Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/mK6FSz1LBJ8gP-L3yCIDZ271yDA.roa
File: mK6FSz1LBJ8gP-L3yCIDZ271yDA.roa (raw, json)
Hash identifier: iiKIqIz/UCq0D1XCQJMDwVxjBwhPvY5NPzlcS5/RbjY=
Subject key identifier: 98:AE:85:4B:3D:4B:04:9F:20:3F:E2:F7:C8:22:03:67:6E:F5:C8:30
Certificate issuer: /CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Certificate serial: 019E980D5767E906DC90809E8507B9DC4CE6
Authority key identifier: 59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/mK6FSz1LBJ8gP-L3yCIDZ271yDA.roa
Signing time: Fri 05 Jun 2026 13:51:11 +0000
ROA not before: Fri 05 Jun 2026 13:51:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 212.11.0.0/24 maxlen: 24
212.11.6.0/24 maxlen: 24
212.11.9.0/24 maxlen: 24
212.11.10.0/24 maxlen: 24
212.11.13.0/24 maxlen: 24
212.11.48.0/24 maxlen: 24
212.11.49.0/24 maxlen: 24
212.11.52.0/24 maxlen: 24
212.180.108.0/24 maxlen: 24
212.180.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.mft
rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:98:0d:57:67:e9:06:dc:90:80:9e:85:07:b9:dc:4c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Validity
Not Before: Jun 5 13:51:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=98ae854b3d4b049f203fe2f7c82203676ef5c830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ab:f0:87:63:23:16:69:7c:2a:1a:4c:93:0b:
de:d4:f0:db:bc:23:30:c4:55:50:81:53:63:76:f8:
e8:7d:ad:42:be:da:e6:e3:6e:4a:ad:c6:18:44:8d:
4f:30:6b:91:79:3e:1a:95:82:c9:2a:b4:ea:99:3b:
4b:93:9a:2f:24:6b:46:06:17:ec:33:dc:c4:2d:07:
49:10:c6:e0:95:95:a9:c9:31:b1:ef:20:e8:43:4b:
ce:7d:a1:56:5c:8a:d3:da:33:b5:ed:4d:18:0f:2a:
fb:73:54:7c:d1:87:eb:cb:7a:71:54:4f:21:4a:36:
5b:02:4a:26:77:e9:2c:87:0a:3d:c5:e2:66:d3:2a:
97:ac:87:e6:67:5f:44:e0:0b:f4:44:ec:cb:9c:4a:
b0:09:a0:89:33:45:58:42:60:cb:95:75:0c:bd:32:
6b:29:a3:3a:ac:8d:14:26:e4:5c:e7:6b:e4:8b:98:
ca:42:92:ce:8c:2c:b6:af:aa:da:48:02:04:2d:49:
a2:85:42:d1:22:f4:cf:bf:59:d0:b2:6f:bb:06:0d:
cb:bd:1f:fc:6b:37:66:88:25:f3:2f:5d:69:75:1b:
c1:46:43:74:e6:4c:d3:77:59:12:dc:e7:da:16:96:
7f:c4:10:90:78:9e:7a:ba:d4:48:43:94:a5:f5:b5:
0b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AE:85:4B:3D:4B:04:9F:20:3F:E2:F7:C8:22:03:67:6E:F5:C8:30
X509v3 Authority Key Identifier:
keyid:59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/mK6FSz1LBJ8gP-L3yCIDZ271yDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.11.0.0/24
212.11.6.0/24
212.11.9.0-212.11.10.255
212.11.13.0/24
212.11.48.0/23
212.11.52.0/24
