Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/muMwmA_DcJHYk6cC8JGfS8Qs3Ow.roa
File: muMwmA_DcJHYk6cC8JGfS8Qs3Ow.roa (raw, json)
Hash identifier: TvKmwg/qlMRiTL4FxrouC7yMmGmg10ZjBwOy3+t8HqQ=
Subject key identifier: 9A:E3:30:98:0F:C3:70:91:D8:93:A7:02:F0:91:9F:4B:C4:2C:DC:EC
Certificate issuer: /CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Certificate serial: 019E068C95F5373F603812ED3B3BB9976972
Authority key identifier: 12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/muMwmA_DcJHYk6cC8JGfS8Qs3Ow.roa
Signing time: Fri 08 May 2026 07:45:37 +0000
ROA not before: Fri 08 May 2026 07:45:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 2a0f:1080::/32 maxlen: 32
2a0f:1081::/32 maxlen: 32
2a0f:1082::/32 maxlen: 32
2a0f:1083::/32 maxlen: 32
2a0f:1084::/32 maxlen: 32
2a0f:1085::/32 maxlen: 32
2a0f:1086::/32 maxlen: 32
2a0f:1087::/32 maxlen: 32
2a0f:9cc0::/32 maxlen: 32
2a0f:9cc1::/32 maxlen: 32
2a0f:9cc2::/32 maxlen: 32
2a0f:9cc3::/32 maxlen: 32
2a0f:9cc4::/32 maxlen: 32
2a0f:9cc5::/32 maxlen: 32
2a0f:9cc6::/32 maxlen: 32
2a0f:9cc7::/32 maxlen: 32
2a0f:a780::/32 maxlen: 32
2a0f:a781::/32 maxlen: 32
2a0f:a782::/32 maxlen: 32
2a0f:a783::/32 maxlen: 32
2a0f:a784::/32 maxlen: 32
2a0f:a785::/32 maxlen: 32
2a0f:a786::/32 maxlen: 32
2a0f:a787::/32 maxlen: 32
2a14:6a00::/32 maxlen: 32
2a14:6a01::/32 maxlen: 32
2a14:6a02::/32 maxlen: 32
2a14:6a03::/32 maxlen: 32
2a14:6a04::/32 maxlen: 32
2a14:6a05::/32 maxlen: 32
2a14:6a06::/32 maxlen: 32
2a14:6a07::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 May 2026 13:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:06:8c:95:f5:37:3f:60:38:12:ed:3b:3b:b9:97:69:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Validity
Not Before: May 8 07:45:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9ae330980fc37091d893a702f0919f4bc42cdcec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f5:8e:0e:4e:87:8d:63:b2:cc:1c:43:42:c9:
73:de:ad:b6:da:3f:4f:2e:fd:e0:eb:87:09:75:61:
4b:63:91:23:8e:23:e1:fa:0e:85:92:58:db:b0:6d:
92:29:30:e1:bd:ab:2b:b4:e6:c9:70:7a:8d:04:0a:
c1:b9:ca:00:bf:3b:3a:48:60:95:3a:1a:bc:84:5b:
38:b4:11:62:0a:8e:5c:1b:a8:99:80:47:5a:7f:4c:
c7:76:3f:c3:ae:15:4b:0c:4f:02:e7:53:6b:b8:f6:
01:e3:b7:31:23:2f:93:72:48:7c:5b:0a:a3:01:83:
ba:b1:27:b1:9a:8e:7f:23:5a:8a:6a:b2:39:51:06:
b6:6a:e1:cc:d5:39:b8:86:65:c2:7f:e4:c7:c8:bf:
f4:77:7f:ca:6b:0c:1b:c4:65:1c:47:f4:9c:2a:6f:
4b:a2:16:02:08:0a:79:bd:e0:9d:44:d3:fa:1d:a8:
1c:b4:61:cb:b3:fc:70:86:0e:e1:64:f5:45:97:21:
f6:b1:ad:67:d1:d4:9e:cf:94:fb:03:97:06:69:e8:
04:5f:30:30:22:d0:46:a0:43:fd:c0:8e:90:b1:31:
e7:c0:9b:9a:78:a4:d0:2f:77:a6:a2:01:b4:61:a1:
b4:4e:f7:64:f5:78:5a:e8:39:8c:ea:e6:09:dd:1e:
