Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/3e46eb-1ee5-4d00-9f06-c976463b7e0c/1/mmEnZdJB5y2A5vx7a-IUKiFNSKo.roa
File: mmEnZdJB5y2A5vx7a-IUKiFNSKo.roa (raw, json)
Hash identifier: h0AxjH15fpWyphKp2ONrmBwWqI/VqO79cDpaG7xwPAs=
Subject key identifier: 9A:61:27:65:D2:41:E7:2D:80:E6:FC:7B:6B:E2:14:2A:21:4D:48:AA
Certificate issuer: /CN=45860ac3f2c82e762c71707e60760e33b9962e96
Certificate serial: 019CF7995F294DCEEC18358A5429704DF9D0
Authority key identifier: 45:86:0A:C3:F2:C8:2E:76:2C:71:70:7E:60:76:0E:33:B9:96:2E:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RYYKw_LILnYscXB-YHYOM7mWLpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/3e46eb-1ee5-4d00-9f06-c976463b7e0c/1/mmEnZdJB5y2A5vx7a-IUKiFNSKo.roa
Signing time: Mon 16 Mar 2026 17:02:29 +0000
ROA not before: Mon 16 Mar 2026 17:02:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206159
IP address blocks: 217.65.76.0/24 maxlen: 24
2a14:7880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/3e46eb-1ee5-4d00-9f06-c976463b7e0c/1/RYYKw_LILnYscXB-YHYOM7mWLpY.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/3e46eb-1ee5-4d00-9f06-c976463b7e0c/1/RYYKw_LILnYscXB-YHYOM7mWLpY.mft
rsync://rpki.ripe.net/repository/DEFAULT/RYYKw_LILnYscXB-YHYOM7mWLpY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 25 Mar 2026 14:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f7:99:5f:29:4d:ce:ec:18:35:8a:54:29:70:4d:f9:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45860ac3f2c82e762c71707e60760e33b9962e96
Validity
Not Before: Mar 16 17:02:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a612765d241e72d80e6fc7b6be2142a214d48aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b2:e3:cd:99:38:2d:f9:ef:44:29:06:d9:3d:
a9:15:a2:e6:7b:01:a5:51:62:65:57:0a:42:3b:6d:
84:20:4a:0f:fa:2d:31:74:a9:e3:69:43:ec:88:e0:
4f:ed:4a:97:95:d1:86:00:06:ec:ee:cf:21:4a:11:
c2:7a:a6:01:f0:fe:cb:33:aa:be:e9:02:cd:38:dc:
26:f0:99:b0:ed:f7:83:71:0f:40:b0:a8:eb:5a:db:
6b:45:48:44:12:7e:62:78:83:0d:3f:2a:66:88:da:
cc:70:57:29:f8:99:81:d2:72:5e:9e:bd:0d:ea:51:
e3:83:0c:f1:2e:3a:b9:c5:84:67:d8:97:e9:89:2a:
ce:9c:a1:96:1a:f9:5f:3b:e6:47:80:52:a6:41:8a:
bb:69:db:4f:58:16:ee:f4:dc:34:64:ac:c9:84:52:
a8:2d:7e:63:b8:cc:59:4e:2a:90:55:29:da:d4:f2:
1c:66:1d:33:50:a9:5f:15:3e:5c:3d:17:31:16:7f:
5f:14:fe:03:6f:61:4e:7f:6b:07:d8:d2:49:d5:c0:
5a:97:7c:1e:5c:6c:c4:24:a5:04:df:63:b6:5d:eb:
df:d7:33:61:76:98:e8:17:88:da:b8:d6:be:ea:4a:
de:c2:bd:37:77:e1:8f:be:be:fb:2a:7e:7a:97:66:
08:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:61:27:65:D2:41:E7:2D:80:E6:FC:7B:6B:E2:14:2A:21:4D:48:AA
X509v3 Authority Key Identifier:
