Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b172e9-1c5a-415c-8028-1280f2e783d4/1/MlOfNk7Q3shUXI9a3n1KJjtXLCU.roa
File: MlOfNk7Q3shUXI9a3n1KJjtXLCU.roa (raw, json)
Hash identifier: AIXKvNEgmoHFwpe6ZZaU57lVrd3l/1EtmwOvF6+bSNc=
Subject key identifier: 32:53:9F:36:4E:D0:DE:C8:54:5C:8F:5A:DE:7D:4A:26:3B:57:2C:25
Certificate issuer: /CN=9b831ee94c37b9b1159c7d7732936181ab541d80
Certificate serial: 019CDDE8DA38B56EA5DE9B0FC1D113E053D3
Authority key identifier: 9B:83:1E:E9:4C:37:B9:B1:15:9C:7D:77:32:93:61:81:AB:54:1D:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m4Me6Uw3ubEVnH13MpNhgatUHYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b172e9-1c5a-415c-8028-1280f2e783d4/1/MlOfNk7Q3shUXI9a3n1KJjtXLCU.roa
Signing time: Wed 11 Mar 2026 17:19:10 +0000
ROA not before: Wed 11 Mar 2026 17:19:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204704
IP address blocks: 45.84.64.0/24 maxlen: 24
45.84.65.0/24 maxlen: 24
45.84.66.0/24 maxlen: 24
45.84.67.0/24 maxlen: 24
45.139.112.0/24 maxlen: 24
45.139.113.0/24 maxlen: 24
45.139.114.0/24 maxlen: 24
45.139.115.0/24 maxlen: 24
45.154.48.0/22 maxlen: 22
45.154.48.0/24 maxlen: 24
45.154.49.0/24 maxlen: 24
185.206.88.0/24 maxlen: 24
185.206.89.0/24 maxlen: 24
185.206.90.0/24 maxlen: 24
185.206.91.0/24 maxlen: 24
2a0e:9880::/29 maxlen: 32
2a0e:9881::/32 maxlen: 32
2a0e:9882::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/b172e9-1c5a-415c-8028-1280f2e783d4/1/m4Me6Uw3ubEVnH13MpNhgatUHYA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/b172e9-1c5a-415c-8028-1280f2e783d4/1/m4Me6Uw3ubEVnH13MpNhgatUHYA.mft
rsync://rpki.ripe.net/repository/DEFAULT/m4Me6Uw3ubEVnH13MpNhgatUHYA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dd:e8:da:38:b5:6e:a5:de:9b:0f:c1:d1:13:e0:53:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b831ee94c37b9b1159c7d7732936181ab541d80
Validity
Not Before: Mar 11 17:19:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=32539f364ed0dec8545c8f5ade7d4a263b572c25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:14:ef:46:f5:48:8e:03:51:78:e5:79:45:fe:
ec:9f:5e:4e:53:fa:ad:88:a9:b6:d9:25:c2:d2:97:
ce:ea:bc:bc:38:0b:e5:91:4f:04:f7:73:90:36:ce:
82:06:84:79:f5:f6:69:23:80:e8:a1:08:f5:1c:ce:
5c:1c:8e:9b:f7:b4:38:32:5a:44:c8:d0:1d:b1:f4:
c1:3a:e4:db:43:15:22:1e:f8:48:5f:6d:2b:53:5e:
64:fb:93:32:95:d5:6c:45:d1:4f:dd:94:54:b6:74:
16:8f:59:f8:dd:ce:85:44:f4:1f:49:98:82:a2:7c:
61:4a:70:6a:46:62:63:ff:9e:26:c3:b9:2d:a7:ae:
6e:78:e3:8f:be:94:5a:17:29:0d:6b:0f:83:12:43:
56:d9:96:16:07:f9:e4:21:69:1c:a9:e9:da:9e:43:
2a:71:5c:ec:fc:33:bd:2d:d2:97:26:20:8f:64:90:
8c:fa:89:10:2f:59:17:ed:bc:09:b9:d8:31:3f:65:
c2:96:7c:d5:92:af:06:48:a2:cf:50:a9:6c:67:67:
ac:c3:17:a2:1d:dd:6e:8e:10:94:91:6e:96:d7:42:
57:15:41:d5:98:f8:4a:cd:e5:60:5e:fd:18:88:af:
c6:28:52:23:4a:e2:52:25:c2:7f:d0:ad:95:d9:89:
f7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:53:9F:36:4E:D0:DE:C8:54:5C:8F:5A:DE:7D:4A:26:3B:57:2C:25
X509v3 Authority Key Identifier:
