Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/qzOhEMjt0ER_QeMmWb_aSnbGqDs.roa
File: qzOhEMjt0ER_QeMmWb_aSnbGqDs.roa (raw, json)
Hash identifier: ct6/7wueiN1cFlvuwHbO2g9uKG/7TkLJNxOWY9ajqoc=
Subject key identifier: AB:33:A1:10:C8:ED:D0:44:7F:41:E3:26:59:BF:DA:4A:76:C6:A8:3B
Certificate issuer: /CN=33b65a8baeba4ff621492ebee6fc1e88adb21b03
Certificate serial: 019E1B9B3403B3984069CBE23F0BFB62E858
Authority key identifier: 33:B6:5A:8B:AE:BA:4F:F6:21:49:2E:BE:E6:FC:1E:88:AD:B2:1B:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/qzOhEMjt0ER_QeMmWb_aSnbGqDs.roa
Signing time: Tue 12 May 2026 09:53:36 +0000
ROA not before: Tue 12 May 2026 09:53:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213622
IP address blocks: 2a14:9d00::/29 maxlen: 29
2a14:9d07::/44 maxlen: 44
2a14:9d07:100::/44 maxlen: 44
2a14:9d07:110::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1b:9b:34:03:b3:98:40:69:cb:e2:3f:0b:fb:62:e8:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b65a8baeba4ff621492ebee6fc1e88adb21b03
Validity
Not Before: May 12 09:53:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ab33a110c8edd0447f41e32659bfda4a76c6a83b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ef:fb:98:93:4a:da:d6:a9:88:b5:2b:04:68:
d3:da:17:c3:9c:c9:db:c2:46:43:8d:a1:69:ad:69:
45:b8:0f:b0:9f:66:d4:ab:de:ac:92:7f:69:85:eb:
a3:a7:d1:f9:53:d6:9d:71:04:07:2d:e3:e7:bd:9a:
28:7a:79:8e:0f:9d:12:4b:21:97:8c:55:73:7e:80:
6c:f5:3c:de:9c:21:c5:52:00:fe:1a:9f:6f:16:e7:
fc:5a:99:48:58:8c:a8:4d:2b:5f:44:b8:fd:3c:d1:
02:73:8f:b9:af:1d:34:c1:16:6c:e9:b7:98:5b:e3:
b2:2b:e0:eb:24:7f:0c:b9:55:00:c2:16:62:f9:84:
85:8c:65:92:fd:6f:c4:06:24:47:0f:ee:ec:76:91:
e1:66:31:99:a5:77:02:d1:ef:ea:6d:77:ae:e3:b4:
4f:dc:80:88:a1:7b:a0:42:74:ba:55:f2:a2:31:35:
1e:7c:06:c6:f9:07:1a:a8:e8:92:9d:44:8e:df:e5:
26:ab:01:b4:73:7c:7d:0b:02:dc:c1:ed:e6:ae:83:
f1:4e:98:3d:53:45:d4:85:a4:95:20:3d:e3:bd:ca:
90:bb:b5:cb:44:6d:21:49:20:3c:95:ab:8d:a7:56:
ec:01:5a:d6:68:26:98:fc:da:70:2a:6f:ee:ea:6b:
f8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:33:A1:10:C8:ED:D0:44:7F:41:E3:26:59:BF:DA:4A:76:C6:A8:3B
X509v3 Authority Key Identifier:
keyid:33:B6:5A:8B:AE:BA:4F:F6:21:49:2E:BE:E6:FC:1E:88:AD:B2:1B:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/qzOhEMjt0ER_QeMmWb_aSnbGqDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:9d00::/29
Signature Algorithm: sha256WithRSAEncryption
