Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/MJrcokNxMaghx-kfrqjxQAR5UO8.roa
File: MJrcokNxMaghx-kfrqjxQAR5UO8.roa (raw, json)
Hash identifier: +AqR2hqBYdqCq6S3OKT1m8eyIz+VXbYoMQ0nv8sbcZA=
Subject key identifier: 30:9A:DC:A2:43:71:31:A8:21:C7:E9:1F:AE:A8:F1:40:04:79:50:EF
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 019EDBF8AE415D265B0623F9EC1E6346097F
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/MJrcokNxMaghx-kfrqjxQAR5UO8.roa
Signing time: Thu 18 Jun 2026 18:22:48 +0000
ROA not before: Thu 18 Jun 2026 18:22:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63023
IP address blocks: 2001:3080::/29 maxlen: 29
2001:3180::/29 maxlen: 29
2a14:6ac0::/29 maxlen: 29
2a14:6bc6::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 19:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:db:f8:ae:41:5d:26:5b:06:23:f9:ec:1e:63:46:09:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jun 18 18:22:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=309adca2437131a821c7e91faea8f140047950ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f6:00:79:53:57:bd:06:12:7a:fd:e7:f2:ee:
2e:09:69:10:bb:2a:a2:ed:7b:07:96:2d:2d:2d:67:
f0:ef:0d:4a:0f:d6:f8:8a:93:86:88:0e:6f:cb:1c:
7d:e6:5c:e6:54:99:d3:77:ff:b8:b3:de:5f:c1:b6:
3b:8e:70:ec:6e:69:6a:58:61:ab:f6:e0:a0:37:3b:
71:28:6c:25:b7:2c:aa:0c:f1:f4:5e:f9:20:9e:d8:
59:a0:c4:bc:02:c8:91:59:da:79:89:12:16:e5:fd:
36:02:91:03:bd:b3:81:ec:df:30:df:c6:b8:69:6c:
c4:9c:01:a5:17:d0:87:9f:4e:60:87:0e:db:8e:9c:
47:83:ce:3a:65:1a:6d:2c:b0:7f:75:24:f9:c5:71:
4e:c8:1d:6d:ca:64:82:13:12:17:7e:d8:06:f2:07:
5e:36:f1:61:1c:3d:63:61:e7:f3:35:44:4d:7a:45:
08:0a:83:e4:cd:08:61:ac:08:45:0c:a1:b8:98:15:
d3:b1:f1:73:3a:4f:37:73:c8:6d:d1:a1:4c:3d:be:
ed:5b:83:ce:25:89:b3:4e:86:b6:30:c8:e9:13:e7:
10:65:83:e4:fd:d6:81:78:d6:08:1a:a2:90:4f:f0:
e8:9e:ea:ec:06:01:37:49:50:ee:4f:c6:53:7c:4d:
b0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9A:DC:A2:43:71:31:A8:21:C7:E9:1F:AE:A8:F1:40:04:79:50:EF
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/MJrcokNxMaghx-kfrqjxQAR5UO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:3080::/29
2001:3180::/29
2a14:6ac0::/29
2a14:6bc6::/32
Signature Algorithm: sha256WithRSAEncryption
4a:8a:c6:f8:ef:bc:72:07:57:ad:6b:ab:27:93:23:b1:c6:71:
95:3d:e9:d6:c0:af:94:f6:3b:8d:49:9a:fa:bb:a5:78:d7:e2:
dd:f1:52:64:58:84:a5:77:70:26:ad:ce:1d:17:42:c9:a6:e6:
31:43:74:c5:b3:2c:d2:d4:86:7d:df:a7:d4:b4:c1:3d:e7:38:
60:68:fd:b6:1e:20:cb:1c:9c:c5:47:ef:9b:c7:97:34:a0:1a:
a8:4f:7a:ab:35:15:05:72:ff:44:be:f3:f5:d8:ca:c2:86:95:
d6:b4:95:44:c7:db:f7:3d:06:fa:ad:47:e6:fa:82:9a:5d:43:
15:fc:df:1c:76:84:1c:3e:3a:a4:45:54:f8:d8:67:0b:4a:e1:
ee:4b:c7:98:f0:fa:49:e0:ae:6d:da:46:b1:7c:3b:4b:43:ab:
2d:fd:c3:dc:32:6d:bb:7b:5d:67:c5:fe:1a:ab:02:25:fd:24:
04:6f:da:99:cd:57:0f:72:38:6e:ea:fb:d0:21:a8:7f:8d:22:
f6:ba:98:a0:11:5f:0b:38:c9:5c:97:3c:c0:b0:fc:80:8b:ff:
c7:cd:18:b6:86:bd:de:a6:05:f1:4b:93:72:7d:7d:f8:dd:63:
a3:37:06:b4:33:8a:b4:7d:3b:bc:f7:f7:72:a5:38:cd:e6:28:
bf:f9:4b:75
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZ7b+K5BXSZbBiP57B5jRgl/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjYwNjE4MTgyMjQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDlhZGNhMjQzNzEzMWE4MjFjN2U5MWZhZWE4ZjE0MDA0Nzk1MGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/YAeVNXvQYSev3n8u4uCWkQuyqi
7XsHli0tLWfw7w1KD9b4ipOGiA5vyxx95lzmVJnTd/+4s95fwbY7jnDsbmlqWGGr
9uCgNztxKGwltyyqDPH0XvkgnthZoMS8AsiRWdp5iRIW5f02ApEDvbOB7N8w38a4
aWzEnAGlF9CHn05ghw7bjpxHg846ZRptLLB/dST5xXFOyB1tymSCExIXftgG8gde
NvFhHD1jYefzNURNekUICoPkzQhhrAhFDKG4mBXTsfFzOk83c8ht0aFMPb7tW4PO
JYmzToa2MMjpE+cQZYPk/daBeNYIGqKQT/DonursBgE3SVDuT8ZTfE2w5QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDCa3KJDcTGoIcfpH66o8UAEeVDvMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvTUpyY29rTnhNYWdoeC1rZnJxanhRQVI1VU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDIAEwgAMF
AyABMYADBQMqFGrAAwUAKhRrxjANBgkqhkiG9w0BAQsFAAOCAQEASorG+O+8cgdX
rWurJ5MjscZxlT3p1sCvlPY7jUma+ruleNfi3fFSZFiEpXdwJq3OHRdCyabmMUN0
xbMs0tSGfd+n1LTBPec4YGj9th4gyxycxUfvm8eXNKAaqE96qzUVBXL/RL7z9djK
woaV1rSVRMfb9z0G+q1H5vqCml1DFfzfHHaEHD46pEVU+NhnC0rh7kvHmPD6SeCu
bdpGsXw7S0OrLf3D3DJtu3tdZ8X+GqsCJf0kBG/amc1XD3I4bur70CGof40i9rqY
oBFfCzjJXJc8wLD8gIv/x80Ytoa93qYF8UuTcn19+N1jozcGtDOKtH07vPf3cqU4
zeYov/lLdQ==
-----END CERTIFICATE-----
Generated at Sat Jun 20 04:11:42 2026 by rpki-client