
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/mNj5xv9nGXpe1PGynvCZZnjrBHA.roa
File: mNj5xv9nGXpe1PGynvCZZnjrBHA.roa (raw, json)
Hash identifier: TkkqknjW6haSUV3elF7SSi1mf8BrofgKNJO9r7Ncf54=
Subject key identifier: 98:D8:F9:C6:FF:67:19:7A:5E:D4:F1:B2:9E:F0:99:66:78:EB:04:70
Certificate issuer: /CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Certificate serial: 0199CD6D04D1578DD7DFC106B12211BD78B9
Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/mNj5xv9nGXpe1PGynvCZZnjrBHA.roa
Signing time: Fri 10 Oct 2025 09:21:37 +0000
ROA not before: Fri 10 Oct 2025 09:21:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 2003:5:200::/40 maxlen: 40
2003:8:4400::/48 maxlen: 48
2003:8:6400::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:cd:6d:04:d1:57:8d:d7:df:c1:06:b1:22:11:bd:78:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Validity
Not Before: Oct 10 09:21:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98d8f9c6ff67197a5ed4f1b29ef0996678eb0470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fb:8a:d3:4c:79:e8:72:26:2e:4c:4b:23:68:
fa:ef:1b:86:2c:11:02:df:74:de:35:65:09:db:e6:
05:14:c7:66:49:a7:56:3b:0d:f0:bc:2e:19:66:e2:
6d:bc:e0:da:9d:a3:38:32:98:da:7e:16:ed:ae:c3:
d3:ff:10:f6:1a:ec:01:13:da:2f:6a:bd:d6:4b:92:
16:0f:f9:5e:43:e0:b8:8f:5f:e3:b4:d1:f5:ab:5b:
ac:b4:82:f7:fb:cf:32:74:80:9b:ee:07:9a:61:b1:
c2:f2:54:1b:ba:bb:07:1a:e1:2e:42:8b:ab:76:49:
66:b0:87:25:97:41:ed:df:3e:cb:7f:42:23:10:a2:
4c:ac:93:02:88:c0:e9:0c:38:2d:5a:cf:11:bd:1b:
8e:03:48:1f:a3:46:9a:ea:3e:05:d3:42:b1:a9:84:
c9:22:9e:0e:d2:63:88:b8:98:cb:69:98:12:19:ad:
73:8f:b0:98:fb:96:2e:ec:ce:1b:47:11:47:07:22:
73:c1:1d:9a:b5:3a:f4:e0:91:0a:61:7e:44:fb:ce:
4a:c5:11:1a:e2:b4:29:6c:4e:d0:1f:62:3d:66:2a:
93:56:8b:22:b8:5d:6e:05:7c:27:35:17:f6:e3:da:
f8:b2:68:43:32:52:55:f8:33:69:31:38:1f:82:f3:
4b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D8:F9:C6:FF:67:19:7A:5E:D4:F1:B2:9E:F0:99:66:78:EB:04:70
X509v3 Authority Key Identifier:
keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/mNj5xv9nGXpe1PGynvCZZnjrBHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2003:5:200::/40
2003:8:4400::/48
2003:8:6400::/48
Signature Algorithm: sha256WithRSAEncryption
72:8b:9b:c2:4c:07:3e:2a:2a:d7:1d:b8:ff:cc:fe:2b:90:fd:
42:0a:52:a8:34:ee:d8:9f:c6:29:ba:93:5a:c0:d6:f3:e7:2f:
41:43:ba:bf:87:a3:fa:96:ba:94:71:9f:ef:6c:ee:4d:c4:92:
f8:d1:51:4a:95:80:65:bd:82:8f:93:6f:c8:f3:b7:91:fc:cf:
a6:ec:0d:44:ff:6e:4d:f7:ea:a3:1f:14:e4:5f:b2:b5:1a:6e:
80:97:bd:c7:cc:68:3f:4a:a0:05:45:94:18:56:5f:0e:b3:ba:
93:6c:c1:c1:36:46:20:b2:09:6c:f6:ae:5b:72:e6:c9:9a:3c:
d8:dd:82:d4:40:d3:c7:6f:75:78:01:71:9b:2c:6b:1d:a1:43:
de:d3:78:5c:51:13:31:c2:98:b9:fd:e2:6d:a8:38:bb:e7:96:
22:3d:0a:1b:5f:d4:88:5d:ec:02:ad:c3:e9:5c:bc:69:bd:81:
39:4c:96:81:be:f2:c6:68:b5:31:ac:20:c5:a9:bf:e2:0f:4b:
a3:10:a2:d9:a7:ee:e8:80:8e:e3:12:d1:49:aa:50:5e:cb:6d:
9f:50:ed:fd:44:98:40:b7:c1:cd:e6:f2:1f:2f:9f:af:a3:e5:
46:d8:e5:46:c7:bb:de:68:f1:a8:8b:22:c9:25:b5:e8:13:ff:
51:2b:0f:0e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZnNbQTRV43X38EGsSIRvXi5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDcxMDBlNzdlZDkxMTlkNjZlMjMyMWJiNjcxMWQ3ZTc2
MDk4MmIwHhcNMjUxMDEwMDkyMTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQ4ZjljNmZmNjcxOTdhNWVkNGYxYjI5ZWYwOTk2Njc4ZWIwNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPuK00x56HImLkxLI2j67xuGLBEC
33TeNWUJ2+YFFMdmSadWOw3wvC4ZZuJtvODanaM4MpjafhbtrsPT/xD2GuwBE9ov
ar3WS5IWD/leQ+C4j1/jtNH1q1ustIL3+88ydICb7geaYbHC8lQbursHGuEuQour
dklmsIcll0Ht3z7Lf0IjEKJMrJMCiMDpDDgtWs8RvRuOA0gfo0aa6j4F00KxqYTJ
Ip4O0mOIuJjLaZgSGa1zj7CY+5Yu7M4bRxFHByJzwR2atTr04JEKYX5E+85KxREa
4rQpbE7QH2I9ZiqTVosiuF1uBXwnNRf249r4smhDMlJV+DNpMTgfgvNLXwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFJjY+cb/Zxl6XtTxsp7wmWZ46wRwMB8GA1UdIwQY
MBaAFPrXEA537ZEZ1m4jIbtnEdfnYJgrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10Y1FEbmZ0a1JuV2JpTWh1MmNSMS1kZ21Dcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUy
LTc2YjBkZGEyYmYzZS8xL21OajV4djluR1hwZTFQR3ludkNaWm5qckJIQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUyLTc2YjBkZGEyYmYz
ZS8xLzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMwYIKwYBBQUHAQcBAf8EJDAiMCAEAgACMBoDBgAgAwAF
AgMHACADAAhEAAMHACADAAhkADANBgkqhkiG9w0BAQsFAAOCAQEAcoubwkwHPioq
1x24/8z+K5D9QgpSqDTu2J/GKbqTWsDW8+cvQUO6v4ej+pa6lHGf72zuTcSS+NFR
SpWAZb2Cj5NvyPO3kfzPpuwNRP9uTffqox8U5F+ytRpugJe9x8xoP0qgBUWUGFZf
DrO6k2zBwTZGILIJbPauW3LmyZo82N2C1EDTx291eAFxmyxrHaFD3tN4XFETMcKY
uf3ibag4u+eWIj0KG1/UiF3sAq3D6Vy8ab2BOUyWgb7yxmi1Mawgxam/4g9LoxCi
2afu6ICO4xLRSapQXsttn1Dt/USYQLfBzebyHy+fr6PlRtjlRse73mjxqIsiySW1
6BP/USsPDg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:24:51 2025 by rpki-client