Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/McIHeSgScebcIpkPT4THS1jto5Q.roa
File: McIHeSgScebcIpkPT4THS1jto5Q.roa (raw, json)
Hash identifier: fdb99PeEhGhn7zMv+ymuqGVl1nC5qV/Bm2pOoVJfRTc=
Subject key identifier: 31:C2:07:79:28:12:71:E6:DC:22:99:0F:4F:84:C7:4B:58:ED:A3:94
Certificate issuer: /CN=a04845af1dc0087b274cee52a4a9e0880335435d
Certificate serial: 019EACBA28CC3FC56708568F4FB75E8645F6
Authority key identifier: A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/McIHeSgScebcIpkPT4THS1jto5Q.roa
Signing time: Tue 09 Jun 2026 14:12:21 +0000
ROA not before: Tue 09 Jun 2026 14:12:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59796
IP address blocks: 178.210.160.0/24 maxlen: 24
178.210.170.0/24 maxlen: 24
178.210.171.0/24 maxlen: 24
178.210.172.0/24 maxlen: 24
178.210.173.0/24 maxlen: 24
178.210.174.0/24 maxlen: 24
178.210.175.0/24 maxlen: 24
178.210.176.0/24 maxlen: 24
178.210.177.0/24 maxlen: 24
178.210.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.mft
rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 11:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ac:ba:28:cc:3f:c5:67:08:56:8f:4f:b7:5e:86:45:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04845af1dc0087b274cee52a4a9e0880335435d
Validity
Not Before: Jun 9 14:12:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=31c20779281271e6dc22990f4f84c74b58eda394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:05:c7:12:9f:8d:cc:51:a6:62:a8:78:26:77:
66:15:08:e5:6f:fc:50:f2:c5:d1:64:75:27:1d:c7:
53:fb:8e:69:17:4d:22:ec:c6:a3:04:85:b6:39:24:
3d:ef:40:13:05:49:d2:07:7a:c1:9c:18:83:a4:48:
70:71:86:a7:c2:c7:09:87:0c:d6:b2:75:93:c9:6a:
b2:4b:bb:9b:36:f2:8a:bb:bb:65:3d:d8:a3:72:a8:
62:ef:61:f9:80:8d:46:6d:6a:e1:7a:e7:92:a6:3d:
86:07:4e:4a:10:be:cf:cf:82:fb:92:21:e4:b1:a7:
f8:c8:3c:55:71:35:1d:78:88:e0:3a:c4:fe:1c:3b:
49:ea:a9:11:b6:c9:32:d7:98:0d:4c:d8:6e:a0:ff:
ee:68:db:c3:8d:d7:c5:da:72:9e:54:88:d3:56:91:
e2:8b:7c:39:91:45:8e:aa:16:50:a0:61:b8:44:bd:
50:09:53:f8:bd:2c:6a:c2:33:69:26:b5:b8:f1:86:
d2:79:9c:03:18:22:d0:2b:66:00:33:39:d1:27:14:
69:4c:9f:95:ca:08:6c:3f:75:d8:81:83:ec:33:a3:
89:26:b8:e3:41:66:6f:df:23:99:f9:34:81:cf:5c:
df:a7:1b:9c:7a:f9:e2:f0:38:a5:aa:27:be:99:c6:
cc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C2:07:79:28:12:71:E6:DC:22:99:0F:4F:84:C7:4B:58:ED:A3:94
X509v3 Authority Key Identifier:
keyid:A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/McIHeSgScebcIpkPT4THS1jto5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.160.0/24
