Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Mgy3XlZ0XWZtqOVJNFU49yknRNo.roa
File: Mgy3XlZ0XWZtqOVJNFU49yknRNo.roa (raw, json)
Hash identifier: RBDOwHUpIIJwDnf6fZABtYOvxfx//zNwXPxsXza/LTY=
Subject key identifier: 32:0C:B7:5E:56:74:5D:66:6D:A8:E5:49:34:55:38:F7:29:27:44:DA
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019CF55405547E9F582CCC4A34F0B52C418D
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Mgy3XlZ0XWZtqOVJNFU49yknRNo.roa
Signing time: Mon 16 Mar 2026 06:27:30 +0000
ROA not before: Mon 16 Mar 2026 06:27:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57043
IP address blocks: 2.57.242.0/24 maxlen: 24
2.57.243.0/24 maxlen: 24
45.88.15.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
77.81.101.0/24 maxlen: 24
79.110.227.0/24 maxlen: 24
85.204.18.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.37.185.0/24 maxlen: 24
89.39.120.0/24 maxlen: 24
89.40.70.0/24 maxlen: 24
89.125.0.0/24 maxlen: 24
89.125.1.0/24 maxlen: 24
89.125.2.0/24 maxlen: 24
89.125.3.0/24 maxlen: 24
89.125.51.0/24 maxlen: 24
89.125.53.0/24 maxlen: 24
89.125.54.0/24 maxlen: 24
89.125.56.0/24 maxlen: 24
89.125.60.0/24 maxlen: 24
89.125.61.0/24 maxlen: 24
89.125.63.0/24 maxlen: 24
89.125.68.0/24 maxlen: 24
89.125.73.0/24 maxlen: 24
89.125.77.0/24 maxlen: 24
89.125.85.0/24 maxlen: 24
89.125.92.0/24 maxlen: 24
89.125.95.0/24 maxlen: 24
89.125.98.0/24 maxlen: 24
89.125.122.0/24 maxlen: 24
89.125.123.0/24 maxlen: 24
89.125.130.0/24 maxlen: 24
89.125.131.0/24 maxlen: 24
89.125.152.0/24 maxlen: 24
89.125.159.0/24 maxlen: 24
89.125.181.0/24 maxlen: 24
89.125.210.0/24 maxlen: 24
94.177.13.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
94.177.145.0/24 maxlen: 24
103.56.84.0/24 maxlen: 24
103.73.35.0/24 maxlen: 24
167.17.40.0/24 maxlen: 24
167.17.176.0/24 maxlen: 24
167.17.177.0/24 maxlen: 24
167.17.178.0/24 maxlen: 24
167.17.180.0/24 maxlen: 24
167.17.182.0/24 maxlen: 24
185.212.119.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
188.213.0.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
193.124.225.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
202.71.12.0/24 maxlen: 24
202.71.13.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
204.77.1.0/24 maxlen: 24
206.245.129.0/24 maxlen: 24
206.245.131.0/24 maxlen: 24
206.245.133.0/24 maxlen: 24
206.245.134.0/24 maxlen: 24
206.245.135.0/24 maxlen: 24
206.245.157.0/24 maxlen: 24
206.245.159.0/24 maxlen: 24
208.123.185.0/24 maxlen: 24
208.123.190.0/24 maxlen: 24
208.123.191.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
