Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/C-Mek-baPASwblLXrzuZSaHw8i8.roa
File: C-Mek-baPASwblLXrzuZSaHw8i8.roa (raw, json)
Hash identifier: BM3Rg2UfybCHw9gmpue+0UK2lr3zrlxg/jTPoH/jIX4=
Subject key identifier: 0B:E3:1E:93:E6:DA:3C:04:B0:6E:52:D7:AF:3B:99:49:A1:F0:F2:2F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019E17718AE5891F3169EEE861BF4FD511E3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/C-Mek-baPASwblLXrzuZSaHw8i8.roa
Signing time: Mon 11 May 2026 14:29:37 +0000
ROA not before: Mon 11 May 2026 14:29:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56264
IP address blocks: 81.168.42.0/24 maxlen: 24
81.168.43.0/24 maxlen: 24
81.168.60.0/24 maxlen: 24
81.168.71.0/24 maxlen: 24
81.168.77.0/24 maxlen: 24
81.168.78.0/24 maxlen: 24
82.152.196.0/24 maxlen: 24
82.152.201.0/24 maxlen: 24
82.152.202.0/24 maxlen: 24
82.152.203.0/24 maxlen: 24
82.152.204.0/24 maxlen: 24
82.152.205.0/24 maxlen: 24
82.152.206.0/24 maxlen: 24
82.152.207.0/24 maxlen: 24
89.213.52.0/24 maxlen: 24
89.213.53.0/24 maxlen: 24
89.213.54.0/24 maxlen: 24
89.213.55.0/24 maxlen: 24
89.213.56.0/24 maxlen: 24
89.213.57.0/24 maxlen: 24
89.213.59.0/24 maxlen: 24
89.213.60.0/24 maxlen: 24
89.213.61.0/24 maxlen: 24
89.213.97.0/24 maxlen: 24
89.213.99.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.105.0/24 maxlen: 24
89.213.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:71:8a:e5:89:1f:31:69:ee:e8:61:bf:4f:d5:11:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 11 14:29:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0be31e93e6da3c04b06e52d7af3b9949a1f0f22f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:54:90:50:16:27:a6:47:a5:81:a6:67:20:a8:
f5:5d:23:57:d4:5e:da:9d:81:38:95:f5:94:1c:49:
8b:5b:7e:24:f8:ba:07:e8:d7:5d:5a:f0:11:38:c4:
53:65:4c:31:e6:73:a3:d7:e1:f5:33:b4:4d:1a:6e:
5b:0b:2f:88:ed:b5:d6:4c:ce:34:c0:45:c1:34:40:
0f:05:cd:c8:84:6f:9e:7b:dc:be:f1:3d:25:65:1a:
95:d4:5d:49:4b:fd:0f:a8:47:bc:2e:fa:1e:c9:f7:
08:d2:d1:f3:06:a9:ff:e6:64:d3:c3:5f:3b:2c:b1:
86:b6:13:ad:ba:db:43:d8:56:ea:ce:84:c7:7c:fa:
2b:da:2f:66:42:db:e2:2d:a7:44:1b:fe:eb:d9:07:
3d:f2:7c:de:ee:1b:42:60:94:c7:34:b4:ef:c1:bb:
b8:d2:11:74:a7:f5:9b:05:59:a6:42:2b:15:32:d7:
97:0d:8e:ae:47:49:e2:dc:96:e8:d4:54:7b:16:df:
ed:a5:95:57:ce:4c:57:d6:13:bb:9b:40:9e:4c:98:
44:ac:c5:8f:03:b7:bf:5a:91:67:ce:32:aa:ab:4d:
ba:f6:6b:ce:0a:25:c7:3a:54:2e:c5:c9:4e:1a:c7:
f7:b3:ca:d2:31:2f:b8:f3:da:a7:3a:54:09:00:a8:
74:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:E3:1E:93:E6:DA:3C:04:B0:6E:52:D7:AF:3B:99:49:A1:F0:F2:2F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/C-Mek-baPASwblLXrzuZSaHw8i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.42.0/23
