Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/f6AT6qK0UAoYxCU6h6a5zuL-r8A.roa
File: f6AT6qK0UAoYxCU6h6a5zuL-r8A.roa (raw, json)
Hash identifier: YPztMteEtfkspmy95oH8dq9G9lIhU3ylPMWU2Ebk6Ho=
Subject key identifier: 7F:A0:13:EA:A2:B4:50:0A:18:C4:25:3A:87:A6:B9:CE:E2:FE:AF:C0
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 019EDA5ADC2AA24F0FB928BC1D60E4F7FA1F
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/f6AT6qK0UAoYxCU6h6a5zuL-r8A.roa
Signing time: Thu 18 Jun 2026 10:50:48 +0000
ROA not before: Thu 18 Jun 2026 10:50:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 402402
IP address blocks: 2a09:8140::/29 maxlen: 29
2a11:fa00::/29 maxlen: 29
2a12:4480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 22:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:da:5a:dc:2a:a2:4f:0f:b9:28:bc:1d:60:e4:f7:fa:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Jun 18 10:50:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7fa013eaa2b4500a18c4253a87a6b9cee2feafc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b0:57:32:62:e3:6e:2b:21:c8:53:60:e8:66:
42:f7:1b:83:36:05:d9:3c:d4:f2:2e:8b:c7:a6:35:
e4:17:ab:4b:6f:78:cd:94:36:26:56:18:9b:de:55:
5a:22:7b:94:f5:aa:b2:b6:a9:e4:f6:4a:ae:74:dc:
10:ca:e9:d3:97:49:b6:ca:fa:5e:e0:4e:be:b2:fb:
e2:af:03:bf:41:28:44:04:83:1b:c5:cb:94:34:e2:
c3:46:07:46:6a:5d:fb:c1:c3:b7:1e:5d:85:8b:47:
2c:21:fc:7b:e8:52:3d:0f:0a:b0:ab:80:d4:52:9c:
89:d2:8e:ad:76:4e:84:5d:06:22:27:11:32:78:92:
61:01:95:52:1b:fe:77:bb:10:80:c9:78:0a:d4:8f:
4c:b0:1e:f6:66:e6:42:85:d5:2c:98:45:c4:d0:81:
48:7a:af:fa:e4:ad:ed:11:e1:c5:60:7c:e7:81:e6:
83:92:fa:1a:eb:49:3d:26:a0:1f:fa:a6:d3:48:40:
9a:35:3b:72:89:df:8e:b1:f3:dc:8c:68:ac:32:a8:
e9:61:b5:29:35:93:28:f8:2c:5e:ff:44:e2:3f:54:
ef:dc:3e:42:68:65:7e:e4:1c:9f:97:b8:07:b9:5b:
a8:b4:4a:05:88:56:3a:7a:a1:e0:a6:26:98:b6:2b:
d9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:A0:13:EA:A2:B4:50:0A:18:C4:25:3A:87:A6:B9:CE:E2:FE:AF:C0
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/f6AT6qK0UAoYxCU6h6a5zuL-r8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:8140::/29
2a11:fa00::/29
2a12:4480::/29
Signature Algorithm: sha256WithRSAEncryption
6b:bb:16:12:64:bc:6f:5e:cb:b1:d7:0e:be:d5:fa:59:a7:67:
ad:f1:37:fc:a1:a3:1e:e2:a1:08:0d:7c:df:7a:5c:cf:d5:48:
79:14:64:54:12:6c:11:bf:44:07:b0:01:cf:a7:88:64:a6:3e:
7f:7c:e6:93:5f:29:cc:0a:f9:d2:d4:d9:4f:89:41:8c:04:98:
9f:87:b7:e8:39:25:a8:33:b2:04:5a:a5:3b:01:bd:f3:bc:3e:
76:9b:23:24:d0:02:2c:e8:9a:f2:50:e4:d0:ff:0d:74:0c:a1:
7e:43:5e:73:fd:9e:84:42:70:96:40:68:58:5b:75:06:1f:ef:
ca:87:f9:d1:c6:98:03:9c:74:ac:7f:ba:3e:87:27:93:fd:1f:
ac:e3:51:9a:e0:91:38:d3:77:07:1e:2f:f4:3b:84:f8:22:cd:
a7:77:3a:b8:d9:42:43:fc:f7:79:9f:38:22:16:a3:7f:c1:76:
b8:c9:5f:23:61:da:35:fd:a5:1b:f4:ce:5a:78:40:eb:ac:c0:
7d:12:be:92:bf:81:15:0f:d4:76:11:27:b3:7e:8a:ac:12:4d:
57:b8:cf:92:09:48:da:16:41:41:d3:19:38:2a:a1:5f:79:6c:
4d:77:71:09:cb:c1:d6:f4:45:7a:46:8a:1e:51:c2:f9:6b:20:
17:27:c0:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ7aWtwqok8PuSi8HWDk9/ofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjYwNjE4MTA1MDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmEwMTNlYWEyYjQ1MDBhMThjNDI1M2E4N2E2YjljZWUyZmVhZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbBXMmLjbishyFNg6GZC9xuDNgXZ
PNTyLovHpjXkF6tLb3jNlDYmVhib3lVaInuU9aqytqnk9kqudNwQyunTl0m2yvpe
4E6+svvirwO/QShEBIMbxcuUNOLDRgdGal37wcO3Hl2Fi0csIfx76FI9Dwqwq4DU
UpyJ0o6tdk6EXQYiJxEyeJJhAZVSG/53uxCAyXgK1I9MsB72ZuZChdUsmEXE0IFI
eq/65K3tEeHFYHzngeaDkvoa60k9JqAf+qbTSECaNTtyid+OsfPcjGisMqjpYbUp
NZMo+Cxe/0TiP1Tv3D5CaGV+5Byfl7gHuVuotEoFiFY6eqHgpiaYtivZpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH+gE+qitFAKGMQlOoemuc7i/q/AMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvZjZBVDZxSzBVQW9ZeENVNmg2YTV6dUwtcjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgmBQAMF
AyoR+gADBQMqEkSAMA0GCSqGSIb3DQEBCwUAA4IBAQBruxYSZLxvXsux1w6+1fpZ
p2et8Tf8oaMe4qEIDXzfelzP1Uh5FGRUEmwRv0QHsAHPp4hkpj5/fOaTXynMCvnS
1NlPiUGMBJifh7foOSWoM7IEWqU7Ab3zvD52myMk0AIs6JryUOTQ/w10DKF+Q15z
/Z6EQnCWQGhYW3UGH+/Kh/nRxpgDnHSsf7o+hyeT/R+s41Ga4JE403cHHi/0O4T4
Is2ndzq42UJD/Pd5nzgiFqN/wXa4yV8jYdo1/aUb9M5aeEDrrMB9Er6Sv4EVD9R2
ESezfoqsEk1XuM+SCUjaFkFB0xk4KqFfeWxNd3EJy8HW9EV6RooeUcL5ayAXJ8Dc
-----END CERTIFICATE-----
Generated at Sat Jun 20 06:11:23 2026 by rpki-client