Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/egHRnc_MninFna03ktsU1Cn2Oc4.roa
File: egHRnc_MninFna03ktsU1Cn2Oc4.roa (raw, json)
Hash identifier: RiTcvVXihH2bYHqfyI9XZCVv75wF8MmzZBr3HWNNEhg=
Subject key identifier: 7A:01:D1:9D:CF:CC:9E:29:C5:9D:AD:37:92:DB:14:D4:29:F6:39:CE
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 019D249B6E52DA8935F1C562824E0FBDD973
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/egHRnc_MninFna03ktsU1Cn2Oc4.roa
Signing time: Wed 25 Mar 2026 10:47:39 +0000
ROA not before: Wed 25 Mar 2026 10:47:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 2a14:67c1:a128::/48 maxlen: 48
2a14:67c1:a129::/48 maxlen: 48
2a14:67c2:510::/48 maxlen: 48
2a14:67c2:576::/48 maxlen: 48
2a14:67c3:30::/44 maxlen: 44
2a14:67c3:180::/44 maxlen: 48
2a14:67c3:cafe::/48 maxlen: 48
2a14:67c3:e622::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:24:9b:6e:52:da:89:35:f1:c5:62:82:4e:0f:bd:d9:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Mar 25 10:47:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7a01d19dcfcc9e29c59dad3792db14d429f639ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:32:39:bd:10:cc:87:e1:01:9a:a5:57:a3:64:
db:9f:ca:f2:05:a6:78:66:74:f2:37:c3:09:45:c1:
da:23:a5:36:c7:ca:ae:e1:b9:46:df:c9:8b:90:a3:
ca:cd:b0:1d:4a:f8:94:75:ee:93:92:cb:36:3f:fe:
ab:2d:2b:57:f5:08:5d:e3:08:84:cf:65:90:c7:8c:
09:89:40:c2:e4:94:24:4a:c6:5e:a6:63:12:a1:29:
c8:25:a1:e8:4c:46:ca:bb:05:d1:3c:10:94:03:97:
d2:6f:38:f3:aa:fb:17:36:67:19:14:9c:9b:f4:70:
77:81:8d:89:06:4d:99:3f:16:c5:6e:b6:6f:cf:c5:
75:eb:b4:56:5a:4e:f0:27:10:9a:72:c3:1d:c2:35:
47:08:c5:cd:6f:38:d1:e2:ba:41:09:58:63:0f:fd:
27:fa:1e:bf:94:2d:dc:32:5e:8a:b5:12:16:5a:d4:
c9:06:ed:ba:0e:f0:9e:31:49:47:aa:d4:00:cb:b1:
bd:ba:a1:4a:50:b5:03:47:e7:09:e0:53:64:12:39:
f3:d8:74:2d:e2:31:f7:90:d4:7b:85:6b:bd:2f:05:
9e:3b:cb:1c:1b:24:28:c0:64:d1:98:82:16:d5:5e:
93:5f:79:91:e9:08:65:fe:c3:a8:e3:d7:72:15:41:
91:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:01:D1:9D:CF:CC:9E:29:C5:9D:AD:37:92:DB:14:D4:29:F6:39:CE
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/egHRnc_MninFna03ktsU1Cn2Oc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:a128::/47
2a14:67c2:510::/48
2a14:67c2:576::/48
2a14:67c3:30::/44
2a14:67c3:180::/44
2a14:67c3:cafe::/48
2a14:67c3:e622::/48
Signature Algorithm: sha256WithRSAEncryption
10:a0:85:95:1b:51:00:0b:4e:36:f9:66:b5:a3:31:1e:67:01:
f7:22:85:c3:92:06:30:b1:8d:c8:b3:a3:96:51:d6:c2:69:01:
24:67:bf:3a:46:9e:10:8b:c0:3d:62:f6:c7:d1:63:1d:68:89:
93:2d:54:49:61:34:61:a4:7f:66:e7:28:1f:d8:95:43:e5:9c:
6c:05:1b:81:f6:97:94:b7:db:1b:0b:d9:f7:22:e3:a3:07:97:
67:b4:81:4b:64:30:8d:a0:26:3b:91:c9:7e:24:11:d5:ec:6a:
be:03:7a:ca:78:6a:05:42:1b:de:22:cf:ac:fe:26:c7:fe:77:
1a:0e:d0:11:0c:53:f6:6c:4e:fa:5a:7f:52:2f:c9:08:9f:4e:
0d:c1:22:21:4d:a4:f9:94:14:c9:e5:36:23:23:11:47:98:b5:
f4:80:e8:c9:c8:11:a5:ed:9e:62:b8:4e:69:26:ea:51:cb:72:
d6:cf:b2:3a:a8:06:06:f1:46:44:b0:da:36:26:ce:4d:ff:a1:
89:35:a8:bd:fa:05:db:ee:ce:1f:2e:35:5e:ec:19:85:43:81:
a9:a4:d9:a2:01:f9:27:a2:2e:aa:56:51:80:6c:c1:0d:87:64:
3b:d1:7b:af:c5:f7:51:f3:5e:7c:89:b9:24:0e:7d:b8:12:f8:
14:ae:21:3b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZ0km25S2ok18cVigk4PvdlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjYwMzI1MTA0NzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTAxZDE5ZGNmY2M5ZTI5YzU5ZGFkMzc5MmRiMTRkNDI5ZjYzOWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTI5vRDMh+EBmqVXo2Tbn8ryBaZ4
ZnTyN8MJRcHaI6U2x8qu4blG38mLkKPKzbAdSviUde6Tkss2P/6rLStX9Qhd4wiE
z2WQx4wJiUDC5JQkSsZepmMSoSnIJaHoTEbKuwXRPBCUA5fSbzjzqvsXNmcZFJyb
9HB3gY2JBk2ZPxbFbrZvz8V167RWWk7wJxCacsMdwjVHCMXNbzjR4rpBCVhjD/0n
+h6/lC3cMl6KtRIWWtTJBu26DvCeMUlHqtQAy7G9uqFKULUDR+cJ4FNkEjnz2HQt
4jH3kNR7hWu9LwWeO8scGyQowGTRmIIW1V6TX3mR6Qhl/sOo49dyFUGRswIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHoB0Z3PzJ4pxZ2tN5LbFNQp9jnOMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvZWdIUm5jX01uaW5GbmEwM2t0c1UxQ24yT2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwcBKhRnwaEo
AwcAKhRnwgUQAwcAKhRnwgV2AwcEKhRnwwAwAwcEKhRnwwGAAwcAKhRnw8r+AwcA
KhRnw+YiMA0GCSqGSIb3DQEBCwUAA4IBAQAQoIWVG1EAC042+Wa1ozEeZwH3IoXD
kgYwsY3Is6OWUdbCaQEkZ786Rp4Qi8A9YvbH0WMdaImTLVRJYTRhpH9m5ygf2JVD
5ZxsBRuB9peUt9sbC9n3IuOjB5dntIFLZDCNoCY7kcl+JBHV7Gq+A3rKeGoFQhve
Is+s/ibH/ncaDtARDFP2bE76Wn9SL8kIn04NwSIhTaT5lBTJ5TYjIxFHmLX0gOjJ
yBGl7Z5iuE5pJupRy3LWz7I6qAYG8UZEsNo2Js5N/6GJNai9+gXb7s4fLjVe7BmF
Q4GppNmiAfknoi6qVlGAbMENh2Q70XuvxfdR8158ibkkDn24EvgUriE7
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:47:35 2026 by rpki-client