Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/kMtugILpiPzEeW8OKVlItHoOS1w.roa
File: kMtugILpiPzEeW8OKVlItHoOS1w.roa (raw, json)
Hash identifier: lAQ2ZT9NHZiz0srqLkoDG7be21LY+uZcdjIbYN8bvbA=
Subject key identifier: 90:CB:6E:80:82:E9:88:FC:C4:79:6F:0E:29:59:48:B4:7A:0E:4B:5C
Certificate issuer: /CN=1d0672c99f87f05cd83f0b627d31871fe80be01f
Certificate serial: 019CF6BAE5F9D3D8AF410F8C08A16EAAA1DC
Authority key identifier: 1D:06:72:C9:9F:87:F0:5C:D8:3F:0B:62:7D:31:87:1F:E8:0B:E0:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQZyyZ-H8FzYPwtifTGHH-gL4B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/kMtugILpiPzEeW8OKVlItHoOS1w.roa
Signing time: Mon 16 Mar 2026 12:59:29 +0000
ROA not before: Mon 16 Mar 2026 12:59:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 28919
IP address blocks: 77.223.0.0/22 maxlen: 24
80.93.32.0/20 maxlen: 24
86.111.56.0/22 maxlen: 24
89.41.128.0/21 maxlen: 24
94.24.56.0/21 maxlen: 24
145.11.40.0/21 maxlen: 24
185.66.48.0/22 maxlen: 24
185.163.144.0/22 maxlen: 24
185.164.112.0/22 maxlen: 24
213.182.224.0/19 maxlen: 24
2a03:c680::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/HQZyyZ-H8FzYPwtifTGHH-gL4B8.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/HQZyyZ-H8FzYPwtifTGHH-gL4B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/HQZyyZ-H8FzYPwtifTGHH-gL4B8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f6:ba:e5:f9:d3:d8:af:41:0f:8c:08:a1:6e:aa:a1:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0672c99f87f05cd83f0b627d31871fe80be01f
Validity
Not Before: Mar 16 12:59:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=90cb6e8082e988fcc4796f0e295948b47a0e4b5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:10:7a:4e:f6:35:d5:67:d9:2f:59:ac:4f:b8:
fc:3d:8a:99:26:a6:f9:12:ea:23:44:c3:71:30:99:
8a:c2:f0:f3:6a:e8:1d:9d:0f:93:54:30:74:71:a8:
af:21:e5:8c:89:57:a5:87:a8:1d:42:80:4b:5a:28:
8d:79:0a:a5:75:94:c1:c7:97:99:04:23:1e:3e:49:
b5:cc:9a:11:d1:bd:12:94:a8:0d:fb:e4:1b:11:ce:
46:b9:de:52:74:5b:41:af:52:a9:8b:2e:16:d1:a1:
b1:25:12:0f:13:0c:d7:f9:e5:10:de:74:94:e7:78:
66:1b:70:31:88:a4:f9:75:92:36:a3:95:c1:5e:58:
99:d4:38:0c:6c:28:06:5a:6d:e0:8c:11:7a:59:d3:
02:a2:53:3a:ba:85:d0:2d:76:12:93:f7:61:ba:b0:
be:8b:1d:0e:bb:be:7e:46:f6:68:64:cf:f6:3d:ae:
76:64:45:e2:ce:d0:f5:c0:73:50:fb:af:3d:1c:5f:
df:c8:30:83:2a:5c:95:f0:d8:f8:c3:4c:b0:51:b4:
5c:88:1e:9b:ba:7a:3f:f8:8d:3a:74:51:98:c4:10:
7f:01:9f:31:8a:67:12:20:ed:00:dd:9b:f7:31:6a:
43:19:db:3a:b5:40:52:67:fe:04:5f:bf:ab:8b:b2:
0a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:CB:6E:80:82:E9:88:FC:C4:79:6F:0E:29:59:48:B4:7A:0E:4B:5C
X509v3 Authority Key Identifier:
keyid:1D:06:72:C9:9F:87:F0:5C:D8:3F:0B:62:7D:31:87:1F:E8:0B:E0:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQZyyZ-H8FzYPwtifTGHH-gL4B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/kMtugILpiPzEeW8OKVlItHoOS1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/7e4f08-6730-4051-9792-494f4c4da426/1/HQZyyZ-H8FzYPwtifTGHH-gL4B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.223.0.0/22