81.168.60.0/24
81.168.71.0/24
81.168.77.0-81.168.78.255
82.152.196.0/24
82.152.201.0-82.152.207.255
89.213.52.0-89.213.57.255
89.213.59.0-89.213.61.255
89.213.97.0/24
89.213.99.0/24
89.213.104.0/23
89.213.107.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:4a:76:c7:78:21:b6:51:7a:b7:ad:81:fd:e9:af:4d:c5:a9:
82:55:ae:ac:5d:06:0e:3f:fb:b6:ae:e3:53:cc:dd:6a:25:82:
61:2d:6c:69:dc:27:23:1b:92:da:de:74:34:90:10:f8:c7:79:
db:75:26:37:3a:36:6a:02:a6:02:1c:f4:bc:35:9a:47:c2:58:
1b:6d:0b:a2:13:4e:1f:d4:44:12:9e:03:9d:9b:10:63:6a:4c:
e5:bb:99:17:e8:c4:51:a3:69:0e:e6:64:c5:63:3e:d2:9f:9f:
a7:63:09:8b:56:df:5f:fe:ef:3e:b3:ec:86:7a:9f:e0:32:84:
1b:b4:3a:61:ec:89:7e:e6:84:b6:d4:90:6d:fe:f9:88:12:96:
97:97:43:0c:14:02:35:04:f5:db:fd:97:15:c8:4e:d7:8f:ca:
09:3e:31:52:cb:b9:d8:66:34:6f:d8:b3:e6:85:05:1d:28:d0:
65:81:3b:7a:60:4b:3c:1d:5c:ac:fa:27:a9:19:58:95:ae:c1:
0a:8f:0e:98:ac:2c:07:88:a3:ae:93:af:4f:8c:10:a1:15:5a:
f8:37:b6:e9:9f:ed:f8:83:42:34:e2:ea:8f:f8:d8:60:af:9c:
f1:12:c9:f9:b0:9a:66:16:7f:90:b1:44:0c:e4:01:b2:99:76:
78:04:38:de
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZ4XcYrliR8xae7oYb9P1RHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNTExMTQyOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmUzMWU5M2U2ZGEzYzA0YjA2ZTUyZDdhZjNiOTk0OWExZjBmMjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlSQUBYnpkelgaZnIKj1XSNX1F7a
nYE4lfWUHEmLW34k+LoH6NddWvAROMRTZUwx5nOj1+H1M7RNGm5bCy+I7bXWTM40
wEXBNEAPBc3IhG+ee9y+8T0lZRqV1F1JS/0PqEe8LvoeyfcI0tHzBqn/5mTTw187
LLGGthOtuttD2FbqzoTHfPor2i9mQtviLadEG/7r2Qc98nze7htCYJTHNLTvwbu4
0hF0p/WbBVmmQisVMteXDY6uR0ni3Jbo1FR7Ft/tpZVXzkxX1hO7m0CeTJhErMWP
A7e/WpFnzjKqq0269mvOCiXHOlQuxclOGsf3s8rSMS+489qnOlQJAKh0awIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFAvjHpPm2jwEsG5S1687mUmh8PIvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQy1NZWstYmFQQVN3YmxMWHJ6dVpTYUh3OGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAVGoKgME
AFGoPAMEAFGoRzAMAwQAUahNAwQAUahOAwQAUpjEMAwDBABSmMkDBARSmMAwDAME
AlnVNAMEAVnVODAMAwQAWdU7AwQBWdU8AwQAWdVhAwQAWdVjAwQBWdVoAwQAWdVr
MA0GCSqGSIb3DQEBCwUAA4IBAQAbSnbHeCG2UXq3rYH96a9NxamCVa6sXQYOP/u2
ruNTzN1qJYJhLWxp3CcjG5La3nQ0kBD4x3nbdSY3OjZqAqYCHPS8NZpHwlgbbQui
E04f1EQSngOdmxBjakzlu5kX6MRRo2kO5mTFYz7Sn5+nYwmLVt9f/u8+s+yGep/g
MoQbtDph7Il+5oS21JBt/vmIEpaXl0MMFAI1BPXb/ZcVyE7Xj8oJPjFSy7nYZjRv
2LPmhQUdKNBlgTt6YEs8HVys+iepGViVrsEKjw6YrCwHiKOuk69PjBChFVr4N7bp
n+34g0I04uqP+Nhgr5zxEsn5sJpmFn+QsUQM5AGymXZ4BDje
-----END CERTIFICATE-----
Generated at Wed May 13 03:56:46 2026 by rpki-client