Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/mfDSyGffTR6cNNtiJ6vRF1eQS-E.roa
File: mfDSyGffTR6cNNtiJ6vRF1eQS-E.roa (raw, json)
Hash identifier: HRimO3xmzKlVGwjsYEQx2EDfgqoLjemMcXOVfIGsI8Y=
Subject key identifier: 99:F0:D2:C8:67:DF:4D:1E:9C:34:DB:62:27:AB:D1:17:57:90:4B:E1
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019D0A29E12B31335036E5422BA14EC16B08
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/mfDSyGffTR6cNNtiJ6vRF1eQS-E.roa
Signing time: Fri 20 Mar 2026 07:33:29 +0000
ROA not before: Fri 20 Mar 2026 07:33:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204339
IP address blocks: 45.9.72.0/24 maxlen: 24
45.138.73.0/24 maxlen: 24
45.138.74.0/24 maxlen: 24
46.17.105.0/24 maxlen: 24
91.217.76.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
185.40.7.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.102.136.0/24 maxlen: 24
185.106.93.0/24 maxlen: 24
185.106.94.0/24 maxlen: 24
185.117.116.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.200.190.0/24 maxlen: 24
185.217.197.0/24 maxlen: 24
185.233.82.0/24 maxlen: 24
185.252.144.0/24 maxlen: 24
193.124.182.0/24 maxlen: 24
193.124.183.0/24 maxlen: 24
193.124.190.0/24 maxlen: 24
2a04:5200:68::/48 maxlen: 48
2a04:5201:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0a:29:e1:2b:31:33:50:36:e5:42:2b:a1:4e:c1:6b:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Mar 20 07:33:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=99f0d2c867df4d1e9c34db6227abd11757904be1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:41:71:4f:81:a3:c5:a0:4d:cb:ff:cc:21:4f:
ca:f2:45:86:fe:c9:32:20:8e:c1:9f:83:2c:e5:ec:
7c:0a:0a:ae:f7:75:1b:a0:99:7b:dd:bf:09:8e:0e:
55:1a:14:04:ef:f9:8e:e4:75:44:e3:d9:77:af:34:
d8:30:4d:40:9c:7c:0e:bc:fa:62:68:16:08:00:80:
26:0a:30:10:64:72:99:0a:04:dd:5f:ab:5e:8e:17:
0f:0b:d7:5c:47:11:a0:88:2c:12:d6:8e:d8:14:42:
4f:6d:0d:ed:3f:09:ca:03:da:2e:41:b4:76:1a:46:
cf:b6:8e:19:85:22:4f:69:dd:15:f2:5b:a8:c8:02:
b1:e7:f9:01:78:3f:94:b4:b7:0b:74:4c:9a:f2:4d:
09:72:68:0e:70:59:ba:02:a0:f1:84:f1:d4:49:8b:
26:12:db:1f:8c:f3:72:a1:ee:ee:4e:dc:51:a2:0a:
5b:c7:79:15:b8:77:64:ee:68:0c:3f:4d:d6:ea:e8:
42:05:e2:b9:e3:d3:3a:d2:02:be:bf:d0:f8:49:b0:
4f:36:10:47:84:08:6b:b0:5f:e8:1b:20:0e:ab:d2:
ca:7e:39:da:b2:3b:1b:44:bb:8b:c8:fd:d1:bd:9d:
c9:5d:27:b0:4d:49:40:94:89:47:8b:e3:66:64:6a:
0a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F0:D2:C8:67:DF:4D:1E:9C:34:DB:62:27:AB:D1:17:57:90:4B:E1
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/mfDSyGffTR6cNNtiJ6vRF1eQS-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
45.138.73.0-45.138.74.255
46.17.105.0/24
91.217.76.0/24
95.214.9.0/24