212.180.108.0/24
212.180.127.0/24
Signature Algorithm: sha256WithRSAEncryption
98:68:20:19:5f:f0:82:59:73:61:ce:54:02:4f:fa:55:4e:87:
69:72:17:c8:05:de:c3:5d:49:24:3f:5e:cd:0b:c5:f0:c8:3c:
69:04:99:2d:a8:14:f1:33:15:5d:bc:c2:cb:d7:bc:ee:1b:ac:
34:31:e3:83:0c:e8:e2:d8:d1:f8:b9:67:19:6b:c6:e7:df:cd:
41:79:f5:13:b5:96:2c:7b:b7:ba:43:f1:aa:21:d8:9e:e0:43:
6e:91:8d:30:84:ed:99:0e:43:78:9a:70:5b:3a:49:2f:0e:81:
57:9e:11:52:7c:34:12:b8:d4:d3:b3:23:e7:31:a6:ac:2f:47:
96:59:aa:25:1b:8d:57:1d:a7:75:3f:00:b4:f1:8f:75:f1:7d:
21:1d:3e:8d:f7:4f:e1:eb:df:34:4c:d6:35:0f:a2:c4:71:24:
a3:7b:e4:5b:b3:75:5c:e9:94:23:a5:e4:05:b6:0f:90:9d:fe:
6f:79:97:d7:81:84:04:f8:c4:e8:d7:a4:00:3f:1e:f9:39:bd:
bb:f2:d6:db:af:ba:f5:74:11:8e:7f:69:cf:58:a6:87:3e:31:
c0:11:59:00:19:5a:cb:d6:9d:ab:a9:99:1d:93:f3:a0:14:57:
72:f7:c3:23:e3:4c:24:83:4b:d1:df:5c:4b:e2:6a:dd:e5:3f:
a1:6f:e6:57
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ6YDVdn6QbckICehQe53EzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NTRiNjE4M2U0NTk3NDhjODllZTU0MzFiOGYzMWRlNjky
YWUzYjcwHhcNMjYwNjA1MTM1MTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGFlODU0YjNkNGIwNDlmMjAzZmUyZjdjODIyMDM2NzZlZjVjODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36vwh2MjFml8KhpMkwve1PDbvCMw
xFVQgVNjdvjofa1Cvtrm425KrcYYRI1PMGuReT4alYLJKrTqmTtLk5ovJGtGBhfs
M9zELQdJEMbglZWpyTGx7yDoQ0vOfaFWXIrT2jO17U0YDyr7c1R80Yfry3pxVE8h
SjZbAkomd+kshwo9xeJm0yqXrIfmZ19E4Av0ROzLnEqwCaCJM0VYQmDLlXUMvTJr
KaM6rI0UJuRc52vki5jKQpLOjCy2r6raSAIELUmihULRIvTPv1nQsm+7Bg3LvR/8
azdmiCXzL11pdRvBRkN05kzTd1kS3OfaFpZ/xBCQeJ56utRIQ5Sl9bULMQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJiuhUs9SwSfID/i98giA2du9cgwMB8GA1UdIwQY
MBaAFFlUthg+RZdIyJ7lQxuPMd5pKuO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMt
ZDJhZGVlZDc1NWQ4LzEvbUs2RlN6MUxCSjhnUC1MM3lDSURaMjcxeURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMtZDJhZGVlZDc1NWQ4
LzEvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQA1AsAAwQA
1AsGMAwDBADUCwkDBADUCwoDBADUCw0DBAHUCzADBADUCzQDBADUtGwDBADUtH8w
DQYJKoZIhvcNAQELBQADggEBAJhoIBlf8IJZc2HOVAJP+lVOh2lyF8gF3sNdSSQ/
Xs0LxfDIPGkEmS2oFPEzFV28wsvXvO4brDQx44MM6OLY0fi5ZxlrxuffzUF59RO1
lix7t7pD8aoh2J7gQ26RjTCE7ZkOQ3iacFs6SS8OgVeeEVJ8NBK41NOzI+cxpqwv
R5ZZqiUbjVcdp3U/ALTxj3XxfSEdPo33T+Hr3zRM1jUPosRxJKN75FuzdVzplCOl
5AW2D5Cd/m95l9eBhAT4xOjXpAA/Hvk5vbvy1tuvuvV0EY5/ac9Ypoc+McARWQAZ
WsvWnaupmR2T86AUV3L3wyPjTCSDS9HfXEviat3lP6Fv5lc=
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:35:18 2026 by rpki-client