Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/b4P6uJV_tR2qUGlhC9Hs8qU1KGE.roa
File: b4P6uJV_tR2qUGlhC9Hs8qU1KGE.roa (raw, json)
Hash identifier: 7a7tARiHKyAffGP3ypjihG7k7EOkwFefwGd/57t0gnI=
Subject key identifier: 6F:83:FA:B8:95:7F:B5:1D:AA:50:69:61:0B:D1:EC:F2:A5:35:28:61
Certificate issuer: /CN=8a28ff310da7df8309cfab4dcf9a235842b60872
Certificate serial: 019E2A64F914134B570F47898017744AC733
Authority key identifier: 8A:28:FF:31:0D:A7:DF:83:09:CF:AB:4D:CF:9A:23:58:42:B6:08:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iij_MQ2n34MJz6tNz5ojWEK2CHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/b4P6uJV_tR2qUGlhC9Hs8qU1KGE.roa
Signing time: Fri 15 May 2026 06:48:40 +0000
ROA not before: Fri 15 May 2026 06:48:40 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214569
IP address blocks: 212.47.35.0/24 maxlen: 24
2a06:b700::/48 maxlen: 48
2a06:b700:1::/48 maxlen: 48
2a06:b700:2::/48 maxlen: 48
2a06:b700:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/iij_MQ2n34MJz6tNz5ojWEK2CHI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/iij_MQ2n34MJz6tNz5ojWEK2CHI.mft
rsync://rpki.ripe.net/repository/DEFAULT/iij_MQ2n34MJz6tNz5ojWEK2CHI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2a:64:f9:14:13:4b:57:0f:47:89:80:17:74:4a:c7:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a28ff310da7df8309cfab4dcf9a235842b60872
Validity
Not Before: May 15 06:48:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6f83fab8957fb51daa5069610bd1ecf2a5352861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8b:3f:eb:22:65:88:89:d7:95:1a:c8:3b:f3:
b2:01:58:68:b4:a8:44:c1:25:8b:e8:67:e0:84:40:
81:64:91:76:6e:15:c4:12:ed:0d:8e:6d:db:bf:d6:
48:56:d6:fb:fd:b0:5a:ef:ad:1e:30:d6:0d:7f:f6:
e2:f3:e9:ae:ce:fa:9e:a2:66:00:cc:7a:3d:8d:d5:
c6:6e:31:c2:08:64:00:c6:43:a9:5b:9a:21:1d:02:
ee:2e:93:f9:2c:b6:7e:bb:33:be:4b:a3:1f:89:fa:
a7:73:f5:98:3b:50:f3:31:bf:2e:f3:9a:34:b3:e1:
b5:4d:42:0a:42:ef:7d:b7:b8:2b:cb:9e:a7:b5:8f:
59:38:be:2a:db:61:9c:f5:6a:b4:f1:0a:c6:74:a2:
ca:e7:79:78:11:10:d2:b7:62:1d:ee:7b:b7:e7:a7:
c9:c9:c7:8e:cf:80:36:09:5a:bc:1f:8b:1e:0c:df:
c1:ba:bb:02:5a:b3:87:0f:9c:14:9a:47:6a:2b:7c:
47:47:ce:58:ef:ec:bc:72:e9:f7:7e:ee:9b:3e:cf:
d9:f0:11:d5:52:f9:9b:8d:7f:6f:4f:10:3a:ec:53:
a2:00:26:72:c8:4f:c7:66:96:ac:32:f6:0c:b1:46:
d2:06:62:db:7b:b3:9b:37:fa:ae:1c:44:01:66:8e:
3c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:83:FA:B8:95:7F:B5:1D:AA:50:69:61:0B:D1:EC:F2:A5:35:28:61
X509v3 Authority Key Identifier:
keyid:8A:28:FF:31:0D:A7:DF:83:09:CF:AB:4D:CF:9A:23:58:42:B6:08:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iij_MQ2n34MJz6tNz5ojWEK2CHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/b4P6uJV_tR2qUGlhC9Hs8qU1KGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/a5d286-8670-47e4-97b4-24cf8a61d7e8/1/iij_MQ2n34MJz6tNz5ojWEK2CHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.47.35.0/24
