Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/S7tOb1FC2y5ydf4NUTRJLDrxlrQ.roa
File: S7tOb1FC2y5ydf4NUTRJLDrxlrQ.roa (raw, json)
Hash identifier: p3+JSpAtWzX/UnUTWMDeDudBRpThYI/G5eh3Im0HkHI=
Subject key identifier: 4B:BB:4E:6F:51:42:DB:2E:72:75:FE:0D:51:34:49:2C:3A:F1:96:B4
Certificate issuer: /CN=5659b0ba8407be11cfc911bd31ed140cd1c6046c
Certificate serial: 019EEB1B4722D20E3B0475DAE814255CB596
Authority key identifier: 56:59:B0:BA:84:07:BE:11:CF:C9:11:BD:31:ED:14:0C:D1:C6:04:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/S7tOb1FC2y5ydf4NUTRJLDrxlrQ.roa
Signing time: Sun 21 Jun 2026 16:54:53 +0000
ROA not before: Sun 21 Jun 2026 16:54:53 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57050
IP address blocks: 212.81.56.0/24 maxlen: 24
212.81.57.0/24 maxlen: 24
212.81.58.0/24 maxlen: 24
212.81.59.0/24 maxlen: 24
2a10:fa80:10::/48 maxlen: 48
2a10:fa80:56::/48 maxlen: 48
2a10:fa80:57::/48 maxlen: 48
2a10:fa80:58::/48 maxlen: 48
2a10:fa80:59::/48 maxlen: 48
2a10:fa80:92::/48 maxlen: 48
2a10:fa80:212::/48 maxlen: 48
2a10:fa80:216::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.mft
rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 18:43:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:eb:1b:47:22:d2:0e:3b:04:75:da:e8:14:25:5c:b5:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5659b0ba8407be11cfc911bd31ed140cd1c6046c
Validity
Not Before: Jun 21 16:54:53 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4bbb4e6f5142db2e7275fe0d5134492c3af196b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:64:d6:ff:36:8b:15:c2:e1:01:f2:2f:1f:17:
2d:c9:31:ad:fc:d2:20:28:79:02:36:72:de:0a:ff:
72:c6:ad:e1:7d:89:36:1f:f5:0b:29:e9:24:e0:83:
3a:03:bb:ec:b0:ed:60:fc:30:af:0a:f8:9e:c0:c4:
10:12:ce:58:80:39:78:96:39:a9:66:eb:0a:20:8a:
52:32:9c:87:60:88:68:9c:42:10:4a:15:1a:a9:16:
b0:87:97:9b:2a:29:39:a8:34:e9:32:73:ae:4f:4c:
5c:d7:d5:fb:fe:8d:98:9c:45:3b:64:19:97:b4:89:
a6:41:e8:a6:32:c3:3f:5b:91:9b:6c:97:72:01:9e:
8c:34:86:6d:b2:e8:c0:a7:5a:de:d0:0d:07:72:b0:
0e:b4:9c:b6:76:3b:c6:56:b9:ef:c8:df:4e:ec:06:
cc:34:fe:c9:6a:0d:cf:84:f3:2a:17:0a:5c:49:91:
a9:d0:53:50:08:81:1f:42:7f:87:62:06:56:e8:99:
26:64:5e:7c:78:cf:17:d7:86:cf:41:96:99:de:9b:
cf:ec:68:f5:f8:53:a2:af:e9:62:cb:28:4f:95:fa:
e9:b7:1f:ad:60:6b:99:44:ca:08:8e:52:10:9c:41:
cf:5c:c2:60:28:4d:0d:1a:24:f1:17:07:e3:20:d1:
2d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:BB:4E:6F:51:42:DB:2E:72:75:FE:0D:51:34:49:2C:3A:F1:96:B4
X509v3 Authority Key Identifier:
keyid:56:59:B0:BA:84:07:BE:11:CF:C9:11:BD:31:ED:14:0C:D1:C6:04:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VlmwuoQHvhHPyRG9Me0UDNHGBGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/S7tOb1FC2y5ydf4NUTRJLDrxlrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dd8e31-00b5-4212-9e01-2394c6600022/1/VlmwuoQHvhHPyRG9Me0UDNHGBGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.81.56.0/22
