Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/rMgOJ88XbhiPYGzsRStVGI5NH64.roa
File: rMgOJ88XbhiPYGzsRStVGI5NH64.roa (raw, json)
Hash identifier: 6JK6wqTEVHHzKJFjULh6/7bms/veYid22s3prarQ2wQ=
Subject key identifier: AC:C8:0E:27:CF:17:6E:18:8F:60:6C:EC:45:2B:55:18:8E:4D:1F:AE
Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d
Certificate serial: 019DC0B0860246803074DFB7B9D8C972026E
Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/rMgOJ88XbhiPYGzsRStVGI5NH64.roa
Signing time: Fri 24 Apr 2026 18:11:27 +0000
ROA not before: Fri 24 Apr 2026 18:11:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397477
IP address blocks: 95.164.57.0/24 maxlen: 24
95.164.58.0/23 maxlen: 24
95.164.160.0/24 maxlen: 24
95.164.192.0/22 maxlen: 24
95.164.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c0:b0:86:02:46:80:30:74:df:b7:b9:d8:c9:72:02:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6991c56f11a7171c6153239769f557beba10182d
Validity
Not Before: Apr 24 18:11:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=acc80e27cf176e188f606cec452b55188e4d1fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:01:81:ed:95:78:84:c0:b2:5d:0f:a9:7d:c0:
27:b2:84:0f:27:9f:dd:18:3c:cf:87:fb:e7:4e:0f:
a9:21:ec:e1:48:87:5b:14:4d:63:dd:28:38:1e:65:
f5:f8:34:83:26:65:6f:1c:2e:a3:84:d3:9e:e1:f2:
49:ac:24:c5:10:1e:c4:02:c9:bd:33:de:23:3d:2f:
93:68:72:5c:e5:37:88:aa:ac:c4:97:1e:ab:0a:3a:
45:b1:1e:2d:06:9a:68:4b:3c:ac:02:2a:5f:e2:f7:
8d:e8:84:3e:ba:eb:91:b2:94:67:70:62:d7:c3:5e:
0f:d5:ba:59:fa:88:1d:9f:f1:37:9e:16:04:ce:5d:
7d:18:92:af:c0:6e:be:35:ba:3a:f1:7b:2d:7d:72:
7a:83:dd:4e:69:37:2b:c4:51:26:18:02:11:13:1e:
53:91:3d:19:00:80:0d:4c:df:83:77:68:60:78:f5:
62:c6:21:0f:66:f2:00:2d:ec:2d:5b:30:f2:5d:4b:
e6:38:58:d9:25:6b:59:10:5a:c9:99:8d:1f:cb:2a:
35:e7:fa:ef:5b:f6:aa:66:fa:94:23:4b:85:eb:c9:
c3:9a:a7:56:0e:99:25:99:e7:74:79:50:fa:9d:9f:
9a:30:e2:d8:87:a0:68:24:08:16:e6:58:29:1d:eb:
b6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C8:0E:27:CF:17:6E:18:8F:60:6C:EC:45:2B:55:18:8E:4D:1F:AE
X509v3 Authority Key Identifier:
keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/rMgOJ88XbhiPYGzsRStVGI5NH64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.57.0-95.164.59.255
95.164.160.0/24
95.164.192.0/22
95.164.244.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:5b:91:50:0d:bd:f1:0f:27:66:40:f8:14:78:87:e7:2e:28:
dd:f6:9e:a7:b8:98:b6:fd:11:df:06:90:7c:4c:6c:5a:17:b8:
b1:17:ba:b3:8d:e4:be:2c:63:8a:1f:d6:d5:12:02:de:21:49:
28:0c:ac:00:48:b8:d7:56:a1:6c:03:91:11:cd:d3:11:3b:2f:
1a:6a:3c:3b:84:d0:3f:a7:bb:47:59:93:93:50:9a:30:5a:6e:
77:b6:af:6e:72:eb:6f:6b:37:3d:91:f0:60:c1:88:c6:2e:14:
69:7c:56:07:75:dc:6c:2f:ae:81:25:f5:ae:f2:93:f0:98:cb:
d0:01:95:2a:d8:d5:dd:ab:8b:be:5a:65:38:2a:3a:e7:58:4f:
f4:21:1a:a5:3b:00:51:45:b5:92:dc:7e:30:6c:f5:78:4e:13:
93:75:7b:30:1b:dc:86:1d:7f:93:88:8d:c5:97:e8:e7:12:f2:
d8:99:49:2a:7c:52:80:a1:f1:a6:95:34:1b:ea:27:d9:96:87:
39:7c:4e:95:7c:23:5c:6b:a4:c8:6b:de:a7:ed:93:86:bd:9b:
68:81:d0:97:1e:6b:18:b3:6e:ef:64:6e:96:ec:81:ce:57:e8:
19:32:78:8c:66:77:7f:75:42:04:5f:2e:af:68:0f:b6:3b:9d:
93:66:ab:84
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ3AsIYCRoAwdN+3udjJcgJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx
MDE4MmQwHhcNMjYwNDI0MTgxMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2M4MGUyN2NmMTc2ZTE4OGY2MDZjZWM0NTJiNTUxODhlNGQxZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQGB7ZV4hMCyXQ+pfcAnsoQPJ5/d
GDzPh/vnTg+pIezhSIdbFE1j3Sg4HmX1+DSDJmVvHC6jhNOe4fJJrCTFEB7EAsm9
M94jPS+TaHJc5TeIqqzElx6rCjpFsR4tBppoSzysAipf4veN6IQ+uuuRspRncGLX
w14P1bpZ+ogdn/E3nhYEzl19GJKvwG6+Nbo68XstfXJ6g91OaTcrxFEmGAIREx5T
kT0ZAIANTN+Dd2hgePVixiEPZvIALewtWzDyXUvmOFjZJWtZEFrJmY0fyyo15/rv
W/aqZvqUI0uF68nDmqdWDpklmed0eVD6nZ+aMOLYh6BoJAgW5lgpHeu21QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKzIDifPF24Yj2Bs7EUrVRiOTR+uMB8GA1UdIwQY
MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt
NjVkMTU2NzM0MGZkLzEvck1nT0o4OFhiaGlQWUd6c1JTdFZHSTVOSDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk
LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABfpDkD
BAJfpDgDBABfpKADBAJfpMADBAJfpPQwDQYJKoZIhvcNAQELBQADggEBAApbkVAN
vfEPJ2ZA+BR4h+cuKN32nqe4mLb9Ed8GkHxMbFoXuLEXurON5L4sY4of1tUSAt4h
SSgMrABIuNdWoWwDkRHN0xE7LxpqPDuE0D+nu0dZk5NQmjBabne2r25y629rNz2R
8GDBiMYuFGl8Vgd13GwvroEl9a7yk/CYy9ABlSrY1d2ri75aZTgqOudYT/QhGqU7
AFFFtZLcfjBs9XhOE5N1ezAb3IYdf5OIjcWX6OcS8tiZSSp8UoCh8aaVNBvqJ9mW
hzl8TpV8I1xrpMhr3qftk4a9m2iB0Jceaxizbu9kbpbsgc5X6BkyeIxmd391QgRf
Lq9oD7Y7nZNmq4Q=
-----END CERTIFICATE-----
Generated at Wed May 13 06:26:40 2026 by rpki-client