Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/imIywgpJ_FdwT8doZsZTuqw5P9M.roa
File: imIywgpJ_FdwT8doZsZTuqw5P9M.roa (raw, json)
Hash identifier: Cxjs5856hD8j9zIfdyauDo4qD8KRSqA2Jh7y19SCIEs=
Subject key identifier: 8A:62:32:C2:0A:49:FC:57:70:4F:C7:68:66:C6:53:BA:AC:39:3F:D3
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019DE00B49F42CD93BA240C2333798FD2FB2
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/imIywgpJ_FdwT8doZsZTuqw5P9M.roa
Signing time: Thu 30 Apr 2026 20:18:49 +0000
ROA not before: Thu 30 Apr 2026 20:18:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34775
IP address blocks: 2a04:5f80::/29 maxlen: 48
2a06:2a00::/29 maxlen: 48
2a06:7780::/29 maxlen: 48
2a06:ba00::/29 maxlen: 48
2a09:940::/29 maxlen: 48
2a09:12c0::/29 maxlen: 48
2a09:13c0::/29 maxlen: 48
2a09:41c0::/29 maxlen: 48
2a09:4cc0::/29 maxlen: 48
2a09:4f40::/29 maxlen: 48
2a09:4fc0::/29 maxlen: 48
2a09:5040::/29 maxlen: 48
2a09:50c0::/29 maxlen: 48
2a09:5140::/29 maxlen: 48
2a09:5240::/29 maxlen: 48
2a09:6a80::/29 maxlen: 48
2a09:6dc0::/29 maxlen: 48
2a09:73c0::/29 maxlen: 48
2a09:7a40::/29 maxlen: 48
2a09:8a40::/29 maxlen: 48
2a09:8a80::/29 maxlen: 48
2a09:95c0::/29 maxlen: 48
2a09:97c0::/29 maxlen: 48
2a09:9840::/29 maxlen: 48
2a09:9ac0::/29 maxlen: 48
2a09:9b40::/29 maxlen: 48
2a09:a400::/29 maxlen: 48
2a09:a840::/29 maxlen: 48
2a09:a9c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 11:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e0:0b:49:f4:2c:d9:3b:a2:40:c2:33:37:98:fd:2f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 30 20:18:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8a6232c20a49fc57704fc76866c653baac393fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:8a:94:db:e0:29:59:14:39:de:1e:1c:cb:cd:
91:8b:d1:65:a3:7d:7b:64:48:01:f6:e3:ac:d7:e9:
4a:68:a0:92:76:22:a3:2f:01:66:e4:f8:ea:af:06:
44:27:b9:f3:ff:5f:52:b7:55:ea:41:e1:ee:58:01:
11:0a:04:7c:9f:dd:c3:d9:db:59:ba:10:83:17:51:
b9:d6:11:11:a0:5c:4d:70:58:96:44:17:b6:8b:fd:
2c:48:16:69:e3:0f:20:37:07:58:87:3d:db:f9:f7:
25:fd:25:45:40:b9:0a:56:13:58:e7:fe:ef:d4:93:
ce:64:4f:91:7a:a9:c3:ff:20:75:1a:84:20:80:3e:
53:3a:5b:2b:32:06:b0:c0:d9:79:c9:5d:4c:66:01:
6e:97:b1:99:cf:9e:29:a2:3d:f6:ee:ea:bb:90:60:
46:52:5d:e5:2e:9e:42:68:0b:f7:e6:70:9b:81:83:
cf:3b:ab:92:7b:47:2f:38:df:e2:81:df:ff:e5:5a:
8f:d0:4d:1a:78:e6:bb:82:81:b6:34:f0:df:89:ec:
e4:bb:66:9e:a7:2b:41:10:5a:a6:94:ec:1b:54:a1:
69:a2:ea:fd:04:e1:9c:1a:5f:b1:e5:1f:0c:1a:4a:
83:a1:57:37:56:5f:40:d8:97:15:f8:b5:79:7f:9b:
6f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:62:32:C2:0A:49:FC:57:70:4F:C7:68:66:C6:53:BA:AC:39:3F:D3
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/imIywgpJ_FdwT8doZsZTuqw5P9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:5f80::/29
2a06:2a00::/29
2a06:7780::/29
2a06:ba00::/29
