Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/mnhUWti65dw9z9cXtxuT6ZDP7Oo.roa
File: mnhUWti65dw9z9cXtxuT6ZDP7Oo.roa (raw, json)
Hash identifier: Dkz+4JsZrJYlGHvAg7b8s4ZyOYWbHhhBXNgchqILkkE=
Subject key identifier: 9A:78:54:5A:D8:BA:E5:DC:3D:CF:D7:17:B7:1B:93:E9:90:CF:EC:EA
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 019D27E2FABDE5FEE147669DF7EAAA43C797
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/mnhUWti65dw9z9cXtxuT6ZDP7Oo.roa
Signing time: Thu 26 Mar 2026 02:04:39 +0000
ROA not before: Thu 26 Mar 2026 02:04:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31898
IP address blocks: 2a14:67c1:a123::/48 maxlen: 48
2a14:67c1:a129::/48 maxlen: 48
2a14:67c1:c300::/40 maxlen: 48
2a14:67c1:c700::/48 maxlen: 48
2a14:67c2:3f0::/48 maxlen: 48
2a14:67c2:3f1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:e2:fa:bd:e5:fe:e1:47:66:9d:f7:ea:aa:43:c7:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Mar 26 02:04:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a78545ad8bae5dc3dcfd717b71b93e990cfecea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:a3:96:dd:5f:de:eb:e7:ec:60:4b:bd:9d:cc:
20:6a:46:46:e6:fc:34:4c:90:61:93:76:c1:0f:0e:
c6:63:e1:ba:04:18:ec:4f:28:0d:e5:4b:92:e8:26:
5c:79:4e:48:d7:df:83:7a:4e:43:af:80:dc:1a:78:
6c:8c:ac:20:df:0f:74:a8:28:64:7e:88:ac:36:4b:
13:fb:13:de:9f:9b:59:1f:ee:25:71:fb:7e:ef:68:
55:9b:ef:d5:cc:e6:aa:2a:8e:c4:5a:65:6c:cb:14:
cd:e5:41:ef:ea:d0:76:f6:1c:16:53:c4:8f:2e:28:
20:be:e7:1f:f4:11:4f:2f:c5:f4:97:cc:ea:be:ce:
a2:3b:cf:9c:de:e9:06:03:65:70:56:bd:78:b4:4e:
90:0d:61:87:00:9a:31:47:4a:60:cf:28:d1:6f:6e:
78:bb:59:8f:d3:a3:b0:d1:c7:73:05:74:3a:78:ee:
a9:17:42:f6:a6:7c:6b:5c:d1:db:92:79:08:97:86:
c8:c1:06:0b:00:6a:1e:29:90:b3:21:6b:9f:a4:64:
b3:dd:73:f4:7d:4e:36:8a:20:03:99:e7:2e:6b:fc:
53:fa:f9:e5:b3:55:52:ba:da:38:dd:59:7c:c0:f1:
f7:e5:e8:25:df:e5:c7:46:e8:a7:16:71:65:04:42:
cd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:78:54:5A:D8:BA:E5:DC:3D:CF:D7:17:B7:1B:93:E9:90:CF:EC:EA
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/mnhUWti65dw9z9cXtxuT6ZDP7Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:a123::/48
2a14:67c1:a129::/48
2a14:67c1:c300::/40
2a14:67c1:c700::/48
2a14:67c2:3f0::/47
Signature Algorithm: sha256WithRSAEncryption
4e:00:2a:2a:0b:58:f0:61:68:24:fe:dd:28:27:12:3c:83:b7:
07:19:e0:9a:d9:28:79:eb:68:78:4e:04:fb:47:e4:ea:08:9a:
22:2d:3e:88:08:4d:c3:34:ba:9c:0e:5d:2c:b0:97:38:49:ca:
f3:b0:6f:05:e9:86:43:56:81:93:18:60:cd:f2:92:2a:b1:70:
8b:fe:b8:87:48:35:ea:0b:2e:bc:0f:a7:e8:45:a2:55:09:69:
cd:25:6b:d2:9a:8b:4b:04:3f:05:6a:a0:f6:f8:52:a0:fc:dd:
7f:b6:95:8e:2f:46:2f:89:4c:d0:79:8c:d4:ff:10:b2:29:1b:
2c:2d:c2:e5:55:4b:76:71:a5:42:10:cf:96:b2:c0:6c:cd:a0:
35:ab:b9:dd:25:72:ff:85:38:cc:20:76:95:70:63:75:92:ae:
b0:80:ef:b7:ad:9a:3c:b8:aa:3e:3d:a2:1c:95:03:ac:3d:9e:
04:e8:1b:56:d9:62:94:3e:ba:be:6b:6c:f1:cf:95:80:13:39:
36:44:fb:a7:97:46:3a:b3:7b:a6:4f:03:e4:d8:29:c5:1d:ae:
39:26:0e:ba:2e:df:ee:73:8b:6f:2b:ae:5d:dc:9b:d0:f9:ae:
2d:ab:51:27:be:d1:e7:70:e0:5f:5b:98:14:2d:f4:71:4d:0c:
d6:19:ac:8b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ0n4vq95f7hR2ad9+qqQ8eXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjYwMzI2MDIwNDM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTc4NTQ1YWQ4YmFlNWRjM2RjZmQ3MTdiNzFiOTNlOTkwY2ZlY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9KOW3V/e6+fsYEu9ncwgakZG5vw0
TJBhk3bBDw7GY+G6BBjsTygN5UuS6CZceU5I19+Dek5Dr4DcGnhsjKwg3w90qChk
foisNksT+xPen5tZH+4lcft+72hVm+/VzOaqKo7EWmVsyxTN5UHv6tB29hwWU8SP
Liggvucf9BFPL8X0l8zqvs6iO8+c3ukGA2VwVr14tE6QDWGHAJoxR0pgzyjRb254
u1mP06Ow0cdzBXQ6eO6pF0L2pnxrXNHbknkIl4bIwQYLAGoeKZCzIWufpGSz3XP0
fU42iiADmecua/xT+vnls1VSuto43Vl8wPH35egl3+XHRuinFnFlBELNlwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJp4VFrYuuXcPc/XF7cbk+mQz+zqMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvbW5oVVd0aTY1ZHc5ejljWHR4dVQ2WkRQN09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAAjAsAwcAKhRnwaEj
AwcAKhRnwaEpAwYAKhRnwcMDBwAqFGfBxwADBwEqFGfCA/AwDQYJKoZIhvcNAQEL
BQADggEBAE4AKioLWPBhaCT+3SgnEjyDtwcZ4JrZKHnraHhOBPtH5OoImiItPogI
TcM0upwOXSywlzhJyvOwbwXphkNWgZMYYM3ykiqxcIv+uIdINeoLLrwPp+hFolUJ
ac0la9Kai0sEPwVqoPb4UqD83X+2lY4vRi+JTNB5jNT/ELIpGywtwuVVS3ZxpUIQ
z5aywGzNoDWrud0lcv+FOMwgdpVwY3WSrrCA77etmjy4qj49ohyVA6w9ngToG1bZ
YpQ+ur5rbPHPlYATOTZE+6eXRjqze6ZPA+TYKcUdrjkmDrou3+5zi28rrl3cm9D5
ri2rUSe+0edw4F9bmBQt9HFNDNYZrIs=
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:34:10 2026 by rpki-client