6f:c3:40:6c:f8:a0:11:51:07:7f:b5:b4:13:27:0b:9d:c7:da:
b6:f1:1d:b1:8a:cd:5b:6d:5a:19:d2:b9:c5:71:0d:6a:60:ae:
52:d9:9b:3c:07:d8:62:1b:ba:c5:80:09:37:9b:7d:6c:df:9f:
af:2e:76:fe:b4:6b:4e:2e:32:6f:20:17:44:25:6e:78:db:91:
d8:85:1d:ee:2d:ac:ae:63:10:b3:df:58:b6:44:fc:1f:86:fe:
1e:a5:41:91:5d:f4:d6:b1:32:fc:04:38:a9:03:2c:9e:e3:07:
31:e5:06:d6:c4:51:d0:0e:1f:ee:8e:31:29:b2:13:b5:de:1a:
61:30:dc:12:38:1f:1f:5f:ea:a8:5c:2c:14:6d:6d:a1:4c:94:
43:4c:8d:a2:38:9f:8c:83:f1:67:56:45:4b:ba:db:49:e4:72:
94:24:73:0a:3d:98:4a:22:94:e8:fc:1e:4f:9f:ee:17:f4:ba:
48:c5:42:16:68:c0:f0:93:e4:df:c8:0d:65:9f:ae:fa:00:46:
c8:2f:12:6d:22:4b:8f:c6:07:07:e8:8a:83:17:d0:14:ae:15:
77:f0:e4:1e:55:d7:84:20:9f:fa:07:bf:48:cf:e8:b4:10:1a:
13:b3:38:47:42:5e:96:39:19:1b:35:bd:0d:39:e4:da:79:c5:
03:72:59:fb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ4bmzQDs5hAacviPwv7YuhYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYjY1YThiYWViYTRmZjYyMTQ5MmViZWU2ZmMxZTg4YWRi
MjFiMDMwHhcNMjYwNTEyMDk1MzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjMzYTExMGM4ZWRkMDQ0N2Y0MWUzMjY1OWJmZGE0YTc2YzZhODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue/7mJNK2tapiLUrBGjT2hfDnMnb
wkZDjaFprWlFuA+wn2bUq96skn9pheujp9H5U9adcQQHLePnvZooenmOD50SSyGX
jFVzfoBs9TzenCHFUgD+Gp9vFuf8WplIWIyoTStfRLj9PNECc4+5rx00wRZs6beY
W+OyK+DrJH8MuVUAwhZi+YSFjGWS/W/EBiRHD+7sdpHhZjGZpXcC0e/qbXeu47RP
3ICIoXugQnS6VfKiMTUefAbG+QcaqOiSnUSO3+UmqwG0c3x9CwLcwe3mroPxTpg9
U0XUhaSVID3jvcqQu7XLRG0hSSA8lauNp1bsAVrWaCaY/NpwKm/u6mv4cQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFKszoRDI7dBEf0HjJlm/2kp2xqg7MB8GA1UdIwQY
MBaAFDO2Wouuuk/2IUkuvub8HoitshsDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hYWJjNmMtMDQ1Ni00OTM1LWE0Njkt
ZDU0NzE4NTUxMmRlLzEvcXpPaEVNanQwRVJfUWVNbVdiX2FTbmJHcURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9hYWJjNmMtMDQ1Ni00OTM1LWE0NjktZDU0NzE4NTUxMmRl
LzEvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhSdADAN
BgkqhkiG9w0BAQsFAAOCAQEAb8NAbPigEVEHf7W0EycLncfatvEdsYrNW21aGdK5
xXENamCuUtmbPAfYYhu6xYAJN5t9bN+fry52/rRrTi4ybyAXRCVueNuR2IUd7i2s
rmMQs99YtkT8H4b+HqVBkV301rEy/AQ4qQMsnuMHMeUG1sRR0A4f7o4xKbITtd4a
YTDcEjgfH1/qqFwsFG1toUyUQ0yNojifjIPxZ1ZFS7rbSeRylCRzCj2YSiKU6Pwe
T5/uF/S6SMVCFmjA8JPk38gNZZ+u+gBGyC8SbSJLj8YHB+iKgxfQFK4Vd/DkHlXX
hCCf+ge/SM/otBAaE7M4R0JeljkZGzW9DTnk2nnFA3JZ+w==
-----END CERTIFICATE-----
Generated at Wed May 13 05:58:08 2026 by rpki-client