Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/MltfaSDzKKivi1ba6fyL603ZViA.roa
File: MltfaSDzKKivi1ba6fyL603ZViA.roa (raw, json)
Hash identifier: o/h5nKm2TLBULoQARQH8ZnVSg+ceTA0UZkwLaI/sNkY=
Subject key identifier: 32:5B:5F:69:20:F3:28:A8:AF:8B:56:DA:E9:FC:8B:EB:4D:D9:56:20
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 019CD5D01A6317AD8A12162507595F5772F4
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/MltfaSDzKKivi1ba6fyL603ZViA.roa
Signing time: Tue 10 Mar 2026 03:35:11 +0000
ROA not before: Tue 10 Mar 2026 03:35:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 91.147.119.0/24 maxlen: 24
91.147.123.0/24 maxlen: 24
91.147.126.0/23 maxlen: 24
212.116.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Mar 2026 03:37:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d5:d0:1a:63:17:ad:8a:12:16:25:07:59:5f:57:72:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Mar 10 03:35:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=325b5f6920f328a8af8b56dae9fc8beb4dd95620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:16:47:37:7a:a9:c9:c4:fd:ed:19:26:08:c6:
7b:97:39:53:95:82:71:ba:91:6f:fb:0b:0e:46:f7:
0e:6e:bc:f5:cb:e5:ae:f6:bc:5e:fa:24:bf:bc:4e:
86:ce:4e:7a:dd:f1:cb:f6:69:8d:2e:ae:6b:2d:03:
64:6f:56:bb:c0:5f:cc:15:ed:a7:b3:b1:3c:27:10:
d4:01:df:16:71:f4:cd:0b:a6:8e:a3:92:41:74:96:
02:cd:4a:51:fd:ad:4b:00:f7:b5:f4:66:dd:62:70:
f2:0a:a4:16:8c:da:32:a7:6d:d3:ad:f9:39:43:45:
5e:dc:f7:1b:ee:05:1d:92:b8:db:b8:a5:0d:73:13:
89:d8:e1:ef:34:cb:3d:0b:6e:9f:56:66:f0:65:b2:
5b:4c:55:26:7a:59:a3:c1:61:a3:a8:2d:c7:47:62:
82:61:bd:8a:26:31:36:67:ec:89:30:1f:45:60:1c:
cf:9d:8b:84:51:d8:b0:58:b4:56:f1:a2:5a:78:93:
6d:17:75:dc:2a:3b:7e:21:97:59:cd:39:ca:82:37:
6c:ab:f5:03:90:4b:46:51:1a:98:a5:34:bb:fc:ba:
1c:5d:ea:8d:64:12:15:db:a6:25:2b:47:43:1f:a4:
1b:56:3c:88:7c:31:e1:f7:08:37:e9:de:97:e5:69:
06:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:5B:5F:69:20:F3:28:A8:AF:8B:56:DA:E9:FC:8B:EB:4D:D9:56:20
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/MltfaSDzKKivi1ba6fyL603ZViA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.119.0/24
91.147.123.0/24
91.147.126.0/23
212.116.244.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:b3:57:a3:2c:a0:5b:d4:5e:7d:64:9c:68:b7:7b:66:20:45:
d7:de:ea:19:1c:0c:dc:fe:5b:c6:17:a7:ad:9f:08:7f:9c:04:
41:e2:70:6f:f2:e7:d1:4a:79:31:07:4f:a1:43:0b:9c:1d:da:
d7:de:be:3b:14:00:fb:94:7c:1e:09:a1:5d:1c:87:ad:d0:98:
6d:26:5f:89:31:ca:4a:b6:d5:1e:d4:f3:c6:5b:7d:1b:ff:fe:
fe:ee:17:bd:ec:3d:30:3d:7b:d3:7d:83:16:e1:4a:72:ee:f0:
2b:1c:63:9f:ce:32:ca:27:4f:00:a2:4a:4a:6e:fa:dc:f5:4e:
06:2e:76:10:3f:19:c5:f3:37:10:ef:5e:0c:a2:fa:0e:37:82:
2e:23:86:ed:ac:8f:d0:50:04:93:ac:70:b0:64:5f:13:35:58:
44:1a:52:9a:65:75:ff:a0:e0:f0:6f:5d:8a:c8:6e:be:ec:70:
be:f8:1f:89:85:25:d7:f1:54:16:27:fd:b0:33:ce:19:48:2e:
5a:03:bd:0a:9a:13:73:c8:24:43:4f:85:ce:2f:6d:b7:f0:f6:
37:59:3a:85:99:b6:6c:10:89:c7:1a:3a:db:6a:0b:00:4a:3e:
34:2b:23:ea:8e:4f:f9:32:17:13:41:50:6d:9e:35:67:01:2f:
c6:a5:d0:1c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZzV0BpjF62KEhYlB1lfV3L0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjYwMzEwMDMzNTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjViNWY2OTIwZjMyOGE4YWY4YjU2ZGFlOWZjOGJlYjRkZDk1NjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhZHN3qpycT97RkmCMZ7lzlTlYJx
upFv+wsORvcObrz1y+Wu9rxe+iS/vE6Gzk563fHL9mmNLq5rLQNkb1a7wF/MFe2n
s7E8JxDUAd8WcfTNC6aOo5JBdJYCzUpR/a1LAPe19GbdYnDyCqQWjNoyp23Trfk5
Q0Ve3Pcb7gUdkrjbuKUNcxOJ2OHvNMs9C26fVmbwZbJbTFUmelmjwWGjqC3HR2KC
Yb2KJjE2Z+yJMB9FYBzPnYuEUdiwWLRW8aJaeJNtF3XcKjt+IZdZzTnKgjdsq/UD
kEtGURqYpTS7/LocXeqNZBIV26YlK0dDH6QbVjyIfDHh9wg36d6X5WkGCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDJbX2kg8yior4tW2un8i+tN2VYgMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvTWx0ZmFTRHpLS2l2aTFiYTZmeUw2MDNaVmlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW5N3AwQA
W5N7AwQBW5N+AwQA1HT0MA0GCSqGSIb3DQEBCwUAA4IBAQDVs1ejLKBb1F59ZJxo
t3tmIEXX3uoZHAzc/lvGF6etnwh/nARB4nBv8ufRSnkxB0+hQwucHdrX3r47FAD7
lHweCaFdHIet0JhtJl+JMcpKttUe1PPGW30b//7+7he97D0wPXvTfYMW4Upy7vAr
HGOfzjLKJ08AokpKbvrc9U4GLnYQPxnF8zcQ714MovoON4IuI4btrI/QUASTrHCw
ZF8TNVhEGlKaZXX/oODwb12KyG6+7HC++B+JhSXX8VQWJ/2wM84ZSC5aA70KmhNz
yCRDT4XOL2238PY3WTqFmbZsEInHGjrbagsASj40KyPqjk/5MhcTQVBtnjVnAS/G
pdAc
-----END CERTIFICATE-----
Generated at Tue Mar 10 12:43:19 2026 by rpki-client