Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/AcpzUDJdh0QVREs7oyJtCxQqBno.roa
File: AcpzUDJdh0QVREs7oyJtCxQqBno.roa (raw, json)
Hash identifier: h09GFyOqdQu3iLmVfPCv9jYL7SkvvrDzZUtMK/M7w7s=
Subject key identifier: 01:CA:73:50:32:5D:87:44:15:44:4B:3B:A3:22:6D:0B:14:2A:06:7A
Certificate issuer: /CN=98c1d03b49504d34465dc40a3d0f9086cacfdb8e
Certificate serial: 019D1FAC0F9764C9F83D89DB28C384256F3B
Authority key identifier: 98:C1:D0:3B:49:50:4D:34:46:5D:C4:0A:3D:0F:90:86:CA:CF:DB:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/AcpzUDJdh0QVREs7oyJtCxQqBno.roa
Signing time: Tue 24 Mar 2026 11:47:43 +0000
ROA not before: Tue 24 Mar 2026 11:47:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56655
IP address blocks: 45.88.200.0/24 maxlen: 24
45.88.201.0/24 maxlen: 24
45.88.202.0/24 maxlen: 24
91.217.206.0/24 maxlen: 24
185.14.97.0/24 maxlen: 24
185.125.168.0/22 maxlen: 22
185.181.60.0/22 maxlen: 22
185.243.216.0/24 maxlen: 24
185.243.217.0/24 maxlen: 24
185.243.218.0/24 maxlen: 24
193.200.221.0/24 maxlen: 24
193.200.229.0/24 maxlen: 24
193.200.238.0/24 maxlen: 24
193.243.189.0/24 maxlen: 24
194.32.107.0/24 maxlen: 24
194.110.207.0/24 maxlen: 24
195.16.73.0/24 maxlen: 24
195.35.113.0/24 maxlen: 24
198.140.141.0/24 maxlen: 24
2a03:94e0::/32 maxlen: 32
2a03:94e1::/32 maxlen: 32
2a03:94e2::/32 maxlen: 32
2a03:94e3::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.mft
rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 17:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1f:ac:0f:97:64:c9:f8:3d:89:db:28:c3:84:25:6f:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98c1d03b49504d34465dc40a3d0f9086cacfdb8e
Validity
Not Before: Mar 24 11:47:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=01ca7350325d874415444b3ba3226d0b142a067a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:63:60:54:27:4d:ee:d1:18:fa:5c:7a:04:82:
a7:92:bf:c6:71:af:27:f8:1b:d6:0b:5c:10:e0:81:
b2:b3:4f:f4:cc:47:d4:cf:ca:09:c2:74:b5:1f:2c:
35:1d:d6:59:65:2e:7a:58:12:2f:87:7d:be:77:5d:
e0:79:62:48:79:b6:28:e3:d6:3c:c9:95:2a:81:c7:
e5:ad:07:5b:6c:10:9a:bd:f5:f5:88:82:ef:4b:f0:
aa:26:ed:af:4c:6e:a7:11:0e:e0:e9:f3:d9:ee:6c:
a4:2e:5a:bb:a4:50:fb:b3:3b:2b:c9:d1:d5:2c:b1:
2e:29:1a:df:33:42:84:76:46:fa:0c:20:25:3f:55:
cc:3f:d6:21:6c:e0:16:44:ee:ee:4b:80:fc:c2:81:
c1:75:da:73:4e:c0:8b:37:4c:c9:1b:ee:c1:c2:46:
cd:92:28:ae:35:e8:06:06:5b:25:7e:86:67:ec:29:
e7:07:25:d2:77:e0:4d:7d:06:38:8c:f7:fa:a5:fc:
0e:68:38:2b:e9:c6:d2:59:1e:d6:20:07:31:db:83:
1e:57:94:26:71:f4:87:5c:ba:74:48:2f:03:38:74:
53:4c:fc:cc:4f:48:ea:93:ad:f7:cc:07:37:ff:bc:
bd:09:a2:0f:51:e4:43:e5:71:a9:d2:fe:e9:45:aa:
08:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:CA:73:50:32:5D:87:44:15:44:4B:3B:A3:22:6D:0B:14:2A:06:7A
X509v3 Authority Key Identifier:
keyid:98:C1:D0:3B:49:50:4D:34:46:5D:C4:0A:3D:0F:90:86:CA:CF:DB:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/AcpzUDJdh0QVREs7oyJtCxQqBno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.200.0-45.88.202.255
