Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/mlzOGdXXBPGgr7rf_wH5u_-dcMM.roa
File: mlzOGdXXBPGgr7rf_wH5u_-dcMM.roa (raw, json)
Hash identifier: MWcRpRwa6NdgqZ1pSw9Z/IN6ZnlEEQoN5i8WXOp3tXo=
Subject key identifier: 9A:5C:CE:19:D5:D7:04:F1:A0:AF:BA:DF:FF:01:F9:BB:FF:9D:70:C3
Certificate issuer: /CN=94948e5f2fa04b222a6e96883b840f7124531556
Certificate serial: 019E2B6CBAD4F70623F62F406BF1C54B3CEF
Authority key identifier: 94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/mlzOGdXXBPGgr7rf_wH5u_-dcMM.roa
Signing time: Fri 15 May 2026 11:36:46 +0000
ROA not before: Fri 15 May 2026 11:36:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401776
IP address blocks: 2a05:9340::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2b:6c:ba:d4:f7:06:23:f6:2f:40:6b:f1:c5:4b:3c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94948e5f2fa04b222a6e96883b840f7124531556
Validity
Not Before: May 15 11:36:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a5cce19d5d704f1a0afbadfff01f9bbff9d70c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:09:aa:f5:62:44:7a:21:cb:ff:43:58:6e:bf:
61:7c:11:44:1e:d2:12:e6:54:ac:3d:d2:44:8a:b7:
a3:29:a2:a0:a2:b4:09:45:fd:34:8d:e5:de:22:fa:
b1:ba:a8:55:bd:dd:20:aa:35:59:f9:7b:db:f2:9d:
86:ee:2f:85:ba:41:62:d2:90:06:6e:ef:78:83:65:
ed:a2:cd:06:fd:4c:0d:23:a6:a5:e1:17:60:7d:cf:
11:f6:3b:90:b7:9f:e1:99:31:69:63:0f:39:d8:be:
02:23:d6:d8:ee:07:b4:f5:c3:97:73:d1:e0:cd:2f:
0d:aa:9c:eb:a3:14:1e:90:b5:4a:aa:2c:6c:dd:06:
17:5a:5f:40:55:9e:52:06:0c:10:ae:14:95:92:c5:
da:41:44:fc:8e:cf:17:65:d4:2f:bc:c8:f7:7c:98:
3b:30:14:50:34:2b:27:bf:2b:71:1e:34:ff:76:5d:
6f:e7:9d:49:32:51:84:9d:35:15:a7:95:3e:ee:6a:
ed:62:ef:15:33:f1:ae:cc:97:70:28:bf:29:ab:05:
78:0a:0b:9e:fe:dc:45:7d:7f:d3:8b:08:45:1b:29:
df:72:20:6f:3b:37:76:01:aa:7c:4b:69:c4:32:b5:
db:d3:1c:b2:79:08:93:74:99:c6:2e:8f:7e:b2:2d:
64:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:5C:CE:19:D5:D7:04:F1:A0:AF:BA:DF:FF:01:F9:BB:FF:9D:70:C3
X509v3 Authority Key Identifier:
keyid:94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/mlzOGdXXBPGgr7rf_wH5u_-dcMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9340::/29
Signature Algorithm: sha256WithRSAEncryption
8a:8a:1a:4d:a3:31:7f:39:37:0d:44:13:eb:34:11:d5:53:de:
57:06:89:d4:18:7f:6f:a5:8e:04:fc:dc:84:06:ce:10:b2:e7:
1d:2e:99:ac:6e:09:76:ef:b8:9a:11:9e:e1:ee:9d:9d:43:46:
32:3d:65:f9:2f:9d:af:8b:e1:da:21:89:bf:73:09:00:65:da:
4b:7f:0d:f3:fb:91:76:0b:e0:de:fa:fb:f5:64:f0:2d:e8:ba:
a7:19:31:09:d5:10:81:58:48:bd:95:20:7b:70:5a:79:b8:62:
d1:16:7b:f6:1b:87:69:9b:c0:da:c3:78:70:ac:21:a8:35:c0:
38:77:51:08:ce:f1:30:60:9d:95:5b:ac:1d:fa:d6:b2:e9:9c:
82:d2:ce:18:29:5d:f4:74:71:51:bb:69:f1:89:03:01:b2:4a:
28:84:23:04:fb:35:66:b4:dc:c6:bc:ae:8b:11:1d:48:d8:5a:
e8:dc:19:fa:6f:3e:89:85:13:73:04:5c:98:2d:45:f5:9e:3c:
ac:15:2f:93:0c:4a:73:06:35:09:31:32:6e:25:30:16:0d:f5:
db:45:db:9e:3b:3e:00:f8:3e:13:4a:ee:be:0e:aa:94:ff:2d:
aa:fd:07:30:fb:30:cb:56:13:32:fb:f2:31:a7:1a:90:35:f7:
40:60:e2:96
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ4rbLrU9wYj9i9Aa/HFSzzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTQ4ZTVmMmZhMDRiMjIyYTZlOTY4ODNiODQwZjcxMjQ1
MzE1NTYwHhcNMjYwNTE1MTEzNjQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTVjY2UxOWQ1ZDcwNGYxYTBhZmJhZGZmZjAxZjliYmZmOWQ3MGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQmq9WJEeiHL/0NYbr9hfBFEHtIS
5lSsPdJEirejKaKgorQJRf00jeXeIvqxuqhVvd0gqjVZ+Xvb8p2G7i+FukFi0pAG
bu94g2Xtos0G/UwNI6al4Rdgfc8R9juQt5/hmTFpYw852L4CI9bY7ge09cOXc9Hg
zS8NqpzroxQekLVKqixs3QYXWl9AVZ5SBgwQrhSVksXaQUT8js8XZdQvvMj3fJg7
MBRQNCsnvytxHjT/dl1v551JMlGEnTUVp5U+7mrtYu8VM/GuzJdwKL8pqwV4Cgue
/txFfX/TiwhFGynfciBvOzd2Aap8S2nEMrXb0xyyeQiTdJnGLo9+si1kHwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJpczhnV1wTxoK+63/8B+bv/nXDDMB8GA1UdIwQY
MBaAFJSUjl8voEsiKm6WiDuED3EkUxVWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODct
NjQxYjhlNjBkM2UyLzEvbWx6T0dkWFhCUEdncjdyZl93SDV1Xy1kY01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODctNjQxYjhlNjBkM2Uy
LzEvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgWTQDAN
BgkqhkiG9w0BAQsFAAOCAQEAiooaTaMxfzk3DUQT6zQR1VPeVwaJ1Bh/b6WOBPzc
hAbOELLnHS6ZrG4Jdu+4mhGe4e6dnUNGMj1l+S+dr4vh2iGJv3MJAGXaS38N8/uR
dgvg3vr79WTwLei6pxkxCdUQgVhIvZUge3Baebhi0RZ79huHaZvA2sN4cKwhqDXA
OHdRCM7xMGCdlVusHfrWsumcgtLOGCld9HRxUbtp8YkDAbJKKIQjBPs1ZrTcxryu
ixEdSNha6NwZ+m8+iYUTcwRcmC1F9Z48rBUvkwxKcwY1CTEybiUwFg3120Xbnjs+
APg+E0ruvg6qlP8tqv0HMPswy1YTMvvyMacakDX3QGDilg==
-----END CERTIFICATE-----
Generated at Mon May 25 07:14:35 2026 by rpki-client