Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/MhU4CNeO4fgXq9_1vtRyy7zbhQI.roa
File: MhU4CNeO4fgXq9_1vtRyy7zbhQI.roa (raw, json)
Hash identifier: 35d8hKQp5xyI2igMbZOkqF53rvhGzfdA1qxc+ja6Q8c=
Subject key identifier: 32:15:38:08:D7:8E:E1:F8:17:AB:DF:F5:BE:D4:72:CB:BC:DB:85:02
Certificate issuer: /CN=ee370985f83f41330111c350cd6b1e1eead526aa
Certificate serial: 019CE8C76D807E6529778CAE6143DC141F5F
Authority key identifier: EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/MhU4CNeO4fgXq9_1vtRyy7zbhQI.roa
Signing time: Fri 13 Mar 2026 19:58:29 +0000
ROA not before: Fri 13 Mar 2026 19:58:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57152
IP address blocks: 31.7.32.0/21 maxlen: 32
31.7.32.0/24 maxlen: 24
31.7.33.0/24 maxlen: 24
31.7.34.0/24 maxlen: 24
31.7.35.0/24 maxlen: 24
31.7.36.0/24 maxlen: 24
31.7.37.0/24 maxlen: 24
31.7.38.0/24 maxlen: 24
31.7.39.0/24 maxlen: 24
185.140.124.0/22 maxlen: 32
185.140.124.0/24 maxlen: 24
185.140.125.0/24 maxlen: 24
185.140.126.0/24 maxlen: 24
185.140.127.0/24 maxlen: 24
185.234.218.0/24 maxlen: 32
2a0a:9f40::/29 maxlen: 48
2a0a:9f40:babe::/48 maxlen: 48
2a0a:9f40:beef::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e8:c7:6d:80:7e:65:29:77:8c:ae:61:43:dc:14:1f:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee370985f83f41330111c350cd6b1e1eead526aa
Validity
Not Before: Mar 13 19:58:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=32153808d78ee1f817abdff5bed472cbbcdb8502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ba:0b:53:0e:79:71:4e:b3:42:0c:a5:90:85:
da:57:1b:75:d0:af:d4:bb:64:06:40:60:25:00:95:
ca:4f:1b:a7:e6:0a:1c:af:ce:85:6c:3a:6c:95:92:
47:fe:c3:d5:c9:48:c3:d1:c3:b1:1b:2c:ab:5c:25:
ce:6c:4e:5f:57:ca:f7:45:cf:b4:1c:17:13:51:84:
6d:13:ae:2f:ad:86:ac:6f:25:ad:ae:e2:37:b6:9a:
7b:d7:2b:4e:86:86:21:4a:4e:3a:4d:62:87:78:c4:
35:dd:11:ce:05:a4:81:28:02:a6:f7:e4:92:90:91:
e8:86:43:ea:b4:6f:d9:87:e7:ba:0a:c9:38:0e:93:
40:33:3a:1b:92:7f:1f:7f:c0:ec:75:2c:d4:fe:3a:
ae:ce:df:b8:a1:5e:26:da:b9:99:33:26:11:56:24:
8a:8c:a5:8a:6a:e1:b5:3a:34:99:4d:8a:d2:22:ef:
c9:0f:bc:42:01:42:90:d8:03:ac:b9:93:e0:1b:eb:
09:35:4a:42:0c:ae:17:bf:fd:3e:77:62:0f:f8:6d:
96:cc:0f:07:58:b5:39:21:e8:68:32:92:7d:00:3f:
37:33:9b:46:75:3e:05:70:bb:9e:68:89:9f:a9:3d:
6e:f4:b5:00:f2:6e:8c:34:d2:b9:e2:79:b0:e4:a9:
88:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:15:38:08:D7:8E:E1:F8:17:AB:DF:F5:BE:D4:72:CB:BC:DB:85:02
X509v3 Authority Key Identifier:
keyid:EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/MhU4CNeO4fgXq9_1vtRyy7zbhQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.32.0/21
