Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/2QfcZr1pSsuW1CwA-vTKFhuyw48.roa
File: 2QfcZr1pSsuW1CwA-vTKFhuyw48.roa (raw, json)
Hash identifier: BPNYiNMYMk2ufgPdFVS86dmWT3V9GZCkDDolNvp9iYI=
Subject key identifier: D9:07:DC:66:BD:69:4A:CB:96:D4:2C:00:FA:F4:CA:16:1B:B2:C3:8F
Certificate issuer: /CN=5659b0ba8407be11cfc911bd31ed140cd1c6046c
Certificate serial: 019E1EB06392150C595D725FFDBB2D213FE2
Authority key identifier: 56:59:B0:BA:84:07:BE:11:CF:C9:11:BD:31:ED:14:0C:D1:C6:04:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/2QfcZr1pSsuW1CwA-vTKFhuyw48.roa
Signing time: Wed 13 May 2026 00:15:36 +0000
ROA not before: Wed 13 May 2026 00:15:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212513
IP address blocks: 2a10:fa80:1000::/48 maxlen: 48
2a10:fa80:1001::/48 maxlen: 48
2a10:fa80:1002::/48 maxlen: 48
2a10:fa80:1003::/48 maxlen: 48
2a10:fa80:1005::/48 maxlen: 48
2a10:fa80:1006::/48 maxlen: 48
2a10:fa80:1007::/48 maxlen: 48
2a10:fa80:1008::/48 maxlen: 48
2a10:fa80:1009::/48 maxlen: 48
2a10:fa80:100a::/48 maxlen: 48
2a10:fa80:100b::/48 maxlen: 48
2a10:fa80:100c::/48 maxlen: 48
2a10:fa80:100d::/48 maxlen: 48
2a10:fa80:100e::/48 maxlen: 48
2a10:fa80:100f::/48 maxlen: 48
2a10:fa80:1010::/48 maxlen: 48
2a10:fa80:1011::/48 maxlen: 48
2a10:fa80:1012::/48 maxlen: 48
2a10:fa80:1013::/48 maxlen: 48
2a10:fa80:1014::/48 maxlen: 48
2a10:fa80:1015::/48 maxlen: 48
2a10:fa80:1016::/48 maxlen: 48
2a10:fa80:1017::/48 maxlen: 48
2a10:fa80:1018::/48 maxlen: 48
2a10:fa80:1019::/48 maxlen: 48
2a10:fa80:101a::/48 maxlen: 48
2a10:fa80:101b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.mft
rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:b0:63:92:15:0c:59:5d:72:5f:fd:bb:2d:21:3f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5659b0ba8407be11cfc911bd31ed140cd1c6046c
Validity
Not Before: May 13 00:15:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d907dc66bd694acb96d42c00faf4ca161bb2c38f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:89:cc:22:f0:d6:7f:6d:e5:75:b3:60:48:57:
3c:23:a3:b4:5c:c7:72:c6:6f:a5:18:ab:43:17:f8:
61:13:37:a2:06:27:6c:96:cc:a1:64:fc:63:7a:4d:
27:76:db:20:42:9d:69:38:c5:ff:2d:0f:f5:26:2f:
5f:bb:6e:28:a1:b8:a4:5d:01:ea:ea:5d:fd:4c:30:
a1:e3:07:b0:b7:a6:24:64:96:93:44:e5:1e:c5:79:
e1:a0:c5:2e:21:be:5f:b1:00:bd:4f:fc:ae:fd:0a:
b9:4c:33:b3:91:a0:42:12:48:8c:36:79:e1:52:4f:
8d:a5:2d:d9:15:61:2b:4b:72:39:68:0f:f6:c6:36:
93:12:af:71:47:b0:d7:02:40:0f:e6:8c:71:fa:56:
b8:b9:96:1d:22:0e:28:11:49:1e:f2:f0:84:5f:72:
59:7c:7a:bc:e3:13:03:8a:27:a3:86:d9:70:ce:01:
45:57:54:5b:a9:0b:86:e6:66:a2:83:d4:25:bb:e2:
d8:55:4a:90:14:cd:ac:66:99:8f:b4:2f:f0:a5:89:
42:99:9a:97:6c:e6:a0:17:1c:f1:51:30:22:4b:aa:
d4:73:8f:89:70:1f:7b:0e:3e:c8:5d:0c:47:bf:47:
2c:40:2a:8f:33:2c:61:cf:53:c3:63:94:bd:42:3b:
55:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:07:DC:66:BD:69:4A:CB:96:D4:2C:00:FA:F4:CA:16:1B:B2:C3:8F
