Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/MidvfNPdnYe2oZTcN9b6ycQDu0M.roa
File: MidvfNPdnYe2oZTcN9b6ycQDu0M.roa (raw, json)
Hash identifier: NoCymfn19bpeEZVRb8jgiJWjFH4tCCKD6Ap8gdyWstw=
Subject key identifier: 32:27:6F:7C:D3:DD:9D:87:B6:A1:94:DC:37:D6:FA:C9:C4:03:BB:43
Certificate issuer: /CN=556ed11bb6d5e2d6a6eaba19daf637b53f767ed5
Certificate serial: 019CB91E269F7C6D810D5EBE06CE163A1DE2
Authority key identifier: 55:6E:D1:1B:B6:D5:E2:D6:A6:EA:BA:19:DA:F6:37:B5:3F:76:7E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VW7RG7bV4tam6roZ2vY3tT92ftU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/MidvfNPdnYe2oZTcN9b6ycQDu0M.roa
Signing time: Wed 04 Mar 2026 13:51:26 +0000
ROA not before: Wed 04 Mar 2026 13:51:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47346
IP address blocks: 94.139.33.0/24 maxlen: 24
95.111.134.0/24 maxlen: 24
185.29.132.0/24 maxlen: 24
194.140.235.0/24 maxlen: 24
2a14:1380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/VW7RG7bV4tam6roZ2vY3tT92ftU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/VW7RG7bV4tam6roZ2vY3tT92ftU.mft
rsync://rpki.ripe.net/repository/DEFAULT/VW7RG7bV4tam6roZ2vY3tT92ftU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b9:1e:26:9f:7c:6d:81:0d:5e:be:06:ce:16:3a:1d:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=556ed11bb6d5e2d6a6eaba19daf637b53f767ed5
Validity
Not Before: Mar 4 13:51:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=32276f7cd3dd9d87b6a194dc37d6fac9c403bb43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:12:93:84:db:43:79:c1:05:70:29:7b:02:be:
3d:ab:a2:b4:ce:03:24:aa:db:76:fa:5f:29:df:57:
d8:10:33:52:87:b9:6a:cd:cc:d8:f4:4b:12:34:20:
b8:aa:37:9e:25:fe:30:03:14:45:8a:51:55:f5:f4:
c4:42:e2:8d:e3:48:98:c4:f9:45:ee:cd:a7:8f:4d:
04:21:74:c1:f1:30:30:62:8d:e9:ab:5d:ab:51:14:
6b:c3:e3:df:a2:ed:d1:5b:e8:df:a5:c2:3e:53:2f:
26:10:02:32:fd:a3:27:20:99:78:97:f1:a6:1d:34:
1f:c1:af:85:1b:f6:fb:a4:0f:60:36:d2:d9:04:f4:
43:bb:f0:39:b4:f1:4d:53:cb:d9:8d:64:3d:b9:2d:
71:e6:e4:2d:dc:38:f6:ab:9b:34:bb:f6:64:45:6c:
ce:08:16:d8:da:f1:02:35:8d:e5:b9:d9:65:c5:9e:
8b:75:06:49:d9:4b:af:33:9e:c3:c4:e1:4f:e1:b9:
10:62:3b:33:4a:66:96:38:d3:c5:48:fb:45:50:bf:
dc:80:19:8b:3e:54:33:47:17:25:45:0c:15:78:e1:
99:a5:74:cf:59:ce:3f:83:43:56:db:02:0e:03:b0:
4e:6e:57:3f:9e:6b:d3:eb:6a:2c:b6:06:d8:c0:37:
16:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:27:6F:7C:D3:DD:9D:87:B6:A1:94:DC:37:D6:FA:C9:C4:03:BB:43
X509v3 Authority Key Identifier:
keyid:55:6E:D1:1B:B6:D5:E2:D6:A6:EA:BA:19:DA:F6:37:B5:3F:76:7E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VW7RG7bV4tam6roZ2vY3tT92ftU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/MidvfNPdnYe2oZTcN9b6ycQDu0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/22bf9f-c0c8-4750-b1bf-1998665bd793/1/VW7RG7bV4tam6roZ2vY3tT92ftU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.139.33.0/24
