Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/1z42-6ZXNXaxf7r777NkMo1bMx4.roa
File: 1z42-6ZXNXaxf7r777NkMo1bMx4.roa (raw, json)
Hash identifier: NDah+AjQwAfCaSDoOItAkKPiUGlGL9lKXcqRc2wazQc=
Subject key identifier: D7:3E:36:FB:A6:57:35:76:B1:7F:BA:FB:EF:B3:64:32:8D:5B:33:1E
Certificate issuer: /CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Certificate serial: 019DDAE1433A9B1531DE9515E74BD8055DC2
Authority key identifier: 70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/1z42-6ZXNXaxf7r777NkMo1bMx4.roa
Signing time: Wed 29 Apr 2026 20:14:49 +0000
ROA not before: Wed 29 Apr 2026 20:14:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60262
IP address blocks: 2a11:cc0::/29 maxlen: 29
2a11:1900::/29 maxlen: 29
2a11:23c0::/29 maxlen: 29
2a11:3ac0::/29 maxlen: 29
2a11:4f40::/29 maxlen: 29
2a11:79c0::/29 maxlen: 29
2a11:8dc0::/29 maxlen: 29
2a11:9500::/29 maxlen: 29
2a11:9b80::/29 maxlen: 29
2a11:a200::/29 maxlen: 29
2a11:b7c0::/29 maxlen: 29
2a11:c400::/29 maxlen: 29
2a11:e500::/29 maxlen: 29
2a11:f5c0::/29 maxlen: 29
2a12:2a00::/29 maxlen: 29
2a12:3100::/29 maxlen: 29
2a12:5180::/29 maxlen: 29
2a12:7a00::/29 maxlen: 29
2a12:9a80::/29 maxlen: 29
2a12:cb00::/29 maxlen: 29
2a12:da80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.mft
rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 14:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:da:e1:43:3a:9b:15:31:de:95:15:e7:4b:d8:05:5d:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Validity
Not Before: Apr 29 20:14:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d73e36fba6573576b17fbafbefb364328d5b331e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b8:2d:e5:c0:4d:fa:d2:44:26:b1:d5:12:de:
9c:a5:50:7e:4d:d2:e1:e1:48:80:84:fe:20:d1:6d:
c5:2a:ce:bd:ca:78:93:1e:1c:3c:7a:6c:2d:0e:ea:
dc:52:45:56:32:01:ff:79:3d:5d:aa:35:70:c2:93:
a2:2c:87:f4:fb:bf:ae:83:f2:86:16:50:8b:16:eb:
40:8f:11:d9:0d:ee:00:25:ea:39:91:d6:3e:94:cc:
cd:25:40:3e:39:5f:af:3b:26:82:30:fe:41:0e:36:
12:eb:c6:58:f5:33:d1:31:e8:8f:e1:84:e9:e2:45:
23:6f:71:a2:49:43:df:8e:88:f5:a7:2c:a1:6a:ff:
39:e7:16:3c:2f:6d:ea:f9:b7:1a:f4:97:39:7f:2c:
23:56:cb:97:95:d1:35:2a:49:24:a1:fc:dd:e4:2c:
f9:11:b6:99:07:f7:02:c5:65:d7:7a:c6:02:60:f6:
ed:20:f5:f4:cf:1b:30:47:d3:b4:80:6b:dc:bf:ff:
57:2a:9a:40:c6:65:9d:b1:fa:4e:bd:63:5c:d3:b8:
49:ee:db:15:43:68:7a:7d:de:8b:e9:a3:f5:25:b1:
6a:82:24:1c:f5:4d:d0:94:2b:0c:06:03:c9:c3:01:
af:ef:63:5d:bf:17:37:f2:c3:cf:98:af:4a:2d:6d:
83:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:3E:36:FB:A6:57:35:76:B1:7F:BA:FB:EF:B3:64:32:8D:5B:33:1E
X509v3 Authority Key Identifier:
keyid:70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/1z42-6ZXNXaxf7r777NkMo1bMx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:cc0::/29
2a11:1900::/29
2a11:23c0::/29
2a11:3ac0::/29
2a11:4f40::/29
