/48 maxlen: 48
2a13:d040:20::/48 maxlen: 48
2a13:d040:21::/48 maxlen: 48
2a13:d040:22::/48 maxlen: 48
2a13:d040:23::/48 maxlen: 48
2a13:d040:24::/48 maxlen: 48
2a13:d040:25::/48 maxlen: 48
2a13:d040:26::/48 maxlen: 48
2a13:d040:27::/48 maxlen: 48
2a13:d040:28::/48 maxlen: 48
2a13:d040:29::/48 maxlen: 48
2a13:d040:2a::/48 maxlen: 48
2a13:d040:2b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:57:58:2c:03:4e:43:8b:ed:ac:09:8a:ce:c6:68:ee:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Validity
Not Before: May 24 00:17:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=70c8497bdbcc41d42c71f6cd62863e464c5c636b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:48:d3:03:9c:56:d6:a0:cb:42:f0:d5:2a:ab:
1a:75:81:a4:c5:3c:9b:5e:b3:39:b7:62:eb:d9:af:
97:55:94:b8:b5:ce:a7:a2:be:48:0e:51:5e:db:01:
2b:c7:95:3b:1e:4f:32:b0:9d:9a:ea:57:38:24:cf:
c6:55:8c:b0:f4:1a:ff:b7:31:6f:2e:73:ce:b2:39:
13:6d:94:b6:c8:6f:fb:2a:3c:60:e6:de:61:78:e3:
13:ce:95:99:b4:68:e6:e7:0c:b9:42:fb:75:bd:7b:
c2:06:43:23:44:55:9d:0f:6c:e9:1e:57:01:92:02:
65:af:8a:0d:0a:c9:7b:f9:c2:92:d6:01:3f:e4:20:
a9:e9:93:99:e5:f5:dd:cf:a9:95:7a:4e:2c:d5:30:
27:40:cb:ea:e0:f5:02:fb:48:ec:d9:d7:84:cd:4a:
fd:85:a7:7d:8b:07:9e:77:2d:df:8c:c9:66:81:0b:
2a:57:a0:9d:a2:be:6f:17:c0:43:6e:ee:0c:ec:1a:
1a:09:f9:01:e6:58:e7:17:27:9a:02:2f:1e:e9:53:
a5:98:98:80:8d:32:9f:d2:90:7c:69:7c:b6:df:c6:
37:b4:fc:44:19:73:94:aa:2e:1e:8d:71:47:98:f1:
28:0e:bf:32:cb:6a:18:e9:47:c7:7b:1d:c4:f7:b3:
b6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C8:49:7B:DB:CC:41:D4:2C:71:F6:CD:62:86:3E:46:4C:5C:63:6B
X509v3 Authority Key Identifier:
keyid:6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/cMhJe9vMQdQscfbNYoY-RkxcY2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d040:1::-2a13:d040:3:ffff:ffff:ffff:ffff:ffff
2a13:d040:10::-2a13:d040:2b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
25:67:cb:40:89:3d:98:b9:99:65:4a:b0:4d:ad:db:0c:42:47:
1f:48:1a:69:44:4f:2b:19:99:74:62:a6:5b:73:5b:b4:29:2c:
46:ff:3c:61:43:db:d3:ec:33:2b:a1:61:ad:e0:d3:1d:60:c2:
66:8f:ab:91:59:17:07:41:e4:1a:ce:bb:8d:aa:87:3b:a8:e6:
83:1b:bb:e4:3b:61:f3:a8:5a:17:0f:44:14:88:be:bb:21:c9:
2e:4b:d2:35:2a:79:a2:3c:e0:cb:f8:1e:6b:cf:a7:27:b4:6e:
91:2a:6e:66:b1:ce:88:b4:68:fb:92:00:9f:0a:03:f5:58:11:
f1:b8:7e:53:21:10:b9:b2:7d:94:a5:b3:6c:6c:be:d0:05:91:
3a:76:d5:06:d2:43:3c:b8:7c:b4:de:75:b6:28:0b:2f:af:8f:
71:12:4a:9c:9b:81:73:b0:61:91:5a:59:f7:ae:e3:05:c1:b2:
9d:b7:7e:e4:fc:7b:48:3f:97:9b:1a:84:4a:33:ec:e3:98:bb:
f6:8e:07:9c:c9:24:a9:e7:ad:d0:ce:d6:7c:8a:d3:18:a1:87:
7d:2e:62:2f:cd:54:9f:8f:88:e0:da:77:15:f0:46:e8:eb:46:
b6:1a:5e:f9:5c:3d:cc:7e:b8:a3:4a:ca:f8:c8:42:06:d5:53:
6d:d7:ad:4a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZ5XWCwDTkOL7awJis7GaO5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYThmYTc1YzUwMjBjZDYyMThjZjdmMTA5ZGU0MjAyNjUy
MDRiYWMwHhcNMjYwNTI0MDAxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGM4NDk3YmRiY2M0MWQ0MmM3MWY2Y2Q2Mjg2M2U0NjRjNWM2MzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0jTA5xW1qDLQvDVKqsadYGkxTyb
XrM5t2Lr2a+XVZS4tc6nor5IDlFe2wErx5U7Hk8ysJ2a6lc4JM/GVYyw9Br/tzFv
LnPOsjkTbZS2yG/7Kjxg5t5heOMTzpWZtGjm5wy5Qvt1vXvCBkMjRFWdD2zpHlcB
kgJlr4oNCsl7+cKS1gE/5CCp6ZOZ5fXdz6mVek4s1TAnQMvq4PUC+0js2deEzUr9
had9iweedy3fjMlmgQsqV6Cdor5vF8BDbu4M7BoaCfkB5ljnFyeaAi8e6VOlmJiA
jTKf0pB8aXy238Y3tPxEGXOUqi4ejXFHmPEoDr8yy2oY6UfHex3E97O2KQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHDISXvbzEHULHH2zWKGPkZMXGNrMB8GA1UdIwQY
MBaAFGqo+nXFAgzWIYz38QneQgJlIEusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAt
MzVjNjNmYTc2NWEyLzEvY01oSmU5dk1RZFFzY2ZiTllvWS1Sa3hjWTJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAtMzVjNjNmYTc2NWEy
LzEvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMBIDBwAqE9BA
AAEDBwIqE9BAAAAwEgMHBCoT0EAAEAMHAioT0EAAKDANBgkqhkiG9w0BAQsFAAOC
AQEAJWfLQIk9mLmZZUqwTa3bDEJHH0gaaURPKxmZdGKmW3NbtCksRv88YUPb0+wz
K6FhreDTHWDCZo+rkVkXB0HkGs67jaqHO6jmgxu75Dth86haFw9EFIi+uyHJLkvS
NSp5ojzgy/gea8+nJ7RukSpuZrHOiLRo+5IAnwoD9VgR8bh+UyEQubJ9lKWzbGy+
0AWROnbVBtJDPLh8tN51tigLL6+PcRJKnJuBc7BhkVpZ967jBcGynbd+5Px7SD+X
mxqESjPs45i79o4HnMkkqeet0M7WfIrTGKGHfS5iL81Un4+I4Np3FfBG6OtGthpe
+Vw9zH64o0rK+MhCBtVTbdetSg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:39:22 2026 by rpki-client