Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/SyLOIp0kgjoWQcew30ARcomgpA8.roa
File: SyLOIp0kgjoWQcew30ARcomgpA8.roa (raw, json)
Hash identifier: tw+paFoNwVB8IkQny5dTEcgX/0463MTe3dsdhAVbLtI=
Subject key identifier: 4B:22:CE:22:9D:24:82:3A:16:41:C7:B0:DF:40:11:72:89:A0:A4:0F
Certificate issuer: /CN=cbe3da3582a22830ec4e67547e75fa3b9da20b23
Certificate serial: 019DB37E37977C6D4B3D22591BCD2A08DB8C
Authority key identifier: CB:E3:DA:35:82:A2:28:30:EC:4E:67:54:7E:75:FA:3B:9D:A2:0B:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y-PaNYKiKDDsTmdUfnX6O52iCyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/SyLOIp0kgjoWQcew30ARcomgpA8.roa
Signing time: Wed 22 Apr 2026 04:41:26 +0000
ROA not before: Wed 22 Apr 2026 04:41:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25761
IP address blocks: 2a11:b40:55::/48 maxlen: 48
2a11:b44:5503::/48 maxlen: 48
2a11:b44:5504::/48 maxlen: 48
2a11:b44:5505::/48 maxlen: 48
2a11:b44:5506::/48 maxlen: 48
2a11:b44:5507::/48 maxlen: 48
2a11:b44:5508::/48 maxlen: 48
2a11:b44:5509::/48 maxlen: 48
2a11:b44:5510::/48 maxlen: 48
2a11:b44:5511::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/y-PaNYKiKDDsTmdUfnX6O52iCyM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/y-PaNYKiKDDsTmdUfnX6O52iCyM.mft
rsync://rpki.ripe.net/repository/DEFAULT/y-PaNYKiKDDsTmdUfnX6O52iCyM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 19:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b3:7e:37:97:7c:6d:4b:3d:22:59:1b:cd:2a:08:db:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbe3da3582a22830ec4e67547e75fa3b9da20b23
Validity
Not Before: Apr 22 04:41:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4b22ce229d24823a1641c7b0df40117289a0a40f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:cf:76:7f:44:2d:c0:59:a8:b1:21:1d:fa:7f:
a7:6d:b7:23:05:a4:a4:29:02:2f:45:62:50:03:8c:
70:06:b5:5b:55:54:a0:61:08:70:28:b5:43:97:98:
3a:db:86:b1:8d:21:f3:8a:1c:88:4a:63:14:54:a1:
8e:04:7d:0b:49:e4:71:94:f0:7b:fc:ad:3d:77:38:
54:93:27:81:db:11:45:e4:42:45:42:34:a5:1c:53:
fe:22:b9:f7:cd:51:b4:50:ff:02:60:2a:80:d2:fd:
e9:61:f9:cd:20:64:21:0c:b6:d8:4e:8a:4a:fc:77:
a7:db:d1:25:c4:e5:e0:1b:c3:fe:58:ba:d9:70:59:
82:82:da:b0:3b:85:b5:39:a4:60:8f:e2:51:2b:b6:
c4:23:ac:a2:08:6e:5d:c5:03:08:de:c7:f4:1a:2f:
4b:a7:00:45:06:e7:96:6d:63:91:5e:6c:ce:24:e7:
b3:65:e1:55:36:d9:bb:75:1d:e5:13:05:f0:6f:86:
b8:93:fd:82:16:71:a2:91:b5:b6:21:c7:00:35:86:
64:0f:13:d3:bb:f5:f9:00:d8:ef:30:2d:7a:41:1a:
c0:71:f7:83:97:33:0a:b2:93:44:6c:94:9d:18:a2:
1a:15:7e:01:e3:47:4c:cc:4c:21:58:ba:a2:fa:a9:
25:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:22:CE:22:9D:24:82:3A:16:41:C7:B0:DF:40:11:72:89:A0:A4:0F
X509v3 Authority Key Identifier:
keyid:CB:E3:DA:35:82:A2:28:30:EC:4E:67:54:7E:75:FA:3B:9D:A2:0B:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y-PaNYKiKDDsTmdUfnX6O52iCyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/SyLOIp0kgjoWQcew30ARcomgpA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/68cfc5-2ec6-4b59-b12e-6e36b2f1706b/1/y-PaNYKiKDDsTmdUfnX6O52iCyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:b40:55::/48
2a11:b44:5503::-2a11:b44:5509:ffff:ffff:ffff:ffff:ffff
2a11:b44:5510::/47
Signature Algorithm: sha256WithRSAEncryption
3d:d0:bf:ba:3c:e0:83:90:3b:25:3f:63:3e:e0:2b:2f:c8:87:
47:2e:3c:49:b5:66:19:47:12:cd:f8:3d:c2:4d:05:2c:0b:eb:
5e:43:0c:33:88:e6:07:2a:c1:dd:51:dc:54:b0:01:ff:11:a5:
9a:df:7b:76:d0:47:44:12:50:06:1c:69:54:a6:3a:b0:97:9d:
9d:4a:a2:b3:b4:e4:d3:40:94:a1:21:98:87:ef:36:a9:49:7a:
d0:d4:3c:f8:16:60:a8:97:a1:85:e9:9c:c9:9b:15:bc:4e:fe:
cf:3d:e6:a0:42:1d:8b:ef:b4:60:8c:ac:58:c8:aa:d0:80:49:
5f:f5:76:61:fc:f4:77:9d:ab:3e:6f:37:a2:4a:0c:5a:d8:ba:
77:35:a9:62:27:d7:ee:8b:5d:56:e0:bc:90:b6:13:a1:a3:2e:
41:32:00:eb:0b:42:b7:62:31:e7:29:cb:42:fe:9b:cd:63:5f:
9c:c2:54:da:60:09:9e:36:63:8b:31:e4:36:29:ce:8e:df:a3:
81:01:e3:f9:8c:3a:e5:9f:b2:13:ea:9f:ee:c0:d2:6a:4b:c4:
11:9a:fa:e6:48:23:e3:ca:b9:57:37:f6:be:be:b4:78:6d:46:
f5:67:49:67:a3:f4:e6:d4:0a:0d:07:72:21:df:41:96:8e:3e:
2f:fa:34:58
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ2zfjeXfG1LPSJZG80qCNuMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZTNkYTM1ODJhMjI4MzBlYzRlNjc1NDdlNzVmYTNiOWRh
MjBiMjMwHhcNMjYwNDIyMDQ0MTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjIyY2UyMjlkMjQ4MjNhMTY0MWM3YjBkZjQwMTE3Mjg5YTBhNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5892f0QtwFmosSEd+n+nbbcjBaSk
KQIvRWJQA4xwBrVbVVSgYQhwKLVDl5g624axjSHzihyISmMUVKGOBH0LSeRxlPB7
/K09dzhUkyeB2xFF5EJFQjSlHFP+Irn3zVG0UP8CYCqA0v3pYfnNIGQhDLbYTopK
/Hen29ElxOXgG8P+WLrZcFmCgtqwO4W1OaRgj+JRK7bEI6yiCG5dxQMI3sf0Gi9L
pwBFBueWbWORXmzOJOezZeFVNtm7dR3lEwXwb4a4k/2CFnGikbW2IccANYZkDxPT
u/X5ANjvMC16QRrAcfeDlzMKspNEbJSdGKIaFX4B40dMzEwhWLqi+qklJQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEsiziKdJII6FkHHsN9AEXKJoKQPMB8GA1UdIwQY
MBaAFMvj2jWCoigw7E5nVH51+judogsjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveS1QYU5ZS2lLRERzVG1kVWZuWDZPNTJpQ3lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC82OGNmYzUtMmVjNi00YjU5LWIxMmUt
NmUzNmIyZjE3MDZiLzEvU3lMT0lwMGtnam9XUWNldzMwQVJjb21ncEE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC82OGNmYzUtMmVjNi00YjU5LWIxMmUtNmUzNmIyZjE3MDZi
LzEveS1QYU5ZS2lLRERzVG1kVWZuWDZPNTJpQ3lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcAKhELQABV
MBIDBwAqEQtEVQMDBwEqEQtEVQgDBwEqEQtEVRAwDQYJKoZIhvcNAQELBQADggEB
AD3Qv7o84IOQOyU/Yz7gKy/Ih0cuPEm1ZhlHEs34PcJNBSwL615DDDOI5gcqwd1R
3FSwAf8RpZrfe3bQR0QSUAYcaVSmOrCXnZ1KorO05NNAlKEhmIfvNqlJetDUPPgW
YKiXoYXpnMmbFbxO/s895qBCHYvvtGCMrFjIqtCASV/1dmH89Hedqz5vN6JKDFrY
unc1qWIn1+6LXVbgvJC2E6GjLkEyAOsLQrdiMecpy0L+m81jX5zCVNpgCZ42Y4sx
5DYpzo7fo4EB4/mMOuWfshPqn+7A0mpLxBGa+uZII+PKuVc39r6+tHhtRvVnSWej
9ObUCg0HciHfQZaOPi/6NFg=
-----END CERTIFICATE-----
Generated at Wed May 13 06:56:57 2026 by rpki-client