Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/5ddee9-c1c4-4b57-b6b8-d49916b5f2b4/1/MWO04HZg4nna7ngSZWOngsPF3DY.roa
File: MWO04HZg4nna7ngSZWOngsPF3DY.roa (raw, json)
Hash identifier: XPa/7hvS1/ReU5t/3rvWEjSNDwT2ztfSW93g1iKSOio=
Subject key identifier: 31:63:B4:E0:76:60:E2:79:DA:EE:78:12:65:63:A7:82:C3:C5:DC:36
Certificate issuer: /CN=3b0bf18d6bbdb33da82fe61a28624ba72e235040
Certificate serial: 019CCBDD58E307434DFFF26BD5C7DE6A2D02
Authority key identifier: 3B:0B:F1:8D:6B:BD:B3:3D:A8:2F:E6:1A:28:62:4B:A7:2E:23:50:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwvxjWu9sz2oL-YaKGJLpy4jUEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/5ddee9-c1c4-4b57-b6b8-d49916b5f2b4/1/MWO04HZg4nna7ngSZWOngsPF3DY.roa
Signing time: Sun 08 Mar 2026 05:13:26 +0000
ROA not before: Sun 08 Mar 2026 05:13:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63150
IP address blocks: 185.241.40.0/22 maxlen: 24
185.241.40.0/23 maxlen: 24
185.241.40.0/24 maxlen: 24
185.241.41.0/24 maxlen: 24
185.241.42.0/23 maxlen: 24
185.241.42.0/24 maxlen: 24
185.241.43.0/24 maxlen: 24
209.33.160.0/20 maxlen: 24
2a14:4900:2000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/5ddee9-c1c4-4b57-b6b8-d49916b5f2b4/1/OwvxjWu9sz2oL-YaKGJLpy4jUEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/5ddee9-c1c4-4b57-b6b8-d49916b5f2b4/1/OwvxjWu9sz2oL-YaKGJLpy4jUEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/OwvxjWu9sz2oL-YaKGJLpy4jUEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:cb:dd:58:e3:07:43:4d:ff:f2:6b:d5:c7:de:6a:2d:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b0bf18d6bbdb33da82fe61a28624ba72e235040
Validity
Not Before: Mar 8 05:13:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3163b4e07660e279daee78126563a782c3c5dc36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1f:16:e1:9e:eb:8d:a2:74:31:24:a3:d8:21:
cc:20:b1:6c:3b:7e:1e:d8:7f:51:41:48:ba:e1:c2:
c3:9a:b8:04:7b:dd:28:c4:f0:5a:01:5d:db:7a:42:
1b:3c:f8:4e:58:b2:b3:f8:04:7d:6d:7a:4e:f5:15:
18:63:42:85:86:89:f6:a7:ca:58:6b:75:f2:b9:72:
0e:b5:86:42:0a:c6:8f:4c:44:37:0b:bc:0b:98:fe:
a3:23:3d:87:62:21:f8:ff:9b:8a:93:48:bf:43:14:
d0:1d:b6:c6:cb:27:ea:19:ca:39:9b:f1:2d:56:0b:
17:7d:05:b6:b1:61:36:e2:d3:e0:8f:56:0a:56:cc:
b7:9d:01:ca:28:55:d1:64:83:c3:2a:1d:f2:62:ba:
1e:db:01:d0:f3:9c:a0:76:76:fa:fe:71:fa:82:af:
6a:53:e3:0e:8a:26:3d:ad:35:16:b8:a1:93:48:03:
2a:66:9c:2f:b5:92:ec:cf:81:34:15:93:e9:8a:f4:
77:2e:c5:e8:10:25:bb:cb:eb:cd:31:21:ab:1f:76:
cb:ae:23:49:2c:98:34:5e:0c:3b:1b:11:f7:2d:07:
69:72:8e:12:d5:ed:e4:2b:4f:8a:db:e5:22:83:26:
c6:3c:38:78:dc:93:0c:f5:8f:b3:5d:ba:80:28:93:
63:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:63:B4:E0:76:60:E2:79:DA:EE:78:12:65:63:A7:82:C3:C5:DC:36
X509v3 Authority Key Identifier:
keyid:3B:0B:F1:8D:6B:BD:B3:3D:A8:2F:E6:1A:28:62:4B:A7:2E:23:50:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwvxjWu9sz2oL-YaKGJLpy4jUEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/5ddee9-c1c4-4b57-b6b8-d49916b5f2b4/1/MWO04HZg4nna7ngSZWOngsPF3DY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/5ddee9-c1c4-4b57-b6b8-d49916b5f2b4/1/OwvxjWu9sz2oL-YaKGJLpy4jUEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.40.0/22
209.33.160.0/20
IPv6:
2a14:4900:2000::/36
Signature Algorithm: sha256WithRSAEncryption
15:4e:7e:35:6f:63:d1:af:10:aa:2a:ec:43:44:cd:eb:50:27:
89:dd:5f:49:1d:47:9b:93:25:d7:4d:d5:d2:70:79:a6:51:b7:
29:b2:e5:eb:9e:9f:ea:b0:25:31:e2:6d:ff:6c:64:d5:df:fb:
42:67:8b:64:6c:8a:44:2e:b1:44:0d:81:05:b1:ee:61:ee:4c:
5e:16:55:92:8a:c5:35:b1:31:50:8e:26:18:63:85:da:2c:3f:
9e:77:80:01:c0:5b:50:bd:2c:78:a6:64:12:90:ec:dc:ff:35:
d1:3b:65:f0:05:9e:3a:ca:36:6c:7e:81:65:fc:ef:40:26:b9:
89:dd:5a:c9:c9:c9:a7:0b:97:20:c0:40:7a:42:4e:2b:c6:23:
ba:fb:b1:2f:35:20:23:cc:be:da:d9:b6:c4:d4:1d:34:50:ed:
44:81:37:11:5c:32:5d:f2:48:51:32:35:3d:17:2d:e9:2d:0d:
11:b6:c0:71:2b:a3:a6:f5:cf:79:6b:04:35:39:85:67:51:de:
cc:91:9e:90:02:5d:4e:b4:c1:67:4d:eb:c9:c1:05:12:97:cb:
cc:0e:e1:d6:56:b1:98:1f:a5:0b:6a:16:f3:83:7d:90:28:40:
f4:5a:00:c5:9e:85:19:9a:5a:36:fa:ae:fd:a1:ad:54:f7:04:
6a:ac:5c:db
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZzL3VjjB0NN//Jr1cfeai0CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMGJmMThkNmJiZGIzM2RhODJmZTYxYTI4NjI0YmE3MmUy
MzUwNDAwHhcNMjYwMzA4MDUxMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTYzYjRlMDc2NjBlMjc5ZGFlZTc4MTI2NTYzYTc4MmMzYzVkYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvB8W4Z7rjaJ0MSSj2CHMILFsO34e
2H9RQUi64cLDmrgEe90oxPBaAV3bekIbPPhOWLKz+AR9bXpO9RUYY0KFhon2p8pY
a3XyuXIOtYZCCsaPTEQ3C7wLmP6jIz2HYiH4/5uKk0i/QxTQHbbGyyfqGco5m/Et
VgsXfQW2sWE24tPgj1YKVsy3nQHKKFXRZIPDKh3yYroe2wHQ85ygdnb6/nH6gq9q
U+MOiiY9rTUWuKGTSAMqZpwvtZLsz4E0FZPpivR3LsXoECW7y+vNMSGrH3bLriNJ
LJg0Xgw7GxH3LQdpco4S1e3kK0+K2+UigybGPDh43JMM9Y+zXbqAKJNjBwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDFjtOB2YOJ52u54EmVjp4LDxdw2MB8GA1UdIwQY
MBaAFDsL8Y1rvbM9qC/mGihiS6cuI1BAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3d2eGpXdTlzejJvTC1ZYUtHSkxweTRqVUVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS81ZGRlZTktYzFjNC00YjU3LWI2Yjgt
ZDQ5OTE2YjVmMmI0LzEvTVdPMDRIWmc0bm5hN25nU1pXT25nc1BGM0RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS81ZGRlZTktYzFjNC00YjU3LWI2YjgtZDQ5OTE2YjVmMmI0
LzEvT3d2eGpXdTlzejJvTC1ZYUtHSkxweTRqVUVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCufEoAwQE
0SGgMA4EAgACMAgDBgQqFEkAIDANBgkqhkiG9w0BAQsFAAOCAQEAFU5+NW9j0a8Q
qirsQ0TN61Anid1fSR1Hm5Ml103V0nB5plG3KbLl656f6rAlMeJt/2xk1d/7QmeL
ZGyKRC6xRA2BBbHuYe5MXhZVkorFNbExUI4mGGOF2iw/nneAAcBbUL0seKZkEpDs
3P810Ttl8AWeOso2bH6BZfzvQCa5id1aycnJpwuXIMBAekJOK8YjuvuxLzUgI8y+
2tm2xNQdNFDtRIE3EVwyXfJIUTI1PRct6S0NEbbAcSujpvXPeWsENTmFZ1HezJGe
kAJdTrTBZ03rycEFEpfLzA7h1laxmB+lC2oW84N9kChA9FoAxZ6FGZpaNvqu/aGt
VPcEaqxc2w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:44:47 2026 by rpki-client