Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/pMQVecamDodQSmBw-UmLqkRzTyk.roa
File: pMQVecamDodQSmBw-UmLqkRzTyk.roa (raw, json)
Hash identifier: EmfM/FtUUlT/f5+MPBX6UPv6rg0dkI+I1HJgurEQFXU=
Subject key identifier: A4:C4:15:79:C6:A6:0E:87:50:4A:60:70:F9:49:8B:AA:44:73:4F:29
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 019CADE0A658ABE0490BD17F8B7EA2805F48
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/pMQVecamDodQSmBw-UmLqkRzTyk.roa
Signing time: Mon 02 Mar 2026 09:28:26 +0000
ROA not before: Mon 02 Mar 2026 09:28:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6079
IP address blocks: 72.63.0.0/22 maxlen: 22
72.63.28.0/22 maxlen: 22
72.63.60.0/22 maxlen: 22
72.63.92.0/22 maxlen: 22
72.63.124.0/22 maxlen: 22
72.63.156.0/22 maxlen: 22
72.63.188.0/22 maxlen: 22
72.63.220.0/22 maxlen: 22
205.188.164.0/22 maxlen: 22
205.188.170.0/23 maxlen: 23
205.188.172.0/22 maxlen: 22
205.188.180.0/23 maxlen: 23
205.188.182.0/23 maxlen: 23
205.188.184.0/22 maxlen: 22
205.188.188.0/22 maxlen: 22
205.188.192.0/22 maxlen: 22
205.188.200.0/22 maxlen: 22
205.188.204.0/23 maxlen: 23
205.188.206.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 12:58:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:e0:a6:58:ab:e0:49:0b:d1:7f:8b:7e:a2:80:5f:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Mar 2 09:28:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a4c41579c6a60e87504a6070f9498baa44734f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:01:d3:81:ca:00:81:6b:c4:85:af:18:1c:27:
59:c4:6b:e7:7f:54:84:54:cd:68:ed:73:10:87:02:
17:4b:a5:78:81:bb:9c:38:f6:87:71:4e:b2:69:56:
82:c9:f0:c9:24:1b:a1:36:8e:b9:1f:58:23:84:b7:
6d:3f:e5:eb:c2:02:64:e9:14:df:40:2b:07:9c:f1:
ee:79:69:1d:ed:0d:60:8b:16:78:bb:60:27:24:1b:
30:61:fc:19:c4:26:a1:b9:3d:90:84:c7:55:56:4c:
d3:0f:34:5d:99:c7:12:25:05:29:34:22:13:5f:2f:
77:29:0c:08:14:c4:a1:0b:ce:e0:78:82:12:3d:2e:
bf:b8:89:b1:39:95:7f:66:48:e7:6e:1e:1a:0d:cc:
ca:33:55:63:3e:a9:49:bd:5d:ad:b3:35:9d:45:73:
b7:c7:0d:4b:03:e6:aa:d5:85:c3:2a:ea:04:87:66:
56:6a:fe:b0:5f:b2:c5:7c:41:f8:04:1f:01:4f:78:
a9:83:68:61:39:e7:f9:7a:3b:c1:0c:d8:48:31:01:
a2:66:d6:64:fd:87:85:83:16:fa:49:f3:45:af:ec:
93:0a:f0:e2:1f:b6:ba:65:50:a8:64:dd:46:c7:9f:
a8:f5:27:a9:f8:1d:61:cf:3a:6c:24:39:4d:e5:52:
01:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C4:15:79:C6:A6:0E:87:50:4A:60:70:F9:49:8B:AA:44:73:4F:29
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/pMQVecamDodQSmBw-UmLqkRzTyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.63.0.0/22