178.210.170.0-178.210.178.255
Signature Algorithm: sha256WithRSAEncryption
68:25:25:1c:34:50:24:ce:b9:78:8e:1b:05:81:f9:4c:98:30:
ce:ba:e3:3d:8d:fa:ce:38:00:02:55:3f:ba:a2:96:2f:24:41:
db:fb:55:18:1c:9b:09:37:11:dd:0e:1c:3f:68:be:ae:0a:79:
a8:e6:d6:e7:88:af:4d:66:3c:02:3f:74:d6:24:b4:81:01:16:
66:00:3b:31:3b:ad:bf:88:97:a7:f8:6c:05:67:c8:37:3c:8e:
e0:f8:a9:b6:9b:61:d4:81:f6:9d:96:b9:cb:19:e9:ef:19:42:
b2:41:f4:e4:4c:ae:14:1f:a0:db:a9:4b:53:5c:cd:2e:a9:4d:
85:fa:2d:98:8d:54:30:e8:6c:a2:08:bb:f8:cf:89:ef:05:69:
a2:d7:1a:a8:90:f8:c7:e7:72:30:ff:20:29:11:0e:bf:0b:cd:
ff:14:2b:ba:ea:7d:05:ad:7d:91:0b:ff:c6:53:b0:21:bc:cb:
2a:53:a4:5b:91:50:3d:80:29:a4:80:f3:f1:2a:78:d2:2d:ed:
68:4d:16:25:b7:55:3c:c5:e0:d5:a1:51:b3:d7:82:1b:bf:e2:
a2:ea:df:8a:2d:0e:d7:99:c8:1f:c3:37:e0:79:c1:d0:82:42:
59:87:37:42:7f:80:ea:36:de:00:18:e0:34:58:61:f9:c0:12:
4d:84:c5:a2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ6suijMP8VnCFaPT7dehkX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNDg0NWFmMWRjMDA4N2IyNzRjZWU1MmE0YTllMDg4MDMz
NTQzNWQwHhcNMjYwNjA5MTQxMjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWMyMDc3OTI4MTI3MWU2ZGMyMjk5MGY0Zjg0Yzc0YjU4ZWRhMzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwXHEp+NzFGmYqh4JndmFQjlb/xQ
8sXRZHUnHcdT+45pF00i7MajBIW2OSQ970ATBUnSB3rBnBiDpEhwcYanwscJhwzW
snWTyWqyS7ubNvKKu7tlPdijcqhi72H5gI1GbWrheueSpj2GB05KEL7Pz4L7kiHk
saf4yDxVcTUdeIjgOsT+HDtJ6qkRtsky15gNTNhuoP/uaNvDjdfF2nKeVIjTVpHi
i3w5kUWOqhZQoGG4RL1QCVP4vSxqwjNpJrW48YbSeZwDGCLQK2YAMznRJxRpTJ+V
yghsP3XYgYPsM6OJJrjjQWZv3yOZ+TSBz1zfpxucevni8Dilqie+mcbMdQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDHCB3koEnHm3CKZD0+Ex0tY7aOUMB8GA1UdIwQY
MBaAFKBIRa8dwAh7J0zuUqSp4IgDNUNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjct
NTA3MDExNTcwZWU2LzEvTWNJSGVTZ1NjZWJjSXBrUFQ0VEhTMWp0bzVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjctNTA3MDExNTcwZWU2
LzEvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAstKgMAwD
BAGy0qoDBACy0rIwDQYJKoZIhvcNAQELBQADggEBAGglJRw0UCTOuXiOGwWB+UyY
MM664z2N+s44AAJVP7qili8kQdv7VRgcmwk3Ed0OHD9ovq4Keajm1ueIr01mPAI/
dNYktIEBFmYAOzE7rb+Il6f4bAVnyDc8juD4qbabYdSB9p2WucsZ6e8ZQrJB9ORM
rhQfoNupS1NczS6pTYX6LZiNVDDobKIIu/jPie8FaaLXGqiQ+MfncjD/ICkRDr8L
zf8UK7rqfQWtfZEL/8ZTsCG8yypTpFuRUD2AKaSA8/EqeNIt7WhNFiW3VTzF4NWh
UbPXghu/4qLq34otDteZyB/DN+B5wdCCQlmHN0J/gOo23gAY4DRYYfnAEk2ExaI=
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:49:23 2026 by rpki-client