Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/vz5otwweyeoXJ1juzrhd5zx5fxM.roa
File: vz5otwweyeoXJ1juzrhd5zx5fxM.roa (raw, json)
Hash identifier: sAmfW7LQj3VhRm8nuvheWbtcH6l9mURxovowDcfl+l8=
Subject key identifier: BF:3E:68:B7:0C:1E:C9:EA:17:27:58:EE:CE:B8:5D:E7:3C:79:7F:13
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 019E086C52336565365F07A39BF9221A44E2
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/vz5otwweyeoXJ1juzrhd5zx5fxM.roa
Signing time: Fri 08 May 2026 16:29:37 +0000
ROA not before: Fri 08 May 2026 16:29:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 2a14:67c1:b700::/40 maxlen: 48
2a14:67c1:b800::/40 maxlen: 48
2a14:67c1:c400::/40 maxlen: 48
2a14:67c2:1010::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 04:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:08:6c:52:33:65:65:36:5f:07:a3:9b:f9:22:1a:44:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: May 8 16:29:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bf3e68b70c1ec9ea172758eeceb85de73c797f13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:db:27:18:05:e7:d1:f8:6a:25:04:59:12:79:
c8:96:f4:48:2e:f3:88:1b:13:84:b9:c5:6e:71:37:
4a:00:4c:7d:b9:2e:19:13:c8:27:cc:49:62:ec:c5:
07:48:60:e0:ad:d9:83:8d:c5:3c:46:20:37:77:0b:
6c:7d:88:e1:62:6b:46:62:14:94:f4:b4:b2:97:16:
bd:c9:3e:72:88:83:9e:9b:52:d8:45:81:3b:05:0f:
60:6c:1b:d0:09:d2:dc:9b:59:e4:88:01:a2:e7:1e:
45:cb:98:70:08:f6:97:3c:0a:69:57:dd:6a:a4:f3:
d2:8b:be:b7:66:78:0e:d2:5e:d6:a9:24:ae:3a:81:
63:3a:d7:b0:50:4a:f3:e3:ef:c4:57:44:37:c7:b2:
e0:6b:ab:bd:4b:4a:50:7d:31:3a:7f:fd:b1:e3:26:
5c:a2:2a:80:61:33:eb:53:18:50:a3:eb:2f:ea:09:
79:11:88:65:84:ee:4c:9b:3c:66:e8:df:44:d8:ee:
c8:90:d2:c7:72:ed:0c:28:1a:2d:57:82:fe:c6:ac:
48:08:10:b5:54:fd:7c:54:b5:26:93:bb:2e:c4:24:
31:23:c2:40:24:3f:29:8e:e1:b3:ce:d0:5a:6d:a5:
8a:e0:bc:f2:22:87:ea:bb:72:86:8f:09:cf:de:8c:
6b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:3E:68:B7:0C:1E:C9:EA:17:27:58:EE:CE:B8:5D:E7:3C:79:7F:13
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/vz5otwweyeoXJ1juzrhd5zx5fxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:b700::-2a14:67c1:b8ff:ffff:ffff:ffff:ffff:ffff
2a14:67c1:c400::/40
2a14:67c2:1010::/48
Signature Algorithm: sha256WithRSAEncryption
61:9c:91:45:61:18:6a:a3:dd:07:a2:7c:1f:e4:cc:bc:d1:f2:
ff:07:8c:da:f5:7d:2a:08:07:74:5b:e8:6e:d3:37:b3:ea:c5:
ea:3d:db:e6:0d:d2:3d:1f:e9:a8:27:08:9c:b5:a0:77:9b:65:
6a:cf:7b:78:37:ff:e8:d9:68:84:bb:ab:6f:68:c2:61:a8:dd:
c4:17:a3:ac:82:0f:01:f7:f6:0f:eb:b2:41:41:ce:1a:df:10:
a2:73:df:1c:ee:30:0a:8d:3f:80:cb:da:02:a7:3d:da:31:f7:
e0:f1:e4:af:3f:7f:e3:1e:94:82:d9:8c:f9:d7:b0:63:03:92:
25:52:e6:91:e9:3e:6c:a3:c7:50:a5:06:01:c9:07:e5:12:49:
5a:e9:be:8e:db:a9:12:ed:7d:1f:0a:bd:00:41:7f:eb:88:32:
58:f0:25:9a:21:e0:c6:49:c8:68:78:06:b6:46:d7:4b:42:e4:
c5:3f:df:1c:da:40:59:47:a0:ba:b9:c1:71:d6:32:2e:3a:45:
9e:d1:49:bc:8f:05:5c:4e:d6:44:a6:31:9c:70:69:c7:0d:52:
73:72:96:d1:85:be:8f:b0:29:b8:9b:74:f9:f7:b5:54:81:c4:
2c:93:7a:20:ee:7b:da:ff:6b:43:6c:31:79:11:5b:75:91:76:
86:5f:29:9e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZ4IbFIzZWU2Xwejm/kiGkTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjYwNTA4MTYyOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjNlNjhiNzBjMWVjOWVhMTcyNzU4ZWVjZWI4NWRlNzNjNzk3ZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19snGAXn0fhqJQRZEnnIlvRILvOI
GxOEucVucTdKAEx9uS4ZE8gnzEli7MUHSGDgrdmDjcU8RiA3dwtsfYjhYmtGYhSU
9LSylxa9yT5yiIOem1LYRYE7BQ9gbBvQCdLcm1nkiAGi5x5Fy5hwCPaXPAppV91q
pPPSi763ZngO0l7WqSSuOoFjOtewUErz4+/EV0Q3x7Lga6u9S0pQfTE6f/2x4yZc
oiqAYTPrUxhQo+sv6gl5EYhlhO5Mmzxm6N9E2O7IkNLHcu0MKBotV4L+xqxICBC1
VP18VLUmk7suxCQxI8JAJD8pjuGzztBabaWK4LzyIofqu3KGjwnP3oxrXwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFL8+aLcMHsnqFydY7s64Xec8eX8TMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvdno1b3R3d2V5ZW9YSjFqdXpyaGQ1eng1ZnhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjMBADBgAqFGfB
twMGACoUZ8G4AwYAKhRnwcQDBwAqFGfCEBAwDQYJKoZIhvcNAQELBQADggEBAGGc
kUVhGGqj3QeifB/kzLzR8v8HjNr1fSoIB3Rb6G7TN7Pqxeo92+YN0j0f6agnCJy1
oHebZWrPe3g3/+jZaIS7q29owmGo3cQXo6yCDwH39g/rskFBzhrfEKJz3xzuMAqN
P4DL2gKnPdox9+Dx5K8/f+MelILZjPnXsGMDkiVS5pHpPmyjx1ClBgHJB+USSVrp
vo7bqRLtfR8KvQBBf+uIMljwJZoh4MZJyGh4BrZG10tC5MU/3xzaQFlHoLq5wXHW
Mi46RZ7RSbyPBVxO1kSmMZxwaccNUnNyltGFvo+wKbibdPn3tVSBxCyTeiDue9r/
a0NsMXkRW3WRdoZfKZ4=
-----END CERTIFICATE-----
Generated at Wed May 13 13:51:06 2026 by rpki-client