80.93.32.0/20
86.111.56.0/22
89.41.128.0/21
94.24.56.0/21
145.11.40.0/21
185.66.48.0/22
185.163.144.0/22
185.164.112.0/22
213.182.224.0/19
IPv6:
2a03:c680::/29
Signature Algorithm: sha256WithRSAEncryption
a1:85:18:80:68:4c:3e:01:c0:f6:50:c0:3a:ee:ff:26:82:e1:
57:6b:45:7c:fc:74:0d:55:63:e3:b5:39:fb:73:de:42:19:6f:
fc:8a:c1:9c:47:c3:b0:9c:41:5a:28:bc:94:02:f8:b4:fc:08:
04:e7:31:53:96:e6:95:70:5f:c8:b5:14:c0:ac:f4:f4:a7:62:
81:86:c6:89:b1:b5:b7:79:85:da:9d:2f:72:30:80:a2:7b:57:
c0:6a:77:4b:ce:3e:5b:1b:f7:d8:d2:08:50:ac:65:e1:63:69:
76:96:6d:28:27:81:37:6e:4f:83:b1:43:4a:2e:92:ad:79:2d:
27:fb:a7:65:0f:8f:a7:9c:bb:4b:77:fe:08:86:29:09:4c:0a:
3e:3d:6f:b9:75:40:88:d9:cf:10:2d:a8:3e:68:2b:c2:d7:1a:
01:4b:d4:21:c7:cf:6b:88:63:45:21:01:a9:d6:d4:7f:f4:68:
ce:8f:ad:fa:01:15:8c:76:a1:7c:11:fe:70:9a:63:95:59:c6:
a8:6f:e4:36:a2:30:58:16:7f:74:87:50:89:40:83:11:65:3d:
cf:a8:39:96:d1:4c:a6:71:9b:9f:57:60:d0:c8:51:08:49:21:
e0:e0:45:27:15:b4:73:75:2a:9a:f3:58:fb:d1:00:d8:32:30:
2a:76:8d:f2
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZz2uuX509ivQQ+MCKFuqqHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMDY3MmM5OWY4N2YwNWNkODNmMGI2MjdkMzE4NzFmZTgw
YmUwMWYwHhcNMjYwMzE2MTI1OTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGNiNmU4MDgyZTk4OGZjYzQ3OTZmMGUyOTU5NDhiNDdhMGU0YjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBB6TvY11WfZL1msT7j8PYqZJqb5
EuojRMNxMJmKwvDzaugdnQ+TVDB0caivIeWMiVelh6gdQoBLWiiNeQqldZTBx5eZ
BCMePkm1zJoR0b0SlKgN++QbEc5Gud5SdFtBr1Kpiy4W0aGxJRIPEwzX+eUQ3nSU
53hmG3AxiKT5dZI2o5XBXliZ1DgMbCgGWm3gjBF6WdMColM6uoXQLXYSk/dhurC+
ix0Ou75+RvZoZM/2Pa52ZEXiztD1wHNQ+689HF/fyDCDKlyV8Nj4w0ywUbRciB6b
uno/+I06dFGYxBB/AZ8ximcSIO0A3Zv3MWpDGds6tUBSZ/4EX7+ri7IKUQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFJDLboCC6Yj8xHlvDilZSLR6DktcMB8GA1UdIwQY
MBaAFB0Gcsmfh/Bc2D8LYn0xhx/oC+AfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFFaeXlaLUg4RnpZUHd0aWZUR0hILWdMNEI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83ZTRmMDgtNjczMC00MDUxLTk3OTIt
NDk0ZjRjNGRhNDI2LzEva010dWdJTHBpUHpFZVc4T0tWbEl0SG9PUzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83ZTRmMDgtNjczMC00MDUxLTk3OTItNDk0ZjRjNGRhNDI2
LzEvSFFaeXlaLUg4RnpZUHd0aWZUR0hILWdMNEI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCTd8AAwQE
UF0gAwQCVm84AwQDWSmAAwQDXhg4AwQDkQsoAwQCuUIwAwQCuaOQAwQCuaRwAwQF
1bbgMA0EAgACMAcDBQMqA8aAMA0GCSqGSIb3DQEBCwUAA4IBAQChhRiAaEw+AcD2
UMA67v8mguFXa0V8/HQNVWPjtTn7c95CGW/8isGcR8OwnEFaKLyUAvi0/AgE5zFT
luaVcF/ItRTArPT0p2KBhsaJsbW3eYXanS9yMICie1fAandLzj5bG/fY0ghQrGXh
Y2l2lm0oJ4E3bk+DsUNKLpKteS0n+6dlD4+nnLtLd/4IhikJTAo+PW+5dUCI2c8Q
Lag+aCvC1xoBS9Qhx89riGNFIQGp1tR/9GjOj636ARWMdqF8Ef5wmmOVWcaob+Q2
ojBYFn90h1CJQIMRZT3PqDmW0UymcZufV2DQyFEISSHg4EUnFbRzdSqa81j70QDY
MjAqdo3y
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:01:23 2026 by rpki-client