Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/mdgwEYDWnao0bVx89QT9Skm53nM.roa
File: mdgwEYDWnao0bVx89QT9Skm53nM.roa (raw, json)
Hash identifier: /jy8t/OJp9tVxCw/0qf7Mw46uVUZ9NIjSKlEDS6qgU8=
Subject key identifier: 99:D8:30:11:80:D6:9D:AA:34:6D:5C:7C:F5:04:FD:4A:49:B9:DE:73
Certificate issuer: /CN=dab53f9b21d13e078e3e844d645eea8580f1cce1
Certificate serial: 019DA9EFD649C68750F0D2CF08742284E500
Authority key identifier: DA:B5:3F:9B:21:D1:3E:07:8E:3E:84:4D:64:5E:EA:85:80:F1:CC:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2rU_myHRPgeOPoRNZF7qhYDxzOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/mdgwEYDWnao0bVx89QT9Skm53nM.roa
Signing time: Mon 20 Apr 2026 08:09:20 +0000
ROA not before: Mon 20 Apr 2026 08:09:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33874
IP address blocks: 37.75.32.0/19 maxlen: 19
37.75.32.0/20 maxlen: 20
37.75.48.0/20 maxlen: 20
77.25.128.0/17 maxlen: 17
77.25.128.0/19 maxlen: 19
77.25.192.0/22 maxlen: 22
77.25.196.0/22 maxlen: 22
77.25.200.0/22 maxlen: 22
77.25.204.0/22 maxlen: 22
77.25.220.0/22 maxlen: 22
77.25.244.0/22 maxlen: 22
77.25.248.0/22 maxlen: 22
77.243.64.0/22 maxlen: 22
77.243.68.0/23 maxlen: 23
77.243.70.0/23 maxlen: 23
77.243.72.0/22 maxlen: 22
77.243.76.0/23 maxlen: 23
77.243.78.0/23 maxlen: 23
80.85.96.0/20 maxlen: 20
80.85.96.0/23 maxlen: 23
80.85.98.0/24 maxlen: 24
80.85.99.0/24 maxlen: 24
80.85.100.0/24 maxlen: 24
80.85.101.0/24 maxlen: 24
80.85.102.0/24 maxlen: 24
80.85.103.0/24 maxlen: 24
80.85.104.0/24 maxlen: 24
80.85.105.0/24 maxlen: 24
80.85.106.0/24 maxlen: 24
80.85.107.0/24 maxlen: 24
80.85.108.0/24 maxlen: 24
80.85.109.0/24 maxlen: 24
80.85.110.0/24 maxlen: 24
80.85.111.0/24 maxlen: 24
109.200.32.0/19 maxlen: 19
109.200.32.0/20 maxlen: 20
109.200.48.0/21 maxlen: 21
109.200.56.0/22 maxlen: 22
159.20.24.0/21 maxlen: 21
159.20.24.0/24 maxlen: 24
159.20.25.0/24 maxlen: 24
159.20.26.0/24 maxlen: 24
159.20.27.0/24 maxlen: 24
159.20.28.0/24 maxlen: 24
159.20.29.0/24 maxlen: 24
159.20.30.0/24 maxlen: 24
159.20.31.0/24 maxlen: 24
185.5.48.0/24 maxlen: 24
188.172.0.0/19 maxlen: 19
188.172.0.0/20 maxlen: 20
188.172.16.0/21 maxlen: 21
188.172.24.0/22 maxlen: 22
188.172.32.0/19 maxlen: 19
188.172.32.0/20 maxlen: 20
188.172.48.0/21 maxlen: 21
188.172.56.0/22 maxlen: 22
188.172.64.0/19 maxlen: 19
188.172.64.0/21 maxlen: 21
188.172.72.0/22 maxlen: 22
188.172.80.0/21 maxlen: 21
