Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/XNY6l0Dgckiw8q6aU2IQbzLYJ9g.roa
File: XNY6l0Dgckiw8q6aU2IQbzLYJ9g.roa (raw, json)
Hash identifier: ff785aZLqkqPNgmc3KigfDYKLlRdfP0dUeM/FQF3jz8=
Subject key identifier: 5C:D6:3A:97:40:E0:72:48:B0:F2:AE:9A:53:62:10:6F:32:D8:27:D8
Certificate issuer: /CN=31d2424123ed07725330bf817944fd276b7ca36b
Certificate serial: 019F05D1172D11FA62D56AE9D14369932462
Authority key identifier: 31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/XNY6l0Dgckiw8q6aU2IQbzLYJ9g.roa
Signing time: Fri 26 Jun 2026 21:23:36 +0000
ROA not before: Fri 26 Jun 2026 21:23:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 219364
IP address blocks: 2a06:9801:7ca::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 13:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:05:d1:17:2d:11:fa:62:d5:6a:e9:d1:43:69:93:24:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d2424123ed07725330bf817944fd276b7ca36b
Validity
Not Before: Jun 26 21:23:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5cd63a9740e07248b0f2ae9a5362106f32d827d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4f:cc:3a:de:98:05:31:c3:39:aa:05:cd:45:
16:07:8e:90:1b:38:e1:93:d8:de:13:d8:4d:c5:94:
64:5c:7d:f3:6c:3c:f5:1b:51:93:4c:11:7b:29:09:
69:2b:b0:89:0e:3d:88:db:02:41:f5:39:ee:7b:93:
2f:94:8e:3f:a2:57:9b:ae:26:48:81:a4:ff:bb:9f:
6f:13:9b:a2:84:ea:63:23:e8:ff:06:fc:cd:21:67:
6f:6d:cc:8a:bf:1e:27:86:61:71:06:80:25:2d:f4:
d8:79:5e:ca:3a:ed:ff:e0:cc:82:1f:6a:9e:0f:d5:
05:cb:fa:1d:45:28:64:a3:c1:7d:c4:07:5b:e9:0b:
c7:68:ea:1f:05:a1:47:cc:1d:99:83:a2:da:c3:b2:
0a:1e:75:c1:ab:f5:13:22:62:a9:1b:31:51:b1:7a:
fa:cb:4d:d0:1c:3d:7f:1c:9b:ad:f8:ec:46:ca:be:
76:b9:3a:72:10:0c:8e:bf:c0:c8:71:c0:d9:bb:66:
54:85:e6:ab:68:f0:bd:a1:c4:12:80:ab:7e:da:7f:
36:00:12:46:4c:ac:c7:17:69:66:91:11:b8:cc:5c:
ff:dd:42:97:b8:65:3a:40:fb:26:0d:cf:e5:80:69:
65:7f:76:37:27:5f:6c:bd:a9:f6:f0:01:fe:d1:4a:
9e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D6:3A:97:40:E0:72:48:B0:F2:AE:9A:53:62:10:6F:32:D8:27:D8
X509v3 Authority Key Identifier:
keyid:31:D2:42:41:23:ED:07:72:53:30:BF:81:79:44:FD:27:6B:7C:A3:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdJCQSPtB3JTML-BeUT9J2t8o2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/XNY6l0Dgckiw8q6aU2IQbzLYJ9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1a6b17-e3fe-4c6d-b8c1-ed8cfaf1b81f/1/MdJCQSPtB3JTML-BeUT9J2t8o2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:9801:7ca::/48
