Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/r_ZJyy1H5Ytar0NlqRrjDEm17lM.roa
File: r_ZJyy1H5Ytar0NlqRrjDEm17lM.roa (raw, json)
Hash identifier: +sYf7FlHcDL4+/H52w762XwNy7Z8plqNAAGvu5Wp3Es=
Subject key identifier: AF:F6:49:CB:2D:47:E5:8B:5A:AF:43:65:A9:1A:E3:0C:49:B5:EE:53
Certificate issuer: /CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Certificate serial: 019E57582D3BA977D60D5299ECEC05ECE79C
Authority key identifier: 6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/r_ZJyy1H5Ytar0NlqRrjDEm17lM.roa
Signing time: Sun 24 May 2026 00:17:36 +0000
ROA not before: Sun 24 May 2026 00:17:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215913
IP address blocks: 2a13:d040:2::/48 maxlen: 48
2a13:d040:3::/48 maxlen: 48
2a13:d040:4::/48 maxlen: 48
2a13:d046:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 13:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:57:58:2d:3b:a9:77:d6:0d:52:99:ec:ec:05:ec:e7:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Validity
Not Before: May 24 00:17:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aff649cb2d47e58b5aaf4365a91ae30c49b5ee53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ac:78:fa:32:b0:10:dc:0a:6c:d5:9f:b3:21:
16:e6:cb:21:3e:17:62:a4:e9:59:86:db:4f:6d:cf:
b0:ef:62:10:14:9e:5b:e3:f3:74:1c:62:73:b6:48:
20:9a:5e:6b:53:c1:82:c1:6d:0f:9a:6a:8c:02:dc:
27:e1:ea:4c:5b:b6:99:ea:23:64:53:70:e7:11:b9:
ca:14:f8:98:09:f0:22:42:b0:9e:6b:65:c1:57:06:
b2:26:eb:68:2a:82:99:18:04:ad:0c:56:d0:4a:78:
27:62:d9:1e:f4:d1:12:bd:42:e8:b8:b3:18:34:6a:
fb:d4:72:8f:86:67:33:0c:f5:65:b6:0f:60:65:b9:
44:83:94:43:8b:34:94:f5:21:af:d9:58:76:4f:28:
ac:90:7b:d8:0f:dd:2f:da:a6:5d:59:ee:2c:e1:b0:
7c:59:a2:b5:a3:82:12:6e:27:40:62:c5:11:d9:4d:
5c:31:5e:27:d2:65:4f:90:94:34:c6:39:68:64:86:
54:11:f3:c2:0b:04:51:d5:f0:35:67:e4:d2:8e:64:
7b:29:ab:0a:c6:95:0e:2a:82:41:c6:e9:e2:9d:aa:
c9:ed:1c:23:0c:81:7e:3d:3c:5a:60:a1:85:a1:4a:
ee:6d:ee:2b:36:6a:6b:01:c7:a0:7b:58:0a:53:6b:
e1:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:F6:49:CB:2D:47:E5:8B:5A:AF:43:65:A9:1A:E3:0C:49:B5:EE:53
X509v3 Authority Key Identifier:
keyid:6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/r_ZJyy1H5Ytar0NlqRrjDEm17lM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d040:2::-2a13:d040:4:ffff:ffff:ffff:ffff:ffff
2a13:d046:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
0e:9e:cd:0c:89:06:38:0a:ae:b1:a8:3c:27:12:16:cc:67:b3:
6c:b2:8c:48:3f:b0:30:85:61:7c:c9:93:9b:0b:46:5e:16:68:
2e:df:47:c0:a4:fd:78:44:c4:2d:49:af:ac:c8:53:90:d3:e9:
c8:5a:1c:03:e1:32:06:96:20:f4:1d:9d:43:9a:de:11:0f:c4:
87:c5:83:4a:26:6c:1b:28:df:ea:d1:cb:1a:ba:17:c3:df:97:
20:87:dc:58:d9:93:b1:a1:de:9b:51:7b:e1:13:f3:07:3c:40:
7e:70:10:66:06:3c:59:45:77:81:4d:37:7d:15:9c:b6:6a:e8:
d8:68:09:ca:8d:52:6e:d2:2f:bf:53:17:c3:f5:2f:4e:06:9c:
e2:e6:cc:2b:12:4d:d4:7a:d7:ed:e1:51:49:12:fe:ce:e8:78:
79:de:b7:fa:75:e7:5d:f1:43:94:38:31:2b:9b:7a:ed:e0:a7:
d7:d4:92:e1:82:7b:91:64:ba:34:db:88:a9:30:05:b4:1d:19:
ed:94:e0:8f:2d:8c:0d:bc:dd:da:ad:35:7f:59:fc:65:50:7a:
ac:56:2d:27:94:b0:85:19:5e:ef:a7:fa:ae:3d:d3:88:9c:27:
a9:48:f3:af:0d:d7:bc:d2:a6:6c:56:16:b5:7a:6a:af:3f:08:
98:50:c2:7c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ5XWC07qXfWDVKZ7OwF7OecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYThmYTc1YzUwMjBjZDYyMThjZjdmMTA5ZGU0MjAyNjUy
MDRiYWMwHhcNMjYwNTI0MDAxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmY2NDljYjJkNDdlNThiNWFhZjQzNjVhOTFhZTMwYzQ5YjVlZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKx4+jKwENwKbNWfsyEW5sshPhdi
pOlZhttPbc+w72IQFJ5b4/N0HGJztkggml5rU8GCwW0PmmqMAtwn4epMW7aZ6iNk
U3DnEbnKFPiYCfAiQrCea2XBVwayJutoKoKZGAStDFbQSngnYtke9NESvULouLMY
NGr71HKPhmczDPVltg9gZblEg5RDizSU9SGv2Vh2TyiskHvYD90v2qZdWe4s4bB8
WaK1o4ISbidAYsUR2U1cMV4n0mVPkJQ0xjloZIZUEfPCCwRR1fA1Z+TSjmR7KasK
xpUOKoJBxuninarJ7RwjDIF+PTxaYKGFoUrube4rNmprAcege1gKU2vhUQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFK/2ScstR+WLWq9DZaka4wxJte5TMB8GA1UdIwQY
MBaAFGqo+nXFAgzWIYz38QneQgJlIEusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAt
MzVjNjNmYTc2NWEyLzEvcl9aSnl5MUg1WXRhcjBObHFScmpERW0xN2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAtMzVjNjNmYTc2NWEy
LzEvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwEqE9BA
AAIDBwAqE9BAAAQDBwAqE9BG//8wDQYJKoZIhvcNAQELBQADggEBAA6ezQyJBjgK
rrGoPCcSFsxns2yyjEg/sDCFYXzJk5sLRl4WaC7fR8Ck/XhExC1Jr6zIU5DT6cha
HAPhMgaWIPQdnUOa3hEPxIfFg0ombBso3+rRyxq6F8PflyCH3FjZk7Gh3ptRe+ET
8wc8QH5wEGYGPFlFd4FNN30VnLZq6NhoCcqNUm7SL79TF8P1L04GnOLmzCsSTdR6
1+3hUUkS/s7oeHnet/p1513xQ5Q4MSubeu3gp9fUkuGCe5FkujTbiKkwBbQdGe2U
4I8tjA283dqtNX9Z/GVQeqxWLSeUsIUZXu+n+q4904icJ6lI868N17zSpmxWFrV6
aq8/CJhQwnw=
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:27:02 2026 by rpki-client