Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/MFRwZcWyrkAJJiquTuovieAtxL0.roa
File: MFRwZcWyrkAJJiquTuovieAtxL0.roa (raw, json)
Hash identifier: m7U12OvKlqXUnaAbAudF0tP4Tm7J/xzrN4dHtPrfkDA=
Subject key identifier: 30:54:70:65:C5:B2:AE:40:09:26:2A:AE:4E:EA:2F:89:E0:2D:C4:BD
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019C4DBB67D068E5CE5CDB4FD669FB7A219E
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/MFRwZcWyrkAJJiquTuovieAtxL0.roa
Signing time: Wed 11 Feb 2026 17:24:13 +0000
ROA not before: Wed 11 Feb 2026 17:24:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199785
IP address blocks: 37.46.16.0/24 maxlen: 24
37.46.17.0/24 maxlen: 24
37.46.18.0/24 maxlen: 24
37.46.19.0/24 maxlen: 24
64.188.72.0/24 maxlen: 24
64.188.99.0/24 maxlen: 24
77.239.106.0/24 maxlen: 24
144.31.80.0/23 maxlen: 24
144.31.132.0/23 maxlen: 24
144.31.184.0/23 maxlen: 24
144.31.194.0/23 maxlen: 24
150.241.76.0/23 maxlen: 24
150.241.113.0/24 maxlen: 24
150.241.114.0/24 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Feb 2026 09:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4d:bb:67:d0:68:e5:ce:5c:db:4f:d6:69:fb:7a:21:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 11 17:24:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=30547065c5b2ae4009262aae4eea2f89e02dc4bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ad:14:45:67:8c:8f:f8:d0:a8:37:f9:c0:ce:
a5:df:99:8e:29:33:09:d3:a2:41:6d:f6:29:6f:d3:
ed:c4:6e:12:e8:5d:de:13:25:7b:60:dd:92:95:3a:
7d:82:6f:6e:af:2b:07:44:d7:96:ba:fe:8f:48:1e:
1b:13:09:5c:85:bf:8c:32:89:2a:42:aa:10:69:2a:
33:fe:5d:5a:56:92:b0:0e:ff:10:47:91:3a:43:1e:
27:38:fd:23:c0:ba:3c:71:1f:ad:88:03:3b:db:ec:
35:48:06:b6:2f:5d:6e:e4:78:9d:df:66:ef:68:65:
6f:d3:9c:6c:64:ef:27:1d:33:e5:df:9f:f2:cd:89:
8b:35:d9:50:88:67:c4:04:93:82:cd:af:f3:84:4f:
bd:56:98:fc:d3:6d:69:3d:a3:72:58:62:81:d8:4f:
ac:51:6e:7e:bb:b1:cb:2a:81:2e:a4:da:74:33:44:
f5:8e:83:6b:25:45:bb:1d:c4:82:3e:62:8a:54:dc:
06:83:fe:7a:bd:8e:17:93:03:c6:af:8a:54:ba:d0:
b9:9f:b9:e0:ec:f9:b2:73:38:fd:6e:cd:f0:fd:e1:
77:5f:84:69:66:21:d0:41:d1:fe:0f:c0:f8:2f:9f:
fd:19:3f:8d:53:0f:1a:85:3d:c0:42:6d:86:e4:32:
a6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:54:70:65:C5:B2:AE:40:09:26:2A:AE:4E:EA:2F:89:E0:2D:C4:BD
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/MFRwZcWyrkAJJiquTuovieAtxL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.16.0/22
