Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/uuy6ECeKU5zPxhagn8FIr283yKQ.roa
File: uuy6ECeKU5zPxhagn8FIr283yKQ.roa (raw, json)
Hash identifier: OOKXwwUyMmEuY99QE9mTnSKY0ij2Tkkt4XqvRj4K6hc=
Subject key identifier: BA:EC:BA:10:27:8A:53:9C:CF:C6:16:A0:9F:C1:48:AF:6F:37:C8:A4
Certificate issuer: /CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Certificate serial: 019E83109A3DC67CC293C5AF932853C0B67A
Authority key identifier: 76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/uuy6ECeKU5zPxhagn8FIr283yKQ.roa
Signing time: Mon 01 Jun 2026 12:02:43 +0000
ROA not before: Mon 01 Jun 2026 12:02:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 2a11:2040::/29 maxlen: 32
2a12:1600::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:83:10:9a:3d:c6:7c:c2:93:c5:af:93:28:53:c0:b6:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767f3bd4bfbd3071c38cd4d7092bd3490920c3d9
Validity
Not Before: Jun 1 12:02:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=baecba10278a539ccfc616a09fc148af6f37c8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:df:89:c5:25:b9:c4:cf:56:5e:f8:ec:a6:db:
82:1d:64:52:ca:e1:33:ee:b9:9e:b6:da:49:8d:a7:
ea:a3:2c:6d:1c:00:00:5b:07:9d:67:3f:c8:49:eb:
06:51:d4:2b:a5:d8:54:74:ee:0e:1c:9a:92:f5:9f:
a3:ab:8e:a0:18:da:9e:a6:97:45:e4:60:e0:a1:e3:
0b:da:30:1f:5d:8d:35:22:32:21:fc:bd:20:c0:3f:
81:60:91:01:5c:79:fb:58:c5:c5:58:4e:60:bd:57:
ad:84:7e:c7:7d:4c:81:f8:e1:81:12:be:01:bf:6e:
2e:b1:eb:2a:81:a6:ba:04:31:1e:e3:99:39:6a:9d:
70:cf:0e:ab:ca:03:a1:c6:18:fd:aa:84:06:6d:67:
2b:fc:fb:bd:e4:53:0c:21:a6:7f:f5:01:06:e7:50:
f6:a4:5a:3d:63:2b:96:2a:6d:b0:1a:6e:da:c5:25:
6c:24:dc:4d:b1:8c:01:8b:f3:00:45:07:70:82:d2:
9b:c5:1d:bc:e5:d0:bf:54:2e:f4:d3:f4:6c:06:2d:
bd:ee:bc:d7:cd:9e:6e:c9:e8:96:c2:f3:44:8c:dc:
ec:45:dd:f3:61:ff:92:cc:a2:f2:75:40:9c:45:89:
2f:ee:c0:f4:52:23:cf:ed:47:e0:e5:97:5b:bc:44:
69:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:EC:BA:10:27:8A:53:9C:CF:C6:16:A0:9F:C1:48:AF:6F:37:C8:A4
X509v3 Authority Key Identifier:
keyid:76:7F:3B:D4:BF:BD:30:71:C3:8C:D4:D7:09:2B:D3:49:09:20:C3:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dn871L-9MHHDjNTXCSvTSQkgw9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/uuy6ECeKU5zPxhagn8FIr283yKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/ff5cc6-8f61-447b-b658-4fb559b3b9b3/1/dn871L-9MHHDjNTXCSvTSQkgw9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:2040::/29
2a12:1600::/29
