Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/MgL0OQp-NkJEsEhgBbWKHQaYiRk.roa
File: MgL0OQp-NkJEsEhgBbWKHQaYiRk.roa (raw, json)
Hash identifier: 0eIjMvlIVs+mqx6EmYHn+r5UDXgiXXmM2Eg3N0WV2Mk=
Subject key identifier: 32:02:F4:39:0A:7E:36:42:44:B0:48:60:05:B5:8A:1D:06:98:89:19
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019DDD220D1203D39B594D7B501516235EF8
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/MgL0OQp-NkJEsEhgBbWKHQaYiRk.roa
Signing time: Thu 30 Apr 2026 06:44:49 +0000
ROA not before: Thu 30 Apr 2026 06:44:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401776
IP address blocks: 2a0c:a580::/29 maxlen: 29
2a11:1600::/29 maxlen: 29
2a12:9f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 03 May 2026 02:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:dd:22:0d:12:03:d3:9b:59:4d:7b:50:15:16:23:5e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 30 06:44:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3202f4390a7e364244b0486005b58a1d06988919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:44:a3:d3:3b:2c:ff:d1:3f:99:4a:c7:32:0f:
f6:19:c1:2d:c0:ca:b1:5a:eb:a5:c9:e5:39:e8:5f:
d5:86:a6:b1:0c:54:2d:d5:f6:dd:0a:4b:1e:22:38:
90:96:f9:2c:f0:51:a0:46:00:d2:74:20:91:70:ae:
9d:40:e5:ae:2e:d3:d3:a3:d0:8e:8c:21:a0:00:eb:
38:b8:94:a5:e6:20:44:34:51:4a:53:07:6f:ff:5e:
5c:34:c8:6a:10:88:01:b6:5e:d2:3b:71:94:9a:90:
77:75:c9:67:42:e3:6b:9f:5e:48:33:c1:8e:28:e0:
cd:a6:0c:ac:c5:49:c3:6f:3c:6e:e1:c5:0d:47:8f:
73:2c:e7:d6:b5:9b:59:97:f3:f4:2d:b1:d1:44:1e:
43:b4:25:0a:ee:80:f4:1c:4b:98:b2:6e:09:b6:df:
80:b9:dd:d4:82:01:f4:e0:84:4f:ec:29:cd:04:5e:
b6:d1:cd:d2:02:28:53:82:4e:50:8c:64:7b:53:2a:
4e:1f:3a:44:d2:72:f3:0f:e4:42:73:0f:c3:2a:bb:
fe:ab:e6:48:7a:73:f2:0a:68:a4:ec:47:21:c7:ee:
b5:ba:b7:47:78:7a:22:4f:f1:b7:b6:cc:a3:3a:97:
89:9e:eb:f9:4d:78:d2:c4:01:b3:b9:3e:cf:65:aa:
2a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:02:F4:39:0A:7E:36:42:44:B0:48:60:05:B5:8A:1D:06:98:89:19
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/MgL0OQp-NkJEsEhgBbWKHQaYiRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:a580::/29
2a11:1600::/29
2a12:9f00::/29
Signature Algorithm: sha256WithRSAEncryption
ad:08:fe:de:fb:c8:4b:e5:e7:06:e5:3e:c7:5c:3d:40:07:44:
fe:5f:a2:89:24:46:5b:e0:e5:84:e2:4d:2c:d6:7a:c3:84:e9:
62:a6:89:e6:13:18:c2:95:af:a3:ef:54:0d:77:56:f0:39:a4:
53:21:07:a5:41:9e:d2:db:54:72:31:64:e0:4c:7b:5a:3c:5a:
94:65:54:68:15:6b:4b:d0:75:31:19:07:fd:57:f0:d9:3f:99:
b3:d1:c8:de:92:0e:62:0a:7a:85:29:bb:10:42:78:01:49:85:
29:7a:23:6a:9d:77:64:00:31:08:31:81:1e:4e:65:06:69:79:
76:57:18:74:c7:01:79:40:23:17:88:6f:ad:fa:ba:87:77:b6:
4c:16:5b:09:21:43:ac:73:3e:ba:eb:b5:6f:fc:37:09:13:3c:
da:9f:43:92:6b:ea:7e:64:23:47:e3:94:5d:72:63:48:e5:6f:
99:26:54:eb:76:91:a4:17:b5:e6:07:30:83:30:c9:0c:3e:1c:
ff:df:73:58:1e:bf:e2:1a:9b:da:41:93:f8:e2:e7:18:6c:fe:
2b:61:49:a1:2e:7d:f2:83:bb:55:3e:05:fb:77:e1:67:d6:74:
3f:51:73:91:97:cc:f2:0f:68:86:f2:d7:44:17:32:cd:86:a9:
af:8b:50:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ3dIg0SA9ObWU17UBUWI174MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjYwNDMwMDY0NDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjAyZjQzOTBhN2UzNjQyNDRiMDQ4NjAwNWI1OGExZDA2OTg4OTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkSj0zss/9E/mUrHMg/2GcEtwMqx
WuulyeU56F/VhqaxDFQt1fbdCkseIjiQlvks8FGgRgDSdCCRcK6dQOWuLtPTo9CO
jCGgAOs4uJSl5iBENFFKUwdv/15cNMhqEIgBtl7SO3GUmpB3dclnQuNrn15IM8GO
KODNpgysxUnDbzxu4cUNR49zLOfWtZtZl/P0LbHRRB5DtCUK7oD0HEuYsm4Jtt+A
ud3UggH04IRP7CnNBF620c3SAihTgk5QjGR7UypOHzpE0nLzD+RCcw/DKrv+q+ZI
enPyCmik7Echx+61urdHeHoiT/G3tsyjOpeJnuv5TXjSxAGzuT7PZaoqHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDIC9DkKfjZCRLBIYAW1ih0GmIkZMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvTWdMME9RcC1Oa0pFc0VoZ0JiV0tIUWFZaVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUDKgylgAMF
AyoRFgADBQMqEp8AMA0GCSqGSIb3DQEBCwUAA4IBAQCtCP7e+8hL5ecG5T7HXD1A
B0T+X6KJJEZb4OWE4k0s1nrDhOliponmExjCla+j71QNd1bwOaRTIQelQZ7S21Ry
MWTgTHtaPFqUZVRoFWtL0HUxGQf9V/DZP5mz0cjekg5iCnqFKbsQQngBSYUpeiNq
nXdkADEIMYEeTmUGaXl2Vxh0xwF5QCMXiG+t+rqHd7ZMFlsJIUOscz6667Vv/DcJ
Ezzan0OSa+p+ZCNH45RdcmNI5W+ZJlTrdpGkF7XmBzCDMMkMPhz/33NYHr/iGpva
QZP44ucYbP4rYUmhLn3yg7tVPgX7d+Fn1nQ/UXORl8zyD2iG8tdEFzLNhqmvi1Ar
-----END CERTIFICATE-----
Generated at Sat May 2 09:31:38 2026 by rpki-client