Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1VLg1aY9v7jaSjHtofK36IMeBaE.roa
File: 1VLg1aY9v7jaSjHtofK36IMeBaE.roa (raw, json)
Hash identifier: HI2whi4CG4KcDsjD2jvuiBEFXV0jVOJ6ZL1iFW2q1Rc=
Subject key identifier: D5:52:E0:D5:A6:3D:BF:B8:DA:4A:31:ED:A1:F2:B7:E8:83:1E:05:A1
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 019E6FBBEC93B625B290B5B4A40BE8B8EE3F
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1VLg1aY9v7jaSjHtofK36IMeBaE.roa
Signing time: Thu 28 May 2026 17:57:27 +0000
ROA not before: Thu 28 May 2026 17:57:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 2a06:fe40::/32 maxlen: 32
2a06:fe41::/32 maxlen: 32
2a06:fe42::/32 maxlen: 32
2a06:fe43::/32 maxlen: 32
2a06:fe44::/32 maxlen: 32
2a06:fe45::/32 maxlen: 32
2a06:fe46::/32 maxlen: 32
2a06:fe47::/32 maxlen: 32
2a09:1d80::/29 maxlen: 29
2a09:1d80::/32 maxlen: 32
2a09:1d81::/32 maxlen: 32
2a09:1d82::/32 maxlen: 32
2a09:1d83::/32 maxlen: 32
2a09:1d84::/32 maxlen: 32
2a09:1d85::/32 maxlen: 32
2a09:1d86::/32 maxlen: 32
2a09:1d87::/32 maxlen: 32
2a0e:2c00::/29 maxlen: 29
2a0e:2c00::/32 maxlen: 32
2a0e:2c01::/32 maxlen: 32
2a0e:2c02::/32 maxlen: 32
2a0e:2c03::/32 maxlen: 32
2a0e:2c04::/32 maxlen: 32
2a0e:2c05::/32 maxlen: 32
2a0e:2c06::/32 maxlen: 32
2a0e:2c07::/32 maxlen: 32
2a0e:6c00::/29 maxlen: 29
2a0e:6c00::/32 maxlen: 32
2a0e:6c01::/32 maxlen: 32
2a0e:6c02::/32 maxlen: 32
2a0e:6c03::/32 maxlen: 32
2a0e:6c04::/32 maxlen: 32
2a0e:6c05::/32 maxlen: 32
2a0e:6c06::/32 maxlen: 32
2a0e:6c07::/32 maxlen: 32
2a0e:8400::/29 maxlen: 29
2a11:ed80::/29 maxlen: 29
2a11:ed80::/32 maxlen: 32
2a11:ed81::/32 maxlen: 32
2a11:ed82::/32 maxlen: 32
2a11:ed83::/32 maxlen: 32
2a11:ed84::/32 maxlen: 32
2a11:ed85::/32 maxlen: 32
2a11:ed86::/32 maxlen: 32
2a11:ed87::/32 maxlen: 32
2a12:f80::/29 maxlen: 29
2a12:f80::/32 maxlen: 32
2a12:f81::/32 maxlen: 32
2a12:f82::/32 maxlen: 32
2a12:f83::/32 maxlen: 32
2a12:f84::/32 maxlen: 32
2a12:f85::/32 maxlen: 32
2a12:f86::/32 maxlen: 32
2a12:f87::/32 maxlen: 32
2a12:2f00::/29 maxlen: 32
2a12:3a80::/32 maxlen: 32
2a12:3a81::/32 maxlen: 32
2a12:3a82::/32 maxlen: 32
2a12:3a83::/32 maxlen: 32
2a12:3a84::/32 maxlen: 32
2a12:3a85::/32 maxlen: 32
2a12:3a86::/32 maxlen: 32
2a12:3a87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6f:bb:ec:93:b6:25:b2:90:b5:b4:a4:0b:e8:b8:ee:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: May 28 17:57:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d552e0d5a63dbfb8da4a31eda1f2b7e8831e05a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8d:f1:69:3e:54:0e:d2:dc:86:e7:57:85:43:
a7:9f:c7:7c:21:b0:9c:1e:59:2b:46:fd:29:7f:67:
31:b6:f1:ae:aa:40:98:a4:9b:33:69:f2:01:94:3d:
bf:97:7c:b6:e2:dd:63:39:8f:4b:e9:62:e3:7f:48:
59:01:2b:22:16:60:89:24:b7:83:ab:06:c9:87:9e:
3a:11:37:29:76:26:65:e7:b9:c4:90:c7:12:38:3e:
3a:80:8b:e7:94:dc:09:b9:82:13:50:7f:25:70:38:
67:cd:f3:a9:e5:8c:4a:54:64:28:e2:a5:6f:7c:e0:
ec:9d:46:e9:64:68:fc:d1:8b:e4:f1:2b:31:de:18:
94:c7:86:c9:3d:06:86:f1:25:2d:f5:ce:e9:ab:dd:
82:d6:9a:d2:97:90:50:53:bb:4c:2c:7c:96:2a:47:
5f:d6:fb:1d:fc:6c:e1:d0:a6:c6:68:59:4e:fe:f8:
ae:cf:4e:2c:9c:cb:f6:a7:51:79:0a:b4:0c:ee:16:
a9:e6:ce:f5:83:f0:18:2d:ca:44:f2:c2:b8:41:89:
a8:6c:2c:49:6b:d9:3c:10:99:a4:b5:28:eb:45:08:
5b:8c:aa:e3:3e:43:73:af:38:1c:a4:a9:6c:24:5f:
cf:6c:cb:5d:d3:72:c8:9c:75:80:2a:be:71:61:c4:
3f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:52:E0:D5:A6:3D:BF:B8:DA:4A:31:ED:A1:F2:B7:E8:83:1E:05:A1
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/1VLg1aY9v7jaSjHtofK36IMeBaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:fe40::/29
2a09:1d80::/29
2a0e:2c00::/29
2a0e:6c00::/29
2a0e:8400::/29
2a11:ed80::/29
2a12:f80::/29
2a12:2f00::/29
2a12:3a80::/29
Signature Algorithm: sha256WithRSAEncryption
08:1f:22:f2:9d:d7:55:63:67:88:d4:2a:40:ae:82:6d:16:09:
b9:a1:37:9c:19:c9:0a:f2:03:ec:f7:16:08:f0:bf:0e:f7:c3:
4f:51:19:c1:65:31:a0:59:f4:96:ec:54:9e:d2:a6:9f:d0:a8:
f2:75:26:0b:5a:f6:b5:3c:d1:14:53:9b:b3:67:ca:7d:44:ff:
1d:8d:ff:aa:42:8e:a6:e6:c8:b7:0b:8a:de:94:73:23:75:60:
e4:98:f6:85:80:7b:cd:3a:c6:5c:1a:4f:f4:06:ee:22:78:9a:
a8:f6:c8:20:be:e8:f4:e0:45:da:78:77:8c:fb:51:59:e8:17:
cc:cf:fc:d3:74:a6:a4:19:dc:d0:d8:a9:f6:c3:9d:52:b6:c1:
d2:0c:37:c5:39:5b:83:c0:bb:fb:38:f4:ce:29:5c:4c:d1:eb:
a0:9f:8a:d4:ed:3d:ca:83:a3:a7:2d:e8:6f:9f:2d:c7:74:75:
e4:e4:92:fd:e5:ea:81:2b:03:ba:18:15:d4:3f:e0:c3:85:ff:
55:87:89:2a:51:4c:43:21:b0:a2:e5:ee:61:c5:6b:b1:9d:5f:
a4:e0:b0:15:8d:76:2e:89:df:6e:ef:ba:85:a9:43:aa:e4:ff:
ae:ae:f5:d5:16:00:50:95:12:2e:b3:91:f9:25:20:ac:4d:32:
ec:5d:24:0f
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZ5vu+yTtiWykLW0pAvouO4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjYwNTI4MTc1NzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTUyZTBkNWE2M2RiZmI4ZGE0YTMxZWRhMWYyYjdlODgzMWUwNWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuY3xaT5UDtLchudXhUOnn8d8IbCc
HlkrRv0pf2cxtvGuqkCYpJszafIBlD2/l3y24t1jOY9L6WLjf0hZASsiFmCJJLeD
qwbJh546ETcpdiZl57nEkMcSOD46gIvnlNwJuYITUH8lcDhnzfOp5YxKVGQo4qVv
fODsnUbpZGj80Yvk8Ssx3hiUx4bJPQaG8SUt9c7pq92C1prSl5BQU7tMLHyWKkdf
1vsd/Gzh0KbGaFlO/viuz04snMv2p1F5CrQM7hap5s71g/AYLcpE8sK4QYmobCxJ
a9k8EJmktSjrRQhbjKrjPkNzrzgcpKlsJF/PbMtd03LInHWAKr5xYcQ/jQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFNVS4NWmPb+42kox7aHyt+iDHgWhMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvMVZMZzFhWTl2N2phU2pIdG9mSzM2SU1lQmFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwUDKgb+QAMF
AyoJHYADBQMqDiwAAwUDKg5sAAMFAyoOhAADBQMqEe2AAwUDKhIPgAMFAyoSLwAD
BQMqEjqAMA0GCSqGSIb3DQEBCwUAA4IBAQAIHyLynddVY2eI1CpAroJtFgm5oTec
GckK8gPs9xYI8L8O98NPURnBZTGgWfSW7FSe0qaf0KjydSYLWva1PNEUU5uzZ8p9
RP8djf+qQo6m5si3C4relHMjdWDkmPaFgHvNOsZcGk/0Bu4ieJqo9sggvuj04EXa
eHeM+1FZ6BfMz/zTdKakGdzQ2Kn2w51StsHSDDfFOVuDwLv7OPTOKVxM0eugn4rU
7T3Kg6OnLehvny3HdHXk5JL95eqBKwO6GBXUP+DDhf9Vh4kqUUxDIbCi5e5hxWux
nV+k4LAVjXYuid9u77qFqUOq5P+urvXVFgBQlRIus5H5JSCsTTLsXSQP
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:54:27 2026 by rpki-client