Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4a2d47-0e6f-4914-9481-0cdf00edb4de/1/mvMfPRH6Mk3EjG0E4WCshPoSRK0.roa
File: mvMfPRH6Mk3EjG0E4WCshPoSRK0.roa (raw, json)
Hash identifier: wR4V3iYm4lRZUfpxuBz7lXadGQ4ppLA7EP2UVUE9PYw=
Subject key identifier: 9A:F3:1F:3D:11:FA:32:4D:C4:8C:6D:04:E1:60:AC:84:FA:12:44:AD
Certificate issuer: /CN=66dad7e01be8960ccab00a162be9df4f5fabbf62
Certificate serial: 019EB18A4E4D85254CD57EB3F96116001172
Authority key identifier: 66:DA:D7:E0:1B:E8:96:0C:CA:B0:0A:16:2B:E9:DF:4F:5F:AB:BF:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZtrX4BvolgzKsAoWK-nfT1-rv2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4a2d47-0e6f-4914-9481-0cdf00edb4de/1/mvMfPRH6Mk3EjG0E4WCshPoSRK0.roa
Signing time: Wed 10 Jun 2026 12:38:11 +0000
ROA not before: Wed 10 Jun 2026 12:38:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35819
IP address blocks: 5.253.80.0/24 maxlen: 24
5.253.81.0/24 maxlen: 24
5.253.82.0/24 maxlen: 24
5.253.83.0/24 maxlen: 24
194.50.35.0/24 maxlen: 24
2a14:f800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/4a2d47-0e6f-4914-9481-0cdf00edb4de/1/ZtrX4BvolgzKsAoWK-nfT1-rv2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/4a2d47-0e6f-4914-9481-0cdf00edb4de/1/ZtrX4BvolgzKsAoWK-nfT1-rv2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZtrX4BvolgzKsAoWK-nfT1-rv2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b1:8a:4e:4d:85:25:4c:d5:7e:b3:f9:61:16:00:11:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66dad7e01be8960ccab00a162be9df4f5fabbf62
Validity
Not Before: Jun 10 12:38:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9af31f3d11fa324dc48c6d04e160ac84fa1244ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:16:37:76:f0:2d:a2:f8:18:41:88:c4:6f:29:
b2:ea:56:08:7d:ec:ed:ac:c0:46:78:94:a6:4d:92:
98:d3:07:8e:76:bb:0f:fb:a5:f3:e7:72:11:da:05:
b6:40:c7:62:82:26:25:10:ce:2d:c3:99:4c:8b:1f:
11:08:b0:de:33:52:6b:5e:a6:fb:21:f8:0e:31:21:
93:6a:86:87:a2:35:d9:b5:88:39:55:42:5a:02:29:
a3:4e:cf:24:59:58:86:3b:c2:c6:f5:9d:b3:e5:b3:
50:f8:4c:fe:b9:7e:c0:88:a4:f7:b8:75:6b:e2:85:
8f:a9:f7:49:de:2d:1d:91:3d:fb:03:80:12:96:b3:
96:89:f7:a6:11:cc:76:a9:61:af:6b:1c:5f:1f:97:
15:de:ad:d2:22:7c:a2:c2:51:bf:8f:8a:68:75:31:
69:00:e2:60:41:6e:9d:60:2f:b2:1e:38:c9:55:3b:
b5:6e:30:55:98:ee:4d:d4:f8:b6:f4:d9:d3:b4:26:
ec:58:72:97:e1:91:c6:af:76:1f:e0:ac:cb:15:b4:
72:74:ff:07:a4:8d:7d:38:8a:ff:40:3e:65:d9:f5:
7c:fa:b9:b7:aa:9a:ee:17:a5:24:ef:01:4f:96:81:
1b:12:b9:fd:25:89:30:42:a2:de:3e:ab:d1:26:15:
86:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F3:1F:3D:11:FA:32:4D:C4:8C:6D:04:E1:60:AC:84:FA:12:44:AD
X509v3 Authority Key Identifier:
keyid:66:DA:D7:E0:1B:E8:96:0C:CA:B0:0A:16:2B:E9:DF:4F:5F:AB:BF:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtrX4BvolgzKsAoWK-nfT1-rv2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4a2d47-0e6f-4914-9481-0cdf00edb4de/1/mvMfPRH6Mk3EjG0E4WCshPoSRK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4a2d47-0e6f-4914-9481-0cdf00edb4de/1/ZtrX4BvolgzKsAoWK-nfT1-rv2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.80.0/22
194.50.35.0/24
IPv6:
2a14:f800::/29
Signature Algorithm: sha256WithRSAEncryption
24:b9:ba:90:f1:be:e4:15:d2:96:16:57:fd:3f:45:90:8f:83:
35:39:8b:f3:75:e1:c5:e5:0e:5d:52:d8:f7:3f:c0:85:e5:73:
2a:72:c0:93:2c:c4:0a:43:49:b9:88:42:8a:16:4b:81:9a:7c:
ef:51:22:e7:2d:31:b0:c3:4e:dc:a4:49:ec:c5:b0:eb:6e:b9:
5a:17:79:b6:b5:aa:49:4d:07:31:78:67:44:d2:f5:01:6c:cd:
b5:c4:a7:77:b8:46:bc:19:4c:2c:50:40:f1:9a:0c:b2:3e:df:
07:d1:d2:a6:77:3d:e1:84:22:42:b6:85:89:f7:25:a5:3b:ac:
19:6d:5a:5a:16:1e:aa:41:3f:3e:8d:bc:09:db:09:8f:4d:78:
c8:51:63:fd:87:37:be:f3:89:a3:2b:ca:08:f2:59:89:37:44:
eb:11:10:21:16:50:26:73:5b:ca:f3:fc:a4:bc:4f:fa:b2:74:
6e:a4:55:dc:7c:c0:c5:8a:ab:78:63:16:db:c2:cb:5a:90:77:
40:cc:13:10:ff:de:10:e0:08:d3:c9:5b:82:9e:1c:db:08:db:
df:4e:e3:d2:1e:81:14:f0:07:ea:62:d2:5c:ab:ff:c2:c5:d2:
8f:cb:6e:67:11:bb:10:bb:b0:a9:7f:70:4a:71:d0:69:78:fd:
f4:81:38:47
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ6xik5NhSVM1X6z+WEWABFyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGFkN2UwMWJlODk2MGNjYWIwMGExNjJiZTlkZjRmNWZh
YmJmNjIwHhcNMjYwNjEwMTIzODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWYzMWYzZDExZmEzMjRkYzQ4YzZkMDRlMTYwYWM4NGZhMTI0NGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BY3dvAtovgYQYjEbymy6lYIfezt
rMBGeJSmTZKY0weOdrsP+6Xz53IR2gW2QMdigiYlEM4tw5lMix8RCLDeM1JrXqb7
IfgOMSGTaoaHojXZtYg5VUJaAimjTs8kWViGO8LG9Z2z5bNQ+Ez+uX7AiKT3uHVr
4oWPqfdJ3i0dkT37A4ASlrOWifemEcx2qWGvaxxfH5cV3q3SInyiwlG/j4podTFp
AOJgQW6dYC+yHjjJVTu1bjBVmO5N1Pi29NnTtCbsWHKX4ZHGr3Yf4KzLFbRydP8H
pI19OIr/QD5l2fV8+rm3qpruF6Uk7wFPloEbErn9JYkwQqLePqvRJhWGwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJrzHz0R+jJNxIxtBOFgrIT6EkStMB8GA1UdIwQY
MBaAFGba1+Ab6JYMyrAKFivp309fq79iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRyWDRCdm9sZ3pLc0FvV0stbmZUMS1ydjJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80YTJkNDctMGU2Zi00OTE0LTk0ODEt
MGNkZjAwZWRiNGRlLzEvbXZNZlBSSDZNazNFakcwRTRXQ3NoUG9TUkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80YTJkNDctMGU2Zi00OTE0LTk0ODEtMGNkZjAwZWRiNGRl
LzEvWnRyWDRCdm9sZ3pLc0FvV0stbmZUMS1ydjJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCBf1QAwQA
wjIjMA0EAgACMAcDBQMqFPgAMA0GCSqGSIb3DQEBCwUAA4IBAQAkubqQ8b7kFdKW
Flf9P0WQj4M1OYvzdeHF5Q5dUtj3P8CF5XMqcsCTLMQKQ0m5iEKKFkuBmnzvUSLn
LTGww07cpEnsxbDrbrlaF3m2tapJTQcxeGdE0vUBbM21xKd3uEa8GUwsUEDxmgyy
Pt8H0dKmdz3hhCJCtoWJ9yWlO6wZbVpaFh6qQT8+jbwJ2wmPTXjIUWP9hze+84mj
K8oI8lmJN0TrERAhFlAmc1vK8/ykvE/6snRupFXcfMDFiqt4YxbbwstakHdAzBMQ
/94Q4AjTyVuCnhzbCNvfTuPSHoEU8AfqYtJcq//CxdKPy25nEbsQu7Cpf3BKcdBp
eP30gThH
-----END CERTIFICATE-----
Generated at Sat Jun 13 16:10:31 2026 by rpki-client