Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Mn_hx8kkDfNbJk4kSVBQw7bE4_w.roa
File: Mn_hx8kkDfNbJk4kSVBQw7bE4_w.roa (raw, json)
Hash identifier: jPumL5Cf9GiISjqisZxFKQhVYsMI0/eAJgTE1gvF3ak=
Subject key identifier: 32:7F:E1:C7:C9:24:0D:F3:5B:26:4E:24:49:50:50:C3:B6:C4:E3:FC
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0199C73FE7B108B473A6ECE16BFF1FAEFED9
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Mn_hx8kkDfNbJk4kSVBQw7bE4_w.roa
Signing time: Thu 09 Oct 2025 04:34:38 +0000
ROA not before: Thu 09 Oct 2025 04:34:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 2a13:8580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 18:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c7:3f:e7:b1:08:b4:73:a6:ec:e1:6b:ff:1f:ae:fe:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Oct 9 04:34:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=327fe1c7c9240df35b264e24495050c3b6c4e3fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:90:06:3e:e9:ac:b1:1a:8d:df:9f:c3:ea:9f:
f0:89:6c:be:55:c0:66:05:99:e8:26:c6:26:2f:ec:
fb:f0:d2:0a:c1:0c:dd:63:9f:fd:48:5d:ec:d9:9c:
a1:df:40:26:fd:bb:e5:93:82:f6:27:cf:6a:b6:de:
84:aa:33:4c:af:be:84:a0:de:a2:60:de:8d:07:3a:
0b:80:aa:32:2b:1f:d1:aa:20:04:d6:35:2e:e9:9c:
b4:06:f5:25:17:6a:43:18:6e:c7:47:82:3b:e1:54:
09:cf:18:c2:db:c1:7d:5f:5a:eb:40:85:1f:53:77:
0a:22:a5:ca:98:7b:a2:94:95:33:d0:89:ab:79:07:
2f:49:58:66:d4:05:07:e0:51:69:a6:ea:df:1c:cf:
07:03:d5:00:44:a6:9a:6f:47:fa:b5:b3:47:57:84:
cf:1d:35:6d:65:92:e5:89:12:32:9f:63:cd:b7:de:
a5:87:df:0f:b8:bd:23:52:25:83:23:87:0f:a1:e4:
c2:f6:88:b4:3e:4f:65:6a:d4:81:08:7d:3d:49:c9:
0a:42:83:d6:02:dc:c1:3b:e7:c4:67:f2:19:53:8e:
3f:8d:1a:0c:11:df:74:72:ea:31:55:98:cf:4a:ff:
c9:ea:87:c6:1d:9d:c9:2b:38:7e:a7:52:81:5c:da:
e9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:7F:E1:C7:C9:24:0D:F3:5B:26:4E:24:49:50:50:C3:B6:C4:E3:FC
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Mn_hx8kkDfNbJk4kSVBQw7bE4_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:8580::/32
Signature Algorithm: sha256WithRSAEncryption
71:c7:48:5f:00:41:cc:00:dd:36:6d:29:3d:6d:5e:ce:ce:a3:
0e:df:e2:5b:84:e9:90:47:ee:d8:d9:56:b5:ac:d9:cd:3d:60:
50:28:6c:d8:59:67:3d:98:e7:3a:6b:17:2c:53:42:d3:17:ef:
a3:f5:39:b4:05:20:ff:83:59:7a:95:45:39:61:4a:f8:61:98:
50:c2:37:b6:bf:91:09:b7:58:5a:dd:b1:36:90:6e:72:5c:6e:
56:91:8d:74:14:5e:f4:6d:9d:0f:1e:7c:b1:a0:88:8a:c9:b8:
3f:4d:c3:ec:b3:41:5c:12:3e:54:e6:3b:74:61:fb:9e:3f:04:
a8:93:74:ee:d1:19:20:a0:59:7e:17:e6:26:f8:f3:21:07:ea:
8e:fd:2f:47:c2:8e:73:a2:e7:29:cb:c6:83:29:09:ec:67:43:
60:30:f6:49:54:07:70:a5:0f:72:19:97:4b:8a:47:70:e5:ac:
0a:ce:ba:14:eb:e8:d1:18:dc:0c:66:44:de:90:2b:95:e9:af:
c7:7e:a3:f6:25:97:e9:75:1d:2c:b1:7f:cc:4b:73:fa:57:ec:
7e:43:ea:df:7d:78:93:e8:54:50:62:65:27:51:d8:f1:be:0e:
e9:ea:05:78:0d:11:51:43:00:1f:02:cf:8d:8f:a3:9c:12:16:
14:43:dc:d7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZnHP+exCLRzpuzha/8frv7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUxMDA5MDQzNDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjdmZTFjN2M5MjQwZGYzNWIyNjRlMjQ0OTUwNTBjM2I2YzRlM2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15AGPumssRqN35/D6p/wiWy+VcBm
BZnoJsYmL+z78NIKwQzdY5/9SF3s2Zyh30Am/bvlk4L2J89qtt6EqjNMr76EoN6i
YN6NBzoLgKoyKx/RqiAE1jUu6Zy0BvUlF2pDGG7HR4I74VQJzxjC28F9X1rrQIUf
U3cKIqXKmHuilJUz0ImreQcvSVhm1AUH4FFppurfHM8HA9UARKaab0f6tbNHV4TP
HTVtZZLliRIyn2PNt96lh98PuL0jUiWDI4cPoeTC9oi0Pk9latSBCH09SckKQoPW
AtzBO+fEZ/IZU44/jRoMEd90cuoxVZjPSv/J6ofGHZ3JKzh+p1KBXNrpkwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDJ/4cfJJA3zWyZOJElQUMO2xOP8MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvTW5faHg4a2tEZk5iSms0a1NWQlF3N2JFNF93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhOFgDAN
BgkqhkiG9w0BAQsFAAOCAQEAccdIXwBBzADdNm0pPW1ezs6jDt/iW4TpkEfu2NlW
tazZzT1gUChs2FlnPZjnOmsXLFNC0xfvo/U5tAUg/4NZepVFOWFK+GGYUMI3tr+R
CbdYWt2xNpBuclxuVpGNdBRe9G2dDx58saCIism4P03D7LNBXBI+VOY7dGH7nj8E
qJN07tEZIKBZfhfmJvjzIQfqjv0vR8KOc6LnKcvGgykJ7GdDYDD2SVQHcKUPchmX
S4pHcOWsCs66FOvo0RjcDGZE3pArlemvx36j9iWX6XUdLLF/zEtz+lfsfkPq3314
k+hUUGJlJ1HY8b4O6eoFeA0RUUMAHwLPjY+jnBIWFEPc1w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:18:02 2025 by rpki-client