Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/2862ab-37dd-47f2-8df2-22c27b993ae2/1/TNfS4qjFMyp6FRl_4ldjm_Y_i3Q.roa
File: TNfS4qjFMyp6FRl_4ldjm_Y_i3Q.roa (raw, json)
Hash identifier: V9e1y2xxqghsyNge3bSzEeJvbCQltZtzBhjXNsBZP/k=
Subject key identifier: 4C:D7:D2:E2:A8:C5:33:2A:7A:15:19:7F:E2:57:63:9B:F6:3F:8B:74
Certificate issuer: /CN=61c2b45a65c19b68abb0516c9ccaf4547a5cc312
Certificate serial: 019EB199DE2813C27688FEB01C4C09DE2F56
Authority key identifier: 61:C2:B4:5A:65:C1:9B:68:AB:B0:51:6C:9C:CA:F4:54:7A:5C:C3:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YcK0WmXBm2irsFFsnMr0VHpcwxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/2862ab-37dd-47f2-8df2-22c27b993ae2/1/TNfS4qjFMyp6FRl_4ldjm_Y_i3Q.roa
Signing time: Wed 10 Jun 2026 12:55:11 +0000
ROA not before: Wed 10 Jun 2026 12:55:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200566
IP address blocks: 2a11:2a00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/2862ab-37dd-47f2-8df2-22c27b993ae2/1/YcK0WmXBm2irsFFsnMr0VHpcwxI.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/2862ab-37dd-47f2-8df2-22c27b993ae2/1/YcK0WmXBm2irsFFsnMr0VHpcwxI.mft
rsync://rpki.ripe.net/repository/DEFAULT/YcK0WmXBm2irsFFsnMr0VHpcwxI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 03:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b1:99:de:28:13:c2:76:88:fe:b0:1c:4c:09:de:2f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61c2b45a65c19b68abb0516c9ccaf4547a5cc312
Validity
Not Before: Jun 10 12:55:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4cd7d2e2a8c5332a7a15197fe257639bf63f8b74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e6:3e:ee:0f:a3:c2:46:9d:aa:81:c7:bb:44:
24:0f:22:5d:3d:1d:e1:09:de:da:c0:64:6d:15:f9:
97:5b:d5:e8:91:02:80:e9:d0:8a:12:fb:f5:53:3f:
26:50:5d:b8:f7:4e:41:4a:da:f2:4d:7f:fd:9f:6b:
34:ae:09:1a:23:20:b9:96:7a:90:73:3d:e6:6c:b6:
72:3d:8d:dc:45:1b:10:dd:e5:ce:72:84:54:10:13:
f5:03:5a:b5:5f:d9:fd:16:ac:f0:b8:ca:99:a1:55:
ab:f5:06:0d:17:7d:e1:d9:ab:5e:7e:48:6a:b5:8f:
7f:e6:57:c6:5f:61:29:59:c9:dd:63:80:dc:27:65:
37:e0:ae:a0:6d:12:4a:69:31:f7:eb:24:08:00:14:
0d:57:c9:ed:4e:59:f6:83:44:a7:3b:82:f9:0f:3e:
ec:b5:b4:ff:63:72:b9:9e:34:52:ea:32:5c:ac:0e:
a7:ca:3d:93:da:6c:22:42:27:5e:33:65:b5:16:fc:
26:8f:dc:10:97:95:12:64:08:d2:d2:27:9e:52:78:
a4:d6:f7:a5:32:14:91:24:e7:cd:b4:d3:c4:e4:9d:
5a:15:79:14:ce:1e:4f:0c:fd:3f:3c:5c:02:dd:c2:
05:c2:ff:8c:2c:1a:b5:23:e9:05:4b:9b:09:e5:e5:
42:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D7:D2:E2:A8:C5:33:2A:7A:15:19:7F:E2:57:63:9B:F6:3F:8B:74
X509v3 Authority Key Identifier:
keyid:61:C2:B4:5A:65:C1:9B:68:AB:B0:51:6C:9C:CA:F4:54:7A:5C:C3:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YcK0WmXBm2irsFFsnMr0VHpcwxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/2862ab-37dd-47f2-8df2-22c27b993ae2/1/TNfS4qjFMyp6FRl_4ldjm_Y_i3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/2862ab-37dd-47f2-8df2-22c27b993ae2/1/YcK0WmXBm2irsFFsnMr0VHpcwxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:2a00::/48
Signature Algorithm: sha256WithRSAEncryption
5a:be:68:b4:eb:b9:8e:10:f0:78:5f:d4:54:c3:fb:b1:bf:0a:
b1:00:dd:c5:d3:e7:0e:d4:9e:8b:44:a5:1c:39:53:3e:f3:3c:
5d:30:a4:20:62:00:f7:14:7b:47:9d:89:db:80:03:4b:19:3a:
f6:8c:39:37:69:51:34:22:92:fe:38:39:47:22:31:57:c2:d3:
24:93:4b:ec:17:de:19:d6:c7:38:ed:05:e9:95:e1:36:4e:74:
75:52:37:e7:a5:f8:62:8b:68:bb:1b:2b:89:42:f9:5a:b9:85:
e9:ea:f2:4d:da:1e:0c:bb:ef:b2:c9:5e:8a:b0:6b:d5:92:cf:
6b:89:72:ff:62:a7:b7:a3:d6:46:3a:0c:0d:00:75:67:a8:78:
f4:6b:25:25:ff:93:23:03:d7:81:6f:99:6f:49:98:30:09:04:
d5:96:b5:30:5e:86:3d:0a:4a:ab:d9:23:43:7a:ea:1e:f4:25:
4b:61:5d:f2:d4:0c:0a:59:2f:32:21:04:43:67:3a:11:0e:9c:
8f:4d:2c:58:f9:d0:2c:4a:65:02:89:37:1f:27:c2:4b:1b:33:
9b:36:50:a4:e2:7b:9d:0b:ba:d7:6b:5c:21:09:bc:59:28:35:
3b:59:b8:6b:7b:af:df:18:f5:10:62:e4:6a:06:17:6c:85:fe:
4b:26:6f:bc
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ6xmd4oE8J2iP6wHEwJ3i9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxYzJiNDVhNjVjMTliNjhhYmIwNTE2YzljY2FmNDU0N2E1
Y2MzMTIwHhcNMjYwNjEwMTI1NTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Q3ZDJlMmE4YzUzMzJhN2ExNTE5N2ZlMjU3NjM5YmY2M2Y4Yjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneY+7g+jwkadqoHHu0QkDyJdPR3h
Cd7awGRtFfmXW9XokQKA6dCKEvv1Uz8mUF24905BStryTX/9n2s0rgkaIyC5lnqQ
cz3mbLZyPY3cRRsQ3eXOcoRUEBP1A1q1X9n9FqzwuMqZoVWr9QYNF33h2atefkhq
tY9/5lfGX2EpWcndY4DcJ2U34K6gbRJKaTH36yQIABQNV8ntTln2g0SnO4L5Dz7s
tbT/Y3K5njRS6jJcrA6nyj2T2mwiQideM2W1Fvwmj9wQl5USZAjS0ieeUnik1vel
MhSRJOfNtNPE5J1aFXkUzh5PDP0/PFwC3cIFwv+MLBq1I+kFS5sJ5eVCBwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEzX0uKoxTMqehUZf+JXY5v2P4t0MB8GA1UdIwQY
MBaAFGHCtFplwZtoq7BRbJzK9FR6XMMSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWNLMFdtWEJtMmlyc0ZGc25NcjBWSHBjd3hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC8yODYyYWItMzdkZC00N2YyLThkZjIt
MjJjMjdiOTkzYWUyLzEvVE5mUzRxakZNeXA2RlJsXzRsZGptX1lfaTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC8yODYyYWItMzdkZC00N2YyLThkZjItMjJjMjdiOTkzYWUy
LzEvWWNLMFdtWEJtMmlyc0ZGc25NcjBWSHBjd3hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhEqAAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBavmi067mOEPB4X9RUw/uxvwqxAN3F0+cO1J6L
RKUcOVM+8zxdMKQgYgD3FHtHnYnbgANLGTr2jDk3aVE0IpL+ODlHIjFXwtMkk0vs
F94Z1sc47QXpleE2TnR1Ujfnpfhii2i7GyuJQvlauYXp6vJN2h4Mu++yyV6KsGvV
ks9riXL/Yqe3o9ZGOgwNAHVnqHj0ayUl/5MjA9eBb5lvSZgwCQTVlrUwXoY9Ckqr
2SNDeuoe9CVLYV3y1AwKWS8yIQRDZzoRDpyPTSxY+dAsSmUCiTcfJ8JLGzObNlCk
4nudC7rXa1whCbxZKDU7Wbhre6/fGPUQYuRqBhdshf5LJm+8
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:54:21 2026 by rpki-client