Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/uayznK7Xi1PmLEKqmmhtj-vOYjA.roa
File: uayznK7Xi1PmLEKqmmhtj-vOYjA.roa (raw, json)
Hash identifier: x1gn7thHOYGkGoiVnRfnkNxllHObo5dXi6/secIcsj4=
Subject key identifier: B9:AC:B3:9C:AE:D7:8B:53:E6:2C:42:AA:9A:68:6D:8F:EB:CE:62:30
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019E219E351189C056EAF4B9AE042AF1FB4C
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/uayznK7Xi1PmLEKqmmhtj-vOYjA.roa
Signing time: Wed 13 May 2026 13:54:36 +0000
ROA not before: Wed 13 May 2026 13:54:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39686
IP address blocks: 2a07:3500:11e0::/48 maxlen: 48
2a07:3501:1010::/46 maxlen: 48
2a07:3501:1031::/48 maxlen: 48
2a07:3501:1032::/47 maxlen: 47
2a07:3501:1050::/48 maxlen: 48
2a07:3501:1060::/48 maxlen: 48
2a07:3502:10e0::/48 maxlen: 48
2a07:3502:11c0::/48 maxlen: 48
2a07:3502:1210::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Jun 2026 11:14:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:21:9e:35:11:89:c0:56:ea:f4:b9:ae:04:2a:f1:fb:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: May 13 13:54:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b9acb39caed78b53e62c42aa9a686d8febce6230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cf:85:60:8f:9f:95:04:f5:ef:3b:c1:cd:0b:
a1:51:53:84:4b:ce:ef:5e:af:bd:bf:5a:e1:f1:e3:
12:03:cb:56:cc:a7:cd:35:ec:bb:55:3f:42:a3:3b:
e5:2d:c1:6f:6a:b4:ba:a8:48:f5:00:d9:78:78:52:
3f:cb:af:7a:f6:26:c9:89:b4:0d:b7:0b:f4:15:ba:
d3:17:a4:24:26:be:e8:0d:62:76:d2:a7:ef:22:40:
0e:bb:c1:61:04:4e:b5:e3:49:fa:c9:18:a4:87:93:
79:28:50:0d:7f:24:bb:4f:9f:6c:e9:f0:03:a8:ab:
1d:9a:ab:c0:8b:da:47:97:97:37:0c:31:aa:ef:ee:
ac:be:00:bb:e6:47:b6:9f:4a:ba:c1:bc:59:43:37:
5d:8b:7a:13:84:e1:bf:50:d9:50:12:17:7a:99:e9:
e8:03:70:8c:e9:f8:e3:e2:b0:4e:13:7d:39:8d:60:
b0:ed:2d:91:25:bf:9c:40:37:a4:e7:67:af:c6:96:
7d:f8:c3:e2:74:a6:aa:01:81:fa:df:32:f9:59:2e:
ff:34:a6:eb:c0:19:96:34:58:30:0c:cc:e5:94:e9:
80:68:c5:2b:50:04:bc:56:e6:ba:0c:fb:85:13:74:
04:68:64:b3:7a:cb:53:07:8c:b8:76:ea:ff:0f:8b:
03:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:AC:B3:9C:AE:D7:8B:53:E6:2C:42:AA:9A:68:6D:8F:EB:CE:62:30
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/uayznK7Xi1PmLEKqmmhtj-vOYjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:3500:11e0::/48
2a07:3501:1010::/46
2a07:3501:1031::-2a07:3501:1033:ffff:ffff:ffff:ffff:ffff
