Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/mKQPbj20_E3L-91-26uPTq60OeE.roa
File: mKQPbj20_E3L-91-26uPTq60OeE.roa (raw, json)
Hash identifier: OslZn6jBG+ZPIoPrbXSvbnSCz6sOsKi2+HDmgyujhpE=
Subject key identifier: 98:A4:0F:6E:3D:B4:FC:4D:CB:FB:DD:7E:DB:AB:8F:4E:AE:B4:39:E1
Certificate issuer: /CN=6cfd360736f1fa6c9770fcb48be594be609e5b3e
Certificate serial: 019E82A27E0735157D954CD1D4967FC0BB37
Authority key identifier: 6C:FD:36:07:36:F1:FA:6C:97:70:FC:B4:8B:E5:94:BE:60:9E:5B:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bP02Bzbx-myXcPy0i-WUvmCeWz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/mKQPbj20_E3L-91-26uPTq60OeE.roa
Signing time: Mon 01 Jun 2026 10:02:27 +0000
ROA not before: Mon 01 Jun 2026 10:02:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44439
IP address blocks: 2a05:2cc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/bP02Bzbx-myXcPy0i-WUvmCeWz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/bP02Bzbx-myXcPy0i-WUvmCeWz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bP02Bzbx-myXcPy0i-WUvmCeWz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:82:a2:7e:07:35:15:7d:95:4c:d1:d4:96:7f:c0:bb:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cfd360736f1fa6c9770fcb48be594be609e5b3e
Validity
Not Before: Jun 1 10:02:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=98a40f6e3db4fc4dcbfbdd7edbab8f4eaeb439e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cf:84:a2:83:fd:aa:4e:8e:4f:04:13:fb:0d:
aa:18:b7:3b:e7:aa:ef:59:21:f2:bf:25:16:dd:7f:
bf:57:15:49:88:ea:72:05:4c:6f:cd:44:ce:f7:d0:
b8:ee:1e:51:bc:e0:21:c7:71:af:df:0e:96:5c:c0:
90:d3:28:22:32:77:dd:59:fa:cd:b5:15:f5:56:3b:
9e:b0:f9:3a:4d:73:b6:43:a3:d5:73:49:0c:8b:06:
ca:f1:5a:26:e8:26:bb:d7:12:86:39:60:4a:df:27:
3c:22:cd:1f:e1:a3:d2:6d:c5:8a:bb:f2:9e:e2:19:
ec:ed:3c:7d:4e:8a:06:8b:e4:10:8b:4e:d9:08:08:
28:30:e4:91:ec:27:8f:43:09:b3:9f:d2:3e:34:41:
95:c7:53:09:d5:5c:7d:ae:8e:02:e2:bb:6a:9f:b2:
3f:3e:c5:7e:67:ee:3e:a0:a8:e9:48:90:77:a2:84:
21:e7:0e:1d:6c:db:b3:08:8a:35:1d:ff:2a:90:8e:
31:90:10:67:df:db:cb:dc:ee:d9:11:65:4d:3e:a1:
be:a3:29:90:73:21:d8:ba:38:32:96:db:5e:65:a2:
28:c1:b3:a1:b4:27:c6:cd:2c:49:c0:c0:6c:50:6a:
b6:0a:ed:e2:b3:6c:6e:c9:10:fa:f7:07:04:bd:73:
f5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A4:0F:6E:3D:B4:FC:4D:CB:FB:DD:7E:DB:AB:8F:4E:AE:B4:39:E1
X509v3 Authority Key Identifier:
keyid:6C:FD:36:07:36:F1:FA:6C:97:70:FC:B4:8B:E5:94:BE:60:9E:5B:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP02Bzbx-myXcPy0i-WUvmCeWz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/mKQPbj20_E3L-91-26uPTq60OeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/344e2c-1c56-43ab-8108-eaf68b59e599/1/bP02Bzbx-myXcPy0i-WUvmCeWz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