95.111.134.0/24
185.29.132.0/24
194.140.235.0/24
IPv6:
2a14:1380::/32
Signature Algorithm: sha256WithRSAEncryption
8f:0f:af:56:cf:f2:42:fe:37:06:19:43:b2:96:6d:7f:7f:41:
09:ce:32:54:22:4d:e5:bd:b6:70:a8:6c:b8:f8:0b:1e:8d:bc:
18:32:3a:a7:25:79:1e:70:35:43:fc:98:e8:aa:b1:26:9e:82:
8f:48:19:6a:2c:eb:ee:31:ca:cf:34:50:88:58:de:52:72:31:
ee:22:e5:9a:70:fd:39:7b:6f:2c:40:47:db:ac:bb:31:19:98:
60:c6:87:9b:13:72:32:58:f8:05:c4:a0:f7:48:e4:c8:62:1c:
e9:5e:2d:67:34:df:da:16:3b:96:80:68:ed:60:02:73:0c:5c:
b0:c1:91:0d:b0:32:b9:cf:01:35:3b:fd:94:0e:39:cc:4c:33:
b3:24:87:2b:7a:9b:c3:6e:85:b9:5d:e4:18:38:dd:35:bb:e3:
03:84:8e:dc:e4:0d:e0:2d:27:d6:c2:d7:30:7f:92:c5:30:d9:
95:db:de:96:67:7b:44:c0:0a:a4:ca:b5:14:6e:18:8d:97:1c:
50:84:e3:cf:19:ea:5e:f2:86:b8:be:60:32:e1:e0:0e:45:8c:
9e:48:3f:4a:25:55:29:c8:15:d8:90:55:63:07:96:d7:a8:fc:
07:4b:49:34:a1:87:1d:6a:26:ee:21:92:95:2d:4e:c5:1f:df:
b7:45:fa:d0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZy5HiaffG2BDV6+Bs4WOh3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NmVkMTFiYjZkNWUyZDZhNmVhYmExOWRhZjYzN2I1M2Y3
NjdlZDUwHhcNMjYwMzA0MTM1MTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjI3NmY3Y2QzZGQ5ZDg3YjZhMTk0ZGMzN2Q2ZmFjOWM0MDNiYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RKThNtDecEFcCl7Ar49q6K0zgMk
qtt2+l8p31fYEDNSh7lqzczY9EsSNCC4qjeeJf4wAxRFilFV9fTEQuKN40iYxPlF
7s2nj00EIXTB8TAwYo3pq12rURRrw+Pfou3RW+jfpcI+Uy8mEAIy/aMnIJl4l/Gm
HTQfwa+FG/b7pA9gNtLZBPRDu/A5tPFNU8vZjWQ9uS1x5uQt3Dj2q5s0u/ZkRWzO
CBbY2vECNY3ludllxZ6LdQZJ2UuvM57DxOFP4bkQYjszSmaWONPFSPtFUL/cgBmL
PlQzRxclRQwVeOGZpXTPWc4/g0NW2wIOA7BOblc/nmvT62ostgbYwDcWswIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDInb3zT3Z2HtqGU3DfW+snEA7tDMB8GA1UdIwQY
MBaAFFVu0Ru21eLWpuq6Gdr2N7U/dn7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlc3Ukc3YlY0dGFtNnJvWjJ2WTN0VDkyZnRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yMmJmOWYtYzBjOC00NzUwLWIxYmYt
MTk5ODY2NWJkNzkzLzEvTWlkdmZOUGRuWWUyb1pUY045YjZ5Y1FEdTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8yMmJmOWYtYzBjOC00NzUwLWIxYmYtMTk5ODY2NWJkNzkz
LzEvVlc3Ukc3YlY0dGFtNnJvWjJ2WTN0VDkyZnRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAXoshAwQA
X2+GAwQAuR2EAwQAwozrMA0EAgACMAcDBQAqFBOAMA0GCSqGSIb3DQEBCwUAA4IB
AQCPD69Wz/JC/jcGGUOylm1/f0EJzjJUIk3lvbZwqGy4+AsejbwYMjqnJXkecDVD
/JjoqrEmnoKPSBlqLOvuMcrPNFCIWN5ScjHuIuWacP05e28sQEfbrLsxGZhgxoeb
E3IyWPgFxKD3SOTIYhzpXi1nNN/aFjuWgGjtYAJzDFywwZENsDK5zwE1O/2UDjnM
TDOzJIcrepvDboW5XeQYON01u+MDhI7c5A3gLSfWwtcwf5LFMNmV296WZ3tEwAqk
yrUUbhiNlxxQhOPPGepe8oa4vmAy4eAORYyeSD9KJVUpyBXYkFVjB5bXqPwHS0k0
oYcdaibuIZKVLU7FH9+3RfrQ
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:37:11 2026 by rpki-client