Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/bRMOUlNOCfzR4ErU0rYz0V_P-ek.roa
File: bRMOUlNOCfzR4ErU0rYz0V_P-ek.roa (raw, json)
Hash identifier: BQ0CfpSYs9L+JYIJuNZHmCZyYfkjnyafafs9iDbVjxM=
Subject key identifier: 6D:13:0E:52:53:4E:09:FC:D1:E0:4A:D4:D2:B6:33:D1:5F:CF:F9:E9
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 019CBCDF761F1AB83DE8F75D10BAAFB0BAAA
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/bRMOUlNOCfzR4ErU0rYz0V_P-ek.roa
Signing time: Thu 05 Mar 2026 07:21:27 +0000
ROA not before: Thu 05 Mar 2026 07:21:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 2a0b:3e00::/32 maxlen: 32
2a0b:3e01::/32 maxlen: 32
2a0b:3e02::/32 maxlen: 32
2a0b:3e03::/32 maxlen: 32
2a0b:3e04::/32 maxlen: 32
2a0b:3e05::/32 maxlen: 32
2a0b:3e06::/32 maxlen: 32
2a0b:3e07::/32 maxlen: 32
2a0c:8340::/32 maxlen: 32
2a0c:8341::/32 maxlen: 32
2a0c:8342::/32 maxlen: 32
2a0c:8343::/32 maxlen: 32
2a0c:8344::/32 maxlen: 32
2a0c:8345::/32 maxlen: 32
2a0c:8346::/32 maxlen: 32
2a0c:8347::/32 maxlen: 32
2a14:35c0::/32 maxlen: 32
2a14:35c1::/32 maxlen: 32
2a14:35c2::/32 maxlen: 32
2a14:35c3::/32 maxlen: 32
2a14:35c4::/32 maxlen: 32
2a14:35c5::/32 maxlen: 32
2a14:35c6::/32 maxlen: 32
2a14:35c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 17:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:bc:df:76:1f:1a:b8:3d:e8:f7:5d:10:ba:af:b0:ba:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Mar 5 07:21:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6d130e52534e09fcd1e04ad4d2b633d15fcff9e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c2:cf:a0:20:f9:b8:03:01:f1:25:f2:10:7a:
a7:3b:3f:dd:83:91:05:bf:59:77:fd:2f:0d:36:e8:
df:db:a3:27:05:e9:1e:19:69:8e:fb:aa:1f:4b:69:
1a:74:e2:31:6c:ff:5c:45:bc:37:af:2a:bb:14:8a:
3e:6d:2f:8b:38:df:bb:80:a7:ed:b7:be:44:e2:ee:
c9:33:7b:ed:d0:18:01:9a:94:b8:35:6f:6d:9f:4a:
6a:e0:48:88:86:08:b0:e1:00:fc:ac:a4:a0:5d:92:
fd:ac:87:19:01:23:7d:46:c5:45:1a:d9:a0:18:55:
6e:b9:4d:7f:c7:e0:ad:92:3d:15:e0:98:ff:ed:7f:
a2:d0:63:18:15:8c:53:e3:df:b7:4e:82:4b:71:a6:
b5:ba:cc:8a:5a:d0:65:92:be:0f:03:aa:86:8d:3c:
da:ea:c3:d7:45:4a:03:db:08:12:ca:6f:da:2d:93:
50:77:8b:6e:1a:18:e0:30:4d:11:7a:dd:27:85:59:
be:d7:ca:65:8e:60:ae:1b:c1:36:aa:2e:06:5b:22:
a3:70:9c:9b:d1:5c:cc:39:c4:86:94:5f:f0:46:d3:
82:3c:98:d9:06:2f:f1:34:b5:64:cd:45:73:16:7d:
8c:43:0b:82:0c:44:d6:7f:4e:6f:67:49:d7:a8:96:
12:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:13:0E:52:53:4E:09:FC:D1:E0:4A:D4:D2:B6:33:D1:5F:CF:F9:E9
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/bRMOUlNOCfzR4ErU0rYz0V_P-ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:3e00::/29
2a0c:8340::/29
2a14:35c0::/29
Signature Algorithm: sha256WithRSAEncryption
49:36:86:c1:0f:2a:f0:2c:7a:cc:e4:30:52:05:a7:02:06:47:
b5:d0:82:f8:70:7f:cb:9b:3b:12:29:ea:87:38:59:f0:55:89:
5c:57:40:6a:3c:a1:69:94:b2:1e:ed:49:c9:5b:9b:d4:49:b8:
ba:f5:00:02:c4:d9:8e:a1:67:25:7c:89:e0:00:c2:83:f6:0e:
c0:f4:d7:cf:9b:5f:40:28:87:27:27:17:e8:91:4b:9e:13:3a:
4b:68:8b:6f:82:e0:bd:7e:ae:4e:9c:59:ba:e1:e6:ff:fb:2c:
8a:b5:94:c6:15:84:b6:39:10:f8:5b:87:d6:2b:d0:59:51:b3:
97:ed:50:ba:44:77:30:65:8a:d3:c7:97:5e:79:0f:80:b1:e4:
5b:11:6a:38:02:a4:49:dd:20:76:16:03:02:92:2b:a8:05:0c:
ca:6a:7b:2c:ab:d1:86:c2:43:ed:f3:a3:00:cf:29:f4:08:4d:
e8:ae:79:42:fe:c8:c5:fd:ab:cd:ff:cd:21:f9:7f:3d:58:5c:
77:c7:2b:41:da:a2:06:b4:fa:76:e2:10:0b:6f:fe:5b:3f:45:
a3:29:d6:ad:6c:50:92:0d:f7:83:14:25:20:22:2b:84:eb:ab:
a8:16:8c:28:3b:c1:0e:44:c9:1c:ed:44:73:ef:f1:8f:68:dc:
05:52:cb:db
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZy833YfGrg96PddELqvsLqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjYwMzA1MDcyMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDEzMGU1MjUzNGUwOWZjZDFlMDRhZDRkMmI2MzNkMTVmY2ZmOWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8LPoCD5uAMB8SXyEHqnOz/dg5EF
v1l3/S8NNujf26MnBekeGWmO+6ofS2kadOIxbP9cRbw3ryq7FIo+bS+LON+7gKft
t75E4u7JM3vt0BgBmpS4NW9tn0pq4EiIhgiw4QD8rKSgXZL9rIcZASN9RsVFGtmg
GFVuuU1/x+Ctkj0V4Jj/7X+i0GMYFYxT49+3ToJLcaa1usyKWtBlkr4PA6qGjTza
6sPXRUoD2wgSym/aLZNQd4tuGhjgME0Ret0nhVm+18pljmCuG8E2qi4GWyKjcJyb
0VzMOcSGlF/wRtOCPJjZBi/xNLVkzUVzFn2MQwuCDETWf05vZ0nXqJYSYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG0TDlJTTgn80eBK1NK2M9Ffz/npMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvYlJNT1VsTk9DZnpSNEVyVTByWXowVl9QLWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgs+AAMF
AyoMg0ADBQMqFDXAMA0GCSqGSIb3DQEBCwUAA4IBAQBJNobBDyrwLHrM5DBSBacC
Bke10IL4cH/LmzsSKeqHOFnwVYlcV0BqPKFplLIe7UnJW5vUSbi69QACxNmOoWcl
fIngAMKD9g7A9NfPm19AKIcnJxfokUueEzpLaItvguC9fq5OnFm64eb/+yyKtZTG
FYS2ORD4W4fWK9BZUbOX7VC6RHcwZYrTx5deeQ+AseRbEWo4AqRJ3SB2FgMCkiuo
BQzKanssq9GGwkPt86MAzyn0CE3ornlC/sjF/avN/80h+X89WFx3xytB2qIGtPp2
4hALb/5bP0WjKdatbFCSDfeDFCUgIiuE66uoFowoO8EORMkc7URz7/GPaNwFUsvb
-----END CERTIFICATE-----
Generated at Sat Mar 14 01:21:26 2026 by rpki-client