f2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:E3:30:98:0F:C3:70:91:D8:93:A7:02:F0:91:9F:4B:C4:2C:DC:EC
X509v3 Authority Key Identifier:
keyid:12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/muMwmA_DcJHYk6cC8JGfS8Qs3Ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:1080::/29
2a0f:9cc0::/29
2a0f:a780::/29
2a14:6a00::/29
Signature Algorithm: sha256WithRSAEncryption
6f:18:37:86:64:da:9f:44:10:e2:82:ba:fd:65:b7:10:e8:7c:
bb:35:dc:7b:3e:bb:95:2a:c8:d6:3c:44:d6:7a:8e:c6:8f:29:
14:32:b5:7b:17:84:f3:52:69:8f:d2:0c:da:95:03:ff:f9:a5:
c3:7a:9b:83:ce:18:29:f6:e2:bc:86:2a:57:71:e7:21:26:27:
62:68:2b:5a:e3:11:8d:29:c0:2d:b4:bd:98:4a:a8:8e:11:bd:
44:8b:bf:47:9c:e1:f9:00:d8:22:22:bb:76:14:3e:1b:d8:14:
86:69:09:be:a4:11:26:a7:d4:4c:1e:ba:71:18:01:a0:a1:a6:
5c:fc:ae:77:30:89:b7:2d:70:cf:12:22:01:5e:e7:00:15:59:
39:13:eb:0e:99:c5:b5:f4:4b:38:90:db:73:15:3f:b6:8c:1e:
dd:7e:bb:29:d8:9f:e7:fa:90:93:2f:d5:e5:b7:12:47:d2:f2:
1f:26:af:e3:33:a7:6d:55:77:c4:96:97:74:79:c8:25:78:12:
65:1a:d4:42:58:a8:58:e6:41:2e:e3:3a:07:7f:26:f5:03:46:
59:47:0f:57:cf:2f:36:ba:05:75:fb:03:83:11:12:32:f3:19:
10:72:42:3f:32:ea:7e:1f:15:89:b9:8f:1f:2f:a5:d6:fc:37:
6d:8d:05:c9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZ4GjJX1Nz9gOBLtOzu5l2lyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZmQ1NThhNjRlOTc1ODZhNDNkYzdlZTUwYThkNmIyOTIz
NjViNjAwHhcNMjYwNTA4MDc0NTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWUzMzA5ODBmYzM3MDkxZDg5M2E3MDJmMDkxOWY0YmM0MmNkY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvWODk6HjWOyzBxDQslz3q222j9P
Lv3g64cJdWFLY5EjjiPh+g6FkljbsG2SKTDhvasrtObJcHqNBArBucoAvzs6SGCV
Ohq8hFs4tBFiCo5cG6iZgEdaf0zHdj/DrhVLDE8C51NruPYB47cxIy+Tckh8Wwqj
AYO6sSexmo5/I1qKarI5UQa2auHM1Tm4hmXCf+THyL/0d3/KawwbxGUcR/ScKm9L
ohYCCAp5veCdRNP6HagctGHLs/xwhg7hZPVFlyH2sa1n0dSez5T7A5cGaegEXzAw
ItBGoEP9wI6QsTHnwJuaeKTQL3emogG0YaG0Tvdk9Xha6DmM6uYJ3R7ykQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJrjMJgPw3CR2JOnAvCRn0vELNzsMB8GA1UdIwQY
MBaAFBL9VYpk6XWGpD3H7lCo1rKSNltgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMt
MjRkOGU3NDdjMzhmLzEvbXVNd21BX0RjSkhZazZjQzhKR2ZTOFFzM093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMtMjRkOGU3NDdjMzhm
LzEvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKg8QgAMF
AyoPnMADBQMqD6eAAwUDKhRqADANBgkqhkiG9w0BAQsFAAOCAQEAbxg3hmTan0QQ
4oK6/WW3EOh8uzXcez67lSrI1jxE1nqOxo8pFDK1exeE81Jpj9IM2pUD//mlw3qb
g84YKfbivIYqV3HnISYnYmgrWuMRjSnALbS9mEqojhG9RIu/R5zh+QDYIiK7dhQ+
G9gUhmkJvqQRJqfUTB66cRgBoKGmXPyudzCJty1wzxIiAV7nABVZORPrDpnFtfRL
OJDbcxU/towe3X67Kdif5/qQky/V5bcSR9LyHyav4zOnbVV3xJaXdHnIJXgSZRrU
QlioWOZBLuM6B38m9QNGWUcPV88vNroFdfsDgxESMvMZEHJCPzLqfh8VibmPHy+l
1vw3bY0FyQ==
-----END CERTIFICATE-----
Generated at Mon May 11 00:38:08 2026 by rpki-client