Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/8iFg6oovVvzGO_T0lMtF_5SyntI.roa
File: 8iFg6oovVvzGO_T0lMtF_5SyntI.roa (raw, json)
Hash identifier: FGIU2xWBjJsw4D+zBYILTXE8z6uLp0C1L+/KxClkrcM=
Subject key identifier: F2:21:60:EA:8A:2F:56:FC:C6:3B:F4:F4:94:CB:45:FF:94:B2:9E:D2
Certificate issuer: /CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Certificate serial: 019E89938550178F05458980A06D808F5D41
Authority key identifier: 70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/8iFg6oovVvzGO_T0lMtF_5SyntI.roa
Signing time: Tue 02 Jun 2026 18:23:26 +0000
ROA not before: Tue 02 Jun 2026 18:23:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213618
IP address blocks: 2a11:cc0::/29 maxlen: 29
2a11:1900::/29 maxlen: 29
2a11:3ac0::/29 maxlen: 29
2a11:9500::/29 maxlen: 29
2a11:b7c0::/29 maxlen: 29
2a11:e500::/29 maxlen: 29
2a12:3100::/29 maxlen: 29
2a12:5180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.mft
rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:89:93:85:50:17:8f:05:45:89:80:a0:6d:80:8f:5d:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Validity
Not Before: Jun 2 18:23:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f22160ea8a2f56fcc63bf4f494cb45ff94b29ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:88:a7:42:8c:74:63:b4:2b:4c:05:be:ed:74:
8d:df:6a:1e:65:61:e7:3f:92:a3:50:a8:f5:07:eb:
fa:67:7a:25:e8:a2:6c:79:5c:80:3f:f2:18:96:12:
3f:17:4e:ae:06:c0:b7:3a:e2:35:fd:3a:20:d0:f1:
37:ec:87:e2:26:27:84:42:69:a0:cb:e9:08:8e:98:
9e:bf:a7:fb:af:9d:e3:17:cb:ed:aa:20:c6:50:3a:
e5:0d:72:01:37:ab:27:62:ff:21:08:ed:b9:4e:53:
4e:46:aa:47:75:c5:86:d7:11:ef:1a:b8:83:4d:79:
5e:80:3a:55:a5:fc:70:05:2a:79:5a:d1:51:46:51:
e3:42:f0:fa:dc:ea:06:2b:6a:25:16:80:1d:ea:35:
14:4e:d4:c6:8b:31:96:67:02:90:9c:00:99:1e:11:
d3:eb:67:e3:18:e2:8c:de:93:47:25:43:32:d5:95:
b9:c4:5d:d6:8c:91:62:c5:9b:ba:6c:99:b9:fd:96:
48:5d:f1:98:8c:fa:fb:45:e3:55:00:e5:87:15:a8:
f7:6a:85:52:ac:9b:16:c7:cd:c1:b1:2d:34:1a:60:
f2:ef:02:9c:5a:18:f4:73:ae:b3:7b:84:94:b0:54:
41:97:4c:06:fd:a5:dd:89:6a:78:12:b1:c6:9c:50:
75:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:21:60:EA:8A:2F:56:FC:C6:3B:F4:F4:94:CB:45:FF:94:B2:9E:D2
X509v3 Authority Key Identifier:
keyid:70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/8iFg6oovVvzGO_T0lMtF_5SyntI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:cc0::/29
2a11:1900::/29
2a11:3ac0::/29
2a11:9500::/29
2a11:b7c0::/29
2a11:e500::/29
2a12:3100::/29
