Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/DmFGe9DLY_1JVHtRv5-IWlYnId8.roa
File: DmFGe9DLY_1JVHtRv5-IWlYnId8.roa (raw, json)
Hash identifier: RYQkOrIc0cxltO77FcoJ2jTy8qfCkxehJtgNWES43Cc=
Subject key identifier: 0E:61:46:7B:D0:CB:63:FD:49:54:7B:51:BF:9F:88:5A:56:27:21:DF
Certificate issuer: /CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Certificate serial: 019DD8B84971BDA9AB405387BB8AD69E53D6
Authority key identifier: 9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/DmFGe9DLY_1JVHtRv5-IWlYnId8.roa
Signing time: Wed 29 Apr 2026 10:10:49 +0000
ROA not before: Wed 29 Apr 2026 10:10:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213734
IP address blocks: 2a05:b1c0::/29 maxlen: 29
2a11:3cc0::/29 maxlen: 29
2a11:5680::/29 maxlen: 29
2a11:5e00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 02 May 2026 16:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d8:b8:49:71:bd:a9:ab:40:53:87:bb:8a:d6:9e:53:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dc28ae9937ff7e49ec4f1234e53d8b9dd694541
Validity
Not Before: Apr 29 10:10:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0e61467bd0cb63fd49547b51bf9f885a562721df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c1:7e:42:47:96:88:e9:3b:c6:12:f3:bb:9d:
df:7c:9c:91:1e:29:b9:50:7c:57:ee:a4:3c:94:16:
c1:8d:a8:e3:80:f8:de:1e:c3:14:e8:1c:5b:f2:a5:
3c:1f:60:fa:30:fb:1d:75:9c:2e:d1:2f:2c:42:01:
e1:aa:e8:c0:75:d6:bd:e1:7b:0a:f2:07:a3:54:19:
45:4b:53:6a:38:19:d7:9f:ad:74:57:fa:d8:1f:c0:
ed:8a:3d:05:8c:6a:17:6b:03:f9:a0:62:0c:15:16:
40:3d:95:b4:ac:f0:c6:49:a0:c5:e9:56:14:14:60:
d8:88:2f:27:84:1e:74:31:bb:04:66:10:64:1c:64:
8e:08:bd:75:8d:6c:07:a8:ef:2e:4d:6b:b4:9f:bc:
40:22:e8:34:0d:bd:56:ee:e3:06:7c:12:be:cf:a6:
04:d8:aa:17:e4:89:06:be:39:3e:ba:47:60:09:eb:
40:c9:fe:f5:f8:50:56:86:ea:a5:73:95:2c:45:f5:
e5:57:e4:d6:e5:9b:c2:53:50:a6:35:e2:78:a4:f1:
b2:e6:5c:d5:2b:42:5a:14:12:76:cf:92:9b:4b:73:
ab:19:ee:70:65:82:81:a8:6e:01:18:bd:e4:a5:97:
e6:d6:2b:a2:a6:af:d9:32:60:22:d1:c3:58:1d:64:
c4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:61:46:7B:D0:CB:63:FD:49:54:7B:51:BF:9F:88:5A:56:27:21:DF
X509v3 Authority Key Identifier:
keyid:9D:C2:8A:E9:93:7F:F7:E4:9E:C4:F1:23:4E:53:D8:B9:DD:69:45:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ncKK6ZN_9-SexPEjTlPYud1pRUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/DmFGe9DLY_1JVHtRv5-IWlYnId8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c0330c-9872-4ac6-a22c-192cbd08db51/1/ncKK6ZN_9-SexPEjTlPYud1pRUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b1c0::/29
