Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/mbUdbVSJ4JJfzeOmoPhv4grpMr0.roa
File: mbUdbVSJ4JJfzeOmoPhv4grpMr0.roa (raw, json)
Hash identifier: u7sjHhFGvRVP/gVpt0zdfH/OasO9TTE/pKjRgY5jjZ8=
Subject key identifier: 99:B5:1D:6D:54:89:E0:92:5F:CD:E3:A6:A0:F8:6F:E2:0A:E9:32:BD
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019CF08BF4C7DCE80E128F306FA3716EEE53
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/mbUdbVSJ4JJfzeOmoPhv4grpMr0.roa
Signing time: Sun 15 Mar 2026 08:10:29 +0000
ROA not before: Sun 15 Mar 2026 08:10:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6079
IP address blocks: 62.72.172.0/24 maxlen: 24
62.72.173.0/24 maxlen: 24
62.72.183.0/24 maxlen: 24
81.21.5.0/24 maxlen: 24
81.21.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Mar 2026 15:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f0:8b:f4:c7:dc:e8:0e:12:8f:30:6f:a3:71:6e:ee:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Mar 15 08:10:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=99b51d6d5489e0925fcde3a6a0f86fe20ae932bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:51:bb:70:df:a7:6b:f0:3e:32:2b:05:46:47:
fe:e0:f5:c9:6f:7b:1d:ef:a4:b8:ce:4d:b2:f9:28:
62:9e:74:4f:3c:d6:7a:57:b9:30:26:0a:58:15:09:
36:bc:e9:98:9c:14:b7:4f:e9:3d:e3:88:d9:d2:21:
59:4b:51:44:0a:95:4b:6e:11:72:2e:2f:6e:b4:b2:
7f:0c:68:1f:aa:4e:6d:3e:cc:29:aa:b2:6b:d2:87:
f7:6a:db:80:1a:04:af:c2:de:89:99:4d:d7:0f:73:
b2:a4:89:64:67:ae:37:64:90:2f:94:94:33:f9:a8:
2e:56:a8:7c:09:81:f7:c5:95:ee:fe:ee:d6:20:c2:
d5:05:df:c6:f2:0b:d7:2c:e1:a4:db:6b:ed:3b:70:
7b:b7:8b:43:97:23:db:3f:b3:72:e1:6b:c2:14:f0:
ae:e7:69:06:f2:f3:c5:12:41:cb:5c:be:d6:a7:91:
21:31:4d:87:77:09:48:25:74:e9:bc:91:8a:82:3a:
09:0b:68:0e:c3:62:45:9a:bc:7d:d3:77:c4:ae:53:
55:c6:40:f0:c5:bb:a4:75:98:1c:fe:4b:b4:2b:53:
31:2f:cf:70:90:f1:ef:d7:a3:4f:20:ce:27:4c:09:
4d:47:48:a6:40:b7:21:dd:78:f4:51:1a:61:25:7e:
5a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B5:1D:6D:54:89:E0:92:5F:CD:E3:A6:A0:F8:6F:E2:0A:E9:32:BD
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/mbUdbVSJ4JJfzeOmoPhv4grpMr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.172.0/23
62.72.183.0/24
81.21.5.0-81.21.6.255
Signature Algorithm: sha256WithRSAEncryption
47:38:33:60:1b:72:41:60:ac:33:3a:a9:58:e5:6a:ca:8e:e5:
ac:26:08:c9:0e:53:e8:85:38:8c:48:ff:25:4f:4e:ac:1d:d3:
e0:ae:e2:a6:5c:e1:0d:12:0e:f5:4e:ef:58:36:31:89:14:9f:
90:3d:27:8f:14:7c:bd:3d:63:8f:bc:f0:52:43:67:66:c3:55:
6c:0a:e1:fb:d7:84:58:02:d9:67:cd:5e:71:c0:7c:0c:64:36:
9b:b0:39:cd:08:ea:e7:23:4d:19:9e:fe:8c:ac:de:1e:8f:6e:
e3:35:d5:49:66:81:17:25:ca:ce:34:c3:60:1b:7f:50:b7:ab:
c5:06:21:4f:ab:cd:c5:88:fa:71:b6:8a:6c:be:ab:17:2e:3b:
3d:00:86:4c:b2:e7:95:e9:bf:f6:6d:72:c8:65:01:ec:97:bd:
21:53:2d:b0:48:18:79:f3:2e:e8:15:97:95:b2:20:79:ff:8a:
cb:5d:8c:05:18:6b:5e:b8:20:dd:dc:b5:ef:6a:a4:95:e7:62:
22:3d:06:12:d5:1d:ae:0e:19:b8:01:39:c2:92:da:30:60:9c:
24:a4:92:39:43:b3:e2:e9:3f:fb:72:77:40:93:e4:4c:7c:a2:
a1:b7:06:8e:42:39:0d:c0:b7:83:d5:4f:56:be:d1:70:04:d4:
31:48:b7:46
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZzwi/TH3OgOEo8wb6Nxbu5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjYwMzE1MDgxMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWI1MWQ2ZDU0ODllMDkyNWZjZGUzYTZhMGY4NmZlMjBhZTkzMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFG7cN+na/A+MisFRkf+4PXJb3sd
76S4zk2y+ShinnRPPNZ6V7kwJgpYFQk2vOmYnBS3T+k944jZ0iFZS1FECpVLbhFy
Li9utLJ/DGgfqk5tPswpqrJr0of3atuAGgSvwt6JmU3XD3OypIlkZ643ZJAvlJQz
+aguVqh8CYH3xZXu/u7WIMLVBd/G8gvXLOGk22vtO3B7t4tDlyPbP7Ny4WvCFPCu
52kG8vPFEkHLXL7Wp5EhMU2HdwlIJXTpvJGKgjoJC2gOw2JFmrx903fErlNVxkDw
xbukdZgc/ku0K1MxL89wkPHv16NPIM4nTAlNR0imQLch3Xj0URphJX5awwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJm1HW1UieCSX83jpqD4b+IK6TK9MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvbWJVZGJWU0o0SkpmemVPbW9QaHY0Z3JwTXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBPkisAwQA
Pki3MAwDBABRFQUDBABRFQYwDQYJKoZIhvcNAQELBQADggEBAEc4M2AbckFgrDM6
qVjlasqO5awmCMkOU+iFOIxI/yVPTqwd0+Cu4qZc4Q0SDvVO71g2MYkUn5A9J48U
fL09Y4+88FJDZ2bDVWwK4fvXhFgC2WfNXnHAfAxkNpuwOc0I6ucjTRme/oys3h6P
buM11UlmgRclys40w2Abf1C3q8UGIU+rzcWI+nG2imy+qxcuOz0Ahkyy55Xpv/Zt
cshlAeyXvSFTLbBIGHnzLugVl5WyIHn/istdjAUYa164IN3cte9qpJXnYiI9BhLV
Ha4OGbgBOcKS2jBgnCSkkjlDs+LpP/tyd0CT5Ex8oqG3Bo5COQ3At4PVT1a+0XAE
1DFIt0Y=
-----END CERTIFICATE-----
Generated at Sun Mar 15 20:47:53 2026 by rpki-client