2a07:3501:1050::/48
2a07:3501:1060::/48
2a07:3502:10e0::/48
2a07:3502:11c0::/48
2a07:3502:1210::/46
Signature Algorithm: sha256WithRSAEncryption
45:e1:44:04:75:ff:58:15:27:24:fa:15:d7:d8:d4:c4:5d:20:
89:17:e5:e1:d1:d5:ee:28:05:55:ab:76:ba:42:f2:bc:42:c0:
d8:82:5c:ff:29:92:e0:a7:25:48:a2:95:c6:9a:d0:8b:3d:0e:
d2:7a:27:f6:e1:e1:27:20:2e:2b:41:29:6b:5c:59:84:42:06:
13:46:cf:f3:e6:6f:f5:0b:b6:9b:c8:cd:ae:0f:ab:22:0f:dd:
34:7d:e3:33:38:af:84:43:18:c0:3f:ad:9a:7d:07:26:a4:c0:
e8:fe:4c:ef:74:c5:1a:fa:89:9a:5a:6c:78:d4:19:6a:8f:92:
1d:81:ba:e9:82:27:6a:41:0c:14:2d:e9:bb:1d:b1:7a:ab:00:
47:6b:ff:cd:70:55:2c:67:0a:c0:f8:4a:94:e1:19:51:2d:d8:
94:a6:a0:09:af:c9:b2:67:9d:a4:f7:6b:68:1b:48:d1:cd:f3:
32:79:d9:34:bf:c0:aa:65:f2:da:8b:c8:00:66:df:e0:5e:3e:
2b:30:01:92:34:48:e1:50:eb:67:39:43:86:27:59:7c:26:d7:
4a:e5:22:a2:0a:59:8b:0a:b6:28:93:dd:85:f9:f6:0d:d4:15:
2e:c3:b6:7c:ec:0e:94:4c:0c:86:dc:3f:6b:83:58:f8:5f:85:
1f:ee:04:b2
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZ4hnjURicBW6vS5rgQq8ftMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjYwNTEzMTM1NDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWFjYjM5Y2FlZDc4YjUzZTYyYzQyYWE5YTY4NmQ4ZmViY2U2MjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqc+FYI+flQT17zvBzQuhUVOES87v
Xq+9v1rh8eMSA8tWzKfNNey7VT9CozvlLcFvarS6qEj1ANl4eFI/y6969ibJibQN
twv0FbrTF6QkJr7oDWJ20qfvIkAOu8FhBE6140n6yRikh5N5KFANfyS7T59s6fAD
qKsdmqvAi9pHl5c3DDGq7+6svgC75ke2n0q6wbxZQzddi3oThOG/UNlQEhd6meno
A3CM6fjj4rBOE305jWCw7S2RJb+cQDek52evxpZ9+MPidKaqAYH63zL5WS7/NKbr
wBmWNFgwDMzllOmAaMUrUAS8Vua6DPuFE3QEaGSzestTB4y4dur/D4sD4wIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFLmss5yu14tT5ixCqppobY/rzmIwMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvdWF5em5LN1hpMVBtTEVLcW1taHRqLXZPWWpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBZBAIAAjBTAwcAKgc1ABHg
AwcCKgc1ARAQMBIDBwAqBzUBEDEDBwIqBzUBEDADBwAqBzUBEFADBwAqBzUBEGAD
BwAqBzUCEOADBwAqBzUCEcADBwIqBzUCEhAwDQYJKoZIhvcNAQELBQADggEBAEXh
RAR1/1gVJyT6FdfY1MRdIIkX5eHR1e4oBVWrdrpC8rxCwNiCXP8pkuCnJUiilcaa
0Is9DtJ6J/bh4ScgLitBKWtcWYRCBhNGz/Pmb/ULtpvIza4PqyIP3TR94zM4r4RD
GMA/rZp9ByakwOj+TO90xRr6iZpabHjUGWqPkh2BuumCJ2pBDBQt6bsdsXqrAEdr
/81wVSxnCsD4SpThGVEt2JSmoAmvybJnnaT3a2gbSNHN8zJ52TS/wKpl8tqLyABm
3+BePiswAZI0SOFQ62c5Q4YnWXwm10rlIqIKWYsKtiiT3YX59g3UFS7DtnzsDpRM
DIbcP2uDWPhfhR/uBLI=
-----END CERTIFICATE-----
Generated at Tue Jun 9 17:14:29 2026 by rpki-client