Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/mdfLFykdQyM90L_Bn6raPvbqsZE.roa
File: mdfLFykdQyM90L_Bn6raPvbqsZE.roa (raw, json)
Hash identifier: CH+AxBNrfQ25+E/krbyqRZ1aua2wWYxYuR2r8l13bJo=
Subject key identifier: 99:D7:CB:17:29:1D:43:23:3D:D0:BF:C1:9F:AA:DA:3E:F6:EA:B1:91
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019D01F4BE353F0092CC7637E28747D4CA36
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/mdfLFykdQyM90L_Bn6raPvbqsZE.roa
Signing time: Wed 18 Mar 2026 17:18:29 +0000
ROA not before: Wed 18 Mar 2026 17:18:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 273285
IP address blocks: 45.81.125.0/24 maxlen: 24
45.142.41.0/24 maxlen: 24
203.88.96.0/23 maxlen: 23
203.88.96.0/24 maxlen: 24
203.88.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:01:f4:be:35:3f:00:92:cc:76:37:e2:87:47:d4:ca:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 18 17:18:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=99d7cb17291d43233dd0bfc19faada3ef6eab191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9b:e9:d0:f4:b1:bb:36:c4:61:5d:84:71:d2:
e5:c9:e7:0b:7a:fc:41:2a:45:9f:43:6a:c6:46:06:
f8:b5:99:0e:0c:14:48:51:e8:5d:ea:f5:07:d9:81:
88:87:d5:50:26:53:20:3d:7c:fb:60:1a:ff:be:8b:
dc:6d:86:40:f7:b9:b6:8e:23:2b:04:99:f1:f8:a7:
49:43:34:74:a3:3e:8d:45:93:6d:02:13:f5:d1:13:
bb:89:53:96:f3:87:1b:22:d5:c5:e3:27:1a:00:72:
a2:b5:2e:2e:da:63:bb:e2:66:8d:1c:ce:32:7e:b3:
b3:0e:b2:1c:de:5a:5a:b2:fe:1b:52:07:1f:5c:09:
24:1c:58:f2:fa:d5:03:bb:60:c8:f8:0a:03:dd:a5:
e7:10:83:4a:d9:27:61:ac:da:1d:a8:9b:36:92:f5:
e7:88:0a:45:7f:f9:b2:6b:14:67:da:a7:8a:86:12:
90:e8:48:ce:f2:bd:02:a3:6e:c9:c5:33:92:68:e0:
fb:5c:e2:f9:87:7f:2e:ed:21:9e:0a:09:84:57:fb:
49:cf:e9:47:b1:9f:c6:7d:fe:af:9b:59:7f:77:8b:
e1:b3:68:51:0e:71:1c:1a:2b:c7:12:bf:7e:3c:51:
4d:29:91:2f:59:15:eb:54:ff:7e:bf:9a:6f:92:54:
93:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D7:CB:17:29:1D:43:23:3D:D0:BF:C1:9F:AA:DA:3E:F6:EA:B1:91
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/mdfLFykdQyM90L_Bn6raPvbqsZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.125.0/24
45.142.41.0/24
203.88.96.0/23
Signature Algorithm: sha256WithRSAEncryption
57:07:10:df:0c:1c:e3:42:2c:8d:44:ab:3c:90:50:fc:67:ee:
20:59:9e:2c:a4:f2:05:27:50:6a:a3:94:26:78:13:1a:24:1c:
b0:40:be:28:fd:6f:30:9a:4e:35:8f:66:6d:20:90:27:54:7e:
4e:f7:00:1b:99:eb:66:11:a6:74:48:87:64:58:8b:8e:b8:2c:
a8:83:51:0d:a3:23:65:f4:85:63:1d:99:22:e9:66:c0:35:e5:
1e:0b:a9:6a:87:b9:9e:4f:03:11:49:91:e7:56:b9:20:08:c0:
d4:a3:60:bd:23:c6:6b:d1:47:30:10:31:d9:3c:46:b3:74:c5:
7e:06:f8:60:d7:a3:f8:d0:63:27:15:e2:9b:14:6d:02:b9:3d:
37:9a:bb:80:42:de:1a:b2:d2:08:96:38:86:c7:71:90:3f:5b:
f6:e0:57:d8:f5:e8:1e:76:ba:fe:f3:48:42:f6:66:c2:fe:f4:
f9:86:6f:eb:51:e7:9d:4d:cf:08:78:74:ce:6b:2d:a4:a9:d7:
0c:48:ed:51:5e:97:49:74:90:e0:04:c6:0c:2f:f3:aa:54:f9:
73:e2:87:f1:20:e6:70:99:1b:c0:2f:35:e4:f8:37:b7:74:69:
5e:c8:d5:4a:9a:b5:e1:5e:52:3a:ee:33:2d:51:38:b9:df:64:
03:99:d5:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ0B9L41PwCSzHY34odH1Mo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwMzE4MTcxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQ3Y2IxNzI5MWQ0MzIzM2RkMGJmYzE5ZmFhZGEzZWY2ZWFiMTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZvp0PSxuzbEYV2EcdLlyecLevxB
KkWfQ2rGRgb4tZkODBRIUehd6vUH2YGIh9VQJlMgPXz7YBr/vovcbYZA97m2jiMr
BJnx+KdJQzR0oz6NRZNtAhP10RO7iVOW84cbItXF4ycaAHKitS4u2mO74maNHM4y
frOzDrIc3lpasv4bUgcfXAkkHFjy+tUDu2DI+AoD3aXnEINK2SdhrNodqJs2kvXn
iApFf/myaxRn2qeKhhKQ6EjO8r0Co27JxTOSaOD7XOL5h38u7SGeCgmEV/tJz+lH
sZ/Gff6vm1l/d4vhs2hRDnEcGivHEr9+PFFNKZEvWRXrVP9+v5pvklSTzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJnXyxcpHUMjPdC/wZ+q2j726rGRMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvbWRmTEZ5a2RReU05MExfQm42cmFQdmJxc1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVF9AwQA
LY4pAwQBy1hgMA0GCSqGSIb3DQEBCwUAA4IBAQBXBxDfDBzjQiyNRKs8kFD8Z+4g
WZ4spPIFJ1Bqo5QmeBMaJBywQL4o/W8wmk41j2ZtIJAnVH5O9wAbmetmEaZ0SIdk
WIuOuCyog1ENoyNl9IVjHZki6WbANeUeC6lqh7meTwMRSZHnVrkgCMDUo2C9I8Zr
0UcwEDHZPEazdMV+Bvhg16P40GMnFeKbFG0CuT03mruAQt4astIIljiGx3GQP1v2
4FfY9egedrr+80hC9mbC/vT5hm/rUeedTc8IeHTOay2kqdcMSO1RXpdJdJDgBMYM
L/OqVPlz4ofxIOZwmRvALzXk+De3dGleyNVKmrXhXlI67jMtUTi532QDmdXU
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:36:47 2026 by rpki-client