IPv6:
2a06:b700::-2a06:b700:2:ffff:ffff:ffff:ffff:ffff
2a06:b700:a::/48
Signature Algorithm: sha256WithRSAEncryption
76:d0:64:69:e2:d4:f0:52:57:7e:42:76:eb:4c:14:56:7f:2c:
c5:dc:2e:16:4a:2f:0f:e5:de:7f:ed:ff:ca:01:3b:36:4e:4a:
a1:28:6c:f1:18:c4:27:26:69:36:78:32:4c:03:5b:0e:53:03:
ad:96:1c:7c:64:82:15:c8:10:9b:dc:fc:a1:c2:b3:19:96:f8:
39:d7:0b:c4:a4:96:a0:71:90:0e:b3:4e:c9:d5:80:e9:ad:43:
e3:7c:2e:b1:00:e0:9d:cb:3c:5a:a0:43:f8:9c:93:3f:a4:5a:
98:18:49:c7:3a:c7:eb:f8:7f:2a:c0:75:5e:dd:04:4e:97:08:
fe:b2:83:d1:21:00:ab:b5:7c:73:b1:d7:4a:54:36:89:e7:e4:
1e:b3:37:77:01:9c:32:f2:2c:dc:b9:04:1e:5f:c0:c2:ae:c5:
88:b4:4f:7e:0d:6c:c5:d8:ad:07:d7:8a:92:c3:4a:5d:27:0e:
81:04:6f:aa:83:36:8c:2e:ee:f3:05:19:2c:90:ce:1b:c4:43:
c2:11:43:3c:39:e9:f2:f8:8a:af:91:88:99:90:f3:d7:f4:83:
06:51:91:4a:08:87:3f:fe:6a:ec:f2:11:30:9a:84:1f:42:95:
37:c9:a0:72:4c:68:aa:21:c5:ae:87:40:a4:16:e7:5c:31:15:
25:0d:fe:70
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZ4qZPkUE0tXD0eJgBd0SsczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMjhmZjMxMGRhN2RmODMwOWNmYWI0ZGNmOWEyMzU4NDJi
NjA4NzIwHhcNMjYwNTE1MDY0ODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjgzZmFiODk1N2ZiNTFkYWE1MDY5NjEwYmQxZWNmMmE1MzUyODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIs/6yJliInXlRrIO/OyAVhotKhE
wSWL6GfghECBZJF2bhXEEu0Njm3bv9ZIVtb7/bBa760eMNYNf/bi8+muzvqeomYA
zHo9jdXGbjHCCGQAxkOpW5ohHQLuLpP5LLZ+uzO+S6Mfifqnc/WYO1DzMb8u85o0
s+G1TUIKQu99t7gry56ntY9ZOL4q22Gc9Wq08QrGdKLK53l4ERDSt2Id7nu356fJ
yceOz4A2CVq8H4seDN/BursCWrOHD5wUmkdqK3xHR85Y7+y8cun3fu6bPs/Z8BHV
UvmbjX9vTxA67FOiACZyyE/HZpasMvYMsUbSBmLbe7ObN/quHEQBZo480wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFG+D+riVf7UdqlBpYQvR7PKlNShhMB8GA1UdIwQY
MBaAFIoo/zENp9+DCc+rTc+aI1hCtghyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWlqX01RMm4zNE1KejZ0Tno1b2pXRUsyQ0hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9hNWQyODYtODY3MC00N2U0LTk3YjQt
MjRjZjhhNjFkN2U4LzEvYjRQNnVKVl90UjJxVUdsaEM5SHM4cVUxS0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9hNWQyODYtODY3MC00N2U0LTk3YjQtMjRjZjhhNjFkN2U4
LzEvaWlqX01RMm4zNE1KejZ0Tno1b2pXRUsyQ0hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAMBAIAATAGAwQA1C8jMCAE
AgACMBowDwMEACoGtwMHACoGtwAAAgMHACoGtwAACjANBgkqhkiG9w0BAQsFAAOC
AQEAdtBkaeLU8FJXfkJ260wUVn8sxdwuFkovD+Xef+3/ygE7Nk5KoShs8RjEJyZp
NngyTANbDlMDrZYcfGSCFcgQm9z8ocKzGZb4OdcLxKSWoHGQDrNOydWA6a1D43wu
sQDgncs8WqBD+JyTP6RamBhJxzrH6/h/KsB1Xt0ETpcI/rKD0SEAq7V8c7HXSlQ2
iefkHrM3dwGcMvIs3LkEHl/Awq7FiLRPfg1sxditB9eKksNKXScOgQRvqoM2jC7u
8wUZLJDOG8RDwhFDPDnp8viKr5GImZDz1/SDBlGRSgiHP/5q7PIRMJqEH0KVN8mg
ckxoqiHFrodApBbnXDEVJQ3+cA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:56:05 2026 by rpki-client