Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/NV2elJY5GbLtF-8XlJluZMFiLE4.roa
File: NV2elJY5GbLtF-8XlJluZMFiLE4.roa (raw, json)
Hash identifier: NuN931tACouEZPBHD68kuj2kgkRWx5yBVRTsgr/PC0M=
Subject key identifier: 35:5D:9E:94:96:39:19:B2:ED:17:EF:17:94:99:6E:64:C1:62:2C:4E
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 019E89362A5982E6AF86669E64CB12E8CE2F
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/NV2elJY5GbLtF-8XlJluZMFiLE4.roa
Signing time: Tue 02 Jun 2026 16:41:28 +0000
ROA not before: Tue 02 Jun 2026 16:41:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401776
IP address blocks: 2a11:1000::/29 maxlen: 29
2a11:bec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 16:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:89:36:2a:59:82:e6:af:86:66:9e:64:cb:12:e8:ce:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Jun 2 16:41:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=355d9e94963919b2ed17ef1794996e64c1622c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:46:e4:4a:fb:48:50:22:b8:c6:93:fc:df:5e:
0a:49:18:13:9c:ad:c4:e2:42:8b:86:ff:cd:94:ee:
cb:5c:07:9e:88:b3:03:d3:30:5a:d0:c4:70:47:d6:
c9:c8:4b:a8:6e:22:f3:ef:e9:25:7c:a4:f8:f0:e0:
7e:c2:ec:66:63:af:79:50:5c:b7:46:7f:43:3b:a8:
5f:5c:2a:ea:73:a8:01:98:1c:87:b6:d3:76:c6:25:
4a:a4:2e:99:b6:36:e9:4c:50:3b:c5:8f:79:fa:ee:
19:71:d3:da:6b:7a:0f:33:53:3a:31:0f:c7:aa:3a:
3b:79:3a:2e:09:b4:c2:3d:61:96:b4:91:ca:5e:ba:
d6:0d:0c:c5:d0:7c:98:fd:ad:7d:56:6b:0d:17:bc:
90:7e:a1:f4:46:d3:e7:b6:13:f7:bc:0a:d5:f3:ba:
6e:36:a0:31:22:1f:80:04:86:1d:f6:db:72:8d:d2:
15:4b:b9:23:92:10:c8:6c:16:6c:e4:8d:3b:67:1e:
c0:1d:80:de:67:53:18:15:32:df:a1:c0:fd:4f:9e:
ba:05:0b:e9:58:ac:45:6f:c7:11:27:6e:a1:96:6e:
29:02:96:7d:5c:6d:ab:f5:e3:38:24:27:73:c1:16:
79:dd:d7:39:0e:e7:db:8d:05:9c:47:f6:d8:03:fe:
d2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:5D:9E:94:96:39:19:B2:ED:17:EF:17:94:99:6E:64:C1:62:2C:4E
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/NV2elJY5GbLtF-8XlJluZMFiLE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1000::/29
2a11:bec0::/29
Signature Algorithm: sha256WithRSAEncryption
b2:9a:56:9e:66:a0:e0:6e:2f:20:2d:82:47:71:e5:a5:bc:8e:
69:3c:c2:8a:bf:7a:b0:09:a9:5c:82:63:07:a8:a7:d5:22:70:
4d:0d:68:d7:7a:b7:ec:84:d6:5f:c0:89:45:4f:85:d5:b8:2a:
8d:63:38:b3:6c:0c:0f:c2:25:b3:7c:4b:39:9f:42:57:0b:11:
0d:4a:cf:70:99:62:4c:9b:8c:63:0b:45:72:24:4e:ce:79:00:
4e:60:40:94:da:52:d2:23:b7:dd:fd:fa:5e:e1:42:f3:d5:a1:
b6:0f:83:14:d8:46:12:b5:d7:fe:18:e2:b4:f6:25:59:18:90:
4c:6d:68:fa:36:43:dd:60:99:46:17:ba:9d:3a:be:0c:11:96:
de:cd:a2:11:f1:07:77:57:70:bf:61:de:c7:9d:74:00:bb:d6:
64:18:e7:e2:19:1b:c1:bd:10:0f:0f:73:c5:66:42:77:10:b6:
4a:c9:08:e5:9e:92:ee:c3:36:9f:bc:c1:d0:5f:fc:91:84:74:
51:0e:44:e1:ec:87:14:6d:05:67:b4:04:da:de:d5:77:99:26:
91:51:ba:cd:c3:12:8e:95:a3:78:cf:6a:48:27:2b:6e:86:1c:
67:81:68:78:cc:e4:5d:6d:fb:bb:4c:26:4e:8f:59:ca:6d:3a:
1e:4f:93:67
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ6JNipZguavhmaeZMsS6M4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjYwNjAyMTY0MTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTVkOWU5NDk2MzkxOWIyZWQxN2VmMTc5NDk5NmU2NGMxNjIyYzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0bkSvtIUCK4xpP8314KSRgTnK3E
4kKLhv/NlO7LXAeeiLMD0zBa0MRwR9bJyEuobiLz7+klfKT48OB+wuxmY695UFy3
Rn9DO6hfXCrqc6gBmByHttN2xiVKpC6ZtjbpTFA7xY95+u4ZcdPaa3oPM1M6MQ/H
qjo7eTouCbTCPWGWtJHKXrrWDQzF0HyY/a19VmsNF7yQfqH0RtPnthP3vArV87pu
NqAxIh+ABIYd9ttyjdIVS7kjkhDIbBZs5I07Zx7AHYDeZ1MYFTLfocD9T566BQvp
WKxFb8cRJ26hlm4pApZ9XG2r9eM4JCdzwRZ53dc5DufbjQWcR/bYA/7SXwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDVdnpSWORmy7RfvF5SZbmTBYixOMB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvTlYyZWxKWTVHYkx0Ri04WGxKbHVaTUZpTEU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhEQAAMF
AyoRvsAwDQYJKoZIhvcNAQELBQADggEBALKaVp5moOBuLyAtgkdx5aW8jmk8woq/
erAJqVyCYweop9UicE0NaNd6t+yE1l/AiUVPhdW4Ko1jOLNsDA/CJbN8SzmfQlcL
EQ1Kz3CZYkybjGMLRXIkTs55AE5gQJTaUtIjt939+l7hQvPVobYPgxTYRhK11/4Y
4rT2JVkYkExtaPo2Q91gmUYXup06vgwRlt7NohHxB3dXcL9h3seddAC71mQY5+IZ
G8G9EA8Pc8VmQncQtkrJCOWeku7DNp+8wdBf/JGEdFEOROHshxRtBWe0BNre1XeZ
JpFRus3DEo6Vo3jPakgnK26GHGeBaHjM5F1t+7tMJk6PWcptOh5Pk2c=
-----END CERTIFICATE-----
Generated at Fri Jun 5 23:33:14 2026 by rpki-client