Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/IW8yoUBTYaNokkkGmEhsvDZwLRI.roa
File: IW8yoUBTYaNokkkGmEhsvDZwLRI.roa (raw, json)
Hash identifier: ZGKlYwDwqTNMoF33mE5TQWFI/MT+otjFdW6rp27pTOs=
Subject key identifier: 21:6F:32:A1:40:53:61:A3:68:92:49:06:98:48:6C:BC:36:70:2D:12
Certificate issuer: /CN=9e6d1dc6caa41d3beffe8d1da2671a50e7f79a30
Certificate serial: 019E73E10403E604D61E4F5F1253B70E9CF3
Authority key identifier: 9E:6D:1D:C6:CA:A4:1D:3B:EF:FE:8D:1D:A2:67:1A:50:E7:F7:9A:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nm0dxsqkHTvv_o0domcaUOf3mjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/IW8yoUBTYaNokkkGmEhsvDZwLRI.roa
Signing time: Fri 29 May 2026 13:16:26 +0000
ROA not before: Fri 29 May 2026 13:16:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34854
IP address blocks: 2.56.11.0/24 maxlen: 24
2a07:22c0::/48 maxlen: 48
2a0c:6500:1::/48 maxlen: 48
2a0c:6500:3::/48 maxlen: 48
2a0c:6500:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/nm0dxsqkHTvv_o0domcaUOf3mjA.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/nm0dxsqkHTvv_o0domcaUOf3mjA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nm0dxsqkHTvv_o0domcaUOf3mjA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:73:e1:04:03:e6:04:d6:1e:4f:5f:12:53:b7:0e:9c:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e6d1dc6caa41d3beffe8d1da2671a50e7f79a30
Validity
Not Before: May 29 13:16:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=216f32a1405361a36892490698486cbc36702d12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f9:56:aa:56:e3:3e:60:e0:de:1f:6b:72:47:
f5:b1:ff:f0:4e:32:eb:9f:e3:2d:2d:2b:12:bb:7a:
70:ce:8a:42:40:32:32:ee:6e:e3:51:52:b3:05:a1:
3d:5e:6f:fa:bc:2c:8e:d5:e6:a1:42:64:44:e3:c8:
cc:66:9d:df:8c:b7:ed:4f:51:64:72:e2:e7:b4:92:
97:5a:9f:89:19:03:bb:60:73:9b:07:2d:c5:53:e7:
7d:ce:1d:83:dc:a1:22:a9:b5:69:ce:5d:40:82:8e:
ad:4c:47:a8:9c:a6:9d:14:38:91:ff:e4:34:fe:ee:
ea:54:d8:33:cf:00:aa:d8:7c:eb:95:f0:2f:1a:73:
e6:6a:9d:20:77:7f:35:30:7f:ba:03:99:bb:4c:70:
4b:aa:d9:c1:4a:fd:c1:7e:ff:e4:82:b7:bd:d9:8f:
1b:8f:96:24:50:1a:dc:02:11:e2:8a:9a:c7:71:22:
67:3b:c2:1e:f3:25:eb:7d:df:b2:67:65:6a:10:26:
2b:c5:7d:0e:5c:28:fa:22:c2:22:de:30:16:5f:2b:
fa:d4:1c:72:70:c0:38:bb:8d:7c:06:7f:45:54:8c:
4b:1c:e6:4c:d1:ba:46:ed:71:29:64:6f:5d:7c:2b:
ba:96:6c:16:f0:51:7a:42:75:8c:dc:d3:be:3c:79:
0c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:6F:32:A1:40:53:61:A3:68:92:49:06:98:48:6C:BC:36:70:2D:12
X509v3 Authority Key Identifier:
keyid:9E:6D:1D:C6:CA:A4:1D:3B:EF:FE:8D:1D:A2:67:1A:50:E7:F7:9A:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nm0dxsqkHTvv_o0domcaUOf3mjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/IW8yoUBTYaNokkkGmEhsvDZwLRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/nm0dxsqkHTvv_o0domcaUOf3mjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.11.0/24
