Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/mLwRQPJNPNyFW9b_cs3RSw90Ej0.roa
File: mLwRQPJNPNyFW9b_cs3RSw90Ej0.roa (raw, json)
Hash identifier: lGalA+fhuk3zaDb/hTVS4G3SDG2yM8uu4pBXLLe2M9c=
Subject key identifier: 98:BC:11:40:F2:4D:3C:DC:85:5B:D6:FF:72:CD:D1:4B:0F:74:12:3D
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019D0B5197CC594C8355A50175F822D7197A
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/mLwRQPJNPNyFW9b_cs3RSw90Ej0.roa
Signing time: Fri 20 Mar 2026 12:56:29 +0000
ROA not before: Fri 20 Mar 2026 12:56:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58232
IP address blocks: 45.159.148.0/24 maxlen: 24
185.113.10.0/24 maxlen: 24
195.254.165.0/24 maxlen: 24
2a05:9080:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 23:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0b:51:97:cc:59:4c:83:55:a5:01:75:f8:22:d7:19:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Mar 20 12:56:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=98bc1140f24d3cdc855bd6ff72cdd14b0f74123d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:97:e1:dd:74:d5:85:6b:05:35:4b:7d:63:fa:
94:46:ce:2f:8d:01:e7:9f:76:c4:13:0b:89:bc:12:
6e:87:f3:0d:71:82:d3:91:43:ec:3d:13:34:67:a8:
d3:70:dc:40:da:b0:fb:ff:44:41:43:67:63:a7:da:
e1:5e:9a:5a:7b:c9:91:28:8c:d1:84:b1:5b:ba:9b:
2a:c8:55:4f:63:45:28:e1:ac:1c:3b:f9:c1:3d:48:
10:c1:10:bb:40:45:b5:8e:68:a6:a4:b8:4a:a5:8e:
bd:6c:85:3c:e0:40:5c:5b:f8:25:88:c4:c3:c8:24:
72:15:7c:30:a7:55:68:63:38:43:8e:0e:1d:5e:81:
18:1b:e8:15:02:ba:0e:a0:2c:f4:ea:a6:f4:56:67:
5f:a6:a3:b4:9f:4a:cf:a6:e7:7f:56:ae:48:cb:8a:
67:71:d9:99:33:d2:9e:c9:23:7b:78:bb:5c:ac:77:
39:72:0a:7b:b8:a2:d4:b7:a8:7c:0a:a0:b8:5a:68:
bd:f2:c6:3a:b2:88:95:95:5f:6d:8a:0f:30:5c:ec:
b0:48:af:de:09:28:fe:48:09:fb:df:45:18:49:5e:
cd:4d:51:66:19:14:8c:0d:5d:8f:a7:dc:c6:f0:e8:
cd:f5:dc:89:90:1d:30:c9:13:e6:01:c1:b4:57:2c:
35:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:BC:11:40:F2:4D:3C:DC:85:5B:D6:FF:72:CD:D1:4B:0F:74:12:3D
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/mLwRQPJNPNyFW9b_cs3RSw90Ej0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.148.0/24
185.113.10.0/24
195.254.165.0/24
IPv6:
2a05:9080:5::/48
Signature Algorithm: sha256WithRSAEncryption
0a:d3:27:d3:d7:54:98:62:4c:02:6a:95:d1:71:90:a4:c7:34:
e6:d2:46:0d:06:47:e1:ba:9e:68:56:b7:e3:31:f4:f6:23:07:
be:f8:1f:3c:0f:35:df:fe:f4:41:9e:b4:cb:df:ec:d7:ad:00:
e0:36:1e:5f:cc:ae:96:b4:0c:26:60:e7:3e:bc:28:6c:b7:b2:
db:0d:0e:3e:9e:ef:c2:cc:7d:20:39:f3:63:22:fb:bc:1e:93:
59:a1:71:a3:da:d5:6e:8b:c4:45:57:10:95:4d:12:93:ad:52:
46:ea:c3:ed:d5:e1:3f:82:e6:9b:1d:0f:b8:b3:c3:95:d6:57:
16:34:e5:bc:99:93:48:9f:2a:fe:c0:76:76:86:41:83:94:16:
99:e1:6d:0f:d3:96:e7:9b:c8:2d:7c:cc:05:ce:65:5f:04:0d:
79:6e:95:7f:c7:19:a5:90:af:78:e9:ab:6a:a1:ac:73:47:fe:
3d:9c:57:3c:e9:6a:9d:3b:7c:73:21:e3:be:61:0e:10:d1:03:
2e:3e:d8:9a:c3:60:6a:14:69:2f:30:3b:cb:d4:a8:b1:43:77:
5a:20:be:34:03:1d:cf:41:e6:c7:1d:c6:ef:86:c3:a8:14:7d:
88:61:61:80:f4:af:c3:a0:4f:06:44:e1:ea:ff:a0:e4:24:3c:
4b:ad:df:85
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZ0LUZfMWUyDVaUBdfgi1xl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwMzIwMTI1NjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGJjMTE0MGYyNGQzY2RjODU1YmQ2ZmY3MmNkZDE0YjBmNzQxMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJfh3XTVhWsFNUt9Y/qURs4vjQHn
n3bEEwuJvBJuh/MNcYLTkUPsPRM0Z6jTcNxA2rD7/0RBQ2djp9rhXppae8mRKIzR
hLFbupsqyFVPY0Uo4awcO/nBPUgQwRC7QEW1jmimpLhKpY69bIU84EBcW/gliMTD
yCRyFXwwp1VoYzhDjg4dXoEYG+gVAroOoCz06qb0VmdfpqO0n0rPpud/Vq5Iy4pn
cdmZM9KeySN7eLtcrHc5cgp7uKLUt6h8CqC4Wmi98sY6soiVlV9tig8wXOywSK/e
CSj+SAn730UYSV7NTVFmGRSMDV2Pp9zG8OjN9dyJkB0wyRPmAcG0Vyw1fQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJi8EUDyTTzchVvW/3LN0UsPdBI9MB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvbUx3UlFQSk5QTnlGVzliX2NzM1JTdzkwRWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQALZ+UAwQA
uXEKAwQAw/6lMA8EAgACMAkDBwAqBZCAAAUwDQYJKoZIhvcNAQELBQADggEBAArT
J9PXVJhiTAJqldFxkKTHNObSRg0GR+G6nmhWt+Mx9PYjB774HzwPNd/+9EGetMvf
7NetAOA2Hl/Mrpa0DCZg5z68KGy3stsNDj6e78LMfSA582Mi+7wek1mhcaPa1W6L
xEVXEJVNEpOtUkbqw+3V4T+C5psdD7izw5XWVxY05byZk0ifKv7AdnaGQYOUFpnh
bQ/TluebyC18zAXOZV8EDXlulX/HGaWQr3jpq2qhrHNH/j2cVzzpap07fHMh475h
DhDRAy4+2JrDYGoUaS8wO8vUqLFDd1ogvjQDHc9B5scdxu+Gw6gUfYhhYYD0r8Og
TwZE4er/oOQkPEut34U=
-----END CERTIFICATE-----
Generated at Sun Mar 22 06:29:15 2026 by rpki-client