2a09:940::/29
2a09:12c0::/29
2a09:13c0::/29
2a09:41c0::/29
2a09:4cc0::/29
2a09:4f40::/29
2a09:4fc0::/29
2a09:5040::/29
2a09:50c0::/29
2a09:5140::/29
2a09:5240::/29
2a09:6a80::/29
2a09:6dc0::/29
2a09:73c0::/29
2a09:7a40::/29
2a09:8a40::/29
2a09:8a80::/29
2a09:95c0::/29
2a09:97c0::/29
2a09:9840::/29
2a09:9ac0::/29
2a09:9b40::/29
2a09:a400::/29
2a09:a840::/29
2a09:a9c0::/29
Signature Algorithm: sha256WithRSAEncryption
09:dd:74:36:29:81:02:c8:8f:ca:10:16:5a:2e:ac:35:38:c2:
7b:34:42:c8:f7:d6:0d:70:20:f6:d1:01:1a:e2:21:b2:4d:b0:
02:81:02:25:ef:9b:d2:e8:5d:b0:62:58:a9:e9:c7:e7:45:f3:
a9:50:7c:f1:94:8a:c9:0b:cd:aa:a5:5a:4f:76:1a:1f:d9:88:
1a:b9:4f:6d:91:56:84:cb:7c:82:6b:d9:83:6f:74:fd:83:f9:
dd:89:d0:09:f2:86:c4:71:3c:8f:bb:99:25:7f:60:c2:6d:ac:
62:07:b1:3e:e5:4b:5d:69:40:4c:db:9c:b7:18:a9:8e:ca:62:
6f:cf:08:7a:e3:7b:d7:a3:17:34:85:c0:12:34:99:9f:01:65:
09:a4:bb:7d:eb:86:c8:ec:d6:61:26:c8:a4:c4:00:50:73:60:
3c:2a:b3:08:3c:1c:8f:be:27:ee:59:f0:55:a5:f3:08:cd:3d:
93:24:62:d0:e0:71:63:92:48:56:d7:66:f8:b6:5c:18:db:c7:
5b:f3:3f:56:48:a8:12:65:86:d4:7c:56:c3:31:4a:5c:0e:34:
d2:2f:42:a6:c6:d0:45:2f:e8:e9:7b:1c:ee:23:a0:64:a1:4e:
c6:89:aa:25:31:74:ed:ff:c3:36:90:e8:88:d4:b7:3b:8c:d2:
21:94:30:6a
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAZ3gC0n0LNk7okDCMzeY/S+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNDMwMjAxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTYyMzJjMjBhNDlmYzU3NzA0ZmM3Njg2NmM2NTNiYWFjMzkzZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4qU2+ApWRQ53h4cy82Ri9Flo317
ZEgB9uOs1+lKaKCSdiKjLwFm5PjqrwZEJ7nz/19St1XqQeHuWAERCgR8n93D2dtZ
uhCDF1G51hERoFxNcFiWRBe2i/0sSBZp4w8gNwdYhz3b+fcl/SVFQLkKVhNY5/7v
1JPOZE+ReqnD/yB1GoQggD5TOlsrMgawwNl5yV1MZgFul7GZz54poj327uq7kGBG
Ul3lLp5CaAv35nCbgYPPO6uSe0cvON/igd//5VqP0E0aeOa7goG2NPDfiezku2ae
pytBEFqmlOwbVKFpour9BOGcGl+x5R8MGkqDoVc3Vl9A2JcV+LV5f5tvaQIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFIpiMsIKSfxXcE/HaGbGU7qsOT/TMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvaW1JeXdncEpfRmR3VDhkb1pzWlR1cXc1UDlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCB0gQCAAIwgcsDBQMq
BF+AAwUDKgYqAAMFAyoGd4ADBQMqBroAAwUDKgkJQAMFAyoJEsADBQMqCRPAAwUD
KglBwAMFAyoJTMADBQMqCU9AAwUDKglPwAMFAyoJUEADBQMqCVDAAwUDKglRQAMF
AyoJUkADBQMqCWqAAwUDKgltwAMFAyoJc8ADBQMqCXpAAwUDKgmKQAMFAyoJioAD
BQMqCZXAAwUDKgmXwAMFAyoJmEADBQMqCZrAAwUDKgmbQAMFAyoJpAADBQMqCahA
AwUDKgmpwDANBgkqhkiG9w0BAQsFAAOCAQEACd10NimBAsiPyhAWWi6sNTjCezRC
yPfWDXAg9tEBGuIhsk2wAoECJe+b0uhdsGJYqenH50XzqVB88ZSKyQvNqqVaT3Ya
H9mIGrlPbZFWhMt8gmvZg290/YP53YnQCfKGxHE8j7uZJX9gwm2sYgexPuVLXWlA
TNuctxipjspib88IeuN716MXNIXAEjSZnwFlCaS7feuGyOzWYSbIpMQAUHNgPCqz
CDwcj74n7lnwVaXzCM09kyRi0OBxY5JIVtdm+LZcGNvHW/M/VkioEmWG1HxWwzFK
XA400i9CpsbQRS/o6Xsc7iOgZKFOxomqJTF07f/DNpDoiNS3O4zSIZQwag==
-----END CERTIFICATE-----
Generated at Sun May 3 17:06:22 2026 by rpki-client