Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/mxVE-hs9rzULT7M25Uxh_xqvoTw.roa
File: mxVE-hs9rzULT7M25Uxh_xqvoTw.roa (raw, json)
Hash identifier: 1JBeJTaJ079PrZjMTGLHljNaLJKgDRVvdddKR/g00Oo=
Subject key identifier: 9B:15:44:FA:1B:3D:AF:35:0B:4F:B3:36:E5:4C:61:FF:1A:AF:A1:3C
Certificate issuer: /CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Certificate serial: 019E01CF81AFE388E32D255028BB1A511C29
Authority key identifier: 57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/mxVE-hs9rzULT7M25Uxh_xqvoTw.roa
Signing time: Thu 07 May 2026 09:40:36 +0000
ROA not before: Thu 07 May 2026 09:40:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35704
IP address blocks: 2a02:11ff:400::/46 maxlen: 46
2a02:11ff:404::/46 maxlen: 46
2a02:11ff:408::/46 maxlen: 46
2a02:11ff:40c::/46 maxlen: 46
2a02:11ff:410::/46 maxlen: 46
2a02:11ff:414::/46 maxlen: 46
2a02:11ff:418::/46 maxlen: 46
2a02:11ff:41c::/46 maxlen: 46
2a02:11ff:420::/46 maxlen: 46
2a02:11ff:424::/46 maxlen: 46
2a02:11ff:428::/46 maxlen: 46
2a02:11ff:42c::/46 maxlen: 46
2a02:11ff:430::/46 maxlen: 46
2a02:11ff:434::/46 maxlen: 46
2a02:11ff:438::/46 maxlen: 46
2a02:11ff:43c::/46 maxlen: 46
2a02:11ff:440::/46 maxlen: 46
2a02:11ff:444::/46 maxlen: 46
2a02:11ff:448::/46 maxlen: 46
2a02:11ff:44c::/46 maxlen: 46
2a02:11ff:450::/46 maxlen: 46
2a02:11ff:454::/46 maxlen: 46
2a02:11ff:458::/46 maxlen: 46
2a02:11ff:45c::/46 maxlen: 46
2a02:11ff:460::/46 maxlen: 46
2a02:11ff:464::/46 maxlen: 46
2a02:11ff:468::/46 maxlen: 46
2a02:11ff:46c::/46 maxlen: 46
2a02:11ff:470::/46 maxlen: 46
2a02:11ff:474::/46 maxlen: 46
2a02:11ff:478::/46 maxlen: 46
2a02:11ff:47c::/46 maxlen: 46
2a02:11ff:480::/46 maxlen: 46
2a02:11ff:484::/46 maxlen: 46
2a02:11ff:488::/46 maxlen: 46
2a02:11ff:48c::/46 maxlen: 46
2a02:11ff:490::/46 maxlen: 46
2a02:11ff:494::/46 maxlen: 46
2a02:11ff:498::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:01:cf:81:af:e3:88:e3:2d:25:50:28:bb:1a:51:1c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57182aab5ad9efa380a6c6f06c016e158be977bc
Validity
Not Before: May 7 09:40:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9b1544fa1b3daf350b4fb336e54c61ff1aafa13c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5e:d9:fd:10:f6:1a:8b:34:50:2e:58:01:ad:
87:ca:8e:22:12:f5:91:42:7e:f7:67:c8:44:d2:aa:
44:6a:a4:db:27:fb:87:f8:57:57:a1:de:36:2a:0a:
56:00:33:d1:35:5b:af:58:43:92:80:2d:2d:3c:f6:
2f:a2:0c:7f:eb:01:3e:2a:40:21:65:4a:13:7d:a3:
67:0a:37:c7:26:17:6a:37:ec:79:60:e2:7a:a7:b3:
c8:3e:fa:fe:ad:f3:1e:ac:b7:03:c0:ed:21:08:08:
62:ce:5d:31:45:ff:fb:c4:c6:ad:67:3a:a7:e7:34:
ba:95:87:c4:01:d3:15:95:80:1a:4e:05:3b:47:4a:
1d:ac:78:af:ef:64:48:2b:39:54:d8:65:b4:ba:45:
8c:67:5f:17:66:15:24:1b:25:bd:6e:10:5c:b1:f0:
4f:56:7f:a3:74:2f:24:c4:24:f1:88:9e:4d:e6:3d:
c2:ea:fd:6a:45:44:3f:81:0b:a5:63:9c:2f:62:3e:
d9:14:86:37:68:9c:7b:7a:8c:78:69:a4:95:26:b1:
85:d1:9b:91:a2:a4:1d:3f:3c:28:fd:34:00:18:da:
9b:4c:13:fc:4d:56:5e:b1:c9:c0:53:3b:18:b9:94:
5c:ea:f6:ac:1f:bb:89:a1:d7:2a:1b:b5:7b:b2:c5:
1a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:15:44:FA:1B:3D:AF:35:0B:4F:B3:36:E5:4C:61:FF:1A:AF:A1:3C
X509v3 Authority Key Identifier:
keyid:57:18:2A:AB:5A:D9:EF:A3:80:A6:C6:F0:6C:01:6E:15:8B:E9:77:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vxgqq1rZ76OApsbwbAFuFYvpd7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/mxVE-hs9rzULT7M25Uxh_xqvoTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/8c51cb-a3bd-476d-880f-a96c6266abdb/1/Vxgqq1rZ76OApsbwbAFuFYvpd7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:11ff:400::-2a02:11ff:49b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b2:c9:5f:bc:76:4c:c3:f4:1c:32:57:78:19:9c:d6:7a:8b:40:
b8:0c:73:6b:61:31:35:bc:bc:cf:7e:29:3c:b8:0c:a6:70:84:
6c:59:93:64:bd:32:17:12:ee:11:d9:29:c0:d0:88:8f:a6:1d:
e8:df:85:8a:04:1c:7b:0a:49:e0:c5:fa:c4:ca:90:48:34:d6:
62:f1:06:a1:ac:40:eb:29:3b:af:62:eb:90:fd:24:0d:bc:bb:
c5:e6:3f:42:dd:32:78:3d:2f:c3:ce:38:d3:bf:55:fa:66:b9:
b3:aa:cb:17:90:49:cf:52:58:86:c4:78:11:0b:38:2b:c3:12:
8c:ce:22:79:60:f2:df:08:0d:0e:63:14:d3:c1:dc:ce:f8:59:
79:f9:3a:73:f9:ab:60:05:76:ca:56:c0:d9:8c:a7:99:aa:33:
a2:44:5e:f6:a2:50:ed:40:23:5c:d5:24:ca:8f:7f:30:17:33:
f1:cc:c9:f7:2a:25:0e:fa:4b:a2:75:ac:1b:ef:9e:42:4a:f9:
cf:21:7c:b2:2c:1c:b6:06:7d:c5:d4:eb:4c:07:64:3e:1c:ed:
1d:50:76:2e:ea:72:2b:3f:bb:16:a3:f9:6b:53:c1:a1:8e:dc:
bd:f4:94:f6:d5:ec:a7:8b:19:a1:6e:13:0c:bf:58:bb:34:d3:
2e:62:4e:69
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZ4Bz4Gv44jjLSVQKLsaURwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTgyYWFiNWFkOWVmYTM4MGE2YzZmMDZjMDE2ZTE1OGJl
OTc3YmMwHhcNMjYwNTA3MDk0MDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjE1NDRmYTFiM2RhZjM1MGI0ZmIzMzZlNTRjNjFmZjFhYWZhMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF7Z/RD2Gos0UC5YAa2Hyo4iEvWR
Qn73Z8hE0qpEaqTbJ/uH+FdXod42KgpWADPRNVuvWEOSgC0tPPYvogx/6wE+KkAh
ZUoTfaNnCjfHJhdqN+x5YOJ6p7PIPvr+rfMerLcDwO0hCAhizl0xRf/7xMatZzqn
5zS6lYfEAdMVlYAaTgU7R0odrHiv72RIKzlU2GW0ukWMZ18XZhUkGyW9bhBcsfBP
Vn+jdC8kxCTxiJ5N5j3C6v1qRUQ/gQulY5wvYj7ZFIY3aJx7eox4aaSVJrGF0ZuR
oqQdPzwo/TQAGNqbTBP8TVZescnAUzsYuZRc6vasH7uJodcqG7V7ssUa8wIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFJsVRPobPa81C0+zNuVMYf8ar6E8MB8GA1UdIwQY
MBaAFFcYKqta2e+jgKbG8GwBbhWL6Xe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYt
YTk2YzYyNjZhYmRiLzEvbXhWRS1oczlyelVMVDdNMjVVeGhfeHF2b1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni84YzUxY2ItYTNiZC00NzZkLTg4MGYtYTk2YzYyNjZhYmRi
LzEvVnhncXExclo3Nk9BcHNid2JBRnVGWXZwZDd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAAjATMBEDBgIqAhH/
BAMHAioCEf8EmDANBgkqhkiG9w0BAQsFAAOCAQEAsslfvHZMw/QcMld4GZzWeotA
uAxza2ExNby8z34pPLgMpnCEbFmTZL0yFxLuEdkpwNCIj6Yd6N+FigQcewpJ4MX6
xMqQSDTWYvEGoaxA6yk7r2LrkP0kDby7xeY/Qt0yeD0vw844079V+ma5s6rLF5BJ
z1JYhsR4EQs4K8MSjM4ieWDy3wgNDmMU08HczvhZefk6c/mrYAV2ylbA2Yynmaoz
okRe9qJQ7UAjXNUkyo9/MBcz8czJ9yolDvpLonWsG++eQkr5zyF8siwctgZ9xdTr
TAdkPhztHVB2LupyKz+7FqP5a1PBoY7cvfSU9tXsp4sZoW4TDL9YuzTTLmJOaQ==
-----END CERTIFICATE-----
Generated at Wed May 13 05:35:56 2026 by rpki-client