Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/rMzPlqeXed5Y89UzjiZvPqV3s58.roa
File: rMzPlqeXed5Y89UzjiZvPqV3s58.roa (raw, json)
Hash identifier: 4NVVuSgIIV5WlShqqfRipcrmwmCbsaQnATLeGv6ZOzA=
Subject key identifier: AC:CC:CF:96:A7:97:79:DE:58:F3:D5:33:8E:26:6F:3E:A5:77:B3:9F
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019CADB1F7226842F44A9D384E018666E3A3
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/rMzPlqeXed5Y89UzjiZvPqV3s58.roa
Signing time: Mon 02 Mar 2026 08:37:27 +0000
ROA not before: Mon 02 Mar 2026 08:37:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 45.13.189.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:b1:f7:22:68:42:f4:4a:9d:38:4e:01:86:66:e3:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Mar 2 08:37:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=accccf96a79779de58f3d5338e266f3ea577b39f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:92:5f:51:b8:e2:2a:32:df:1d:58:b0:21:aa:
22:3e:fe:9d:b1:1d:8a:be:a1:81:73:73:ef:06:df:
6b:ed:de:66:9c:c7:ad:72:3a:6f:ae:27:ce:93:6e:
f6:9d:fd:e6:9b:7a:5f:6c:65:2a:45:d2:5f:85:3d:
c5:d6:b2:be:36:61:2c:65:b2:21:9d:c4:ec:57:fa:
5c:c3:ad:14:80:cc:fc:7e:0f:6a:cb:85:48:ac:98:
64:3d:58:01:f5:c7:9d:a1:10:5b:49:07:8e:ad:27:
bf:c4:15:83:fa:15:67:94:13:c9:d0:c1:66:9a:e5:
af:b8:fa:f3:ab:9e:90:f4:45:47:70:92:27:5e:ef:
d3:64:fc:f6:65:cb:af:58:76:b5:4d:d3:f4:42:97:
41:f1:61:f9:02:66:d8:ee:1b:63:c8:8a:8e:04:0b:
7b:fb:96:8d:67:6b:4e:4f:36:38:a2:03:29:be:55:
56:e6:27:64:3d:b5:d7:e3:85:fc:bc:1e:fd:71:8e:
12:bd:b6:3b:f5:11:14:6a:a0:4b:48:ed:50:85:94:
ac:ab:d7:75:a1:c2:de:bc:8b:0b:66:5d:95:32:98:
4f:83:40:d7:4e:ae:a1:eb:72:4f:41:ec:51:b5:b9:
84:6d:2e:d2:fc:25:2d:4b:65:0c:b2:bb:ec:51:0f:
0a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:CC:CF:96:A7:97:79:DE:58:F3:D5:33:8E:26:6F:3E:A5:77:B3:9F
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/rMzPlqeXed5Y89UzjiZvPqV3s58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.189.0/24
195.177.92.0/23
195.177.95.0/24
195.211.189.0-195.211.190.255
Signature Algorithm: sha256WithRSAEncryption
58:4d:16:cc:16:a4:ee:fe:5f:37:d2:8b:4f:09:b0:0a:ef:2a:
26:db:73:65:f5:56:80:00:60:50:42:3c:a6:b2:8b:6e:6e:76:
b1:ef:f4:c2:07:bd:54:a4:29:cf:1c:53:db:e0:76:1c:57:c4:
9c:c9:2b:17:2f:93:14:c2:42:e2:eb:94:72:1e:e5:ee:65:e8:
c1:86:1e:3f:1d:f4:f8:74:23:54:9b:14:a2:71:c6:7a:c9:8e:
83:94:d8:32:7b:eb:4e:2d:40:ec:81:b3:54:f7:53:8c:ad:69:
5e:0b:0b:c4:ae:18:48:e3:36:6e:3a:bb:64:76:67:97:8d:9b:
46:09:07:fb:c9:4d:60:48:b4:8a:2b:31:72:e4:5d:d3:ae:f4:
bd:97:d1:45:cf:d3:8b:f5:09:9f:c7:36:92:a9:7d:5b:6b:00:
d5:07:46:e8:07:76:9c:a0:96:97:7d:f9:ca:9b:c9:cc:17:26:
05:8d:8b:02:a3:8e:25:09:12:22:de:c5:bf:3b:1d:76:53:cf:
c3:11:6d:ff:dc:ed:a7:79:91:dd:57:0a:26:99:2c:38:90:d5:
66:27:f2:36:73:ff:b4:0c:2d:9c:e3:5a:b0:eb:9f:c1:55:1e:
14:f2:de:41:85:66:ea:76:65:95:f7:3f:bd:43:3f:9f:07:fc:
40:dd:dd:12
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZytsfciaEL0Sp04TgGGZuOjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjYwMzAyMDgzNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2NjY2Y5NmE3OTc3OWRlNThmM2Q1MzM4ZTI2NmYzZWE1NzdiMzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5JfUbjiKjLfHViwIaoiPv6dsR2K
vqGBc3PvBt9r7d5mnMetcjpvrifOk272nf3mm3pfbGUqRdJfhT3F1rK+NmEsZbIh
ncTsV/pcw60UgMz8fg9qy4VIrJhkPVgB9cedoRBbSQeOrSe/xBWD+hVnlBPJ0MFm
muWvuPrzq56Q9EVHcJInXu/TZPz2ZcuvWHa1TdP0QpdB8WH5AmbY7htjyIqOBAt7
+5aNZ2tOTzY4ogMpvlVW5idkPbXX44X8vB79cY4SvbY79REUaqBLSO1QhZSsq9d1
ocLevIsLZl2VMphPg0DXTq6h63JPQexRtbmEbS7S/CUtS2UMsrvsUQ8K6wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKzMz5anl3neWPPVM44mbz6ld7OfMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvck16UGxxZVhlZDVZODlVemppWnZQcVYzczU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALQ29AwQB
w7FcAwQAw7FfMAwDBADD070DBADD074wDQYJKoZIhvcNAQELBQADggEBAFhNFswW
pO7+XzfSi08JsArvKibbc2X1VoAAYFBCPKayi25udrHv9MIHvVSkKc8cU9vgdhxX
xJzJKxcvkxTCQuLrlHIe5e5l6MGGHj8d9Ph0I1SbFKJxxnrJjoOU2DJ7604tQOyB
s1T3U4ytaV4LC8SuGEjjNm46u2R2Z5eNm0YJB/vJTWBItIorMXLkXdOu9L2X0UXP
04v1CZ/HNpKpfVtrANUHRugHdpyglpd9+cqbycwXJgWNiwKjjiUJEiLexb87HXZT
z8MRbf/c7ad5kd1XCiaZLDiQ1WYn8jZz/7QMLZzjWrDrn8FVHhTy3kGFZup2ZZX3
P71DP58H/EDd3RI=
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:52:12 2026 by rpki-client