185.40.7.0/24
185.58.204.0/24
185.102.136.0/24
185.106.93.0-185.106.94.255
185.117.116.0/24
185.117.119.0/24
185.200.190.0/24
185.217.197.0/24
185.233.82.0/24
185.252.144.0/24
193.124.182.0/23
193.124.190.0/24
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
Signature Algorithm: sha256WithRSAEncryption
00:eb:0b:57:8a:15:d4:ab:e0:eb:c8:5f:b0:85:93:eb:ea:f3:
64:44:3d:1c:73:d8:66:05:e6:59:da:db:2e:fb:4e:f1:a9:64:
4d:b7:3b:89:32:b6:ef:a5:20:78:6e:0f:23:a9:6f:4c:a8:38:
fa:d3:eb:76:ac:3c:d4:27:a5:aa:40:f9:09:ee:8c:c5:57:2a:
ac:e6:54:e0:45:be:4c:cf:8f:f9:8a:d0:8b:04:1f:0b:96:a6:
7a:ee:1d:06:27:09:3d:09:c6:63:8d:51:85:9e:bf:c3:26:60:
b4:d2:d5:13:91:60:20:0f:05:23:95:ab:8c:a9:4e:c3:a8:24:
0d:e0:d3:71:11:6f:bd:6a:de:74:c8:37:6e:36:dc:dd:ed:5f:
ab:9b:75:68:e8:96:14:62:c7:a9:bc:0f:f9:1b:7d:5e:bf:11:
3a:5e:b6:7e:16:eb:a6:bd:dc:dc:c7:7c:e7:48:40:87:da:85:
4e:32:53:6f:18:df:d0:79:0c:f9:86:c7:24:e7:73:34:ba:87:
69:4c:65:e1:c6:8b:28:72:f7:03:9f:8d:f3:fb:07:cf:20:77:
d2:52:d7:69:51:22:50:dd:e7:d1:d2:30:0e:b8:19:94:f7:ad:
06:84:5d:ae:fa:03:3a:e5:a2:95:a0:d7:31:eb:f4:a2:33:52:
f9:65:0f:96
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZ0KKeErMTNQNuVCK6FOwWsIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjYwMzIwMDczMzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWYwZDJjODY3ZGY0ZDFlOWMzNGRiNjIyN2FiZDExNzU3OTA0YmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUFxT4GjxaBNy//MIU/K8kWG/sky
II7Bn4Ms5ex8Cgqu93UboJl73b8Jjg5VGhQE7/mO5HVE49l3rzTYME1AnHwOvPpi
aBYIAIAmCjAQZHKZCgTdX6tejhcPC9dcRxGgiCwS1o7YFEJPbQ3tPwnKA9ouQbR2
GkbPto4ZhSJPad0V8luoyAKx5/kBeD+UtLcLdEya8k0JcmgOcFm6AqDxhPHUSYsm
EtsfjPNyoe7uTtxRogpbx3kVuHdk7mgMP03W6uhCBeK549M60gK+v9D4SbBPNhBH
hAhrsF/oGyAOq9LKfjnasjsbRLuLyP3RvZ3JXSewTUlAlIlHi+NmZGoKuQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFJnw0shn300enDTbYier0RdXkEvhMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvbWZEU3lHZmZUUjZjTk50aUo2dlJGMWVRUy1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDB8BAIAATB2AwQALQlI
MAwDBAAtikkDBAAtikoDBAAuEWkDBABb2UwDBABf1gkDBAC5KAcDBAC5OswDBAC5
ZogwDAMEALlqXQMEALlqXgMEALl1dAMEALl1dwMEALnIvgMEALnZxQMEALnpUgME
ALn8kAMEAcF8tgMEAMF8vjAYBAIAAjASAwcAKgRSAABoAwcAKgRSAQACMA0GCSqG
SIb3DQEBCwUAA4IBAQAA6wtXihXUq+DryF+whZPr6vNkRD0cc9hmBeZZ2tsu+07x
qWRNtzuJMrbvpSB4bg8jqW9MqDj60+t2rDzUJ6WqQPkJ7ozFVyqs5lTgRb5Mz4/5
itCLBB8LlqZ67h0GJwk9CcZjjVGFnr/DJmC00tUTkWAgDwUjlauMqU7DqCQN4NNx
EW+9at50yDduNtzd7V+rm3Vo6JYUYsepvA/5G31evxE6XrZ+Fuumvdzcx3znSECH
2oVOMlNvGN/QeQz5hsck53M0uodpTGXhxosocvcDn43z+wfPIHfSUtdpUSJQ3efR
0jAOuBmU960GhF2u+gM65aKVoNcx6/SiM1L5ZQ+W
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:26:05 2026 by rpki-client