Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0UjPEcR-HHB02RojT-gtZZ1LUoE.roa
File: 0UjPEcR-HHB02RojT-gtZZ1LUoE.roa (raw, json)
Hash identifier: 65HZaczqU2LDFN/RxHTkIRTh5oeGskJskIpOBcSanvA=
Subject key identifier: D1:48:CF:11:C4:7E:1C:70:74:D9:1A:23:4F:E8:2D:65:9D:4B:52:81
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 019EB76079EEA729E752BBB0240D9BCA55AA
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0UjPEcR-HHB02RojT-gtZZ1LUoE.roa
Signing time: Thu 11 Jun 2026 15:50:13 +0000
ROA not before: Thu 11 Jun 2026 15:50:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214344
IP address blocks: 2a10:ccc6:6661::/48 maxlen: 48
2a10:ccc6:6662::/48 maxlen: 48
2a10:ccc6:6663::/48 maxlen: 48
2a10:ccc6:6666::/48 maxlen: 48
2a10:ccc6:666e::/48 maxlen: 48
2a10:ccc6:666f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b7:60:79:ee:a7:29:e7:52:bb:b0:24:0d:9b:ca:55:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jun 11 15:50:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d148cf11c47e1c7074d91a234fe82d659d4b5281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9d:62:c0:98:21:8e:ed:d8:62:e6:5f:c1:69:
03:0a:78:39:28:76:90:66:1b:30:93:c3:81:c5:9e:
be:c1:50:d8:2a:95:37:ad:82:8b:8f:1f:00:72:18:
ea:b5:0b:a1:65:3a:da:60:d5:eb:86:0c:49:2b:5e:
33:af:22:45:5b:a5:d4:1e:e1:70:6b:28:a6:b5:be:
97:b6:ff:5e:bf:a2:0f:6c:f2:f3:f0:5b:e5:4c:c8:
b8:2e:26:8a:1d:0c:04:40:47:f6:6c:8f:da:a2:65:
e3:74:a9:0e:0f:32:47:32:3a:68:8c:8c:66:e9:53:
e6:3e:83:7e:e8:f7:3b:8d:05:6e:bc:49:20:65:e6:
2e:3e:95:73:f3:bc:cb:57:23:9e:1c:a1:ab:79:cb:
86:cd:88:9e:57:94:0f:76:d7:cd:db:66:a2:e0:50:
3c:40:ba:05:88:ba:a4:b8:2d:4b:bf:80:f7:89:27:
07:83:47:4f:60:c6:60:46:9f:00:d1:34:f9:5d:20:
c8:ea:93:dd:09:07:0f:35:d7:c6:42:49:6c:0e:7a:
1d:35:43:d0:58:d6:e6:9b:15:ae:6e:b6:57:02:34:
bc:04:91:a2:ad:f5:29:d9:30:8f:b5:0b:f5:0c:e0:
e8:dc:f7:17:5f:2a:a8:7d:80:52:fa:9b:20:a9:93:
7d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:48:CF:11:C4:7E:1C:70:74:D9:1A:23:4F:E8:2D:65:9D:4B:52:81
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/0UjPEcR-HHB02RojT-gtZZ1LUoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:ccc6:6661::-2a10:ccc6:6663:ffff:ffff:ffff:ffff:ffff
2a10:ccc6:6666::/48
2a10:ccc6:666e::/47
Signature Algorithm: sha256WithRSAEncryption
83:3b:11:09:c0:21:51:f5:f9:d8:61:9c:1e:30:ce:1e:99:9f:
11:67:26:e1:1e:5c:12:8f:1f:7a:ad:e4:3c:b0:c6:b0:ee:01:
01:9a:00:1e:df:32:26:15:80:97:1f:7a:cc:52:5f:52:ff:e2:
73:9d:eb:37:11:45:74:5c:c6:aa:a6:fd:a3:9a:a3:c5:14:fb:
2f:a4:14:41:2c:77:f1:5e:8d:5b:28:56:7d:0c:31:9a:88:c6:
5e:79:91:4d:40:c7:a3:f6:3b:c1:12:c5:c4:69:2d:0f:88:29:
1e:c0:af:af:23:13:0c:53:49:8a:93:e8:da:6b:e2:d0:46:3a:
92:d3:1d:32:92:6b:0f:6b:57:34:b2:96:a3:6d:56:a0:a0:41:
62:98:65:80:cb:3f:ed:13:9a:91:3f:df:38:09:93:4c:35:bd:
93:22:02:5b:4b:af:02:66:65:4d:3d:90:fb:d4:7e:06:fb:49:
b1:2a:eb:c7:c6:eb:7c:d5:43:03:e7:ed:04:89:6a:d6:e5:10:
07:23:44:04:cf:a9:ca:81:23:63:7f:bb:fe:10:6d:cb:fa:e6:
a2:9b:8c:3b:4e:01:47:95:c4:d1:e8:b3:16:9b:4f:ca:00:4b:
71:09:51:ff:a1:6a:1e:f4:31:fb:4e:0f:78:50:55:fa:50:03:
f0:0a:d3:22
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ63YHnupynnUruwJA2bylWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjYwNjExMTU1MDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTQ4Y2YxMWM0N2UxYzcwNzRkOTFhMjM0ZmU4MmQ2NTlkNGI1MjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1J1iwJghju3YYuZfwWkDCng5KHaQ
Zhswk8OBxZ6+wVDYKpU3rYKLjx8AchjqtQuhZTraYNXrhgxJK14zryJFW6XUHuFw
ayimtb6Xtv9ev6IPbPLz8FvlTMi4LiaKHQwEQEf2bI/aomXjdKkODzJHMjpojIxm
6VPmPoN+6Pc7jQVuvEkgZeYuPpVz87zLVyOeHKGrecuGzYieV5QPdtfN22ai4FA8
QLoFiLqkuC1Lv4D3iScHg0dPYMZgRp8A0TT5XSDI6pPdCQcPNdfGQklsDnodNUPQ
WNbmmxWubrZXAjS8BJGirfUp2TCPtQv1DODo3PcXXyqofYBS+psgqZN9MwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNFIzxHEfhxwdNkaI0/oLWWdS1KBMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMFVqUEVjUi1ISEIwMlJvalQtZ3RaWjFMVW9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMBIDBwAqEMzG
ZmEDBwIqEMzGZmADBwAqEMzGZmYDBwEqEMzGZm4wDQYJKoZIhvcNAQELBQADggEB
AIM7EQnAIVH1+dhhnB4wzh6ZnxFnJuEeXBKPH3qt5DywxrDuAQGaAB7fMiYVgJcf
esxSX1L/4nOd6zcRRXRcxqqm/aOao8UU+y+kFEEsd/FejVsoVn0MMZqIxl55kU1A
x6P2O8ESxcRpLQ+IKR7Ar68jEwxTSYqT6Npr4tBGOpLTHTKSaw9rVzSylqNtVqCg
QWKYZYDLP+0TmpE/3zgJk0w1vZMiAltLrwJmZU09kPvUfgb7SbEq68fG63zVQwPn
7QSJatblEAcjRATPqcqBI2N/u/4Qbcv65qKbjDtOAUeVxNHosxabT8oAS3EJUf+h
ah70MftOD3hQVfpQA/AK0yI=
-----END CERTIFICATE-----
Generated at Thu Jun 11 20:58:55 2026 by rpki-client