Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/BtY0OBP0uQZ8ccZDlkB_sW7BFyI.roa
File: BtY0OBP0uQZ8ccZDlkB_sW7BFyI.roa (raw, json)
Hash identifier: MatuP8UvVCNnEECQrXyprVUsunKbuSnNaBS+qyGICQo=
Subject key identifier: 06:D6:34:38:13:F4:B9:06:7C:71:C6:43:96:40:7F:B1:6E:C1:17:22
Certificate issuer: /CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Certificate serial: 019E89938623D773C3C76552B76F4C83EF4F
Authority key identifier: 70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/BtY0OBP0uQZ8ccZDlkB_sW7BFyI.roa
Signing time: Tue 02 Jun 2026 18:23:27 +0000
ROA not before: Tue 02 Jun 2026 18:23:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401776
IP address blocks: 2a11:4f40::/29 maxlen: 29
2a11:9b80::/29 maxlen: 29
2a11:b800::/29 maxlen: 29
2a11:c400::/29 maxlen: 29
2a12:2a00::/29 maxlen: 29
2a12:9a80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.mft
rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 17:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:89:93:86:23:d7:73:c3:c7:65:52:b7:6f:4c:83:ef:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706d3abbb478b74ef2adef9bb7c4336e34111d51
Validity
Not Before: Jun 2 18:23:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=06d6343813f4b9067c71c64396407fb16ec11722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:bf:23:02:d0:a7:4c:87:b5:21:67:fe:ee:0c:
bd:ef:77:79:8b:97:c7:6c:4f:d5:96:16:c7:b3:b3:
b6:ff:06:e4:9c:7a:f4:67:fc:34:e8:02:6f:a0:c9:
05:da:7f:b8:c4:51:bb:b5:6f:59:db:2d:8e:ef:0f:
fa:70:5c:6e:db:d4:b6:b8:91:cb:5c:50:17:4e:61:
f7:96:d9:5f:b6:7b:d4:94:19:6b:54:33:1e:b5:74:
12:8e:b9:02:02:0d:9b:59:48:b4:07:17:73:6e:ee:
61:ed:34:a2:0c:e7:b1:69:6b:28:09:54:ac:05:92:
e5:21:d5:9d:45:48:2a:f4:22:95:c8:94:f2:7a:6b:
e9:ca:f4:00:0a:fe:ff:2d:84:9b:0e:8d:be:83:dd:
fb:c9:4e:bb:cf:ae:42:c2:19:fb:c9:43:cc:b9:77:
fd:b2:90:2f:a0:9c:08:c4:6a:8e:d8:50:7d:32:52:
43:50:fd:96:60:6c:b1:f5:74:a2:28:35:10:9d:2a:
cf:9e:55:a4:d8:e2:37:ca:54:9b:5f:dc:1e:16:72:
53:5c:9f:74:9d:b7:fd:0a:62:63:a3:bd:67:d6:a8:
c6:91:45:28:a6:90:30:19:ae:6f:19:82:db:89:77:
e3:0a:e3:6b:76:d9:03:85:7e:7e:50:dd:70:b7:d6:
56:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:D6:34:38:13:F4:B9:06:7C:71:C6:43:96:40:7F:B1:6E:C1:17:22
X509v3 Authority Key Identifier:
keyid:70:6D:3A:BB:B4:78:B7:4E:F2:AD:EF:9B:B7:C4:33:6E:34:11:1D:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cG06u7R4t07yre-bt8QzbjQRHVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/BtY0OBP0uQZ8ccZDlkB_sW7BFyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0c6f47-4713-4471-b08f-a4213c93f1f7/1/cG06u7R4t07yre-bt8QzbjQRHVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4f40::/29