188.172.88.0/22 maxlen: 22
2a10:5500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/2rU_myHRPgeOPoRNZF7qhYDxzOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/2rU_myHRPgeOPoRNZF7qhYDxzOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2rU_myHRPgeOPoRNZF7qhYDxzOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 02:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a9:ef:d6:49:c6:87:50:f0:d2:cf:08:74:22:84:e5:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dab53f9b21d13e078e3e844d645eea8580f1cce1
Validity
Not Before: Apr 20 08:09:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=99d8301180d69daa346d5c7cf504fd4a49b9de73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e7:52:1d:b9:d1:da:9b:f3:ca:77:d6:91:45:
ea:0a:5e:23:01:63:8f:12:2f:20:ff:9b:a0:81:fe:
5c:29:e1:77:84:6b:9d:5a:91:68:37:3d:39:4b:82:
5c:79:d6:16:d4:af:2e:39:a2:50:99:6e:c8:3b:bc:
11:2e:6c:8b:e2:4c:21:33:5b:c9:41:65:2f:88:e5:
4a:3e:71:97:90:3d:62:45:d6:fe:10:bc:e0:81:b7:
b6:54:76:1b:a0:51:d5:62:e0:7d:d1:21:87:49:e8:
00:d9:03:05:a3:e2:61:b4:49:bc:e1:08:3d:f7:76:
8b:ad:bd:1e:bc:98:77:28:57:49:0b:aa:c3:de:47:
f6:76:30:5c:d1:3b:b3:8c:44:2a:bd:c8:f6:62:bc:
90:1b:b9:cb:ff:fb:4b:da:4f:68:10:61:ac:94:03:
ab:e9:3d:3e:78:a1:5b:8b:cb:a3:4d:9e:4c:f7:90:
97:ac:a9:b9:70:54:f5:a5:a1:6e:6e:81:18:56:0a:
2b:68:18:db:e7:f4:35:97:09:a7:36:16:2b:e1:35:
d8:72:f0:d5:bb:73:c1:55:19:a4:67:44:25:06:94:
dd:cb:a6:15:fc:d3:b5:77:1e:9e:95:85:74:90:02:
13:2a:01:67:af:45:21:8e:96:03:df:f0:41:85:29:
db:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D8:30:11:80:D6:9D:AA:34:6D:5C:7C:F5:04:FD:4A:49:B9:DE:73
X509v3 Authority Key Identifier:
keyid:DA:B5:3F:9B:21:D1:3E:07:8E:3E:84:4D:64:5E:EA:85:80:F1:CC:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2rU_myHRPgeOPoRNZF7qhYDxzOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/mdgwEYDWnao0bVx89QT9Skm53nM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/2rU_myHRPgeOPoRNZF7qhYDxzOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.32.0/19
77.25.128.0/17
77.243.64.0/20
80.85.96.0/20
109.200.32.0/19
159.20.24.0/21
185.5.48.0/24
188.172.0.0-188.172.95.255
IPv6:
2a10:5500::/32
Signature Algorithm: sha256WithRSAEncryption
13:df:a6:17:1f:0a:77:a4:c4:73:48:59:f6:8c:ed:3f:9b:7a:
8c:c2:aa:5d:c1:7a:4b:b7:6d:6a:6a:e0:33:dc:9d:f7:d6:21:
eb:ff:11:b5:da:4f:73:54:42:31:4e:41:6f:28:08:f4:17:a8:
17:de:5b:9c:e5:a9:d4:e2:8a:a9:1c:83:6e:8e:62:7c:18:e4:
3c:1a:ce:2c:7d:06:e0:e9:cf:6a:26:ba:d1:70:a6:b8:dc:c4:
14:a6:cd:44:68:4f:3e:84:d6:98:09:59:0b:f5:3d:6e:b7:a2:
b5:5d:7d:15:40:83:c4:52:9b:9e:06:f3:b6:84:c0:40:12:34:
06:0d:b9:36:89:6e:1d:84:3f:15:c1:a0:35:ba:18:18:ac:2f:
9c:e4:ed:83:6c:5b:88:53:59:89:f8:12:48:d8:f9:ca:b8:fe:
d8:3e:d2:e2:f6:57:33:3f:4f:45:de:b6:4d:98:1d:8b:32:55:
7a:c8:88:bb:1c:10:b2:16:06:68:e6:8b:47:cd:25:5a:84:f0:
49:47:84:4e:09:f4:fe:33:45:c1:ff:fd:b8:88:17:9b:f0:05:
63:fc:2b:21:79:ee:aa:b6:80:fe:91:eb:e1:20:39:ba:08:c5:
46:b9:90:e3:2b:bc:95:c5:60:3f:90:a7:18:04:18:09:29:f9:
11:76:7f:bd
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZ2p79ZJxodQ8NLPCHQihOUAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYjUzZjliMjFkMTNlMDc4ZTNlODQ0ZDY0NWVlYTg1ODBm
MWNjZTEwHhcNMjYwNDIwMDgwOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQ4MzAxMTgwZDY5ZGFhMzQ2ZDVjN2NmNTA0ZmQ0YTQ5YjlkZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqedSHbnR2pvzynfWkUXqCl4jAWOP
Ei8g/5uggf5cKeF3hGudWpFoNz05S4JcedYW1K8uOaJQmW7IO7wRLmyL4kwhM1vJ
QWUviOVKPnGXkD1iRdb+ELzggbe2VHYboFHVYuB90SGHSegA2QMFo+JhtEm84Qg9
93aLrb0evJh3KFdJC6rD3kf2djBc0TuzjEQqvcj2YryQG7nL//tL2k9oEGGslAOr
6T0+eKFbi8ujTZ5M95CXrKm5cFT1paFuboEYVgoraBjb5/Q1lwmnNhYr4TXYcvDV
u3PBVRmkZ0QlBpTdy6YV/NO1dx6elYV0kAITKgFnr0UhjpYD3/BBhSnb3wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFJnYMBGA1p2qNG1cfPUE/UpJud5zMB8GA1UdIwQY
MBaAFNq1P5sh0T4Hjj6ETWRe6oWA8czhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnJVX215SFJQZ2VPUG9STlpGN3FoWUR4ek9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi83ZjlhYjEtYmM3Yy00ZDBkLWE5NzAt
NWI4YmM1OTBiMTk3LzEvbWRnd0VZRFduYW8wYlZ4ODlRVDlTa201M25NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi83ZjlhYjEtYmM3Yy00ZDBkLWE5NzAtNWI4YmM1OTBiMTk3
LzEvMnJVX215SFJQZ2VPUG9STlpGN3FoWUR4ek9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA9BAIAATA3AwQFJUsgAwQH
TRmAAwQETfNAAwQEUFVgAwQFbcggAwQDnxQYAwQAuQUwMAsDAwK8rAMEBbysQDAN
BAIAAjAHAwUAKhBVADANBgkqhkiG9w0BAQsFAAOCAQEAE9+mFx8Kd6TEc0hZ9ozt
P5t6jMKqXcF6S7dtamrgM9yd99Yh6/8RtdpPc1RCMU5BbygI9BeoF95bnOWp1OKK
qRyDbo5ifBjkPBrOLH0G4OnPaia60XCmuNzEFKbNRGhPPoTWmAlZC/U9breitV19
FUCDxFKbngbztoTAQBI0Bg25NoluHYQ/FcGgNboYGKwvnOTtg2xbiFNZifgSSNj5
yrj+2D7S4vZXMz9PRd62TZgdizJVesiIuxwQshYGaOaLR80lWoTwSUeETgn0/jNF
wf/9uIgXm/AFY/wrIXnuqraA/pHr4SA5ugjFRrmQ4yu8lcVgP5CnGAQYCSn5EXZ/
vQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 13:18:42 2026 by rpki-client