X509v3 Authority Key Identifier:
keyid:56:59:B0:BA:84:07:BE:11:CF:C9:11:BD:31:ED:14:0C:D1:C6:04:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/2QfcZr1pSsuW1CwA-vTKFhuyw48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:fa80:1000::/46
2a10:fa80:1005::-2a10:fa80:101b:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6d:d3:12:ef:1a:91:26:ec:e7:46:9b:08:3e:3d:3d:fd:8e:54:
ad:f7:f4:ab:0a:30:5d:d4:b6:9b:a3:d3:89:57:8b:c4:50:2b:
e2:f6:12:eb:6f:fa:35:05:7d:a0:c3:9b:5a:a6:2c:ec:1d:82:
42:ff:61:7b:ca:d6:ce:1f:2b:07:6e:09:a7:3b:24:65:76:ec:
4f:9f:ed:73:b1:43:46:50:c1:52:b6:fe:53:e1:d4:4f:cd:ce:
d1:d4:11:47:e1:6a:57:b7:15:02:a8:88:81:7e:62:7c:a7:25:
25:cb:47:60:10:56:1e:0b:4b:78:8b:3a:a0:05:09:1d:86:8f:
44:10:68:ea:d3:dc:ea:0f:50:d9:9f:ba:9b:00:f8:c4:db:a2:
a0:b3:78:b1:8b:d6:40:4a:1b:e1:66:fd:f2:d4:be:e4:ff:1f:
77:ff:a3:a8:71:a2:8e:78:7f:d3:97:05:ca:6c:cf:17:81:a9:
4a:1c:7a:f5:18:41:69:2c:c7:72:db:a6:6b:ff:79:65:bd:d9:
67:15:77:29:4b:b4:72:9c:9b:14:50:93:a1:21:f3:d5:e4:61:
68:f4:64:5f:04:50:dc:37:31:c5:da:32:16:de:43:09:8e:8b:
41:c6:23:30:3e:be:17:46:5c:f1:7f:24:f9:65:08:49:98:ee:
98:f6:a2:68
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ4esGOSFQxZXXJf/bstIT/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NTliMGJhODQwN2JlMTFjZmM5MTFiZDMxZWQxNDBjZDFj
NjA0NmMwHhcNMjYwNTEzMDAxNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTA3ZGM2NmJkNjk0YWNiOTZkNDJjMDBmYWY0Y2ExNjFiYjJjMzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmInMIvDWf23ldbNgSFc8I6O0XMdy
xm+lGKtDF/hhEzeiBidslsyhZPxjek0ndtsgQp1pOMX/LQ/1Ji9fu24oobikXQHq
6l39TDCh4wewt6YkZJaTROUexXnhoMUuIb5fsQC9T/yu/Qq5TDOzkaBCEkiMNnnh
Uk+NpS3ZFWErS3I5aA/2xjaTEq9xR7DXAkAP5oxx+la4uZYdIg4oEUke8vCEX3JZ
fHq84xMDiiejhtlwzgFFV1RbqQuG5maig9Qlu+LYVUqQFM2sZpmPtC/wpYlCmZqX
bOagFxzxUTAiS6rUc4+JcB97Dj7IXQxHv0csQCqPMyxhz1PDY5S9QjtVsQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNkH3Ga9aUrLltQsAPr0yhYbssOPMB8GA1UdIwQY
MBaAFFZZsLqEB74Rz8kRvTHtFAzRxgRsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmxtd3VvUUh2aEhQeVJHOU1lMFVETkhHQkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kZDhlMzEtMDBiNS00MjEyLTllMDEt
MjM5NGM2NjAwMDIyLzEvMlFmY1pyMXBTc3VXMUN3QS12VEtGaHV5dzQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kZDhlMzEtMDBiNS00MjEyLTllMDEtMjM5NGM2NjAwMDIy
LzEvVmxtd3VvUUh2aEhQeVJHOU1lMFVETkhHQkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdAwcCKhD6gBAA
MBIDBwAqEPqAEAUDBwIqEPqAEBgwDQYJKoZIhvcNAQELBQADggEBAG3TEu8akSbs
50abCD49Pf2OVK339KsKMF3Utpuj04lXi8RQK+L2Eutv+jUFfaDDm1qmLOwdgkL/
YXvK1s4fKwduCac7JGV27E+f7XOxQ0ZQwVK2/lPh1E/NztHUEUfhale3FQKoiIF+
YnynJSXLR2AQVh4LS3iLOqAFCR2Gj0QQaOrT3OoPUNmfupsA+MTboqCzeLGL1kBK
G+Fm/fLUvuT/H3f/o6hxoo54f9OXBcpszxeBqUocevUYQWksx3Lbpmv/eWW92WcV
dylLtHKcmxRQk6Eh89XkYWj0ZF8EUNw3McXaMhbeQwmOi0HGIzA+vhdGXPF/JPll
CEmY7pj2omg=
-----END CERTIFICATE-----
Generated at Wed May 13 12:25:25 2026 by rpki-client