keyid:9B:83:1E:E9:4C:37:B9:B1:15:9C:7D:77:32:93:61:81:AB:54:1D:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m4Me6Uw3ubEVnH13MpNhgatUHYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b172e9-1c5a-415c-8028-1280f2e783d4/1/MlOfNk7Q3shUXI9a3n1KJjtXLCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b172e9-1c5a-415c-8028-1280f2e783d4/1/m4Me6Uw3ubEVnH13MpNhgatUHYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.64.0/22
45.139.112.0/22
45.154.48.0/22
185.206.88.0/22
IPv6:
2a0e:9880::/29
Signature Algorithm: sha256WithRSAEncryption
80:f9:84:ff:26:0d:96:78:50:9e:38:d4:a6:2c:92:b1:a7:39:
be:43:cb:7c:be:4f:88:67:12:87:e1:07:34:43:d0:f2:e3:84:
de:b5:29:00:00:d2:92:56:04:bd:ef:8d:1f:f4:c6:a7:cb:50:
a3:c1:a5:80:9f:95:2d:1f:92:b5:d6:79:3a:30:78:c4:72:69:
0e:d9:c0:89:ae:f3:25:bb:07:65:8b:ae:d6:e8:94:9b:f6:d1:
1e:21:0c:d6:f8:a5:a2:cb:4e:45:3f:8c:d4:61:d6:47:63:dc:
b8:97:b0:86:63:65:08:8b:1b:70:54:35:7e:04:d5:1f:7b:7e:
ff:d0:97:ba:49:f1:2e:42:fe:ce:d5:e6:c8:e0:19:c5:9b:fe:
87:eb:a7:2f:c3:18:e7:b0:78:89:12:c9:e4:89:a7:75:cf:19:
19:a1:db:77:22:d8:70:3a:f5:73:da:87:9f:65:a4:03:25:93:
d3:07:9d:6d:9e:0d:db:eb:79:f8:5a:4a:c7:be:c8:b6:93:60:
bb:32:41:e0:80:f5:9a:8b:c2:09:52:41:4b:f0:1f:e8:d3:93:
7a:5f:b4:a5:56:af:20:b2:80:de:50:00:a6:c7:3b:50:0b:ff:
a2:f5:75:f7:56:dc:de:d8:5b:6a:a6:f2:b4:64:36:7d:58:8d:
14:42:4d:d1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZzd6No4tW6l3psPwdET4FPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliODMxZWU5NGMzN2I5YjExNTljN2Q3NzMyOTM2MTgxYWI1
NDFkODAwHhcNMjYwMzExMTcxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjUzOWYzNjRlZDBkZWM4NTQ1YzhmNWFkZTdkNGEyNjNiNTcyYzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxTvRvVIjgNReOV5Rf7sn15OU/qt
iKm22SXC0pfO6ry8OAvlkU8E93OQNs6CBoR59fZpI4DooQj1HM5cHI6b97Q4MlpE
yNAdsfTBOuTbQxUiHvhIX20rU15k+5MyldVsRdFP3ZRUtnQWj1n43c6FRPQfSZiC
onxhSnBqRmJj/54mw7ktp65ueOOPvpRaFykNaw+DEkNW2ZYWB/nkIWkcqenankMq
cVzs/DO9LdKXJiCPZJCM+okQL1kX7bwJudgxP2XClnzVkq8GSKLPUKlsZ2eswxei
Hd1ujhCUkW6W10JXFUHVmPhKzeVgXv0YiK/GKFIjSuJSJcJ/0K2V2Yn3awIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDJTnzZO0N7IVFyPWt59SiY7VywlMB8GA1UdIwQY
MBaAFJuDHulMN7mxFZx9dzKTYYGrVB2AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTRNZTZVdzN1YkVWbkgxM01wTmhnYXRVSFlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iMTcyZTktMWM1YS00MTVjLTgwMjgt
MTI4MGYyZTc4M2Q0LzEvTWxPZk5rN1Ezc2hVWEk5YTNuMUtKanRYTENVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iMTcyZTktMWM1YS00MTVjLTgwMjgtMTI4MGYyZTc4M2Q0
LzEvbTRNZTZVdzN1YkVWbkgxM01wTmhnYXRVSFlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLVRAAwQC
LYtwAwQCLZowAwQCuc5YMA0EAgACMAcDBQMqDpiAMA0GCSqGSIb3DQEBCwUAA4IB
AQCA+YT/Jg2WeFCeONSmLJKxpzm+Q8t8vk+IZxKH4Qc0Q9Dy44TetSkAANKSVgS9
740f9Many1CjwaWAn5UtH5K11nk6MHjEcmkO2cCJrvMluwdli67W6JSb9tEeIQzW
+KWiy05FP4zUYdZHY9y4l7CGY2UIixtwVDV+BNUfe37/0Je6SfEuQv7O1ebI4BnF
m/6H66cvwxjnsHiJEsnkiad1zxkZodt3IthwOvVz2oefZaQDJZPTB51tng3b63n4
WkrHvsi2k2C7MkHggPWai8IJUkFL8B/o05N6X7SlVq8gsoDeUACmxztQC/+i9XX3
Vtze2FtqpvK0ZDZ9WI0UQk3R
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:38:58 2026 by rpki-client