Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/mgYZGKiZa9mhnK2NqWF8no0GGZ0.roa
File: mgYZGKiZa9mhnK2NqWF8no0GGZ0.roa (raw, json)
Hash identifier: 8DYBESplw9uIrtfifuryybJhLMN9+f7eBcLk6GPGqfM=
Subject key identifier: 9A:06:19:18:A8:99:6B:D9:A1:9C:AD:8D:A9:61:7C:9E:8D:06:19:9D
Certificate issuer: /CN=9e6d1dc6caa41d3beffe8d1da2671a50e7f79a30
Certificate serial: 019C4E41FB52C7BF6064985731B0451606BE
Authority key identifier: 9E:6D:1D:C6:CA:A4:1D:3B:EF:FE:8D:1D:A2:67:1A:50:E7:F7:9A:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nm0dxsqkHTvv_o0domcaUOf3mjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/mgYZGKiZa9mhnK2NqWF8no0GGZ0.roa
Signing time: Wed 11 Feb 2026 19:51:12 +0000
ROA not before: Wed 11 Feb 2026 19:51:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209771
IP address blocks: 2a0c:6500:200::/42 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/nm0dxsqkHTvv_o0domcaUOf3mjA.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/nm0dxsqkHTvv_o0domcaUOf3mjA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nm0dxsqkHTvv_o0domcaUOf3mjA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4e:41:fb:52:c7:bf:60:64:98:57:31:b0:45:16:06:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e6d1dc6caa41d3beffe8d1da2671a50e7f79a30
Validity
Not Before: Feb 11 19:51:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a061918a8996bd9a19cad8da9617c9e8d06199d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f9:6e:a1:00:52:c9:a8:a7:8c:53:48:61:83:
e6:e8:cd:6f:ad:15:c2:17:9d:03:dd:ca:87:73:d9:
c2:21:c0:c4:d5:09:cc:82:0e:99:f4:17:9e:7c:61:
ad:22:cf:d3:06:3e:1e:13:2c:de:fd:45:a6:5e:27:
df:55:a4:37:d5:03:2e:0c:1b:f5:de:b9:f9:96:dc:
bb:1d:e5:c3:63:ba:91:6e:74:91:62:18:3a:63:12:
95:73:49:ee:da:80:81:a4:d8:3e:17:e8:92:1b:5e:
ae:74:d3:2f:a6:90:fd:79:44:b1:41:75:42:65:b8:
7a:0a:16:7f:8a:84:c6:22:4c:8a:5f:44:c6:d8:ba:
d3:54:4c:df:33:44:d7:19:c8:15:07:15:9d:2e:3e:
8f:35:41:41:42:ba:bf:6f:42:09:36:91:5f:e5:c3:
55:91:ec:a7:60:5f:7a:f5:11:fb:ef:9f:58:38:0d:
db:90:67:d1:9f:69:60:9b:19:ad:e8:91:15:8b:99:
d5:b5:f3:70:3f:83:eb:1a:87:15:58:c6:5a:50:bf:
a1:cf:e4:fb:a7:ea:3c:35:ad:ab:67:d4:12:d9:97:
e5:1b:4a:85:ac:ad:0b:17:b5:57:e3:4c:f8:d5:3c:
c8:86:49:91:4f:6c:be:7d:19:8c:49:f1:c9:c4:cf:
f6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:06:19:18:A8:99:6B:D9:A1:9C:AD:8D:A9:61:7C:9E:8D:06:19:9D
X509v3 Authority Key Identifier:
keyid:9E:6D:1D:C6:CA:A4:1D:3B:EF:FE:8D:1D:A2:67:1A:50:E7:F7:9A:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nm0dxsqkHTvv_o0domcaUOf3mjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/mgYZGKiZa9mhnK2NqWF8no0GGZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1491f9-dc76-4777-b5be-83f9a8d1d4d6/1/nm0dxsqkHTvv_o0domcaUOf3mjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:6500:200::/42
