Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/mwrvOv7zzrvJWsMeNCvlErGsfCU.roa
File: mwrvOv7zzrvJWsMeNCvlErGsfCU.roa (raw, json)
Hash identifier: BZ9Gv1jKL4cCitIoVtn12JI5QQWeprvgIXtFeAtYNHU=
Subject key identifier: 9B:0A:EF:3A:FE:F3:CE:BB:C9:5A:C3:1E:34:2B:E5:12:B1:AC:7C:25
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019DFC7EF7C393FAA70C308E0125AC1AC0C0
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/mwrvOv7zzrvJWsMeNCvlErGsfCU.roa
Signing time: Wed 06 May 2026 08:54:32 +0000
ROA not before: Wed 06 May 2026 08:54:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201776
IP address blocks: 2.63.144.0/20 maxlen: 20
2.63.158.0/24 maxlen: 24
2.63.159.0/24 maxlen: 24
2.63.176.0/20 maxlen: 20
2.63.224.0/20 maxlen: 20
2.63.225.0/24 maxlen: 24
46.61.150.0/24 maxlen: 24
46.61.245.0/24 maxlen: 24
78.31.216.0/24 maxlen: 24
78.31.217.0/24 maxlen: 24
78.31.218.0/24 maxlen: 24
78.31.219.0/24 maxlen: 24
78.31.220.0/24 maxlen: 24
78.31.221.0/24 maxlen: 24
78.31.222.0/24 maxlen: 24
84.42.92.0/24 maxlen: 24
84.42.93.0/24 maxlen: 24
84.42.94.0/24 maxlen: 24
84.42.95.0/24 maxlen: 24
85.174.144.0/20 maxlen: 24
92.50.204.0/23 maxlen: 23
92.50.204.0/24 maxlen: 24
92.50.205.0/24 maxlen: 24
176.119.169.0/24 maxlen: 24
176.119.170.0/24 maxlen: 24
176.119.171.0/24 maxlen: 24
176.119.172.0/24 maxlen: 24
176.208.74.0/24 maxlen: 24
176.211.120.0/22 maxlen: 22
188.128.76.0/23 maxlen: 24
188.128.76.0/24 maxlen: 24
188.128.77.0/24 maxlen: 24
188.254.122.0/23 maxlen: 24
188.254.122.0/24 maxlen: 24
188.254.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 19:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fc:7e:f7:c3:93:fa:a7:0c:30:8e:01:25:ac:1a:c0:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: May 6 08:54:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9b0aef3afef3cebbc95ac31e342be512b1ac7c25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3b:95:bd:33:ea:06:8d:5e:af:ea:d6:f9:b8:
d3:0d:0a:6b:a1:5b:5f:50:9e:8d:00:a2:f3:98:5b:
10:75:4c:15:e7:94:47:de:16:95:c8:54:18:3d:c9:
df:48:8c:57:37:67:70:54:c0:59:e6:de:48:20:97:
11:79:8a:6e:69:6b:a9:3f:b0:6b:14:c1:0f:a1:88:
d9:f8:ec:22:6e:41:55:df:3f:bd:0c:5f:fe:cd:3b:
3a:a4:5a:90:08:f2:48:6d:d4:60:3f:f1:7c:4c:2b:
30:e8:4b:24:56:25:aa:16:f9:03:52:80:bf:10:e4:
2d:47:e4:55:77:86:47:6e:48:c9:85:22:6a:76:25:
c6:7d:49:ff:c6:53:69:97:a2:0e:de:89:38:4b:4a:
07:25:02:c4:c0:34:2d:af:f5:ed:39:aa:d2:a2:af:
68:9c:e7:cd:50:0a:4d:6f:37:66:cb:c1:9e:81:2e:
ac:cc:8c:8f:3c:81:02:60:28:26:40:0e:00:9d:53:
94:de:f3:f2:04:2a:59:e2:36:c3:21:73:24:af:86:
eb:1f:de:17:85:69:77:00:33:91:47:3f:23:97:07:
c9:58:6b:57:d7:e6:dc:71:27:12:bc:3b:34:54:44:
67:69:a0:e1:e1:6d:47:d8:f2:5c:36:a0:fc:a4:20:
c2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:0A:EF:3A:FE:F3:CE:BB:C9:5A:C3:1E:34:2B:E5:12:B1:AC:7C:25
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/mwrvOv7zzrvJWsMeNCvlErGsfCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.144.0/20
2.63.176.0/20
2.63.224.0/20
46.61.150.0/24
46.61.245.0/24
78.31.216.0-78.31.222.255
84.42.92.0/22
85.174.144.0/20
92.50.204.0/23
176.119.169.0-176.119.172.255
176.208.74.0/24
176.211.120.0/22
188.128.76.0/23
188.254.122.0/23
Signature Algorithm: sha256WithRSAEncryption
35:3a:98:b4:c2:f8:21:5c:d7:99:15:cd:b8:2e:63:41:93:4b:
fe:69:16:50:9f:21:2b:9a:8d:bd:30:a2:00:0a:45:17:5a:00:
7a:b2:92:80:81:06:0d:38:90:ad:82:e1:a3:45:73:f2:a4:64:
70:63:56:96:5a:f1:6c:7b:d0:a5:80:e8:31:9a:b7:58:ba:39:
2a:3a:75:7b:75:0c:06:b8:37:73:13:d4:09:2f:61:86:2a:aa:
e7:20:21:b7:ce:a0:1c:5b:95:34:00:5a:cb:3e:42:8c:f0:8c:
ec:8b:cf:47:8d:30:3b:7e:69:7a:fc:95:9d:76:9f:1c:a8:2e:
8a:1c:b4:b5:04:84:55:b6:d1:d1:aa:13:08:57:b6:6f:33:e5:
06:ad:94:06:5a:96:44:4f:26:0f:a3:8d:68:63:43:db:7c:c4:
cc:5c:f5:bd:3e:22:9c:d1:97:01:e2:39:7e:17:2f:89:82:d4:
4a:87:d2:15:32:5c:19:d8:3f:d0:7a:b8:45:b2:9c:54:95:a4:
f6:19:a4:2b:15:6a:1c:fe:fb:35:e6:4c:22:f6:83:46:d7:1a:
2b:91:f4:1e:25:bf:64:18:e7:db:b2:8a:b3:49:89:6d:75:66:
b1:ef:11:eb:a9:41:ae:0a:86:5c:16:52:2d:54:f0:7c:2d:ef:
9a:5b:7a:3a
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZ38fvfDk/qnDDCOASWsGsDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjYwNTA2MDg1NDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjBhZWYzYWZlZjNjZWJiYzk1YWMzMWUzNDJiZTUxMmIxYWM3YzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjuVvTPqBo1er+rW+bjTDQproVtf
UJ6NAKLzmFsQdUwV55RH3haVyFQYPcnfSIxXN2dwVMBZ5t5IIJcReYpuaWupP7Br
FMEPoYjZ+OwibkFV3z+9DF/+zTs6pFqQCPJIbdRgP/F8TCsw6EskViWqFvkDUoC/
EOQtR+RVd4ZHbkjJhSJqdiXGfUn/xlNpl6IO3ok4S0oHJQLEwDQtr/XtOarSoq9o
nOfNUApNbzdmy8GegS6szIyPPIECYCgmQA4AnVOU3vPyBCpZ4jbDIXMkr4brH94X
hWl3ADORRz8jlwfJWGtX1+bccScSvDs0VERnaaDh4W1H2PJcNqD8pCDCYwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFJsK7zr+8867yVrDHjQr5RKxrHwlMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvbXdydk92N3p6cnZKV3NNZU5DdmxFckdzZkNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQEAj+QAwQE
Aj+wAwQEAj/gAwQALj2WAwQALj31MAwDBANOH9gDBABOH94DBAJUKlwDBARVrpAD
BAFcMswwDAMEALB3qQMEALB3rAMEALDQSgMEArDTeAMEAbyATAMEAbz+ejANBgkq
hkiG9w0BAQsFAAOCAQEANTqYtML4IVzXmRXNuC5jQZNL/mkWUJ8hK5qNvTCiAApF
F1oAerKSgIEGDTiQrYLho0Vz8qRkcGNWllrxbHvQpYDoMZq3WLo5Kjp1e3UMBrg3
cxPUCS9hhiqq5yAht86gHFuVNABayz5CjPCM7IvPR40wO35pevyVnXafHKguihy0
tQSEVbbR0aoTCFe2bzPlBq2UBlqWRE8mD6ONaGND23zEzFz1vT4inNGXAeI5fhcv
iYLUSofSFTJcGdg/0Hq4RbKcVJWk9hmkKxVqHP77NeZMIvaDRtcaK5H0HiW/ZBjn
27KKs0mJbXVmse8R66lBrgqGXBZSLVTwfC3vmlt6Og==
-----END CERTIFICATE-----
Generated at Wed May 13 05:26:02 2026 by rpki-client