Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/qxh4ePvu5bsopWasfzDeFkJpzFU.roa
File: qxh4ePvu5bsopWasfzDeFkJpzFU.roa (raw, json)
Hash identifier: Pag+HQMgvFAsKkQpY1mX2vKDLGA3ZEYBRUSYskRKFgw=
Subject key identifier: AB:18:78:78:FB:EE:E5:BB:28:A5:66:AC:7F:30:DE:16:42:69:CC:55
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 019ECFA84C9A8B3FE49454F57BD4F5419BC1
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/qxh4ePvu5bsopWasfzDeFkJpzFU.roa
Signing time: Tue 16 Jun 2026 08:59:33 +0000
ROA not before: Tue 16 Jun 2026 08:59:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60262
IP address blocks: 2a11:1e80::/29 maxlen: 29
2a11:37c0::/29 maxlen: 29
2a11:4300::/29 maxlen: 29
2a11:4600::/29 maxlen: 29
2a11:4ec0::/29 maxlen: 29
2a11:74c0::/29 maxlen: 29
2a11:8580::/29 maxlen: 29
2a11:9100::/29 maxlen: 29
2a11:d780::/29 maxlen: 29
2a11:e240::/29 maxlen: 29
2a12:980::/29 maxlen: 29
2a12:6080::/29 maxlen: 29
2a12:6f80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 19:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:cf:a8:4c:9a:8b:3f:e4:94:54:f5:7b:d4:f5:41:9b:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Jun 16 08:59:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ab187878fbeee5bb28a566ac7f30de164269cc55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:de:6f:5a:70:e3:c1:ad:28:16:cd:29:2e:76:
a8:c9:1a:f7:38:52:67:c9:55:17:de:0e:74:6b:2e:
f8:c1:aa:77:95:a8:33:b7:ea:c7:25:4c:3e:1a:8d:
8d:48:62:1f:b6:1f:b6:65:c4:74:94:64:5e:e0:95:
f2:13:1f:4e:79:72:79:c8:12:0f:81:90:10:a5:fb:
7c:6f:93:42:e6:22:5d:8d:d7:0c:d6:af:be:c0:0c:
fb:c3:29:2d:65:2a:f6:4d:12:98:55:91:f9:26:6e:
27:36:07:66:e6:69:51:64:ac:c5:db:0b:3f:dd:bb:
35:bb:fc:06:60:fc:4b:30:9c:f9:23:e0:9f:23:70:
5d:d6:3e:4a:c9:f8:b6:87:d1:4a:df:27:cd:78:10:
7d:e6:f7:00:d4:df:6c:ab:ae:57:24:2e:30:95:de:
68:be:5a:05:97:b6:08:58:8b:5e:e7:e8:10:49:4e:
44:63:11:55:c4:f2:f4:e6:06:21:ac:52:6c:b2:c4:
91:3d:fc:f7:84:cb:ec:95:5d:29:82:f3:fe:4c:1a:
15:8c:29:36:38:92:3f:16:55:cc:98:13:be:25:58:
4f:d8:82:c2:b1:ed:1b:08:f0:42:8e:bf:20:a8:47:
73:be:ab:1c:70:d3:7f:38:a9:ba:59:e4:89:94:b8:
34:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:18:78:78:FB:EE:E5:BB:28:A5:66:AC:7F:30:DE:16:42:69:CC:55
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/qxh4ePvu5bsopWasfzDeFkJpzFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:1e80::/29
2a11:37c0::/29
2a11:4300::/29
2a11:4600::/29
2a11:4ec0::/29