IPv6:
2a10:fa80:10::/48
2a10:fa80:56::-2a10:fa80:59:ffff:ffff:ffff:ffff:ffff
2a10:fa80:92::/48
2a10:fa80:212::/48
2a10:fa80:216::/48
Signature Algorithm: sha256WithRSAEncryption
06:70:f8:da:8f:53:29:e7:47:90:06:ea:ca:9a:dd:4b:3d:53:
27:48:cc:64:46:c1:3d:a4:5d:0d:60:59:ff:cf:0e:97:32:d6:
e5:12:22:0b:93:11:05:cd:26:f1:8b:49:ee:22:a3:4e:98:31:
c5:d6:9e:bf:52:8d:b4:a6:19:02:40:0d:fc:16:75:c0:c2:c0:
9f:b0:43:16:90:ee:7f:e5:6b:05:53:07:69:ed:c3:ac:b0:95:
4b:44:d7:70:0e:88:b6:fd:01:1c:c0:11:d4:06:65:00:1e:99:
26:87:90:f6:b9:f5:3b:75:b5:f7:fa:8f:aa:c2:3a:5a:c0:ce:
ce:e0:83:31:62:80:59:56:e0:82:e6:a1:ee:47:88:11:7d:aa:
2c:19:f8:d0:e6:30:0c:ff:f5:b2:17:48:fa:bb:c8:17:79:55:
77:83:ed:6f:ca:e7:09:1d:bf:93:b1:4b:e5:82:93:01:23:36:
c0:89:43:76:d0:a1:4b:d7:d4:a5:6b:7f:1a:9d:2d:1b:58:78:
8c:33:ca:1f:1b:72:52:12:98:a4:da:62:2a:3e:3c:eb:67:29:
ac:aa:a6:5d:8b:0e:e3:dc:67:62:b5:73:51:84:22:ef:0e:14:
a7:90:4f:4e:8f:64:fa:26:33:40:f0:7f:78:f0:c2:78:e5:d3:
11:36:9c:8c
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZ7rG0ci0g47BHXa6BQlXLWWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NTliMGJhODQwN2JlMTFjZmM5MTFiZDMxZWQxNDBjZDFj
NjA0NmMwHhcNMjYwNjIxMTY1NDUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmJiNGU2ZjUxNDJkYjJlNzI3NWZlMGQ1MTM0NDkyYzNhZjE5NmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGTW/zaLFcLhAfIvHxctyTGt/NIg
KHkCNnLeCv9yxq3hfYk2H/ULKekk4IM6A7vssO1g/DCvCviewMQQEs5YgDl4ljmp
ZusKIIpSMpyHYIhonEIQShUaqRawh5ebKik5qDTpMnOuT0xc19X7/o2YnEU7ZBmX
tImmQeimMsM/W5GbbJdyAZ6MNIZtsujAp1re0A0HcrAOtJy2djvGVrnvyN9O7AbM
NP7Jag3PhPMqFwpcSZGp0FNQCIEfQn+HYgZW6JkmZF58eM8X14bPQZaZ3pvP7Gj1
+FOir+liyyhPlfrptx+tYGuZRMoIjlIQnEHPXMJgKE0NGiTxFwfjINEtIwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFEu7Tm9RQtsucnX+DVE0SSw68Za0MB8GA1UdIwQY
MBaAFFZZsLqEB74Rz8kRvTHtFAzRxgRsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmxtd3VvUUh2aEhQeVJHOU1lMFVETkhHQkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kZDhlMzEtMDBiNS00MjEyLTllMDEt
MjM5NGM2NjAwMDIyLzEvUzd0T2IxRkMyeTV5ZGY0TlVUUkpMRHJ4bHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kZDhlMzEtMDBiNS00MjEyLTllMDEtMjM5NGM2NjAwMDIy
LzEvVmxtd3VvUUh2aEhQeVJHOU1lMFVETkhHQkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAMBAIAATAGAwQC1FE4MD4E
AgACMDgDBwAqEPqAABAwEgMHASoQ+oAAVgMHASoQ+oAAWAMHACoQ+oAAkgMHACoQ
+oACEgMHACoQ+oACFjANBgkqhkiG9w0BAQsFAAOCAQEABnD42o9TKedHkAbqyprd
Sz1TJ0jMZEbBPaRdDWBZ/88OlzLW5RIiC5MRBc0m8YtJ7iKjTpgxxdaev1KNtKYZ
AkAN/BZ1wMLAn7BDFpDuf+VrBVMHae3DrLCVS0TXcA6Itv0BHMAR1AZlAB6ZJoeQ
9rn1O3W19/qPqsI6WsDOzuCDMWKAWVbgguah7keIEX2qLBn40OYwDP/1shdI+rvI
F3lVd4Ptb8rnCR2/k7FL5YKTASM2wIlDdtChS9fUpWt/Gp0tG1h4jDPKHxtyUhKY
pNpiKj4862cprKqmXYsO49xnYrVzUYQi7w4Up5BPTo9k+iYzQPB/ePDCeOXTETac
jA==
-----END CERTIFICATE-----
Generated at Sun Jun 28 01:43:56 2026 by rpki-client