185.140.124.0/22
185.234.218.0/24
IPv6:
2a0a:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
49:56:07:48:cb:9d:4b:ae:2a:bf:64:04:81:b6:47:c3:b4:1b:
b5:93:38:5f:41:4d:c0:eb:9f:ce:4d:c2:73:00:b0:9c:7a:8b:
22:dc:0b:5e:8d:94:98:71:12:60:fa:87:84:f2:3b:f6:f1:1a:
05:0a:83:e2:5f:52:a4:03:ab:0b:38:8b:b7:56:d5:fb:e4:1a:
59:50:09:60:51:89:40:94:a2:84:ec:fd:d7:64:cf:c6:a1:8f:
d7:2e:3e:85:f7:dc:df:7b:87:43:ce:f0:58:b2:17:99:4c:1a:
c0:8f:2b:5e:98:4b:e0:1f:fd:92:5b:2a:86:8e:df:03:31:95:
fb:5e:56:b8:fa:28:6c:97:a3:73:18:9c:30:bc:b4:9a:a6:bc:
8a:0e:64:79:45:ca:e2:25:28:da:a1:65:3d:cc:ad:bd:b4:d0:
85:4e:d2:2a:1f:a4:a0:70:5d:0f:be:28:22:b9:d4:6e:e4:44:
36:d6:19:06:c4:fe:da:65:cc:ac:97:1a:b0:e2:d3:19:bc:25:
ac:f1:fa:cd:03:0c:18:5f:3f:bd:9a:bc:b5:2f:90:1d:48:ee:
e3:ce:8e:2d:93:1f:a9:40:e2:40:db:4c:68:e0:85:ac:18:a6:
e2:91:7e:3a:d9:2b:64:07:7b:05:88:eb:b9:0e:e8:bf:7d:b9:
9e:36:aa:a2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZzox22AfmUpd4yuYUPcFB9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzcwOTg1ZjgzZjQxMzMwMTExYzM1MGNkNmIxZTFlZWFk
NTI2YWEwHhcNMjYwMzEzMTk1ODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjE1MzgwOGQ3OGVlMWY4MTdhYmRmZjViZWQ0NzJjYmJjZGI4NTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsroLUw55cU6zQgylkIXaVxt10K/U
u2QGQGAlAJXKTxun5gocr86FbDpslZJH/sPVyUjD0cOxGyyrXCXObE5fV8r3Rc+0
HBcTUYRtE64vrYasbyWtruI3tpp71ytOhoYhSk46TWKHeMQ13RHOBaSBKAKm9+SS
kJHohkPqtG/Zh+e6Csk4DpNAMzobkn8ff8DsdSzU/jquzt+4oV4m2rmZMyYRViSK
jKWKauG1OjSZTYrSIu/JD7xCAUKQ2AOsuZPgG+sJNUpCDK4Xv/0+d2IP+G2WzA8H
WLU5IehoMpJ9AD83M5tGdT4FcLueaImfqT1u9LUA8m6MNNK54nmw5KmIIQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDIVOAjXjuH4F6vf9b7Ucsu824UCMB8GA1UdIwQY
MBaAFO43CYX4P0EzARHDUM1rHh7q1SaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAt
MzI0NDU0NmY4Y2JmLzEvTWhVNENOZU80ZmdYcTlfMXZ0Unl5N3piaFFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAtMzI0NDU0NmY4Y2Jm
LzEvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDHwcgAwQC
uYx8AwQAueraMA0EAgACMAcDBQMqCp9AMA0GCSqGSIb3DQEBCwUAA4IBAQBJVgdI
y51Lriq/ZASBtkfDtBu1kzhfQU3A65/OTcJzALCceosi3AtejZSYcRJg+oeE8jv2
8RoFCoPiX1KkA6sLOIu3VtX75BpZUAlgUYlAlKKE7P3XZM/GoY/XLj6F99zfe4dD
zvBYsheZTBrAjytemEvgH/2SWyqGjt8DMZX7Xla4+ihsl6NzGJwwvLSapryKDmR5
RcriJSjaoWU9zK29tNCFTtIqH6SgcF0PvigiudRu5EQ21hkGxP7aZcyslxqw4tMZ
vCWs8frNAwwYXz+9mry1L5AdSO7jzo4tkx+pQOJA20xo4IWsGKbikX462StkB3sF
iOu5Dui/fbmeNqqi
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:18:43 2026 by rpki-client