keyid:45:86:0A:C3:F2:C8:2E:76:2C:71:70:7E:60:76:0E:33:B9:96:2E:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RYYKw_LILnYscXB-YHYOM7mWLpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3e46eb-1ee5-4d00-9f06-c976463b7e0c/1/mmEnZdJB5y2A5vx7a-IUKiFNSKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/3e46eb-1ee5-4d00-9f06-c976463b7e0c/1/RYYKw_LILnYscXB-YHYOM7mWLpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.65.76.0/24
IPv6:
2a14:7880::/32
Signature Algorithm: sha256WithRSAEncryption
a6:0d:f2:e8:a4:67:9d:3d:1d:52:13:2c:91:6b:8f:33:82:9c:
6c:d6:d9:ce:60:83:bb:8f:0b:73:ae:d3:98:5b:59:21:5c:e2:
2b:cf:34:1c:79:d9:32:de:2c:10:41:7d:fa:82:c0:f8:a2:53:
f6:b7:4e:71:52:5f:1f:39:aa:9c:a0:68:2a:bb:c8:30:46:39:
86:61:3d:d0:5c:fd:ac:11:32:39:25:de:51:8d:4b:9e:2f:66:
73:f1:cf:65:aa:eb:99:03:e9:a2:08:7f:2b:23:f1:f4:64:ae:
60:be:c6:f4:9f:c5:a4:5f:39:a1:9c:f1:da:97:d2:90:88:81:
88:2b:2f:c7:dc:ec:c4:cb:d1:5e:f3:a8:26:7a:d0:05:1b:e0:
c1:b2:9d:51:ef:51:4b:ee:b9:4c:3e:49:fe:9b:0e:f3:0a:8f:
ed:41:34:d8:b5:49:ca:cd:c9:ec:5c:e1:bd:c4:a7:25:4b:57:
b2:ff:4e:d5:19:4c:0b:bb:02:dc:95:58:ba:fd:f3:4d:1c:ca:
20:d5:4e:2b:ea:ce:cf:a1:44:b9:f1:11:10:67:e0:a6:1e:ef:
3b:85:0f:ff:88:f0:08:7c:f9:d9:4d:12:eb:0c:c6:c1:90:dd:
f5:62:95:7a:e5:6b:91:b1:c3:bf:26:5c:d5:62:9d:1e:78:9e:
c5:b7:6c:91
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZz3mV8pTc7sGDWKVClwTfnQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ODYwYWMzZjJjODJlNzYyYzcxNzA3ZTYwNzYwZTMzYjk5
NjJlOTYwHhcNMjYwMzE2MTcwMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTYxMjc2NWQyNDFlNzJkODBlNmZjN2I2YmUyMTQyYTIxNGQ0OGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7LjzZk4LfnvRCkG2T2pFaLmewGl
UWJlVwpCO22EIEoP+i0xdKnjaUPsiOBP7UqXldGGAAbs7s8hShHCeqYB8P7LM6q+
6QLNONwm8Jmw7feDcQ9AsKjrWttrRUhEEn5ieIMNPypmiNrMcFcp+JmB0nJenr0N
6lHjgwzxLjq5xYRn2JfpiSrOnKGWGvlfO+ZHgFKmQYq7adtPWBbu9Nw0ZKzJhFKo
LX5juMxZTiqQVSna1PIcZh0zUKlfFT5cPRcxFn9fFP4Db2FOf2sH2NJJ1cBal3we
XGzEJKUE32O2Xevf1zNhdpjoF4jauNa+6krewr03d+GPvr77Kn56l2YIYQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJphJ2XSQectgOb8e2viFCohTUiqMB8GA1UdIwQY
MBaAFEWGCsPyyC52LHFwfmB2DjO5li6WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUllZS3dfTElMbllzY1hCLVlIWU9NN21XTHBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zZTQ2ZWItMWVlNS00ZDAwLTlmMDYt
Yzk3NjQ2M2I3ZTBjLzEvbW1FblpkSkI1eTJBNXZ4N2EtSVVLaUZOU0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8zZTQ2ZWItMWVlNS00ZDAwLTlmMDYtYzk3NjQ2M2I3ZTBj
LzEvUllZS3dfTElMbllzY1hCLVlIWU9NN21XTHBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2UFMMA0E
AgACMAcDBQAqFHiAMA0GCSqGSIb3DQEBCwUAA4IBAQCmDfLopGedPR1SEyyRa48z
gpxs1tnOYIO7jwtzrtOYW1khXOIrzzQcedky3iwQQX36gsD4olP2t05xUl8fOaqc
oGgqu8gwRjmGYT3QXP2sETI5Jd5RjUueL2Zz8c9lquuZA+miCH8rI/H0ZK5gvsb0
n8WkXzmhnPHal9KQiIGIKy/H3OzEy9Fe86gmetAFG+DBsp1R71FL7rlMPkn+mw7z
Co/tQTTYtUnKzcnsXOG9xKclS1ey/07VGUwLuwLclVi6/fNNHMog1U4r6s7PoUS5
8REQZ+CmHu87hQ//iPAIfPnZTRLrDMbBkN31YpV65WuRscO/JlzVYp0eeJ7Ft2yR
-----END CERTIFICATE-----
Generated at Tue Mar 24 21:01:04 2026 by rpki-client