212.192.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Mar 2026 19:32:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f5:54:05:54:7e:9f:58:2c:cc:4a:34:f0:b5:2c:41:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 16 06:27:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=320cb75e56745d666da8e549345538f7292744da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b0:f2:93:e6:bd:dd:69:af:af:b9:c6:f2:2f:
78:ce:e1:41:ea:1e:a3:bb:a8:ef:77:c4:bc:00:1e:
02:31:eb:b4:88:e2:22:6d:6d:c1:6c:b9:a2:bf:67:
91:43:35:37:07:b1:cc:fd:4c:49:30:af:d8:dc:6e:
8d:28:fc:99:6b:38:0f:fd:c1:fa:c7:44:ac:8b:e3:
83:a8:49:96:3a:0a:7f:28:2a:f9:8d:25:28:40:eb:
38:74:93:23:3b:cd:49:7b:dc:91:48:26:f2:b0:a3:
f4:85:18:8f:78:17:28:a8:84:c7:e5:7e:fc:0e:b3:
23:18:a8:5d:93:95:15:b5:31:f9:38:f5:9b:13:89:
d9:a9:5a:06:a4:c9:55:bf:a9:8e:b3:61:f0:cb:09:
a0:23:d2:f4:20:1a:6f:0f:cb:40:d9:a7:6d:64:df:
da:99:1d:ac:94:87:11:37:30:7b:c4:ba:a2:f8:f5:
77:17:33:89:6d:9b:1f:d5:dc:fa:43:a6:f7:a6:f2:
0b:e0:4d:7a:63:e0:0b:38:d6:5c:dc:28:4d:44:b4:
37:fa:3f:2e:ca:2a:08:1a:ff:58:2a:1e:8b:22:46:
4e:d3:1a:70:ce:e4:ed:28:4d:6f:38:7a:bf:c2:4f:
fe:5a:d8:e6:a3:99:c8:44:8d:23:7e:b1:14:ba:78:
98:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0C:B7:5E:56:74:5D:66:6D:A8:E5:49:34:55:38:F7:29:27:44:DA
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/Mgy3XlZ0XWZtqOVJNFU49yknRNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/23
45.88.15.0/24
45.135.182.0/24
77.81.101.0/24
79.110.227.0/24
85.204.18.0/24
89.35.119.0/24
89.35.129.0/24
89.37.185.0/24
89.39.120.0/24
89.40.70.0/24
89.125.0.0/22
89.125.51.0/24
89.125.53.0-89.125.54.255
89.125.56.0/24
89.125.60.0/23
89.125.63.0/24
89.125.68.0/24
89.125.73.0/24
89.125.77.0/24
89.125.85.0/24
89.125.92.0/24
89.125.95.0/24
89.125.98.0/24
89.125.122.0/23
89.125.130.0/23
89.125.152.0/24
89.125.159.0/24
89.125.181.0/24
89.125.210.0/24
94.177.13.0/24
94.177.106.0/24
94.177.145.0/24
103.56.84.0/24
103.73.35.0/24
167.17.40.0/24
167.17.176.0-167.17.178.255
167.17.180.0/24
167.17.182.0/24
185.212.119.0/24
188.208.103.0/24
188.213.0.0/24
188.214.107.0/24
193.124.36.0/24
193.124.225.0/24
194.85.249.0/24
194.85.251.0/24
202.71.12.0/23
202.71.15.0/24
204.77.1.0/24
206.245.129.0/24
206.245.131.0/24
206.245.133.0-206.245.135.255
206.245.157.0/24
206.245.159.0/24
208.123.185.0/24
208.123.190.0/23
212.192.0.0/24
212.192.8.0/24
212.192.11.0/24
212.192.212.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:48:db:17:87:19:86:77:d4:2b:05:29:69:a9:26:76:ee:2d:
8c:2b:62:e3:e7:c6:45:05:da:c3:87:13:fb:de:a6:e7:4b:bc:
f6:4c:67:92:12:03:0a:60:e1:b1:f4:7e:3f:ea:be:7b:0c:6f:
71:4a:98:ad:71:ff:a9:03:06:8e:35:c3:4c:ed:6e:c8:77:0f:
b4:35:b4:0d:0e:42:30:e7:ce:46:6c:cd:39:77:eb:2f:08:4a:
42:d9:6a:e4:4c:73:4d:7c:21:97:d8:61:9a:3b:9b:91:c3:25:
a8:dd:e0:f2:e4:3f:40:8e:a3:b8:75:d9:63:72:d6:ff:03:d3:
31:d1:e8:57:81:d6:a1:55:78:88:11:32:5c:69:85:76:b2:be:
44:d0:de:57:57:d4:0e:07:6f:e1:95:57:5b:25:b6:83:28:77:
6b:c9:73:d0:16:f4:d3:84:47:f5:7c:1f:c1:2a:22:7e:52:b3:
b8:02:83:5a:d9:0b:3e:28:08:41:3f:a4:18:e7:5e:1c:ed:83:
c6:25:b8:3d:7a:3a:6f:d9:aa:d4:9f:9e:d1:50:7d:4a:44:0a:
33:77:c9:e8:11:18:82:15:1b:9b:ae:12:bb:8d:1b:da:85:3d:
28:02:39:be:ca:a0:97:74:a5:03:f2:17:d2:8f:3d:f2:25:86:
37:91:5c:f0
-----BEGIN CERTIFICATE-----
MIIGhzCCBW+gAwIBAgISAZz1VAVUfp9YLMxKNPC1LEGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMzE2MDYyNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjBjYjc1ZTU2NzQ1ZDY2NmRhOGU1NDkzNDU1MzhmNzI5Mjc0NGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLDyk+a93Wmvr7nG8i94zuFB6h6j
u6jvd8S8AB4CMeu0iOIibW3BbLmiv2eRQzU3B7HM/UxJMK/Y3G6NKPyZazgP/cH6
x0Ssi+ODqEmWOgp/KCr5jSUoQOs4dJMjO81Je9yRSCbysKP0hRiPeBcoqITH5X78
DrMjGKhdk5UVtTH5OPWbE4nZqVoGpMlVv6mOs2HwywmgI9L0IBpvD8tA2adtZN/a
mR2slIcRNzB7xLqi+PV3FzOJbZsf1dz6Q6b3pvIL4E16Y+ALONZc3ChNRLQ3+j8u
yioIGv9YKh6LIkZO0xpwzuTtKE1vOHq/wk/+Wtjmo5nIRI0jfrEUuniYKQIDAQAB
o4IDkzCCA48wHQYDVR0OBBYEFDIMt15WdF1mbajlSTRVOPcpJ0TaMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvTWd5M1hsWjBYV1p0cU9WSk5GVTQ5eWtuUk5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBpwYIKwYBBQUHAQcBAf8EggGWMIIBkjCCAY4EAgABMIIB
hgMEAQI58gMEAC1YDwMEAC2HtgMEAE1RZQMEAE9u4wMEAFXMEgMEAFkjdwMEAFkj
gQMEAFkluQMEAFkneAMEAFkoRgMEAll9AAMEAFl9MzAMAwQAWX01AwQAWX02AwQA
WX04AwQBWX08AwQAWX0/AwQAWX1EAwQAWX1JAwQAWX1NAwQAWX1VAwQAWX1cAwQA
WX1fAwQAWX1iAwQBWX16AwQBWX2CAwQAWX2YAwQAWX2fAwQAWX21AwQAWX3SAwQA
XrENAwQAXrFqAwQAXrGRAwQAZzhUAwQAZ0kjAwQApxEoMAwDBASnEbADBACnEbID
BACnEbQDBACnEbYDBAC51HcDBAC80GcDBAC81QADBAC81msDBADBfCQDBADBfOED
BADCVfkDBADCVfsDBAHKRwwDBADKRw8DBADMTQEDBADO9YEDBADO9YMwDAMEAM71
hQMEA871gAMEAM71nQMEAM71nwMEANB7uQMEAdB7vgMEANTAAAMEANTACAMEANTA
CwMEANTA1DANBgkqhkiG9w0BAQsFAAOCAQEAfUjbF4cZhnfUKwUpaakmdu4tjCti
4+fGRQXaw4cT+96m50u89kxnkhIDCmDhsfR+P+q+ewxvcUqYrXH/qQMGjjXDTO1u
yHcPtDW0DQ5CMOfORmzNOXfrLwhKQtlq5ExzTXwhl9hhmjubkcMlqN3g8uQ/QI6j
uHXZY3LW/wPTMdHoV4HWoVV4iBEyXGmFdrK+RNDeV1fUDgdv4ZVXWyW2gyh3a8lz
0Bb004RH9XwfwSoiflKzuAKDWtkLPigIQT+kGOdeHO2DxiW4PXo6b9mq1J+e0VB9
SkQKM3fJ6BEYghUbm64Su40b2oU9KAI5vsqgl3SlA/IX0o898iWGN5Fc8A==
-----END CERTIFICATE-----
Generated at Tue Mar 17 04:25:27 2026 by rpki-client