2a11:9b80::/29
2a11:b800::/29
2a11:c400::/29
2a12:2a00::/29
2a12:9a80::/29
Signature Algorithm: sha256WithRSAEncryption
7f:5f:4a:91:19:a7:dd:48:a8:95:fa:d1:7f:c8:71:e4:cc:c4:
50:ee:b5:a9:79:e5:46:88:43:ac:90:06:3a:2b:d4:27:38:ff:
0a:8e:8a:42:dd:81:c5:36:72:cb:8e:59:55:76:7e:87:46:27:
af:2c:79:af:9e:73:8d:96:ed:9e:0c:66:53:ec:32:06:fa:36:
cf:26:4b:e4:91:c8:86:2e:5f:bc:81:20:b9:10:04:eb:d4:98:
a8:35:7b:47:17:97:f6:76:6a:8d:d4:f8:5a:44:16:db:85:b3:
05:0e:11:4d:8a:c1:28:52:78:6b:1b:47:c6:bc:74:a3:6a:6d:
d3:95:e6:c5:e3:e7:5e:1a:94:15:84:f4:7a:19:4d:06:cd:28:
70:ac:07:c2:99:09:ca:87:6e:6f:0a:70:0e:ea:fd:b2:7a:aa:
61:69:23:92:aa:3e:0c:72:fc:c5:6b:4f:fe:45:5d:d5:ef:61:
58:29:fc:23:05:d5:41:73:f4:60:d9:7e:0a:f7:77:b0:7b:b2:
80:50:2a:24:30:7e:3d:1b:3c:e2:d0:d1:a8:2b:25:81:f4:53:
3c:47:be:9e:c3:d1:bb:cc:d0:25:a6:0b:f0:04:9b:58:12:af:
73:81:ad:65:c7:7f:6e:97:d3:80:f9:fd:aa:fd:df:1a:fe:09:
7d:03:1a:6e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ6Jk4Yj13PDx2VSt29Mg+9PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmQzYWJiYjQ3OGI3NGVmMmFkZWY5YmI3YzQzMzZlMzQx
MTFkNTEwHhcNMjYwNjAyMTgyMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmQ2MzQzODEzZjRiOTA2N2M3MWM2NDM5NjQwN2ZiMTZlYzExNzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2L8jAtCnTIe1IWf+7gy973d5i5fH
bE/VlhbHs7O2/wbknHr0Z/w06AJvoMkF2n+4xFG7tW9Z2y2O7w/6cFxu29S2uJHL
XFAXTmH3ltlftnvUlBlrVDMetXQSjrkCAg2bWUi0Bxdzbu5h7TSiDOexaWsoCVSs
BZLlIdWdRUgq9CKVyJTyemvpyvQACv7/LYSbDo2+g937yU67z65Cwhn7yUPMuXf9
spAvoJwIxGqO2FB9MlJDUP2WYGyx9XSiKDUQnSrPnlWk2OI3ylSbX9weFnJTXJ90
nbf9CmJjo71n1qjGkUUoppAwGa5vGYLbiXfjCuNrdtkDhX5+UN1wt9ZWLQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAbWNDgT9LkGfHHGQ5ZAf7FuwRciMB8GA1UdIwQY
MBaAFHBtOru0eLdO8q3vm7fEM240ER1RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYt
YTQyMTNjOTNmMWY3LzEvQnRZME9CUDB1UVo4Y2NaRGxrQl9zVzdCRnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYzZmNDctNDcxMy00NDcxLWIwOGYtYTQyMTNjOTNmMWY3
LzEvY0cwNnU3UjR0MDd5cmUtYnQ4UXpialFSSFZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKhFPQAMF
AyoRm4ADBQMqEbgAAwUDKhHEAAMFAyoSKgADBQMqEpqAMA0GCSqGSIb3DQEBCwUA
A4IBAQB/X0qRGafdSKiV+tF/yHHkzMRQ7rWpeeVGiEOskAY6K9QnOP8KjopC3YHF
NnLLjllVdn6HRievLHmvnnONlu2eDGZT7DIG+jbPJkvkkciGLl+8gSC5EATr1Jio
NXtHF5f2dmqN1PhaRBbbhbMFDhFNisEoUnhrG0fGvHSjam3TlebF4+deGpQVhPR6
GU0GzShwrAfCmQnKh25vCnAO6v2yeqphaSOSqj4McvzFa0/+RV3V72FYKfwjBdVB
c/Rg2X4K93ewe7KAUCokMH49Gzzi0NGoKyWB9FM8R76ew9G7zNAlpgvwBJtYEq9z
ga1lx39ul9OA+f2q/d8a/gl9Axpu
-----END CERTIFICATE-----
Generated at Fri Jun 5 23:33:26 2026 by rpki-client