Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/mDOzYNcFo12S4COeeT4HmtB_G4E.roa
File: mDOzYNcFo12S4COeeT4HmtB_G4E.roa (raw, json)
Hash identifier: mbhc43oAGkMwpxAUIhbkMpXor+QTKtS8wbVddrKcs98=
Subject key identifier: 98:33:B3:60:D7:05:A3:5D:92:E0:23:9E:79:3E:07:9A:D0:7F:1B:81
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 019D058D3EFFB4997896FC89565A98D59B31
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/mDOzYNcFo12S4COeeT4HmtB_G4E.roa
Signing time: Thu 19 Mar 2026 10:03:55 +0000
ROA not before: Thu 19 Mar 2026 10:03:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401838
IP address blocks: 77.111.117.0/24 maxlen: 24
77.111.123.0/24 maxlen: 24
92.61.103.0/24 maxlen: 24
92.61.106.0/24 maxlen: 24
92.61.109.0/24 maxlen: 24
185.112.240.0/24 maxlen: 24
185.112.241.0/24 maxlen: 24
185.112.242.0/24 maxlen: 24
185.112.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:05:8d:3e:ff:b4:99:78:96:fc:89:56:5a:98:d5:9b:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Mar 19 10:03:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9833b360d705a35d92e0239e793e079ad07f1b81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7c:06:93:41:e0:db:a9:23:6a:d8:61:1c:f6:
03:c8:1d:88:81:6e:9e:78:29:59:60:e8:4f:77:ce:
a1:dc:7f:18:46:c3:b2:6e:96:38:df:99:fa:fc:bf:
d4:d0:1c:63:61:ab:06:68:6d:f1:2f:2b:cc:d2:3b:
26:ac:19:d5:75:1e:61:cc:bb:29:81:e1:7a:cb:42:
fb:07:59:02:93:65:59:b0:a3:a3:80:9f:06:18:d8:
e9:ad:37:24:53:a4:f6:42:78:d5:8f:b3:34:df:c8:
4e:f2:c5:03:6a:fc:5d:d5:11:e1:96:97:15:b2:2f:
29:57:7d:7d:19:42:23:99:53:c8:d3:d8:98:49:3d:
92:ee:24:53:58:68:6a:4b:5b:c4:96:0a:b0:23:66:
c1:ef:34:ac:5f:ac:f2:44:79:14:0b:2f:ed:01:ce:
d2:1d:0c:78:f4:e7:60:c0:a9:e1:4c:d3:2c:d7:c8:
fa:30:9a:64:6c:23:43:9d:da:eb:8d:aa:7c:cd:b4:
93:82:cf:6a:7f:bd:c3:bb:31:fc:a7:e5:6e:11:a1:
84:03:7f:c7:db:73:51:ce:91:37:2d:d8:7e:50:b6:
5a:63:10:bc:6a:ec:a8:b5:b6:1f:d4:1b:c9:04:e0:
d9:e6:0f:60:e2:bf:36:a3:98:0e:27:a9:15:05:cf:
b9:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:33:B3:60:D7:05:A3:5D:92:E0:23:9E:79:3E:07:9A:D0:7F:1B:81
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/mDOzYNcFo12S4COeeT4HmtB_G4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.117.0/24
77.111.123.0/24
92.61.103.0/24
92.61.106.0/24
92.61.109.0/24
185.112.240.0/22
Signature Algorithm: sha256WithRSAEncryption
05:0b:0f:c6:a6:4f:cc:fa:a3:2d:8e:85:46:47:f9:36:25:34:
da:dd:d2:44:f8:57:85:13:e6:29:49:9d:7b:3a:32:d5:35:d3:
00:0c:5c:44:c8:b9:94:30:35:18:02:b5:c0:f2:10:2f:48:5f:
10:b5:5f:65:6f:ba:95:e6:4c:ae:fb:a7:7b:48:23:cf:7b:fb:
9a:49:13:ce:22:fa:ae:34:c5:72:d5:15:6f:a3:85:97:2e:72:
55:bc:56:fb:86:66:1a:1b:2d:3e:39:eb:45:6c:51:90:af:e1:
e5:87:ad:d7:36:26:eb:f0:f6:d7:46:a1:08:b5:1c:19:4f:4a:
30:28:36:0f:43:5f:3b:c2:57:9c:21:9a:b6:99:1f:6a:c7:02:
22:a5:fd:75:44:7d:f6:67:9a:9b:21:25:cd:05:e8:6a:e1:71:
0f:12:9d:54:7c:97:ab:e0:fc:bd:e8:3d:d4:f4:e4:45:ce:74:
4c:0f:30:06:70:8e:46:40:53:d6:aa:06:41:55:e0:cf:89:72:
4f:26:78:a9:a8:13:6e:fc:76:3a:ae:ee:64:6f:aa:ae:99:b4:
75:76:e0:e8:8e:9d:09:1c:2a:30:cb:81:ab:e9:bf:0f:fb:93:
14:cf:75:34:d9:12:1f:a4:3c:d0:5f:86:2a:50:1d:8b:e3:01:
4a:cb:f5:e1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ0FjT7/tJl4lvyJVlqY1ZsxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjYwMzE5MTAwMzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODMzYjM2MGQ3MDVhMzVkOTJlMDIzOWU3OTNlMDc5YWQwN2YxYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonwGk0Hg26kjathhHPYDyB2IgW6e
eClZYOhPd86h3H8YRsOybpY435n6/L/U0BxjYasGaG3xLyvM0jsmrBnVdR5hzLsp
geF6y0L7B1kCk2VZsKOjgJ8GGNjprTckU6T2QnjVj7M038hO8sUDavxd1RHhlpcV
si8pV319GUIjmVPI09iYST2S7iRTWGhqS1vElgqwI2bB7zSsX6zyRHkUCy/tAc7S
HQx49OdgwKnhTNMs18j6MJpkbCNDndrrjap8zbSTgs9qf73DuzH8p+VuEaGEA3/H
23NRzpE3Ldh+ULZaYxC8auyotbYf1BvJBODZ5g9g4r82o5gOJ6kVBc+5YwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJgzs2DXBaNdkuAjnnk+B5rQfxuBMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvbURPellOY0ZvMTJTNENPZWVUNEhtdEJfRzRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATW91AwQA
TW97AwQAXD1nAwQAXD1qAwQAXD1tAwQCuXDwMA0GCSqGSIb3DQEBCwUAA4IBAQAF
Cw/Gpk/M+qMtjoVGR/k2JTTa3dJE+FeFE+YpSZ17OjLVNdMADFxEyLmUMDUYArXA
8hAvSF8QtV9lb7qV5kyu+6d7SCPPe/uaSRPOIvquNMVy1RVvo4WXLnJVvFb7hmYa
Gy0+OetFbFGQr+Hlh63XNibr8PbXRqEItRwZT0owKDYPQ187wlecIZq2mR9qxwIi
pf11RH32Z5qbISXNBehq4XEPEp1UfJer4Py96D3U9ORFznRMDzAGcI5GQFPWqgZB
VeDPiXJPJnipqBNu/HY6ru5kb6qumbR1duDojp0JHCowy4Gr6b8P+5MUz3U02RIf
pDzQX4YqUB2L4wFKy/Xh
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:32:16 2026 by rpki-client