Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mzHswtmWzzSNpmU6xeDVuS38mf4.roa
File: mzHswtmWzzSNpmU6xeDVuS38mf4.roa (raw, json)
Hash identifier: U9sTjRPDSxbdP5Tz9xrfIjICL7kCcuP9J3hcrxYVxz0=
Subject key identifier: 9B:31:EC:C2:D9:96:CF:34:8D:A6:65:3A:C5:E0:D5:B9:2D:FC:99:FE
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019EB51FABB7041BD8C8C49F62031396EA69
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mzHswtmWzzSNpmU6xeDVuS38mf4.roa
Signing time: Thu 11 Jun 2026 05:20:12 +0000
ROA not before: Thu 11 Jun 2026 05:20:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213449
IP address blocks: 5.175.170.0/24 maxlen: 24
89.144.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b5:1f:ab:b7:04:1b:d8:c8:c4:9f:62:03:13:96:ea:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 11 05:20:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9b31ecc2d996cf348da6653ac5e0d5b92dfc99fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:bf:ab:5a:bc:e7:5e:3a:68:dd:5e:7e:39:ec:
d4:3c:1f:b1:c1:b9:1f:b0:4c:82:34:58:1c:44:ad:
01:00:6e:5b:c9:a8:66:fc:b7:02:e6:4a:ac:bb:ae:
b2:d3:11:5c:8a:ee:36:03:9f:c7:36:79:2a:63:c8:
d2:b5:10:ae:21:50:45:dc:53:6a:b2:c3:47:aa:6e:
a3:af:21:88:c5:3f:2c:46:50:2e:4c:e8:b8:f7:63:
64:8c:37:a2:b0:0e:de:8a:b2:6b:11:d0:a3:72:b7:
36:f0:17:84:2a:ff:43:0d:43:af:20:7a:fc:e2:7f:
70:eb:7f:1d:78:64:7e:5f:be:d4:cf:1d:de:38:ee:
39:88:fc:9c:01:dd:31:a3:72:57:52:12:b6:14:85:
c2:93:45:87:86:a9:6c:49:4b:3f:04:c7:7c:74:15:
9f:b7:e6:e0:8b:a5:e2:bd:33:e2:99:e9:7d:65:cd:
c1:f2:0f:05:1a:4a:c9:df:79:ad:33:51:3b:cc:fb:
cd:a0:23:ae:24:61:c0:24:18:a2:cf:45:e9:43:92:
79:5b:92:99:fc:44:08:9d:9e:ed:78:d0:44:08:80:
1a:79:18:de:80:70:b4:dc:97:37:5a:0f:5a:be:1c:
75:6a:6d:98:dd:c6:7d:8b:30:1a:3a:2a:09:cd:9f:
83:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:31:EC:C2:D9:96:CF:34:8D:A6:65:3A:C5:E0:D5:B9:2D:FC:99:FE
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mzHswtmWzzSNpmU6xeDVuS38mf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.170.0/24
89.144.63.0/24
Signature Algorithm: sha256WithRSAEncryption
75:1d:36:93:47:b5:f2:0b:86:79:ad:c5:1f:68:39:a4:7b:ff:
b5:ea:4e:1b:7d:d1:fd:b0:b9:44:3b:d5:22:be:15:82:bf:76:
ac:00:d3:2e:bd:2e:8a:29:1e:1d:8e:ea:8f:8f:a2:80:f1:d8:
29:7b:24:4b:55:21:f5:c5:29:36:ab:a0:7c:b8:dc:83:cb:f8:
22:e9:39:17:b2:14:d7:82:83:ec:5b:6b:8d:c4:b7:d4:71:eb:
2c:96:85:43:cc:c6:83:7f:b7:eb:85:6f:54:af:88:06:cd:75:
92:7a:f4:9c:1a:ba:5b:d6:64:0b:2a:6b:6a:2a:96:aa:2b:25:
29:56:c7:8e:c1:d4:59:8c:a3:e9:5a:77:cb:61:e8:1e:c8:cf:
79:32:5d:28:25:a4:3c:a6:77:db:3a:dc:d0:67:31:15:b1:57:
25:61:0d:1c:8b:40:a1:d8:2d:aa:b3:51:a3:2f:cd:cf:57:06:
7f:34:e2:34:95:e8:a7:ec:f3:24:92:8d:79:98:b5:78:63:5e:
51:1c:d9:75:e6:28:6e:7d:e5:02:77:e6:56:55:7f:c5:be:fa:
3a:ff:94:79:5c:26:76:b6:38:e9:c1:ec:2b:a1:78:bc:2e:8e:
ad:c9:fd:31:a3:02:6c:85:54:92:09:f9:10:34:b2:1c:21:42:
58:36:4f:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ61H6u3BBvYyMSfYgMTluppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNjExMDUyMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjMxZWNjMmQ5OTZjZjM0OGRhNjY1M2FjNWUwZDViOTJkZmM5OWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37+rWrznXjpo3V5+OezUPB+xwbkf
sEyCNFgcRK0BAG5byahm/LcC5kqsu66y0xFciu42A5/HNnkqY8jStRCuIVBF3FNq
ssNHqm6jryGIxT8sRlAuTOi492NkjDeisA7eirJrEdCjcrc28BeEKv9DDUOvIHr8
4n9w638deGR+X77Uzx3eOO45iPycAd0xo3JXUhK2FIXCk0WHhqlsSUs/BMd8dBWf
t+bgi6XivTPimel9Zc3B8g8FGkrJ33mtM1E7zPvNoCOuJGHAJBiiz0XpQ5J5W5KZ
/EQInZ7teNBECIAaeRjegHC03Jc3Wg9avhx1am2Y3cZ9izAaOioJzZ+D+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJsx7MLZls80jaZlOsXg1bkt/Jn+MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbXpIc3d0bVd6elNOcG1VNnhlRFZ1UzM4bWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABa+qAwQA
WZA/MA0GCSqGSIb3DQEBCwUAA4IBAQB1HTaTR7XyC4Z5rcUfaDmke/+16k4bfdH9
sLlEO9UivhWCv3asANMuvS6KKR4djuqPj6KA8dgpeyRLVSH1xSk2q6B8uNyDy/gi
6TkXshTXgoPsW2uNxLfUcessloVDzMaDf7frhW9Ur4gGzXWSevScGrpb1mQLKmtq
KpaqKyUpVseOwdRZjKPpWnfLYegeyM95Ml0oJaQ8pnfbOtzQZzEVsVclYQ0ci0Ch
2C2qs1GjL83PVwZ/NOI0lein7PMkko15mLV4Y15RHNl15ihufeUCd+ZWVX/Fvvo6
/5R5XCZ2tjjpwewroXi8Lo6tyf0xowJshVSSCfkQNLIcIUJYNk9E
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:37:49 2026 by rpki-client