2a12:5180::/29
Signature Algorithm: sha256WithRSAEncryption
e0:ce:db:ea:cf:1f:33:59:b9:cf:65:ac:ee:1d:f7:c3:ef:f9:
ae:34:3d:ea:9e:d8:58:8a:d3:a7:ab:8a:86:0b:ee:c6:89:2e:
7a:ca:0e:5b:ad:c7:f5:1c:dd:e3:30:1d:90:b7:46:10:cf:4b:
6b:17:e7:20:ed:38:0b:42:13:44:bf:1c:17:e0:77:39:c4:ed:
09:4c:48:97:05:b4:a0:8b:0d:4a:7b:2d:ab:96:7e:19:bc:cb:
62:90:63:ee:67:de:be:06:6d:2c:ce:0f:14:86:e7:f7:65:1c:
fa:54:d2:a4:07:e5:80:20:e7:31:29:cc:53:8c:5f:3c:08:03:
b5:35:80:3c:af:e5:e6:38:2d:63:17:00:13:92:ce:c6:7b:7a:
40:0f:f8:43:80:65:09:4b:b3:e7:79:e3:02:41:79:65:72:81:
6f:0b:5f:6f:d5:ef:5f:8a:ae:94:96:4e:38:f1:3c:19:a9:08:
a0:de:df:03:dc:6f:0d:9d:13:17:9e:5f:61:9a:66:c1:f6:6d:
f9:1d:ae:0a:82:37:fb:4a:d1:65:9c:f7:1e:0d:78:91:a8:dd:
36:f6:aa:9c:2d:67:90:b4:c4:f2:a8:e5:5f:66:df:3b:79:10:
13:93:dd:d3:88:49:38:8e:b7:50:68:78:69:ff:30:a7:28:fb:
a2:ef:ad:32
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ6Jk4VQF48FRYmAoG2Aj11BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmQzYWJiYjQ3OGI3NGVmMmFkZWY5YmI3YzQzMzZlMzQx
MTFkNTEwHhcNMjYwNjAyMTgyMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjIxNjBlYThhMmY1NmZjYzYzYmY0ZjQ5NGNiNDVmZjk0YjI5ZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4inQox0Y7QrTAW+7XSN32oeZWHn
P5KjUKj1B+v6Z3ol6KJseVyAP/IYlhI/F06uBsC3OuI1/Tog0PE37IfiJieEQmmg
y+kIjpiev6f7r53jF8vtqiDGUDrlDXIBN6snYv8hCO25TlNORqpHdcWG1xHvGriD
TXlegDpVpfxwBSp5WtFRRlHjQvD63OoGK2olFoAd6jUUTtTGizGWZwKQnACZHhHT
62fjGOKM3pNHJUMy1ZW5xF3WjJFixZu6bJm5/ZZIXfGYjPr7ReNVAOWHFaj3aoVS
rJsWx83BsS00GmDy7wKcWhj0c66ze4SUsFRBl0wG/aXdiWp4ErHGnFB1EQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFPIhYOqKL1b8xjv09JTLRf+Usp7SMB8GA1UdIwQY
MBaAFHBtOru0eLdO8q3vm7fEM240ER1RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYt
YTQyMTNjOTNmMWY3LzEvOGlGZzZvb3ZWdnpHT19UMGxNdEZfNVN5bnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYtYTQyMTNjOTNmMWY3
LzEvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwUDKhEMwAMF
AyoRGQADBQMqETrAAwUDKhGVAAMFAyoRt8ADBQMqEeUAAwUDKhIxAAMFAyoSUYAw
DQYJKoZIhvcNAQELBQADggEBAODO2+rPHzNZuc9lrO4d98Pv+a40Peqe2FiK06er
ioYL7saJLnrKDlutx/Uc3eMwHZC3RhDPS2sX5yDtOAtCE0S/HBfgdznE7QlMSJcF
tKCLDUp7LauWfhm8y2KQY+5n3r4GbSzODxSG5/dlHPpU0qQH5YAg5zEpzFOMXzwI
A7U1gDyv5eY4LWMXABOSzsZ7ekAP+EOAZQlLs+d54wJBeWVygW8LX2/V71+KrpSW
TjjxPBmpCKDe3wPcbw2dExeeX2GaZsH2bfkdrgqCN/tK0WWc9x4NeJGo3Tb2qpwt
Z5C0xPKo5V9m3zt5EBOT3dOISTiOt1BoeGn/MKco+6LvrTI=
-----END CERTIFICATE-----
Generated at Sat Jun 6 11:46:29 2026 by rpki-client