Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/Z9R8AJbZOvXhl-ACLIaWlHUU1NE.roa
File: Z9R8AJbZOvXhl-ACLIaWlHUU1NE.roa (raw, json)
Hash identifier: YyIOitgkR7Sw+sEairZfJutHLRw1Bh6S+A4Pq62pQ1Q=
Subject key identifier: 67:D4:7C:00:96:D9:3A:F5:E1:97:E0:02:2C:86:96:94:75:14:D4:D1
Certificate issuer: /CN=5659b0ba8407be11cfc911bd31ed140cd1c6046c
Certificate serial: 019E480F35811D068085D65C5BC7349C0EA2
Authority key identifier: 56:59:B0:BA:84:07:BE:11:CF:C9:11:BD:31:ED:14:0C:D1:C6:04:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/Z9R8AJbZOvXhl-ACLIaWlHUU1NE.roa
Signing time: Thu 21 May 2026 01:03:36 +0000
ROA not before: Thu 21 May 2026 01:03:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212513
IP address blocks: 2a10:fa80:1000::/36 maxlen: 48
2a10:fa80:1000::/48 maxlen: 48
2a10:fa80:1001::/48 maxlen: 48
2a10:fa80:1002::/48 maxlen: 48
2a10:fa80:1003::/48 maxlen: 48
2a10:fa80:1005::/48 maxlen: 48
2a10:fa80:1006::/48 maxlen: 48
2a10:fa80:1007::/48 maxlen: 48
2a10:fa80:1008::/48 maxlen: 48
2a10:fa80:1009::/48 maxlen: 48
2a10:fa80:100a::/48 maxlen: 48
2a10:fa80:100b::/48 maxlen: 48
2a10:fa80:100c::/48 maxlen: 48
2a10:fa80:100d::/48 maxlen: 48
2a10:fa80:100e::/48 maxlen: 48
2a10:fa80:100f::/48 maxlen: 48
2a10:fa80:1010::/48 maxlen: 48
2a10:fa80:1011::/48 maxlen: 48
2a10:fa80:1012::/48 maxlen: 48
2a10:fa80:1013::/48 maxlen: 48
2a10:fa80:1014::/48 maxlen: 48
2a10:fa80:1015::/48 maxlen: 48
2a10:fa80:1016::/48 maxlen: 48
2a10:fa80:1017::/48 maxlen: 48
2a10:fa80:1018::/48 maxlen: 48
2a10:fa80:1019::/48 maxlen: 48
2a10:fa80:101a::/48 maxlen: 48
2a10:fa80:101b::/48 maxlen: 48
2a10:fa80:102a::/64 maxlen: 64
2a10:fa81:600::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.mft
rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:48:0f:35:81:1d:06:80:85:d6:5c:5b:c7:34:9c:0e:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5659b0ba8407be11cfc911bd31ed140cd1c6046c
Validity
Not Before: May 21 01:03:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=67d47c0096d93af5e197e0022c8696947514d4d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f6:ea:0c:7c:f5:78:a8:96:eb:a5:aa:fb:60:
2b:bf:2b:fe:85:ae:ef:24:1c:ee:90:17:ce:2b:b6:
e7:b4:ae:fc:41:87:2d:e8:dc:3b:e2:ea:5d:0c:31:
be:39:c7:4b:30:93:d4:3d:44:c6:f3:09:04:10:fe:
71:8d:a2:6c:44:7e:ec:32:00:1e:68:49:9c:12:90:
f4:26:eb:ee:c9:e7:ac:df:3c:a8:c7:a9:c8:d4:3c:
d6:39:53:5d:8e:25:58:19:b7:24:a2:b9:6c:27:b2:
cc:16:fb:72:da:ea:80:e2:c0:08:fe:75:67:d8:1a:
66:52:bb:0f:46:bb:13:a4:df:ba:55:68:48:ae:ec:
13:8b:4f:04:56:04:cd:5a:40:2c:bf:23:11:77:1a:
4a:bf:00:9c:95:91:bf:46:d5:fc:36:52:d0:92:31:
66:93:3e:1e:59:7f:6c:80:64:13:53:11:86:73:39:
77:67:45:71:9c:4c:a0:17:ba:9a:24:48:5b:8f:48:
d8:d3:c8:ab:24:00:51:ba:ea:9b:66:67:05:31:bb:
0f:4e:b3:7a:88:93:2b:0d:c2:13:64:dc:be:6c:07:
7e:7f:da:12:5c:62:b2:c1:62:1e:84:6a:a6:e0:f6:
fb:02:0b:4b:e1:94:68:0c:a9:1d:5e:24:d8:83:82:
e7:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D4:7C:00:96:D9:3A:F5:E1:97:E0:02:2C:86:96:94:75:14:D4:D1
X509v3 Authority Key Identifier:
keyid:56:59:B0:BA:84:07:BE:11:CF:C9:11:BD:31:ED:14:0C:D1:C6:04:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/Z9R8AJbZOvXhl-ACLIaWlHUU1NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:fa80:1000::/36
2a10:fa81:600::/40
Signature Algorithm: sha256WithRSAEncryption
5c:64:9a:10:95:31:16:e0:07:f4:b5:1f:66:d9:ec:91:d4:4b:
ab:6f:57:db:20:b9:8b:4b:ac:50:fb:b5:0b:fd:1c:f6:89:a7:
8c:b8:35:cc:e8:69:2a:69:0f:cb:58:fb:06:e4:47:44:aa:fc:
0c:9a:82:93:77:2e:09:f5:8b:09:e0:37:1f:eb:09:d4:86:a3:
79:df:3b:20:54:0a:31:92:a2:51:43:f4:d5:e9:80:71:d9:bb:
aa:36:e8:b4:99:bf:04:75:49:5b:91:a1:88:fe:cf:06:25:27:
ce:fe:8d:b1:cb:ea:19:b9:f4:4c:eb:e9:b2:61:30:2c:0f:d1:
dc:e1:3f:92:97:13:40:a0:7d:ee:b9:78:4c:5d:8b:c2:a7:17:
3f:ad:b9:73:67:ba:14:55:21:83:62:ad:ae:7e:d4:a4:7e:9b:
94:b6:0b:01:c7:67:7e:5b:ec:c4:6b:f8:75:b9:e4:e6:a2:9b:
30:f7:b3:d4:c6:9f:bc:7f:b0:db:7e:39:2e:49:09:b9:71:1d:
f4:28:b6:8e:ee:aa:35:20:b5:d1:c3:56:6a:ad:32:9f:ec:29:
a4:bd:53:82:f3:a5:c7:71:64:9b:1e:34:b0:9a:44:04:dc:46:
25:71:e5:e7:ab:a5:b7:c6:6b:be:c4:08:13:cd:de:6d:52:c6:
0c:34:70:66
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZ5IDzWBHQaAhdZcW8c0nA6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NTliMGJhODQwN2JlMTFjZmM5MTFiZDMxZWQxNDBjZDFj
NjA0NmMwHhcNMjYwNTIxMDEwMzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2Q0N2MwMDk2ZDkzYWY1ZTE5N2UwMDIyYzg2OTY5NDc1MTRkNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfbqDHz1eKiW66Wq+2Arvyv+ha7v
JBzukBfOK7bntK78QYct6Nw74updDDG+OcdLMJPUPUTG8wkEEP5xjaJsRH7sMgAe
aEmcEpD0Juvuyees3zyox6nI1DzWOVNdjiVYGbckorlsJ7LMFvty2uqA4sAI/nVn
2BpmUrsPRrsTpN+6VWhIruwTi08EVgTNWkAsvyMRdxpKvwCclZG/RtX8NlLQkjFm
kz4eWX9sgGQTUxGGczl3Z0VxnEygF7qaJEhbj0jY08irJABRuuqbZmcFMbsPTrN6
iJMrDcITZNy+bAd+f9oSXGKywWIehGqm4Pb7AgtL4ZRoDKkdXiTYg4LnXwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFGfUfACW2Tr14ZfgAiyGlpR1FNTRMB8GA1UdIwQY
MBaAFFZZsLqEB74Rz8kRvTHtFAzRxgRsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmxtd3VvUUh2aEhQeVJHOU1lMFVETkhHQkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kZDhlMzEtMDBiNS00MjEyLTllMDEt
MjM5NGM2NjAwMDIyLzEvWjlSOEFKYlpPdlhobC1BQ0xJYVdsSFVVMU5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kZDhlMzEtMDBiNS00MjEyLTllMDEtMjM5NGM2NjAwMDIy
LzEvVmxtd3VvUUh2aEhQeVJHOU1lMFVETkhHQkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYEKhD6gBAD
BgAqEPqBBjANBgkqhkiG9w0BAQsFAAOCAQEAXGSaEJUxFuAH9LUfZtnskdRLq29X
2yC5i0usUPu1C/0c9omnjLg1zOhpKmkPy1j7BuRHRKr8DJqCk3cuCfWLCeA3H+sJ
1Iajed87IFQKMZKiUUP01emAcdm7qjbotJm/BHVJW5GhiP7PBiUnzv6NscvqGbn0
TOvpsmEwLA/R3OE/kpcTQKB97rl4TF2LwqcXP625c2e6FFUhg2Ktrn7UpH6blLYL
AcdnflvsxGv4dbnk5qKbMPez1MafvH+w2345LkkJuXEd9Ci2ju6qNSC10cNWaq0y
n+wppL1TgvOlx3Fkmx40sJpEBNxGJXHl56ult8ZrvsQIE83ebVLGDDRwZg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:34:33 2026 by rpki-client