Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lo9cHkxcVpNt-3ulCQFEATozG1I.roa
File: lo9cHkxcVpNt-3ulCQFEATozG1I.roa (raw, json)
Hash identifier: v6R+Cb+ckX7VXwBxUnWa6wPNJYXch3MUEstNJtZzQwU=
Subject key identifier: 96:8F:5C:1E:4C:5C:56:93:6D:FB:7B:A5:09:01:44:01:3A:33:1B:52
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 019E548FE5AF4EFB277FE0A61DE0BDEC7E14
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lo9cHkxcVpNt-3ulCQFEATozG1I.roa
Signing time: Sat 23 May 2026 11:19:37 +0000
ROA not before: Sat 23 May 2026 11:19:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62513
IP address blocks: 2a0f:b240::/46 maxlen: 48
2a0f:b240:60::/44 maxlen: 48
2a0f:b240:70::/44 maxlen: 48
2a0f:b240:80::/44 maxlen: 48
2a0f:b240:5800::/40 maxlen: 48
2a0f:b245::/32 maxlen: 48
2a0f:b246::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 May 2026 19:22:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:54:8f:e5:af:4e:fb:27:7f:e0:a6:1d:e0:bd:ec:7e:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: May 23 11:19:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=968f5c1e4c5c56936dfb7ba5090144013a331b52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:41:48:bc:b6:d6:98:c7:69:46:97:45:d7:05:
05:c1:14:16:fe:0b:27:a1:d3:17:a1:1c:67:f0:5b:
ad:2b:21:d6:77:ee:93:9c:ee:df:00:e2:47:e0:f7:
31:81:ff:13:8d:0e:bf:9d:49:39:76:b5:9c:a9:5a:
85:a4:6a:d6:7c:85:d0:df:61:3c:f1:2e:3b:76:68:
39:cc:41:a9:ab:30:8a:8a:53:c4:3c:45:15:3f:a5:
e3:bc:3f:4d:1e:1b:55:8a:58:94:db:30:1b:4d:d3:
a1:39:ee:90:e5:20:e7:63:30:31:f4:4e:0f:61:5d:
89:98:43:3f:e0:a7:a7:d7:29:86:6f:81:49:b4:21:
7e:d9:be:6f:9e:72:45:07:4c:33:0a:4d:7b:c6:0b:
23:3c:b4:d6:54:4a:ea:d7:60:9b:7c:40:b2:7e:2e:
27:66:04:93:11:42:b8:08:46:30:ba:ab:74:e7:bd:
cd:88:84:41:1c:22:d9:fa:c9:49:72:fd:46:1f:32:
2e:b3:88:f6:3b:9c:db:31:24:c4:56:09:f3:8d:92:
bf:db:15:01:a6:ae:e5:4f:74:58:aa:c8:23:ed:7b:
30:c2:db:c7:35:99:23:a6:42:57:14:4b:f5:11:51:
99:9f:36:c9:b9:58:02:c9:c6:bc:d2:77:67:21:cf:
c3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:8F:5C:1E:4C:5C:56:93:6D:FB:7B:A5:09:01:44:01:3A:33:1B:52
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/lo9cHkxcVpNt-3ulCQFEATozG1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:b240::/46
2a0f:b240:60::-2a0f:b240:8f:ffff:ffff:ffff:ffff:ffff
2a0f:b240:5800::/40
2a0f:b245::-2a0f:b246:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
55:76:7d:7f:ab:e2:49:ad:53:42:32:3b:72:3e:9c:06:c6:84:
01:81:88:27:d3:57:57:c6:18:7c:0e:66:62:ff:9c:19:42:60:
82:fe:ac:42:d5:e4:cd:8c:0e:bb:62:74:a8:ad:58:07:ea:e2:
33:86:53:e8:2b:cf:48:50:b8:48:13:62:fe:f8:38:37:37:69:
fc:a9:10:66:fb:e4:ac:c2:f1:a2:39:b1:9a:8f:2e:20:9b:e9:
88:d3:a4:87:54:48:32:a5:ec:b2:3b:49:a3:1d:26:4b:4d:b8:
e3:f2:90:71:d7:42:24:31:08:7c:03:af:9e:38:5d:f4:01:b5:
42:20:18:64:bd:5d:de:d5:12:4d:9f:29:b8:93:16:ea:f3:87:
fa:98:df:b7:90:af:eb:67:b2:18:0c:c9:15:a2:ca:a1:f3:70:
ac:3e:94:27:2c:53:33:43:b3:28:0b:ad:81:cc:c8:1d:4e:dc:
6c:f3:3a:cb:7e:7d:ed:64:09:6d:37:2b:89:c5:df:14:57:fa:
b7:c2:2d:7d:13:f0:e4:e7:82:1f:25:2c:15:b7:4c:23:c9:62:
9e:49:0b:03:6e:bf:dd:12:ba:c5:14:91:84:1f:08:d7:22:58:
9a:15:62:46:1f:11:66:95:13:0c:11:10:99:65:5b:92:a6:2c:
b3:22:c8:ee
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZ5Uj+WvTvsnf+CmHeC97H4UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjYwNTIzMTExOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjhmNWMxZTRjNWM1NjkzNmRmYjdiYTUwOTAxNDQwMTNhMzMxYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkFIvLbWmMdpRpdF1wUFwRQW/gsn
odMXoRxn8FutKyHWd+6TnO7fAOJH4Pcxgf8TjQ6/nUk5drWcqVqFpGrWfIXQ32E8
8S47dmg5zEGpqzCKilPEPEUVP6XjvD9NHhtViliU2zAbTdOhOe6Q5SDnYzAx9E4P
YV2JmEM/4Ken1ymGb4FJtCF+2b5vnnJFB0wzCk17xgsjPLTWVErq12CbfECyfi4n
ZgSTEUK4CEYwuqt0573NiIRBHCLZ+slJcv1GHzIus4j2O5zbMSTEVgnzjZK/2xUB
pq7lT3RYqsgj7XswwtvHNZkjpkJXFEv1EVGZnzbJuVgCyca80ndnIc/DgwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJaPXB5MXFaTbft7pQkBRAE6MxtSMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvbG85Y0hreGNWcE50LTN1bENRRkVBVG96RzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTA7BAIAAjA1AwcCKg+yQAAA
MBIDBwUqD7JAAGADBwQqD7JAAIADBgAqD7JAWDAOAwUAKg+yRQMFACoPskYwDQYJ
KoZIhvcNAQELBQADggEBAFV2fX+r4kmtU0IyO3I+nAbGhAGBiCfTV1fGGHwOZmL/
nBlCYIL+rELV5M2MDrtidKitWAfq4jOGU+grz0hQuEgTYv74ODc3afypEGb75KzC
8aI5sZqPLiCb6YjTpIdUSDKl7LI7SaMdJktNuOPykHHXQiQxCHwDr544XfQBtUIg
GGS9Xd7VEk2fKbiTFurzh/qY37eQr+tnshgMyRWiyqHzcKw+lCcsUzNDsygLrYHM
yB1O3GzzOst+fe1kCW03K4nF3xRX+rfCLX0T8OTngh8lLBW3TCPJYp5JCwNuv90S
usUUkYQfCNciWJoVYkYfEWaVEwwREJllW5KmLLMiyO4=
-----END CERTIFICATE-----
Generated at Thu May 28 23:32:34 2026 by rpki-client