Signature Algorithm: sha256WithRSAEncryption
5a:ac:b4:82:e8:e2:af:80:e6:cf:18:7e:b4:76:c3:ba:25:8c:
d8:81:b5:c5:50:47:6f:8d:69:6a:0f:8f:0a:48:2f:e4:d3:8b:
b3:bb:d5:03:4e:6e:d2:9f:66:d6:30:f6:19:86:34:5d:6a:3b:
8b:9e:17:fc:01:db:17:89:ec:86:6a:6a:ed:2b:d2:a2:ca:fb:
cf:68:b0:5e:06:f9:0c:f1:bf:b3:6f:59:45:6d:85:94:53:1d:
36:d3:f5:77:80:b1:99:bd:07:a3:c7:68:68:4c:6c:fa:3d:62:
e2:8d:c5:4b:5c:56:da:6b:2d:2d:f1:e1:11:85:59:61:df:58:
3e:70:5b:4f:25:bb:9d:fa:82:af:f5:e9:34:a7:2c:46:f4:27:
2d:46:d6:03:09:53:f6:89:7a:ea:11:fe:bd:e5:13:fc:71:31:
ac:1f:39:a2:38:25:c5:8d:79:48:42:fc:ba:02:7a:f8:8e:61:
24:61:80:ed:77:40:00:75:5a:d5:9e:21:81:66:2e:60:2e:12:
1a:11:78:6e:80:29:c8:e2:77:c8:54:fe:c1:f5:7d:2f:91:bc:
87:21:1a:65:b3:aa:1b:35:05:a0:c2:39:f2:14:d6:1e:56:84:
7b:a6:ab:4e:f5:27:8c:f4:1c:fe:b9:7e:d4:a2:dc:9e:c1:28:
b7:74:9c:ea
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ6DEJo9xnzCk8WvkyhTwLZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2YzYmQ0YmZiZDMwNzFjMzhjZDRkNzA5MmJkMzQ5MDky
MGMzZDkwHhcNMjYwNjAxMTIwMjQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWVjYmExMDI3OGE1MzljY2ZjNjE2YTA5ZmMxNDhhZjZmMzdjOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut+JxSW5xM9WXvjsptuCHWRSyuEz
7rmettpJjafqoyxtHAAAWwedZz/ISesGUdQrpdhUdO4OHJqS9Z+jq46gGNqeppdF
5GDgoeML2jAfXY01IjIh/L0gwD+BYJEBXHn7WMXFWE5gvVethH7HfUyB+OGBEr4B
v24usesqgaa6BDEe45k5ap1wzw6rygOhxhj9qoQGbWcr/Pu95FMMIaZ/9QEG51D2
pFo9YyuWKm2wGm7axSVsJNxNsYwBi/MARQdwgtKbxR285dC/VC700/RsBi297rzX
zZ5uyeiWwvNEjNzsRd3zYf+SzKLydUCcRYkv7sD0UiPP7Ufg5ZdbvERpzQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLrsuhAnilOcz8YWoJ/BSK9vN8ikMB8GA1UdIwQY
MBaAFHZ/O9S/vTBxw4zU1wkr00kJIMPZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgt
NGZiNTU5YjNiOWIzLzEvdXV5NkVDZUtVNXpQeGhhZ244RklyMjgzeUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9mZjVjYzYtOGY2MS00NDdiLWI2NTgtNGZiNTU5YjNiOWIz
LzEvZG44NzFMLTlNSEhEak5UWENTdlRTUWtndzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhEgQAMF
AyoSFgAwDQYJKoZIhvcNAQELBQADggEBAFqstILo4q+A5s8YfrR2w7oljNiBtcVQ
R2+NaWoPjwpIL+TTi7O71QNObtKfZtYw9hmGNF1qO4ueF/wB2xeJ7IZqau0r0qLK
+89osF4G+Qzxv7NvWUVthZRTHTbT9XeAsZm9B6PHaGhMbPo9YuKNxUtcVtprLS3x
4RGFWWHfWD5wW08lu536gq/16TSnLEb0Jy1G1gMJU/aJeuoR/r3lE/xxMawfOaI4
JcWNeUhC/LoCeviOYSRhgO13QAB1WtWeIYFmLmAuEhoReG6AKcjid8hU/sH1fS+R
vIchGmWzqhs1BaDCOfIU1h5WhHumq071J4z0HP65ftSi3J7BKLd0nOo=
-----END CERTIFICATE-----
Generated at Tue Jun 2 20:52:58 2026 by rpki-client