2a11:79c0::/29
2a11:8dc0::/29
2a11:9500::/29
2a11:9b80::/29
2a11:a200::/29
2a11:b7c0::/29
2a11:c400::/29
2a11:e500::/29
2a11:f5c0::/29
2a12:2a00::/29
2a12:3100::/29
2a12:5180::/29
2a12:7a00::/29
2a12:9a80::/29
2a12:cb00::/29
2a12:da80::/29
Signature Algorithm: sha256WithRSAEncryption
27:9e:5c:c9:2f:62:69:fc:d7:2d:02:e6:36:53:93:d8:02:5e:
6f:73:64:2f:1e:39:23:fc:f6:88:85:0d:30:6f:9b:16:8f:e6:
e5:d3:94:b9:0a:54:97:c6:4d:36:e7:c6:1d:f4:4a:39:32:11:
78:8a:47:14:17:77:8d:22:3a:ff:bd:a1:74:5d:0f:b2:f7:66:
1d:c9:08:3c:da:82:cf:89:d6:f5:95:cd:69:4d:80:51:e1:93:
61:ac:24:46:ee:21:35:49:6d:ab:8b:18:0e:11:f9:8f:ed:af:
51:6a:cd:36:5f:69:c6:df:85:43:bd:ba:c3:d5:e1:8b:4c:6a:
74:98:84:8e:c8:87:61:57:33:d8:32:5d:1d:21:73:92:11:d4:
35:85:f1:09:38:1c:72:f0:c9:4f:d3:44:4c:68:3a:39:38:a7:
2a:dd:35:97:3b:7a:32:2e:96:39:ab:75:02:9a:e6:ed:9f:e2:
30:76:13:16:63:37:7a:68:89:27:7b:0b:6b:59:a3:48:c5:34:
00:6e:09:9e:7a:81:6d:5b:56:9e:0c:82:15:4f:40:86:76:32:
ad:54:8d:a5:6b:71:37:5f:30:3b:17:25:3f:d2:c4:d1:90:58:
3a:25:4d:0e:0b:f5:95:a7:b6:74:81:b8:1d:ce:fe:77:c3:a5:
5d:10:14:40
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZ3a4UM6mxUx3pUV50vYBV3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmQzYWJiYjQ3OGI3NGVmMmFkZWY5YmI3YzQzMzZlMzQx
MTFkNTEwHhcNMjYwNDI5MjAxNDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzNlMzZmYmE2NTczNTc2YjE3ZmJhZmJlZmIzNjQzMjhkNWIzMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbgt5cBN+tJEJrHVEt6cpVB+TdLh
4UiAhP4g0W3FKs69yniTHhw8emwtDurcUkVWMgH/eT1dqjVwwpOiLIf0+7+ug/KG
FlCLFutAjxHZDe4AJeo5kdY+lMzNJUA+OV+vOyaCMP5BDjYS68ZY9TPRMeiP4YTp
4kUjb3GiSUPfjoj1pyyhav855xY8L23q+bca9Jc5fywjVsuXldE1Kkkkofzd5Cz5
EbaZB/cCxWXXesYCYPbtIPX0zxswR9O0gGvcv/9XKppAxmWdsfpOvWNc07hJ7tsV
Q2h6fd6L6aP1JbFqgiQc9U3QlCsMBgPJwwGv72Ndvxc38sPPmK9KLW2DKwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFNc+NvumVzV2sX+6+++zZDKNWzMeMB8GA1UdIwQY
MBaAFHBtOru0eLdO8q3vm7fEM240ER1RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYt
YTQyMTNjOTNmMWY3LzEvMXo0Mi02WlhOWGF4ZjdyNzc3TmtNbzFiTXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYtYTQyMTNjOTNmMWY3
LzEvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBmgQCAAIwgZMDBQMq
EQzAAwUDKhEZAAMFAyoRI8ADBQMqETrAAwUDKhFPQAMFAyoRecADBQMqEY3AAwUD
KhGVAAMFAyoRm4ADBQMqEaIAAwUDKhG3wAMFAyoRxAADBQMqEeUAAwUDKhH1wAMF
AyoSKgADBQMqEjEAAwUDKhJRgAMFAyoSegADBQMqEpqAAwUDKhLLAAMFAyoS2oAw
DQYJKoZIhvcNAQELBQADggEBACeeXMkvYmn81y0C5jZTk9gCXm9zZC8eOSP89oiF
DTBvmxaP5uXTlLkKVJfGTTbnxh30SjkyEXiKRxQXd40iOv+9oXRdD7L3Zh3JCDza
gs+J1vWVzWlNgFHhk2GsJEbuITVJbauLGA4R+Y/tr1FqzTZfacbfhUO9usPV4YtM
anSYhI7Ih2FXM9gyXR0hc5IR1DWF8Qk4HHLwyU/TRExoOjk4pyrdNZc7ejIuljmr
dQKa5u2f4jB2ExZjN3poiSd7C2tZo0jFNABuCZ56gW1bVp4MghVPQIZ2Mq1UjaVr
cTdfMDsXJT/SxNGQWDolTQ4L9ZWntnSBuB3O/nfDpV0QFEA=
-----END CERTIFICATE-----
Generated at Thu Apr 30 19:33:07 2026 by rpki-client