Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/M1PL8ZngWMp04zom-Mbyg9xiMgI.roa
File: M1PL8ZngWMp04zom-Mbyg9xiMgI.roa (raw, json)
Hash identifier: EqGR8EuMw+hF2zU3iSOvnI8ESI6OLo87hzqZtX8mWLk=
Subject key identifier: 33:53:CB:F1:99:E0:58:CA:74:E3:3A:26:F8:C6:F2:83:DC:62:32:02
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 019E0CD26AE8BBD5B2BF297270A38FD20E46
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/M1PL8ZngWMp04zom-Mbyg9xiMgI.roa
Signing time: Sat 09 May 2026 12:59:36 +0000
ROA not before: Sat 09 May 2026 12:59:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51026
IP address blocks: 62.220.122.0/23 maxlen: 24
62.220.124.0/23 maxlen: 24
62.220.126.0/24 maxlen: 24
62.220.127.0/24 maxlen: 24
81.12.24.0/22 maxlen: 24
81.12.24.0/24 maxlen: 24
81.12.25.0/24 maxlen: 24
81.12.26.0/24 maxlen: 24
81.12.27.0/24 maxlen: 24
81.12.30.0/24 maxlen: 24
81.12.31.0/24 maxlen: 24
87.107.6.0/23 maxlen: 24
87.107.8.0/23 maxlen: 24
87.107.108.0/23 maxlen: 24
87.107.110.0/23 maxlen: 24
87.107.110.0/24 maxlen: 24
87.107.111.0/24 maxlen: 24
87.107.144.0/24 maxlen: 24
87.107.152.0/24 maxlen: 24
87.107.153.0/24 maxlen: 24
87.107.166.0/24 maxlen: 24
87.107.167.0/24 maxlen: 24
87.107.174.0/24 maxlen: 24
87.107.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:0c:d2:6a:e8:bb:d5:b2:bf:29:72:70:a3:8f:d2:0e:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: May 9 12:59:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3353cbf199e058ca74e33a26f8c6f283dc623202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:31:ac:6f:0f:6f:df:1d:0d:e5:a1:bf:88:24:
e9:a9:6b:9f:0a:f7:2b:b6:a1:e0:77:7a:36:b3:e6:
77:99:b4:5d:37:11:04:f7:ed:83:2b:37:4e:24:7d:
74:37:c4:35:c3:19:85:92:e6:7f:7a:0a:01:ba:3f:
1f:92:5a:1c:6d:bd:0d:f7:3d:be:17:8f:2d:eb:80:
08:2e:ab:10:2d:46:5d:fe:a8:f0:86:27:c8:96:c8:
b8:13:d7:ef:3d:f3:a0:92:1f:9f:89:68:21:79:e0:
af:cf:ed:26:41:60:e4:44:b4:6f:41:af:91:27:2c:
d4:dc:9c:24:89:d1:2f:66:0a:51:2e:e2:2a:fe:59:
d9:b7:c4:d4:1e:f9:bd:ac:92:57:f5:b8:ca:9c:be:
6b:24:c8:d8:72:81:2b:c9:73:bc:b5:9b:a2:e5:8e:
a9:22:9c:51:85:8e:b1:bb:50:8f:d8:51:e8:d7:80:
77:0c:37:bb:be:c9:14:02:cb:ce:44:b5:1f:ac:7b:
f6:15:9b:33:fa:34:f4:c0:dc:35:d4:b0:33:7f:55:
66:ec:86:c3:83:4a:ff:c1:2e:c7:92:e1:3d:06:c5:
b4:60:00:5f:de:c7:78:f0:e7:5d:e1:4e:ca:12:d2:
7b:a7:cc:18:ed:27:8a:bd:4d:16:46:5c:a3:41:96:
eb:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:53:CB:F1:99:E0:58:CA:74:E3:3A:26:F8:C6:F2:83:DC:62:32:02