Signature Algorithm: sha256WithRSAEncryption
3f:3e:5f:a0:35:b5:2e:c0:3e:71:29:41:6c:b2:63:aa:a7:be:
8e:78:a7:5f:7d:33:b7:50:e4:84:cf:0e:fe:a5:76:d2:02:06:
7e:ca:de:30:17:03:1a:0a:72:55:0c:1e:7f:05:a1:d2:13:51:
1b:99:46:35:af:59:21:01:9b:61:76:db:91:00:b1:cf:ea:b6:
6d:c7:df:89:30:92:25:5e:2b:ea:26:e8:69:80:ff:20:2a:dc:
71:be:9a:01:64:7d:9d:9a:0e:41:b4:3b:58:be:e1:22:38:7c:
f3:0f:ea:9e:9f:3e:18:4a:a2:f6:c5:14:b6:f6:50:ff:a0:3c:
32:78:36:04:a8:95:8a:2f:c8:81:2d:54:67:a8:cf:c6:3d:a5:
01:74:d5:ad:a6:4d:e7:4e:f6:66:c1:5e:e8:38:32:4f:bf:45:
c0:63:cf:66:59:97:af:02:2b:28:d8:68:a7:e1:e4:00:9f:aa:
2c:ad:16:e6:40:4e:af:05:36:68:41:73:e4:ed:13:cb:69:3a:
f1:a2:b0:c8:07:48:ef:09:fb:06:31:ab:c2:b8:e3:ef:26:87:
da:3b:f4:32:b7:56:d1:d3:fa:65:05:fe:e9:48:b0:91:28:0d:
7d:3d:7a:51:33:3b:01:eb:e3:9f:64:44:5b:72:e9:f9:2a:a7:
84:b5:c3:a4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZxOQftSx79gZJhXMbBFFga+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNmQxZGM2Y2FhNDFkM2JlZmZlOGQxZGEyNjcxYTUwZTdm
NzlhMzAwHhcNMjYwMjExMTk1MTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTA2MTkxOGE4OTk2YmQ5YTE5Y2FkOGRhOTYxN2M5ZThkMDYxOTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPluoQBSyainjFNIYYPm6M1vrRXC
F50D3cqHc9nCIcDE1QnMgg6Z9BeefGGtIs/TBj4eEyze/UWmXiffVaQ31QMuDBv1
3rn5lty7HeXDY7qRbnSRYhg6YxKVc0nu2oCBpNg+F+iSG16udNMvppD9eUSxQXVC
Zbh6ChZ/ioTGIkyKX0TG2LrTVEzfM0TXGcgVBxWdLj6PNUFBQrq/b0IJNpFf5cNV
keynYF969RH7759YOA3bkGfRn2lgmxmt6JEVi5nVtfNwP4PrGocVWMZaUL+hz+T7
p+o8Na2rZ9QS2ZflG0qFrK0LF7VX40z41TzIhkmRT2y+fRmMSfHJxM/21wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJoGGRiomWvZoZytjalhfJ6NBhmdMB8GA1UdIwQY
MBaAFJ5tHcbKpB077/6NHaJnGlDn95owMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbm0wZHhzcWtIVHZ2X28wZG9tY2FVT2YzbWpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xNDkxZjktZGM3Ni00Nzc3LWI1YmUt
ODNmOWE4ZDFkNGQ2LzEvbWdZWkdLaVphOW1obksyTnFXRjhubzBHR1owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xNDkxZjktZGM3Ni00Nzc3LWI1YmUtODNmOWE4ZDFkNGQ2
LzEvbm0wZHhzcWtIVHZ2X28wZG9tY2FVT2YzbWpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcGKgxlAAIA
MA0GCSqGSIb3DQEBCwUAA4IBAQA/Pl+gNbUuwD5xKUFssmOqp76OeKdffTO3UOSE
zw7+pXbSAgZ+yt4wFwMaCnJVDB5/BaHSE1EbmUY1r1khAZthdtuRALHP6rZtx9+J
MJIlXivqJuhpgP8gKtxxvpoBZH2dmg5BtDtYvuEiOHzzD+qenz4YSqL2xRS29lD/
oDwyeDYEqJWKL8iBLVRnqM/GPaUBdNWtpk3nTvZmwV7oODJPv0XAY89mWZevAiso
2Gin4eQAn6osrRbmQE6vBTZoQXPk7RPLaTrxorDIB0jvCfsGMavCuOPvJofaO/Qy
t1bR0/plBf7pSLCRKA19PXpRMzsB6+OfZERbcun5KqeEtcOk
-----END CERTIFICATE-----
Generated at Sun Mar 1 14:42:07 2026 by rpki-client