Signature Algorithm: sha256WithRSAEncryption
af:58:87:47:8e:be:36:8d:e9:7c:c0:62:3c:05:4e:e4:9c:f8:
43:24:85:8b:d9:a9:35:48:f3:53:23:59:dc:b2:88:2f:0b:65:
7d:ac:ce:df:d1:d1:24:30:fd:2a:82:5a:96:ad:05:e0:61:e6:
85:37:7e:72:84:e9:86:b5:ce:a6:99:51:01:d0:d6:71:36:7c:
c3:8c:39:a8:1f:17:75:1a:4e:a5:e5:7e:ed:33:f8:ea:42:3c:
98:c2:7f:77:ca:26:90:90:84:71:48:4b:bf:35:c1:54:79:dd:
27:68:48:87:54:bc:7e:7a:b7:3c:59:20:70:1c:a2:49:96:93:
d1:10:be:e2:59:6e:a5:14:d1:fa:52:82:dc:ca:bd:1b:76:79:
a3:81:f5:89:ca:dd:87:fd:5b:59:7e:13:8c:d8:b1:ba:fb:ab:
de:08:3e:d5:bf:19:86:70:fe:09:49:4a:f5:1c:e8:1a:4e:40:
2e:03:e7:ae:71:40:22:3a:0c:04:8b:d8:0b:a8:ed:e2:a5:03:
76:8b:03:dc:e2:71:d8:49:86:92:22:13:aa:2c:aa:5a:9a:78:
04:e5:06:03:e4:1c:70:4d:31:66:5a:6c:2c:22:c6:84:bb:9b:
ba:a7:da:0c:59:df:97:20:ea:bd:10:85:f7:81:a5:1a:d4:8c:
db:a9:5a:a6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZ8F0RctEfpi1Wrp0UNpkyRiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDI0MjQxMjNlZDA3NzI1MzMwYmY4MTc5NDRmZDI3NmI3
Y2EzNmIwHhcNMjYwNjI2MjEyMzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Q2M2E5NzQwZTA3MjQ4YjBmMmFlOWE1MzYyMTA2ZjMyZDgyN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0/MOt6YBTHDOaoFzUUWB46QGzjh
k9jeE9hNxZRkXH3zbDz1G1GTTBF7KQlpK7CJDj2I2wJB9Tnue5MvlI4/olebriZI
gaT/u59vE5uihOpjI+j/BvzNIWdvbcyKvx4nhmFxBoAlLfTYeV7KOu3/4MyCH2qe
D9UFy/odRShko8F9xAdb6QvHaOofBaFHzB2Zg6Law7IKHnXBq/UTImKpGzFRsXr6
y03QHD1/HJut+OxGyr52uTpyEAyOv8DIccDZu2ZUhearaPC9ocQSgKt+2n82ABJG
TKzHF2lmkRG4zFz/3UKXuGU6QPsmDc/lgGllf3Y3J19svan28AH+0UqezwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFzWOpdA4HJIsPKumlNiEG8y2CfYMB8GA1UdIwQY
MBaAFDHSQkEj7QdyUzC/gXlE/SdrfKNrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEt
ZWQ4Y2ZhZjFiODFmLzEvWE5ZNmwwRGdja2l3OHE2YVUySVFiekxZSjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xYTZiMTctZTNmZS00YzZkLWI4YzEtZWQ4Y2ZhZjFiODFm
LzEvTWRKQ1FTUHRCM0pUTUwtQmVVVDlKMnQ4bzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgaYAQfK
MA0GCSqGSIb3DQEBCwUAA4IBAQCvWIdHjr42jel8wGI8BU7knPhDJIWL2ak1SPNT
I1ncsogvC2V9rM7f0dEkMP0qglqWrQXgYeaFN35yhOmGtc6mmVEB0NZxNnzDjDmo
Hxd1Gk6l5X7tM/jqQjyYwn93yiaQkIRxSEu/NcFUed0naEiHVLx+erc8WSBwHKJJ
lpPREL7iWW6lFNH6UoLcyr0bdnmjgfWJyt2H/VtZfhOM2LG6+6veCD7VvxmGcP4J
SUr1HOgaTkAuA+eucUAiOgwEi9gLqO3ipQN2iwPc4nHYSYaSIhOqLKpamngE5QYD
5BxwTTFmWmwsIsaEu5u6p9oMWd+XIOq9EIX3gaUa1IzbqVqm
-----END CERTIFICATE-----
Generated at Sat Jun 27 21:32:35 2026 by rpki-client