Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/N9x7xWffEFub_DrKRecQL_Xz4Yw.roa
File: N9x7xWffEFub_DrKRecQL_Xz4Yw.roa (raw, json)
Hash identifier: Ne+cvzMxCGMNNRQLtosrt7wHRjAbylqgnH7X3wnwcrA=
Subject key identifier: 37:DC:7B:C5:67:DF:10:5B:9B:FC:3A:CA:45:E7:10:2F:F5:F3:E1:8C
Certificate issuer: /CN=5659b0ba8407be11cfc911bd31ed140cd1c6046c
Certificate serial: 019DCFDD188522324B2BFC68582282BB4C3F
Authority key identifier: 56:59:B0:BA:84:07:BE:11:CF:C9:11:BD:31:ED:14:0C:D1:C6:04:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/N9x7xWffEFub_DrKRecQL_Xz4Yw.roa
Signing time: Mon 27 Apr 2026 16:54:26 +0000
ROA not before: Mon 27 Apr 2026 16:54:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211281
IP address blocks: 2a10:fa82:c000::/36 maxlen: 128
2a10:fa82:c000::/40 maxlen: 40
2a10:fa82:c100::/40 maxlen: 40
2a10:fa82:c200::/40 maxlen: 40
2a10:fa82:c300::/40 maxlen: 40
2a10:fa82:c400::/40 maxlen: 40
2a10:fa82:c500::/40 maxlen: 40
2a10:fa82:c600::/40 maxlen: 40
2a10:fa82:c700::/40 maxlen: 40
2a10:fa82:c800::/40 maxlen: 40
2a10:fa82:c900::/40 maxlen: 40
2a10:fa82:ca00::/40 maxlen: 40
2a10:fa82:cb00::/40 maxlen: 40
2a10:fa82:cc00::/40 maxlen: 40
2a10:fa82:cd00::/40 maxlen: 40
2a10:fa82:ce00::/40 maxlen: 40
2a10:fa82:cf00::/40 maxlen: 40
2a10:fa82:f000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.mft
rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:dd:18:85:22:32:4b:2b:fc:68:58:22:82:bb:4c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5659b0ba8407be11cfc911bd31ed140cd1c6046c
Validity
Not Before: Apr 27 16:54:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=37dc7bc567df105b9bfc3aca45e7102ff5f3e18c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d9:2e:96:f6:7c:d5:4a:c7:f9:26:70:62:47:
fd:bb:dc:1f:60:c4:d5:db:29:6c:c1:12:9e:b8:70:
1d:23:e2:6f:30:dd:03:7c:48:b0:e5:81:3f:58:62:
00:c6:fe:0a:cd:31:fa:e6:99:01:f1:b3:58:b4:dd:
5c:65:1d:b4:e9:47:01:b2:5b:70:b4:60:29:4a:09:
24:15:af:c4:22:cb:d2:7b:af:0c:b1:85:32:d7:d8:
a2:3a:dd:2a:7c:ae:31:6a:f4:73:62:54:71:d0:ad:
cc:c7:34:e2:6c:bb:c2:2f:29:29:96:e9:0f:4f:0b:
b6:8a:ee:94:ef:22:65:87:54:5a:d7:6e:aa:66:5c:
4f:d9:b1:23:f5:53:8c:ab:15:f6:65:39:b2:85:b9:
47:ea:2b:97:81:3d:6e:d9:e5:22:ed:07:e9:4d:24:
67:e0:a4:59:65:08:c0:00:0b:0b:94:0f:fc:c9:22:
3f:87:66:5d:20:81:06:c2:e3:c5:62:df:86:9a:f0:
53:cb:a7:a2:e5:7e:ea:20:ca:87:36:6d:ec:57:ee:
e9:80:a6:8c:4c:72:de:8c:47:b1:f9:b8:d9:7c:6b:
a2:b5:4f:62:4a:75:2d:d0:de:35:34:fe:71:53:63:
98:42:94:94:ae:82:c2:c8:fe:ce:87:42:86:62:06:
5e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:DC:7B:C5:67:DF:10:5B:9B:FC:3A:CA:45:E7:10:2F:F5:F3:E1:8C
X509v3 Authority Key Identifier:
keyid:56:59:B0:BA:84:07:BE:11:CF:C9:11:BD:31:ED:14:0C:D1:C6:04:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/N9x7xWffEFub_DrKRecQL_Xz4Yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:fa82:c000::/36
2a10:fa82:f000::/40
Signature Algorithm: sha256WithRSAEncryption
56:fe:e3:0e:72:08:27:4b:2c:d7:40:1a:53:84:34:d0:e6:f8:
5a:92:b0:6a:36:cc:78:79:95:cf:a3:68:c9:94:35:db:1b:21:
e2:a5:31:bd:97:a5:6a:e4:a5:26:b4:0d:54:fc:82:d3:4e:c4:
7a:9b:81:eb:74:25:79:5b:cf:ce:91:0a:a7:2b:b9:9c:d4:88:
b8:f9:f4:3f:b4:14:ea:26:9a:59:91:e0:20:45:80:c4:60:26:
c0:42:25:11:d0:4b:3b:1c:cd:8c:87:9b:ec:6a:23:b1:57:43:
ff:a6:1a:c2:6e:29:0c:69:99:60:67:4a:10:61:2d:1b:ea:86:
40:df:39:4b:c5:a6:06:d2:13:e5:18:c9:04:92:e3:71:4f:de:
a5:17:e9:9f:b5:09:a2:af:4c:7d:47:77:d8:7b:fe:6d:16:6b:
9b:a5:04:62:1d:05:3a:74:5c:db:98:10:5a:a8:d2:ec:5f:7b:
22:6a:65:3d:cb:85:06:03:a8:ef:18:ba:b4:2b:0f:dc:b8:b2:
8f:55:91:09:e2:be:bf:f8:6c:6e:ca:88:ae:e0:4b:72:16:0a:
ca:da:11:07:55:b6:f2:b2:80:bc:40:93:b7:bf:5d:97:04:cc:
d9:08:c7:d9:35:81:76:24:a1:dc:de:9b:7c:22:e7:ac:32:b7:
5d:36:e1:75
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZ3P3RiFIjJLK/xoWCKCu0w/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NTliMGJhODQwN2JlMTFjZmM5MTFiZDMxZWQxNDBjZDFj
NjA0NmMwHhcNMjYwNDI3MTY1NDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2RjN2JjNTY3ZGYxMDViOWJmYzNhY2E0NWU3MTAyZmY1ZjNlMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptkulvZ81UrH+SZwYkf9u9wfYMTV
2ylswRKeuHAdI+JvMN0DfEiw5YE/WGIAxv4KzTH65pkB8bNYtN1cZR206UcBsltw
tGApSgkkFa/EIsvSe68MsYUy19iiOt0qfK4xavRzYlRx0K3MxzTibLvCLykplukP
Twu2iu6U7yJlh1Ra126qZlxP2bEj9VOMqxX2ZTmyhblH6iuXgT1u2eUi7QfpTSRn
4KRZZQjAAAsLlA/8ySI/h2ZdIIEGwuPFYt+GmvBTy6ei5X7qIMqHNm3sV+7pgKaM
THLejEex+bjZfGuitU9iSnUt0N41NP5xU2OYQpSUroLCyP7Oh0KGYgZeVwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFDfce8Vn3xBbm/w6ykXnEC/18+GMMB8GA1UdIwQY
MBaAFFZZsLqEB74Rz8kRvTHtFAzRxgRsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmxtd3VvUUh2aEhQeVJHOU1lMFVETkhHQkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kZDhlMzEtMDBiNS00MjEyLTllMDEt
MjM5NGM2NjAwMDIyLzEvTjl4N3hXZmZFRnViX0RyS1JlY1FMX1h6NFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kZDhlMzEtMDBiNS00MjEyLTllMDEtMjM5NGM2NjAwMDIy
LzEvVmxtd3VvUUh2aEhQeVJHOU1lMFVETkhHQkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYEKhD6gsAD
BgAqEPqC8DANBgkqhkiG9w0BAQsFAAOCAQEAVv7jDnIIJ0ss10AaU4Q00Ob4WpKw
ajbMeHmVz6NoyZQ12xsh4qUxvZelauSlJrQNVPyC007EepuB63QleVvPzpEKpyu5
nNSIuPn0P7QU6iaaWZHgIEWAxGAmwEIlEdBLOxzNjIeb7GojsVdD/6Yawm4pDGmZ
YGdKEGEtG+qGQN85S8WmBtIT5RjJBJLjcU/epRfpn7UJoq9MfUd32Hv+bRZrm6UE
Yh0FOnRc25gQWqjS7F97ImplPcuFBgOo7xi6tCsP3Liyj1WRCeK+v/hsbsqIruBL
chYKytoRB1W28rKAvECTt79dlwTM2QjH2TWBdiSh3N6bfCLnrDK3XTbhdQ==
-----END CERTIFICATE-----
Generated at Wed May 13 12:25:37 2026 by rpki-client