64.188.72.0/24
64.188.99.0/24
77.239.106.0/24
144.31.80.0/23
144.31.132.0/23
144.31.184.0/23
144.31.194.0/23
150.241.76.0/23
150.241.113.0-150.241.116.255
Signature Algorithm: sha256WithRSAEncryption
55:a1:90:8c:a3:5c:04:f6:48:3c:b0:00:d9:11:28:b4:d0:6c:
09:39:b5:64:1a:50:e2:cf:a2:80:22:e7:88:b5:e4:82:07:3e:
05:0a:ea:8c:a1:80:e5:dd:8b:ca:ee:7d:b5:0b:a2:44:df:c8:
95:c4:b9:71:ca:0b:a9:10:c0:35:70:72:74:db:22:4f:6b:7b:
b9:93:d2:5c:74:77:78:34:b3:16:ef:03:81:ae:31:60:85:aa:
4f:33:9f:de:4f:29:46:77:85:ac:0f:57:ed:8b:2d:29:31:17:
b4:b6:81:5f:18:bf:5c:56:5f:fd:2b:8e:85:86:4c:7f:d8:9b:
75:6f:9e:5b:a7:54:8d:a0:91:96:ab:e6:6d:c4:ec:80:e9:45:
4a:e7:a9:1b:05:c6:1e:c3:97:c8:46:40:10:51:28:df:70:b3:
a8:92:a6:b3:87:c0:68:8f:3a:c6:8b:d4:45:fe:ea:79:0a:95:
8f:f4:c8:d9:a9:1f:11:4b:24:16:5f:8d:bc:e3:e9:2a:71:02:
84:7c:86:20:b4:73:dc:60:30:71:53:96:14:fd:d4:b4:4f:22:
21:78:14:ed:66:db:79:e0:48:b6:11:94:16:1e:28:f7:d7:d6:
5c:45:94:0c:77:ff:a0:08:2c:27:98:64:d1:30:8c:66:a7:77:
14:60:cc:29
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZxNu2fQaOXOXNtP1mn7eiGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwMjExMTcyNDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDU0NzA2NWM1YjJhZTQwMDkyNjJhYWU0ZWVhMmY4OWUwMmRjNGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq0URWeMj/jQqDf5wM6l35mOKTMJ
06JBbfYpb9PtxG4S6F3eEyV7YN2SlTp9gm9urysHRNeWuv6PSB4bEwlchb+MMokq
QqoQaSoz/l1aVpKwDv8QR5E6Qx4nOP0jwLo8cR+tiAM72+w1SAa2L11u5Hid32bv
aGVv05xsZO8nHTPl35/yzYmLNdlQiGfEBJOCza/zhE+9Vpj8021pPaNyWGKB2E+s
UW5+u7HLKoEupNp0M0T1joNrJUW7HcSCPmKKVNwGg/56vY4XkwPGr4pUutC5n7ng
7Pmyczj9bs3w/eF3X4RpZiHQQdH+D8D4L5/9GT+NUw8ahT3AQm2G5DKmRQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFDBUcGXFsq5ACSYqrk7qL4ngLcS9MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvTUZSd1pjV3lya0FKSmlxdVR1b3ZpZUF0eEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCJS4QAwQA
QLxIAwQAQLxjAwQATe9qAwQBkB9QAwQBkB+EAwQBkB+4AwQBkB/CAwQBlvFMMAwD
BACW8XEDBACW8XQwDQYJKoZIhvcNAQELBQADggEBAFWhkIyjXAT2SDywANkRKLTQ
bAk5tWQaUOLPooAi54i15IIHPgUK6oyhgOXdi8rufbULokTfyJXEuXHKC6kQwDVw
cnTbIk9re7mT0lx0d3g0sxbvA4GuMWCFqk8zn95PKUZ3hawPV+2LLSkxF7S2gV8Y
v1xWX/0rjoWGTH/Ym3VvnlunVI2gkZar5m3E7IDpRUrnqRsFxh7Dl8hGQBBRKN9w
s6iSprOHwGiPOsaL1EX+6nkKlY/0yNmpHxFLJBZfjbzj6SpxAoR8hiC0c9xgMHFT
lhT91LRPIiF4FO1m23ngSLYRlBYeKPfX1lxFlAx3/6AILCeYZNEwjGandxRgzCk=
-----END CERTIFICATE-----
Generated at Tue Feb 17 14:02:42 2026 by rpki-client