72.63.28.0/22
72.63.60.0/22
72.63.92.0/22
72.63.124.0/22
72.63.156.0/22
72.63.188.0/22
72.63.220.0/22
205.188.164.0/22
205.188.170.0-205.188.175.255
205.188.180.0-205.188.195.255
205.188.200.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:a0:86:65:73:8e:75:e4:61:2c:94:c9:7d:76:da:46:de:7b:
72:8e:97:d0:10:d3:4a:93:45:47:b6:ed:7b:43:62:4d:a1:d7:
79:1f:42:da:1f:0f:00:0e:2a:ad:06:e8:c4:54:16:f8:c4:a8:
c3:f9:07:d1:5c:5d:fe:f0:17:50:0f:8f:42:e6:90:fc:05:04:
bb:c3:c7:6b:b3:a5:8a:64:8b:dd:a1:63:63:c6:44:90:be:82:
65:7b:d8:dc:3e:71:4f:77:cf:54:83:74:6a:bf:e7:b2:c1:f0:
4f:8c:ca:9d:55:fd:a2:60:41:43:89:d8:9a:bb:01:20:b1:a6:
55:a4:54:69:ae:30:fb:17:4f:59:02:b6:1f:0b:10:58:7a:27:
bd:86:93:e2:6c:04:93:59:b0:f6:d8:db:81:0c:df:f7:0e:95:
a9:74:60:61:9c:b7:c4:f5:91:77:f5:a0:83:b6:9e:7c:42:ba:
84:ac:8e:56:74:b8:02:24:e2:59:12:83:e7:f4:f6:08:97:e2:
f7:89:84:7e:fb:33:6b:a7:a1:b4:99:b6:1e:11:1c:eb:ff:72:
b9:54:9d:3f:9a:2e:ff:18:09:7f:8e:09:18:e8:fa:7f:7b:56:
64:08:fc:c3:89:39:30:91:ac:35:fa:90:54:cc:0c:fd:2b:8e:
0a:18:69:86
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZyt4KZYq+BJC9F/i36igF9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjYwMzAyMDkyODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGM0MTU3OWM2YTYwZTg3NTA0YTYwNzBmOTQ5OGJhYTQ0NzM0ZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAHTgcoAgWvEha8YHCdZxGvnf1SE
VM1o7XMQhwIXS6V4gbucOPaHcU6yaVaCyfDJJBuhNo65H1gjhLdtP+XrwgJk6RTf
QCsHnPHueWkd7Q1gixZ4u2AnJBswYfwZxCahuT2QhMdVVkzTDzRdmccSJQUpNCIT
Xy93KQwIFMShC87geIISPS6/uImxOZV/Zkjnbh4aDczKM1VjPqlJvV2tszWdRXO3
xw1LA+aq1YXDKuoEh2ZWav6wX7LFfEH4BB8BT3ipg2hhOef5ejvBDNhIMQGiZtZk
/YeFgxb6SfNFr+yTCvDiH7a6ZVCoZN1Gx5+o9Sep+B1hzzpsJDlN5VIBFQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFKTEFXnGpg6HUEpgcPlJi6pEc08pMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvcE1RVmVjYW1Eb2RRU21Cdy1VbUxxa1J6VHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQCSD8AAwQC
SD8cAwQCSD88AwQCSD9cAwQCSD98AwQCSD+cAwQCSD+8AwQCSD/cAwQCzbykMAwD
BAHNvKoDBATNvKAwDAMEAs28tAMEAs28wAMEA828yDANBgkqhkiG9w0BAQsFAAOC
AQEATaCGZXOOdeRhLJTJfXbaRt57co6X0BDTSpNFR7bte0NiTaHXeR9C2h8PAA4q
rQboxFQW+MSow/kH0Vxd/vAXUA+PQuaQ/AUEu8PHa7OlimSL3aFjY8ZEkL6CZXvY
3D5xT3fPVIN0ar/nssHwT4zKnVX9omBBQ4nYmrsBILGmVaRUaa4w+xdPWQK2HwsQ
WHonvYaT4mwEk1mw9tjbgQzf9w6VqXRgYZy3xPWRd/Wgg7aefEK6hKyOVnS4AiTi
WRKD5/T2CJfi94mEfvsza6ehtJm2HhEc6/9yuVSdP5ou/xgJf44JGOj6f3tWZAj8
w4k5MJGsNfqQVMwM/SuOChhphg==
-----END CERTIFICATE-----
Generated at Thu Mar 5 22:57:03 2026 by rpki-client