Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mxzv7xRjRXpNNERn-i18FqBMlNk.roa
File: mxzv7xRjRXpNNERn-i18FqBMlNk.roa (raw, json)
Hash identifier: 8EnfJJnkjjXYH4KTyU+nQdniVPNM7VsrTo4svIZUxvM=
Subject key identifier: 9B:1C:EF:EF:14:63:45:7A:4D:34:44:67:FA:2D:7C:16:A0:4C:94:D9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019C9E0AB54F28952DDF1FE7517559E6376A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mxzv7xRjRXpNNERn-i18FqBMlNk.roa
Signing time: Fri 27 Feb 2026 07:40:27 +0000
ROA not before: Fri 27 Feb 2026 07:40:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.60.0/23 maxlen: 23
87.121.165.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:0a:b5:4f:28:95:2d:df:1f:e7:51:75:59:e6:37:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 27 07:40:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9b1cefef1463457a4d344467fa2d7c16a04c94d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1f:f5:a2:1c:83:ae:1e:1d:94:37:c3:1c:72:
0d:43:31:65:8e:cd:0f:4d:cf:09:47:4b:5a:36:b5:
21:f4:41:43:43:1f:07:e4:1a:3c:35:c1:17:bf:15:
bc:0f:6f:41:ce:b2:7b:aa:6a:42:1e:ed:0b:7a:1d:
b5:15:47:77:f6:19:c4:02:be:4b:73:85:24:90:b4:
50:fb:bf:c1:0d:75:f3:2a:42:e3:3a:52:57:8a:76:
9f:bf:32:28:29:94:75:4a:07:c2:35:c1:b1:01:06:
56:69:a7:3b:17:ca:47:f4:fc:05:50:00:a8:39:5f:
de:5e:7c:dd:b6:4f:d3:78:f2:b9:b2:25:4a:da:73:
c2:59:e0:79:ab:f4:93:13:2d:03:d8:57:ff:46:ce:
9f:57:3e:ad:77:96:c3:33:1f:08:20:3b:7c:2b:72:
b6:7d:e4:5b:01:8b:66:75:a1:38:61:bf:cc:c7:5b:
ba:5c:95:f9:1d:f5:61:12:a8:d7:ec:49:54:f6:cc:
4e:fe:65:09:d9:19:f3:8f:cd:0e:4f:ad:e8:ed:16:
ba:99:b7:65:49:7c:28:67:79:6b:38:9e:62:0c:4a:
04:46:c9:c4:cc:5b:5d:73:9d:d2:1a:71:9b:41:c9:
96:f8:b1:96:83:76:3f:37:fd:e9:0e:84:2f:b7:a4:
44:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:1C:EF:EF:14:63:45:7A:4D:34:44:67:FA:2D:7C:16:A0:4C:94:D9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mxzv7xRjRXpNNERn-i18FqBMlNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.141.158.0/24
81.161.238.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.121.60.0/23
87.121.165.0/24
92.119.196.0/23
92.249.50.0/24
93.123.109.0/24
94.156.238.0/24
147.78.100.0/24
185.218.84.0/22
185.222.160.0/24
193.25.216.0/24
194.55.186.0/24
194.55.224.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
15:f6:cc:a9:a6:69:ec:ec:7c:9f:03:8d:18:e9:41:d5:dd:1a:
20:1e:67:58:d2:4f:4b:2f:3e:63:bf:b0:19:85:fc:3d:4a:a7:
20:68:63:41:fb:34:56:99:81:01:c9:df:f5:77:f1:18:bd:10:
7b:1f:69:73:ee:63:55:36:e3:23:d6:88:9d:ea:14:8a:ed:b1:
1c:12:ad:a2:c0:94:a9:15:c9:2d:7b:86:ab:2c:20:34:af:cf:
7b:1c:c3:b8:51:39:b0:28:0c:54:6d:a0:bd:05:ca:22:25:75:
32:61:a4:5a:b9:44:e2:4d:df:cb:fa:f4:ff:72:86:90:77:5f:
5c:e6:a8:ef:40:9f:b0:4a:e6:4c:d0:e6:ce:c3:ca:d0:54:19:
41:9d:33:78:3d:53:00:0f:d4:6d:f9:8f:aa:5b:6f:db:0e:2b:
4a:77:96:bd:b3:5d:c4:5f:08:29:52:0e:70:63:5b:7b:82:25:
43:45:dc:41:35:27:e4:d4:78:d1:b8:2a:e9:ce:79:f2:9e:5a:
2c:36:67:b5:38:01:40:a2:d4:7a:d4:24:fa:c3:e6:f4:21:19:
24:dc:7e:a2:75:57:73:68:7a:3f:76:e9:83:76:bc:34:0e:a2:
19:e7:fd:f8:a2:63:b0:ef:7b:f3:b2:16:80:26:27:07:3c:7f:
46:a3:63:5b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZyeCrVPKJUt3x/nUXVZ5jdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMjI3MDc0MDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjFjZWZlZjE0NjM0NTdhNGQzNDQ0NjdmYTJkN2MxNmEwNGM5NGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx/1ohyDrh4dlDfDHHINQzFljs0P
Tc8JR0taNrUh9EFDQx8H5Bo8NcEXvxW8D29BzrJ7qmpCHu0Leh21FUd39hnEAr5L
c4UkkLRQ+7/BDXXzKkLjOlJXinafvzIoKZR1SgfCNcGxAQZWaac7F8pH9PwFUACo
OV/eXnzdtk/TePK5siVK2nPCWeB5q/STEy0D2Ff/Rs6fVz6td5bDMx8IIDt8K3K2
feRbAYtmdaE4Yb/Mx1u6XJX5HfVhEqjX7ElU9sxO/mUJ2Rnzj80OT63o7Ra6mbdl
SXwoZ3lrOJ5iDEoERsnEzFtdc53SGnGbQcmW+LGWg3Y/N/3pDoQvt6REgQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFJsc7+8UY0V6TTREZ/otfBagTJTZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbXh6djd4UmpSWHBOTkVSbi1pMThGcUJNbE5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAt
QuQDBAAtQucDBAAtWfcDBAAtjZ4DBABRoe4DBAFV2YIDBABXeFcDBABXeH4DBABX
eKYDBAFXeTwDBABXeaUDBAFcd8QDBABc+TIDBABde20DBABenO4DBACTTmQDBAK5
2lQDBAC53qADBADBGdgDBADCN7oDBADCN+ADBADCqa8wDQYJKoZIhvcNAQELBQAD
ggEBABX2zKmmaezsfJ8DjRjpQdXdGiAeZ1jST0svPmO/sBmF/D1KpyBoY0H7NFaZ
gQHJ3/V38Ri9EHsfaXPuY1U24yPWiJ3qFIrtsRwSraLAlKkVyS17hqssIDSvz3sc
w7hRObAoDFRtoL0FyiIldTJhpFq5ROJN38v69P9yhpB3X1zmqO9An7BK5kzQ5s7D
ytBUGUGdM3g9UwAP1G35j6pbb9sOK0p3lr2zXcRfCClSDnBjW3uCJUNF3EE1J+TU
eNG4KunOefKeWiw2Z7U4AUCi1HrUJPrD5vQhGSTcfqJ1V3Noej926YN2vDQOohnn
/fiiY7Dve/OyFoAmJwc8f0ajY1s=
-----END CERTIFICATE-----
Generated at Sun Mar 1 19:16:01 2026 by rpki-client