91.217.206.0/24
185.14.97.0/24
185.125.168.0/22
185.181.60.0/22
185.243.216.0-185.243.218.255
193.200.221.0/24
193.200.229.0/24
193.200.238.0/24
193.243.189.0/24
194.32.107.0/24
194.110.207.0/24
195.16.73.0/24
195.35.113.0/24
198.140.141.0/24
IPv6:
2a03:94e0::/30
Signature Algorithm: sha256WithRSAEncryption
04:32:43:38:21:0f:92:a9:16:5a:2a:e8:d6:36:83:58:21:5c:
a5:91:d1:f4:09:80:ea:cf:81:43:48:ba:52:1c:d7:78:62:7f:
d5:0e:4d:b1:b6:72:a3:34:05:27:c7:a3:7a:63:d9:0f:f6:6c:
bd:e2:4a:db:c9:b4:f3:b7:61:0c:2e:7b:a2:78:f7:19:ca:a6:
dc:0a:44:bf:12:8b:eb:d0:75:cd:1d:17:ad:10:23:ff:ac:05:
2d:75:0a:39:3e:bd:57:b0:b0:0c:7a:d8:e8:88:5e:08:b5:be:
86:df:a2:51:2f:e5:2d:39:8e:96:d5:f1:fa:24:22:8a:c3:a0:
8b:12:2c:8a:41:a4:de:79:83:43:ce:5d:59:56:3c:19:15:f7:
23:ad:93:a1:aa:d7:2d:32:00:2f:c3:82:c0:0e:71:c0:88:b6:
b4:8b:ec:09:49:68:20:40:7f:e4:b4:e7:16:e9:fb:88:a6:40:
65:16:f3:ae:76:55:70:4e:93:44:37:a5:39:cb:ba:42:ce:72:
b7:66:2b:04:aa:3b:aa:55:14:8a:4d:21:53:74:d9:55:a0:ca:
ab:99:14:84:71:6d:ef:3d:b4:e9:3f:fe:30:d6:87:6e:e7:f9:
db:42:2c:73:63:f8:3f:58:94:32:19:61:7a:89:ac:bb:48:ec:
ac:98:07:6b
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZ0frA+XZMn4PYnbKMOEJW87MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YzFkMDNiNDk1MDRkMzQ0NjVkYzQwYTNkMGY5MDg2Y2Fj
ZmRiOGUwHhcNMjYwMzI0MTE0NzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWNhNzM1MDMyNWQ4NzQ0MTU0NDRiM2JhMzIyNmQwYjE0MmEwNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGNgVCdN7tEY+lx6BIKnkr/Gca8n
+BvWC1wQ4IGys0/0zEfUz8oJwnS1Hyw1HdZZZS56WBIvh32+d13geWJIebYo49Y8
yZUqgcflrQdbbBCavfX1iILvS/CqJu2vTG6nEQ7g6fPZ7mykLlq7pFD7szsrydHV
LLEuKRrfM0KEdkb6DCAlP1XMP9YhbOAWRO7uS4D8woHBddpzTsCLN0zJG+7BwkbN
kiiuNegGBlslfoZn7CnnByXSd+BNfQY4jPf6pfwOaDgr6cbSWR7WIAcx24MeV5Qm
cfSHXLp0SC8DOHRTTPzMT0jqk633zAc3/7y9CaIPUeRD5XGp0v7pRaoIkQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFAHKc1AyXYdEFURLO6MibQsUKgZ6MB8GA1UdIwQY
MBaAFJjB0DtJUE00Rl3ECj0PkIbKz9uOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU1IUU8wbFFUVFJHWGNRS1BRLVFoc3JQMjQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9kNmMyNTctZjUwMS00Nzk2LWFhNjEt
YzMxYmRlNTEwMDg1LzEvQWNwelVESmRoMFFWUkVzN295SnRDeFFxQm5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9kNmMyNTctZjUwMS00Nzk2LWFhNjEtYzMxYmRlNTEwMDg1
LzEvbU1IUU8wbFFUVFJHWGNRS1BRLVFoc3JQMjQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBwBAIAATBqMAwDBAMt
WMgDBAAtWMoDBABb2c4DBAC5DmEDBAK5fagDBAK5tTwwDAMEA7nz2AMEALnz2gME
AMHI3QMEAMHI5QMEAMHI7gMEAMHzvQMEAMIgawMEAMJuzwMEAMMQSQMEAMMjcQME
AMaMjTANBAIAAjAHAwUCKgOU4DANBgkqhkiG9w0BAQsFAAOCAQEABDJDOCEPkqkW
Wiro1jaDWCFcpZHR9AmA6s+BQ0i6UhzXeGJ/1Q5NsbZyozQFJ8ejemPZD/ZsveJK
28m087dhDC57onj3Gcqm3ApEvxKL69B1zR0XrRAj/6wFLXUKOT69V7CwDHrY6Ihe
CLW+ht+iUS/lLTmOltXx+iQiisOgixIsikGk3nmDQ85dWVY8GRX3I62ToarXLTIA
L8OCwA5xwIi2tIvsCUloIEB/5LTnFun7iKZAZRbzrnZVcE6TRDelOcu6Qs5yt2Yr
BKo7qlUUik0hU3TZVaDKq5kUhHFt7z206T/+MNaHbuf520Isc2P4P1iUMhlheoms
u0jsrJgHaw==
-----END CERTIFICATE-----
Generated at Fri Mar 27 03:21:40 2026 by rpki-client