IPv6:
2a07:22c0::/48
2a0c:6500:1::/48
2a0c:6500:3::/48
2a0c:6500:100::/40
Signature Algorithm: sha256WithRSAEncryption
1e:af:83:83:a0:a1:d0:b3:e1:9c:31:5a:1b:ed:8a:79:c0:a3:
b2:27:57:4c:0d:70:1b:54:aa:ab:34:e4:c2:4c:78:70:f9:8c:
f9:e5:1a:4b:4e:de:e3:76:f6:d0:96:6d:13:0b:54:f5:18:f2:
04:89:12:7c:d0:02:4d:6d:86:80:a4:5b:6b:f7:de:a8:19:9f:
15:5d:73:6a:ad:5d:4e:16:c9:d9:40:ae:97:18:96:b3:52:b7:
d1:ec:39:9c:52:92:4c:84:72:65:a3:44:9a:7d:8a:69:d0:42:
67:1a:5d:69:70:a5:de:d7:dd:e3:47:ab:ff:b2:c0:ea:25:7c:
c8:70:a9:27:57:8b:40:dd:45:06:18:0c:91:3b:f1:ff:49:5a:
f3:f4:ef:08:ce:41:0f:45:0a:8e:af:da:62:ee:00:c9:9d:d9:
bb:1d:09:f3:10:24:61:51:97:a3:00:b8:e1:bb:6e:2e:f7:17:
f8:4d:c1:a9:8b:15:b7:b7:7f:87:2f:04:4e:5e:0d:d6:71:a4:
3e:73:58:dd:aa:ed:e1:e4:45:53:37:d4:6a:44:15:34:a0:26:
3f:f0:fc:3a:14:27:24:d1:6c:f8:61:4d:e3:fc:aa:5f:3f:f7:
13:39:9c:51:5b:15:cd:dc:1a:60:ae:3c:2e:d7:32:fb:58:ad:
2c:4c:01:3d
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZ5z4QQD5gTWHk9fElO3DpzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNmQxZGM2Y2FhNDFkM2JlZmZlOGQxZGEyNjcxYTUwZTdm
NzlhMzAwHhcNMjYwNTI5MTMxNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTZmMzJhMTQwNTM2MWEzNjg5MjQ5MDY5ODQ4NmNiYzM2NzAyZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vlWqlbjPmDg3h9rckf1sf/wTjLr
n+MtLSsSu3pwzopCQDIy7m7jUVKzBaE9Xm/6vCyO1eahQmRE48jMZp3fjLftT1Fk
cuLntJKXWp+JGQO7YHObBy3FU+d9zh2D3KEiqbVpzl1Ago6tTEeonKadFDiR/+Q0
/u7qVNgzzwCq2HzrlfAvGnPmap0gd381MH+6A5m7THBLqtnBSv3Bfv/kgre92Y8b
j5YkUBrcAhHiiprHcSJnO8Ie8yXrfd+yZ2VqECYrxX0OXCj6IsIi3jAWXyv61Bxy
cMA4u418Bn9FVIxLHOZM0bpG7XEpZG9dfCu6lmwW8FF6QnWM3NO+PHkM6wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFCFvMqFAU2GjaJJJBphIbLw2cC0SMB8GA1UdIwQY
MBaAFJ5tHcbKpB077/6NHaJnGlDn95owMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm0wZHhzcWtIVHZ2X28wZG9tY2FVT2YzbWpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xNDkxZjktZGM3Ni00Nzc3LWI1YmUt
ODNmOWE4ZDFkNGQ2LzEvSVc4eW9VQlRZYU5va2trR21FaHN2RFp3TFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xNDkxZjktZGM3Ni00Nzc3LWI1YmUtODNmOWE4ZDFkNGQ2
LzEvbm0wZHhzcWtIVHZ2X28wZG9tY2FVT2YzbWpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAMBAIAATAGAwQAAjgLMCkE
AgACMCMDBwAqByLAAAADBwAqDGUAAAEDBwAqDGUAAAMDBgAqDGUAATANBgkqhkiG
9w0BAQsFAAOCAQEAHq+Dg6Ch0LPhnDFaG+2KecCjsidXTA1wG1SqqzTkwkx4cPmM
+eUaS07e43b20JZtEwtU9RjyBIkSfNACTW2GgKRba/feqBmfFV1zaq1dThbJ2UCu
lxiWs1K30ew5nFKSTIRyZaNEmn2KadBCZxpdaXCl3tfd40er/7LA6iV8yHCpJ1eL
QN1FBhgMkTvx/0la8/TvCM5BD0UKjq/aYu4AyZ3Zux0J8xAkYVGXowC44btuLvcX
+E3BqYsVt7d/hy8ETl4N1nGkPnNY3art4eRFUzfUakQVNKAmP/D8OhQnJNFs+GFN
4/yqXz/3EzmcUVsVzdwaYK48Ltcy+1itLEwBPQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:55:39 2026 by rpki-client