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/M1PL8ZngWMp04zom-Mbyg9xiMgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.122.0-62.220.127.255
81.12.24.0/22
81.12.30.0/23
87.107.6.0-87.107.9.255
87.107.108.0/22
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:13:c1:60:75:d5:c2:c7:ec:42:76:12:7b:9f:0a:1b:15:09:
1b:23:f5:6a:5c:9b:2d:6a:7b:6d:f4:5f:f7:10:d6:a6:bf:18:
cb:9c:3b:0e:e4:8b:7b:28:4a:d5:c4:e4:8a:d3:24:6e:92:d6:
2f:62:a9:dc:33:25:89:3e:e6:48:be:a4:ba:5e:89:f3:41:70:
f5:5b:9d:c6:bb:d5:4d:8e:b5:aa:ec:35:1a:c4:2b:de:a3:98:
2b:02:09:43:ab:96:99:6a:99:86:bb:47:a2:57:2d:13:13:98:
23:74:52:30:c8:55:87:6d:59:6b:29:e7:63:02:2f:25:11:fb:
6a:a4:44:cc:2a:d3:10:78:ba:be:2c:a3:30:e8:70:d6:dd:7c:
ed:57:42:ba:16:ae:82:f3:1d:15:52:42:97:8b:18:3f:15:aa:
3a:b4:16:aa:c4:7c:4b:e1:cd:ca:47:b0:fc:86:f2:71:ca:00:
30:34:a0:cc:7d:81:e1:cd:b7:1b:a0:74:31:7d:16:e0:d5:24:
a5:8d:0e:fc:a7:9c:8e:7d:29:a5:ea:94:9f:3d:76:6f:e4:41:
21:56:cb:72:1a:3f:cf:1e:21:a9:da:4c:07:c0:a8:b4:63:0c:
1b:61:11:a2:aa:44:77:ef:d8:48:65:36:39:d0:92:07:f8:6e:
64:ec:e3:09
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZ4M0mrou9WyvylycKOP0g5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjYwNTA5MTI1OTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzUzY2JmMTk5ZTA1OGNhNzRlMzNhMjZmOGM2ZjI4M2RjNjIzMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszGsbw9v3x0N5aG/iCTpqWufCvcr
tqHgd3o2s+Z3mbRdNxEE9+2DKzdOJH10N8Q1wxmFkuZ/egoBuj8fklocbb0N9z2+
F48t64AILqsQLUZd/qjwhifIlsi4E9fvPfOgkh+fiWgheeCvz+0mQWDkRLRvQa+R
JyzU3JwkidEvZgpRLuIq/lnZt8TUHvm9rJJX9bjKnL5rJMjYcoEryXO8tZui5Y6p
IpxRhY6xu1CP2FHo14B3DDe7vskUAsvORLUfrHv2FZsz+jT0wNw11LAzf1Vm7IbD
g0r/wS7HkuE9BsW0YABf3sd48Odd4U7KEtJ7p8wY7SeKvU0WRlyjQZbr/wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFDNTy/GZ4FjKdOM6JvjG8oPcYjICMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvTTFQTDhabmdXTXAwNHpvbS1NYnlnOXhpTWdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBAE+3HoD
BAc+3AADBAJRDBgDBAFRDB4wDAMEAVdrBgMEAVdrCAMEAldrbAMEAFdrkAMEAVdr
mAMEAVdrpgMEAVdrrjANBgkqhkiG9w0BAQsFAAOCAQEATBPBYHXVwsfsQnYSe58K
GxUJGyP1alybLWp7bfRf9xDWpr8Yy5w7DuSLeyhK1cTkitMkbpLWL2Kp3DMliT7m
SL6kul6J80Fw9VudxrvVTY61quw1GsQr3qOYKwIJQ6uWmWqZhrtHolctExOYI3RS
MMhVh21ZaynnYwIvJRH7aqREzCrTEHi6viyjMOhw1t187VdCuhaugvMdFVJCl4sY
PxWqOrQWqsR8S+HNykew/IbyccoAMDSgzH2B4c23G6B0MX0W4NUkpY0O/Kecjn0p
peqUnz12b+RBIVbLcho/zx4hqdpMB8CotGMMG2ERoqpEd+/YSGU2OdCSB/huZOzj
CQ==
-----END CERTIFICATE-----
Generated at Tue May 12 22:16:58 2026 by rpki-client