75:9d:57:7e:fd:42:83:d5:d1:ad:09:16:88:b8:1d:09:b0:68:
20:5e:f9:c4:57:01:a8:47:b9:5e:dd:f2:76:b9:c7:cf:3c:54:
16:3a:02:85:8b:cf:17:5e:77:85:ac:c4:09:a8:79:29:54:93:
5f:21:e1:9b:91:ee:1c:87:29:17:f3:b2:84:1c:31:4c:24:d1:
b4:8a:82:4c:ba:f5:c0:a5:d4:e1:c6:02:af:03:ac:6a:b4:af:
43:6a:a0:2f:45:da:f8:d5:ea:5d:ff:32:4b:b2:89:f0:c9:21:
cd:7e:9b:5a:c7:dc:6c:98:af:3d:50:a8:7b:cc:24:e1:18:cb:
cd:3b:64:13:52:c0:f1:d7:d6:59:88:a9:d6:43:9e:ea:a4:6d:
a0:91:1c:f9:11:ac:7a:5a:f0:05:c3:f8:69:e4:0d:b6:3d:bf:
a6:70:ab:db:f6:2a:af:b0:94:b9:ad:ab:9f:18:b5:2a:d0:ad:
15:d4:d6:6a:4e:22:96:76:8b:06:ab:d6:19:e2:d7:2a:66:67:
9a:a7:eb:de:af:9d:26:07:96:3e:83:24:82:d5:2f:32:2f:67:
ce:e9:1f:b9:69:98:6e:fa:1c:8d:e9:3a:81:ae:b3:14:de:e7:
20:76:53:e6:fa:d3:2a:16:07:da:50:47:92:d0:8c:fc:af:e5:
48:78:c4:d1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ6Con4HNRV9lUzR1JZ/wLs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmQzNjA3MzZmMWZhNmM5NzcwZmNiNDhiZTU5NGJlNjA5
ZTViM2UwHhcNMjYwNjAxMTAwMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGE0MGY2ZTNkYjRmYzRkY2JmYmRkN2VkYmFiOGY0ZWFlYjQzOWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyM+EooP9qk6OTwQT+w2qGLc756rv
WSHyvyUW3X+/VxVJiOpyBUxvzUTO99C47h5RvOAhx3Gv3w6WXMCQ0ygiMnfdWfrN
tRX1VjuesPk6TXO2Q6PVc0kMiwbK8Vom6Ca71xKGOWBK3yc8Is0f4aPSbcWKu/Ke
4hns7Tx9TooGi+QQi07ZCAgoMOSR7CePQwmzn9I+NEGVx1MJ1Vx9ro4C4rtqn7I/
PsV+Z+4+oKjpSJB3ooQh5w4dbNuzCIo1Hf8qkI4xkBBn39vL3O7ZEWVNPqG+oymQ
cyHYujgyltteZaIowbOhtCfGzSxJwMBsUGq2Cu3is2xuyRD69wcEvXP17QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJikD249tPxNy/vdfturj06utDnhMB8GA1UdIwQY
MBaAFGz9Ngc28fpsl3D8tIvllL5gnls+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlAwMkJ6YngtbXlYY1B5MGktV1V2bUNlV3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS8zNDRlMmMtMWM1Ni00M2FiLTgxMDgt
ZWFmNjhiNTllNTk5LzEvbUtRUGJqMjBfRTNMLTkxLTI2dVBUcTYwT2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS8zNDRlMmMtMWM1Ni00M2FiLTgxMDgtZWFmNjhiNTllNTk5
LzEvYlAwMkJ6YngtbXlYY1B5MGktV1V2bUNlV3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgUswDAN
BgkqhkiG9w0BAQsFAAOCAQEAdZ1Xfv1Cg9XRrQkWiLgdCbBoIF75xFcBqEe5Xt3y
drnHzzxUFjoChYvPF153hazECah5KVSTXyHhm5HuHIcpF/OyhBwxTCTRtIqCTLr1
wKXU4cYCrwOsarSvQ2qgL0Xa+NXqXf8yS7KJ8MkhzX6bWsfcbJivPVCoe8wk4RjL
zTtkE1LA8dfWWYip1kOe6qRtoJEc+RGselrwBcP4aeQNtj2/pnCr2/Yqr7CUua2r
nxi1KtCtFdTWak4ilnaLBqvWGeLXKmZnmqfr3q+dJgeWPoMkgtUvMi9nzukfuWmY
bvocjek6ga6zFN7nIHZT5vrTKhYH2lBHktCM/K/lSHjE0Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:41:05 2026 by rpki-client