2a11:74c0::/29
2a11:8580::/29
2a11:9100::/29
2a11:d780::/29
2a11:e240::/29
2a12:980::/29
2a12:6080::/29
2a12:6f80::/29
Signature Algorithm: sha256WithRSAEncryption
59:8e:ab:7a:4c:06:40:71:f6:c9:37:50:51:7e:b1:f4:67:d8:
5b:05:4a:df:e8:55:39:68:10:94:62:75:fd:93:bd:0d:ff:e5:
d7:d6:aa:9c:51:52:91:4c:25:77:9b:b6:c7:15:9d:74:52:cd:
ab:1a:3a:ac:47:18:7d:b2:0f:b2:41:74:19:c9:cf:ff:2f:4a:
b9:a4:21:04:7c:04:4e:fc:18:dc:66:a6:73:c4:4f:37:c3:50:
4a:39:ca:1e:13:ef:4d:61:4b:d5:c3:7b:70:6a:7d:68:20:92:
30:73:a2:b2:86:d3:c1:a3:43:bd:e9:ce:59:ad:e4:9c:2b:60:
75:64:b1:8c:d2:97:ce:7c:03:21:c9:3e:3b:73:44:ab:d2:f5:
10:b0:41:3f:8e:e5:de:71:b9:6d:cf:01:39:01:58:02:3a:18:
bd:36:e8:87:76:74:2a:2f:36:48:ad:38:7e:2f:fe:4a:d5:20:
69:3b:ca:b7:53:b3:b1:f3:fb:f5:a5:a8:94:c0:ce:3c:1f:44:
06:3c:11:25:39:fb:37:73:84:62:e8:08:2b:bc:91:1b:55:5e:
35:f6:e7:ab:e6:5f:82:55:34:7b:29:af:03:b5:5d:09:d4:ab:
17:17:6f:8d:4b:74:d5:4a:23:26:57:5b:9b:ed:1e:2f:46:b0:
38:f7:13:23
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZ7PqEyaiz/klFT1e9T1QZvBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjYwNjE2MDg1OTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjE4Nzg3OGZiZWVlNWJiMjhhNTY2YWM3ZjMwZGUxNjQyNjljYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN5vWnDjwa0oFs0pLnaoyRr3OFJn
yVUX3g50ay74wap3lagzt+rHJUw+Go2NSGIfth+2ZcR0lGRe4JXyEx9OeXJ5yBIP
gZAQpft8b5NC5iJdjdcM1q++wAz7wyktZSr2TRKYVZH5Jm4nNgdm5mlRZKzF2ws/
3bs1u/wGYPxLMJz5I+CfI3Bd1j5Kyfi2h9FK3yfNeBB95vcA1N9sq65XJC4wld5o
vloFl7YIWIte5+gQSU5EYxFVxPL05gYhrFJsssSRPfz3hMvslV0pgvP+TBoVjCk2
OJI/FlXMmBO+JVhP2ILCse0bCPBCjr8gqEdzvqsccNN/OKm6WeSJlLg0zwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFKsYeHj77uW7KKVmrH8w3hZCacxVMB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvcXhoNGVQdnU1YnNvcFdhc2Z6RGVGa0pwekZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBhBAIAAjBbAwUDKhEegAMF
AyoRN8ADBQMqEUMAAwUDKhFGAAMFAyoRTsADBQMqEXTAAwUDKhGFgAMFAyoRkQAD
BQMqEdeAAwUDKhHiQAMFAyoSCYADBQMqEmCAAwUDKhJvgDANBgkqhkiG9w0BAQsF
AAOCAQEAWY6rekwGQHH2yTdQUX6x9GfYWwVK3+hVOWgQlGJ1/ZO9Df/l19aqnFFS
kUwld5u2xxWddFLNqxo6rEcYfbIPskF0GcnP/y9KuaQhBHwETvwY3Gamc8RPN8NQ
SjnKHhPvTWFL1cN7cGp9aCCSMHOisobTwaNDvenOWa3knCtgdWSxjNKXznwDIck+
O3NEq9L1ELBBP47l3nG5bc8BOQFYAjoYvTboh3Z0Ki82SK04fi/+StUgaTvKt1Oz
sfP79aWolMDOPB9EBjwRJTn7N3OEYugIK7yRG1VeNfbnq+ZfglU0eymvA7VdCdSr
FxdvjUt01UojJldbm+0eL0awOPcTIw==
-----END CERTIFICATE-----
Generated at Sat Jun 20 04:10:53 2026 by rpki-client