Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/6b21d4-3287-4d35-82d5-11e12f95b529/1/M3cij6CcBvj7hcRt6vLnIO0jqfM.roa
File: M3cij6CcBvj7hcRt6vLnIO0jqfM.roa (raw, json)
Hash identifier: Nx+0gfLrWoVhxt8BGvvUFMWp0qwsFwKGJrVnSSE/5Yo=
Subject key identifier: 33:77:22:8F:A0:9C:06:F8:FB:85:C4:6D:EA:F2:E7:20:ED:23:A9:F3
Certificate issuer: /CN=07664130764480ef2dd8178116b5dd0c59d2e994
Certificate serial: 019D2571A8D033C1B90133F128DC05ACE671
Authority key identifier: 07:66:41:30:76:44:80:EF:2D:D8:17:81:16:B5:DD:0C:59:D2:E9:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B2ZBMHZEgO8t2BeBFrXdDFnS6ZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/6b21d4-3287-4d35-82d5-11e12f95b529/1/M3cij6CcBvj7hcRt6vLnIO0jqfM.roa
Signing time: Wed 25 Mar 2026 14:41:38 +0000
ROA not before: Wed 25 Mar 2026 14:41:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214476
IP address blocks: 5.182.62.0/24 maxlen: 32
2a01:e000::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/6b21d4-3287-4d35-82d5-11e12f95b529/1/B2ZBMHZEgO8t2BeBFrXdDFnS6ZQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/6b21d4-3287-4d35-82d5-11e12f95b529/1/B2ZBMHZEgO8t2BeBFrXdDFnS6ZQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/B2ZBMHZEgO8t2BeBFrXdDFnS6ZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 14:41:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:71:a8:d0:33:c1:b9:01:33:f1:28:dc:05:ac:e6:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07664130764480ef2dd8178116b5dd0c59d2e994
Validity
Not Before: Mar 25 14:41:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3377228fa09c06f8fb85c46deaf2e720ed23a9f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:47:d8:6f:79:89:71:28:bc:e8:35:93:93:10:
21:87:35:63:38:de:06:a1:07:c5:21:cb:ef:95:02:
ec:f7:28:6a:00:56:69:36:82:b7:90:5d:68:31:e5:
87:c5:39:7e:e5:9b:39:a5:df:68:f1:aa:8e:ef:dc:
1b:23:8f:3f:ee:29:57:2a:95:78:01:63:8a:93:79:
f1:e3:ce:8a:d1:18:bd:fe:be:86:2c:97:3d:f4:d0:
eb:85:c0:9f:fe:7d:0c:57:d3:ec:7a:54:54:c0:92:
a9:84:52:54:e8:7b:f2:22:2a:8c:6e:d2:cb:21:1f:
8f:d1:47:c9:1e:95:e7:0c:bb:f6:5d:67:00:55:3b:
5a:93:85:ee:48:b3:8e:54:6e:21:06:93:e8:e5:e0:
e7:e4:4d:8a:ec:a7:e1:e3:c6:22:ca:f5:fa:fa:30:
bb:e4:e9:72:40:04:02:9f:4e:63:14:00:fa:fe:d6:
14:14:fd:02:48:5f:c2:6b:4d:d5:b6:da:2b:ba:3a:
f6:f7:56:86:fc:c3:8c:ff:86:89:17:1a:08:e7:a5:
f9:1e:24:5f:6d:97:d3:30:b1:7e:f1:19:86:dd:92:
71:3d:dd:4d:f5:2a:65:de:1d:5a:73:91:27:0c:b2:
98:d2:3f:2e:06:6b:b3:70:30:e1:bb:11:1e:26:69:
f0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:77:22:8F:A0:9C:06:F8:FB:85:C4:6D:EA:F2:E7:20:ED:23:A9:F3
X509v3 Authority Key Identifier:
keyid:07:66:41:30:76:44:80:EF:2D:D8:17:81:16:B5:DD:0C:59:D2:E9:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B2ZBMHZEgO8t2BeBFrXdDFnS6ZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6b21d4-3287-4d35-82d5-11e12f95b529/1/M3cij6CcBvj7hcRt6vLnIO0jqfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6b21d4-3287-4d35-82d5-11e12f95b529/1/B2ZBMHZEgO8t2BeBFrXdDFnS6ZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.62.0/24
IPv6:
2a01:e000::/29
Signature Algorithm: sha256WithRSAEncryption
74:4b:17:97:a1:79:89:3e:f5:2f:49:19:4b:7d:bd:de:f1:27:
74:5f:c5:73:5a:4d:84:fa:86:92:07:34:f1:89:6f:ea:cf:43:
71:5c:1f:98:3a:d0:69:3d:0a:00:68:dc:5d:3d:62:aa:3e:6d:
fd:8e:00:e5:7a:1e:9c:e6:4c:b6:87:31:f7:c0:50:ae:28:1b:
83:49:bc:ed:d9:eb:3b:87:50:cc:d6:1d:c5:4a:c2:1d:8c:20:
bc:e1:69:05:77:0a:ed:bd:58:80:7a:06:f6:36:85:a9:38:bf:
ff:99:39:34:d2:6f:70:31:5e:e8:ba:9f:16:0d:da:2f:86:fb:
35:ab:b6:6b:01:f1:9d:5e:53:e9:af:7d:3a:e5:59:9b:a5:17:
9e:48:e8:39:21:c3:85:91:2c:61:f5:33:c7:52:ea:b6:87:37:
f5:93:6d:35:23:27:2d:d8:95:39:56:8c:7e:c7:ba:9c:6f:b5:
3f:49:8d:ec:66:32:4f:3a:ca:01:3d:13:cb:64:ea:69:f5:ee:
66:a5:3b:9d:b2:18:2d:d9:cc:66:a0:6b:15:aa:6e:13:91:18:
80:60:e9:4f:42:c3:f6:12:57:9c:89:22:61:d0:59:21:1e:d0:
0b:de:80:28:f5:29:88:52:67:00:64:2b:13:2c:e6:1a:82:ab:
fd:f3:e9:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ0lcajQM8G5ATPxKNwFrOZxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NjY0MTMwNzY0NDgwZWYyZGQ4MTc4MTE2YjVkZDBjNTlk
MmU5OTQwHhcNMjYwMzI1MTQ0MTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzc3MjI4ZmEwOWMwNmY4ZmI4NWM0NmRlYWYyZTcyMGVkMjNhOWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0fYb3mJcSi86DWTkxAhhzVjON4G
oQfFIcvvlQLs9yhqAFZpNoK3kF1oMeWHxTl+5Zs5pd9o8aqO79wbI48/7ilXKpV4
AWOKk3nx486K0Ri9/r6GLJc99NDrhcCf/n0MV9PselRUwJKphFJU6HvyIiqMbtLL
IR+P0UfJHpXnDLv2XWcAVTtak4XuSLOOVG4hBpPo5eDn5E2K7Kfh48YiyvX6+jC7
5OlyQAQCn05jFAD6/tYUFP0CSF/Ca03Vttorujr291aG/MOM/4aJFxoI56X5HiRf
bZfTMLF+8RmG3ZJxPd1N9Spl3h1ac5EnDLKY0j8uBmuzcDDhuxEeJmnw/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDN3Io+gnAb4+4XEbery5yDtI6nzMB8GA1UdIwQY
MBaAFAdmQTB2RIDvLdgXgRa13QxZ0umUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjJaQk1IWkVnTzh0MkJlQkZyWGRERm5TNlpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82YjIxZDQtMzI4Ny00ZDM1LTgyZDUt
MTFlMTJmOTViNTI5LzEvTTNjaWo2Q2NCdmo3aGNSdDZ2TG5JTzBqcWZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82YjIxZDQtMzI4Ny00ZDM1LTgyZDUtMTFlMTJmOTViNTI5
LzEvQjJaQk1IWkVnTzh0MkJlQkZyWGRERm5TNlpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQABbY+MA0E
AgACMAcDBQMqAeAAMA0GCSqGSIb3DQEBCwUAA4IBAQB0SxeXoXmJPvUvSRlLfb3e
8Sd0X8VzWk2E+oaSBzTxiW/qz0NxXB+YOtBpPQoAaNxdPWKqPm39jgDleh6c5ky2
hzH3wFCuKBuDSbzt2es7h1DM1h3FSsIdjCC84WkFdwrtvViAegb2NoWpOL//mTk0
0m9wMV7oup8WDdovhvs1q7ZrAfGdXlPpr3065VmbpReeSOg5IcOFkSxh9TPHUuq2
hzf1k201Iyct2JU5Vox+x7qcb7U/SY3sZjJPOsoBPRPLZOpp9e5mpTudshgt2cxm
oGsVqm4TkRiAYOlPQsP2EleciSJh0FkhHtAL3oAo9SmIUmcAZCsTLOYagqv98+n1
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:17:56 2026 by rpki-client