2a11:3cc0::/29
2a11:5680::/29
2a11:5e00::/29
Signature Algorithm: sha256WithRSAEncryption
73:b5:18:d3:2a:c9:ad:63:9c:db:3b:33:1c:fd:16:c3:54:49:
03:86:80:3a:9f:26:94:cb:72:2e:c3:85:90:49:c6:56:5f:f2:
09:0f:da:c8:bd:8b:72:11:ba:e6:f0:f7:87:da:a7:94:3a:c9:
3e:87:c7:3d:78:a9:fa:e4:a9:84:d8:2d:53:9d:50:7a:49:e4:
c0:d6:9e:05:b7:56:55:83:12:63:c7:99:06:83:18:6a:ea:a1:
22:e5:13:e0:28:6f:ea:3d:e3:e1:6e:fd:09:aa:67:df:64:0b:
8c:3e:fb:06:e3:ff:61:2a:67:36:41:df:41:45:a3:6b:5f:43:
7b:72:a8:25:ed:26:22:ce:d4:35:1e:06:24:f5:4a:ea:96:8a:
89:e2:9a:16:3d:34:23:c2:80:56:fc:d6:f9:6a:bf:76:c3:5b:
aa:f7:27:7a:96:d1:3d:86:2c:9a:dd:7d:63:16:17:cb:85:77:
70:df:22:a3:08:ee:8d:8d:5d:9c:dd:57:13:df:9c:b3:8b:77:
23:0a:bb:7d:d6:5f:f0:bd:db:3e:01:4a:7b:be:5d:dc:23:84:
6a:73:39:d3:96:2c:88:6f:88:1f:99:44:ce:00:d9:0e:d1:b2:
1a:58:8e:c9:06:79:79:58:3f:00:a0:50:7f:04:79:f4:7f:68:
08:bc:ca:c7
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZ3YuElxvamrQFOHu4rWnlPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYzI4YWU5OTM3ZmY3ZTQ5ZWM0ZjEyMzRlNTNkOGI5ZGQ2
OTQ1NDEwHhcNMjYwNDI5MTAxMDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTYxNDY3YmQwY2I2M2ZkNDk1NDdiNTFiZjlmODg1YTU2MjcyMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsF+QkeWiOk7xhLzu53ffJyRHim5
UHxX7qQ8lBbBjajjgPjeHsMU6Bxb8qU8H2D6MPsddZwu0S8sQgHhqujAdda94XsK
8gejVBlFS1NqOBnXn610V/rYH8Dtij0FjGoXawP5oGIMFRZAPZW0rPDGSaDF6VYU
FGDYiC8nhB50MbsEZhBkHGSOCL11jWwHqO8uTWu0n7xAIug0Db1W7uMGfBK+z6YE
2KoX5IkGvjk+ukdgCetAyf71+FBWhuqlc5UsRfXlV+TW5ZvCU1CmNeJ4pPGy5lzV
K0JaFBJ2z5KbS3OrGe5wZYKBqG4BGL3kpZfm1iuipq/ZMmAi0cNYHWTE7wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFA5hRnvQy2P9SVR7Ub+fiFpWJyHfMB8GA1UdIwQY
MBaAFJ3CiumTf/fknsTxI05T2LndaUVBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMt
MTkyY2JkMDhkYjUxLzEvRG1GR2U5RExZXzFKVkh0UnY1LUlXbFluSWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jMDMzMGMtOTg3Mi00YWM2LWEyMmMtMTkyY2JkMDhkYjUx
LzEvbmNLSzZaTl85LVNleFBFalRsUFl1ZDFwUlVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgWxwAMF
AyoRPMADBQMqEVaAAwUDKhFeADANBgkqhkiG9w0BAQsFAAOCAQEAc7UY0yrJrWOc
2zszHP0Ww1RJA4aAOp8mlMtyLsOFkEnGVl/yCQ/ayL2LchG65vD3h9qnlDrJPofH
PXip+uSphNgtU51QeknkwNaeBbdWVYMSY8eZBoMYauqhIuUT4Chv6j3j4W79Capn
32QLjD77BuP/YSpnNkHfQUWja19De3KoJe0mIs7UNR4GJPVK6paKieKaFj00I8KA
VvzW+Wq/dsNbqvcnepbRPYYsmt19YxYXy4V3cN8iowjujY1dnN1XE9+cs4t3Iwq7
fdZf8L3bPgFKe75d3COEanM505YsiG+IH5lEzgDZDtGyGliOyQZ5eVg/AKBQfwR5
9H9oCLzKxw==
-----END CERTIFICATE-----
Generated at Fri May 1 19:09:53 2026 by rpki-client