Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/mMjQwsKF24ZKL7c4zTHAfg4rumM.roa
File: mMjQwsKF24ZKL7c4zTHAfg4rumM.roa (raw, json)
Hash identifier: G+TwoGVMZse5gGI9aYgtJxQEsuU/r7y/8I2CjknEOrk=
Subject key identifier: 98:C8:D0:C2:C2:85:DB:86:4A:2F:B7:38:CD:31:C0:7E:0E:2B:BA:63
Certificate issuer: /CN=2d2f9339fbb8cb33c522751c530f3a20a753547c
Certificate serial: 019C9070F2C034CD8349745A7CFDB884B039
Authority key identifier: 2D:2F:93:39:FB:B8:CB:33:C5:22:75:1C:53:0F:3A:20:A7:53:54:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/mMjQwsKF24ZKL7c4zTHAfg4rumM.roa
Signing time: Tue 24 Feb 2026 16:17:27 +0000
ROA not before: Tue 24 Feb 2026 16:17:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200449
IP address blocks: 46.174.140.0/24 maxlen: 24
46.174.141.0/24 maxlen: 24
192.34.200.0/24 maxlen: 24
192.34.201.0/24 maxlen: 24
192.34.202.0/24 maxlen: 24
192.34.203.0/24 maxlen: 24
192.34.204.0/24 maxlen: 24
192.34.205.0/24 maxlen: 24
192.34.206.0/24 maxlen: 24
2a06:3341::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/LS-TOfu4yzPFInUcUw86IKdTVHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/LS-TOfu4yzPFInUcUw86IKdTVHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:90:70:f2:c0:34:cd:83:49:74:5a:7c:fd:b8:84:b0:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d2f9339fbb8cb33c522751c530f3a20a753547c
Validity
Not Before: Feb 24 16:17:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=98c8d0c2c285db864a2fb738cd31c07e0e2bba63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f3:17:3a:45:cc:d9:f2:41:ae:bd:9e:27:61:
60:14:73:3c:4b:77:0d:c1:8c:de:25:aa:e8:5f:10:
f8:62:b3:79:dc:5d:b8:cd:74:70:18:f1:18:ab:c2:
d0:db:c4:03:e0:6e:42:23:56:18:ec:b9:0b:de:6c:
3d:fb:ea:f1:e9:b0:fb:69:4e:04:bd:67:21:26:1a:
32:4e:8c:9a:55:87:ab:4d:74:29:b3:a5:73:c7:9e:
42:df:e1:35:7d:24:2c:d1:4f:62:32:7c:57:c0:43:
6c:13:2b:1f:6b:84:f7:4c:3c:7e:74:64:26:91:94:
16:22:31:08:7c:df:cb:ff:d1:67:a6:a1:71:6b:4a:
95:9e:a6:d9:79:f3:b4:3d:4d:ac:7e:c0:fb:b2:d5:
07:30:36:ee:2c:fc:e2:3f:94:44:da:90:a8:84:98:
70:03:16:96:c0:26:13:95:78:c3:da:af:43:4c:e0:
c8:7e:89:89:80:af:13:5f:42:27:a0:9a:bb:b0:f7:
6c:ab:72:36:55:b3:cd:d1:20:1b:2d:4a:6b:0b:61:
56:69:5b:1a:4d:57:5d:14:b0:05:60:2b:dd:a2:ee:
9c:a3:eb:8e:f3:f2:60:7c:99:1b:f3:fb:6c:b7:fc:
fa:f4:1c:44:6a:27:a6:0f:b3:71:89:93:7e:e6:43:
c2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C8:D0:C2:C2:85:DB:86:4A:2F:B7:38:CD:31:C0:7E:0E:2B:BA:63
X509v3 Authority Key Identifier:
keyid:2D:2F:93:39:FB:B8:CB:33:C5:22:75:1C:53:0F:3A:20:A7:53:54:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/mMjQwsKF24ZKL7c4zTHAfg4rumM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/LS-TOfu4yzPFInUcUw86IKdTVHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.140.0/23
192.34.200.0-192.34.206.255
IPv6:
2a06:3341::/32
Signature Algorithm: sha256WithRSAEncryption
81:19:f3:4e:3e:27:ca:e2:f8:69:4a:ea:c2:88:3c:6c:bc:85:
0a:be:fb:c5:3d:0f:a8:30:63:a5:59:cd:c7:66:99:11:f2:60:
a3:0f:fd:2f:db:fa:9a:97:26:c7:88:65:1f:c8:88:13:4b:c4:
5e:4f:9e:b8:af:8c:69:3e:2e:14:a0:23:59:0d:39:d5:9f:ef:
dc:10:56:8c:e5:bc:f2:9f:90:ff:4e:06:70:2a:75:f5:14:2e:
6c:8b:0f:86:0b:78:c8:54:f2:1f:65:c7:ed:b0:21:91:85:d9:
b3:40:5b:57:10:af:94:ca:d5:95:61:60:2b:ac:04:b7:d1:e8:
70:4e:9f:7e:ea:66:bc:12:5a:d2:c7:42:7f:83:d0:8b:92:7e:
80:80:13:16:60:c2:79:82:a4:3c:82:75:f7:52:fd:55:f9:3d:
74:2b:5e:8e:5f:eb:a7:41:a3:ce:d5:57:a2:88:08:60:3b:a8:
2f:2a:37:f2:f6:a1:f5:58:28:1f:9a:4e:07:92:aa:ac:42:82:
e6:a4:16:ac:5e:eb:d4:9d:c8:53:c1:5a:fd:98:4d:4e:03:3b:
70:36:db:fe:a9:e2:bf:4a:40:ba:6d:78:a3:8e:e2:27:f0:c7:
6c:40:f8:70:a0:a1:15:a3:4e:63:48:9e:b8:5a:be:1a:b1:fd:
30:44:47:dd
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZyQcPLANM2DSXRafP24hLA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMmY5MzM5ZmJiOGNiMzNjNTIyNzUxYzUzMGYzYTIwYTc1
MzU0N2MwHhcNMjYwMjI0MTYxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGM4ZDBjMmMyODVkYjg2NGEyZmI3MzhjZDMxYzA3ZTBlMmJiYTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fMXOkXM2fJBrr2eJ2FgFHM8S3cN
wYzeJaroXxD4YrN53F24zXRwGPEYq8LQ28QD4G5CI1YY7LkL3mw9++rx6bD7aU4E
vWchJhoyToyaVYerTXQps6Vzx55C3+E1fSQs0U9iMnxXwENsEysfa4T3TDx+dGQm
kZQWIjEIfN/L/9FnpqFxa0qVnqbZefO0PU2sfsD7stUHMDbuLPziP5RE2pCohJhw
AxaWwCYTlXjD2q9DTODIfomJgK8TX0InoJq7sPdsq3I2VbPN0SAbLUprC2FWaVsa
TVddFLAFYCvdou6co+uO8/JgfJkb8/tst/z69BxEaiemD7NxiZN+5kPCUQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJjI0MLChduGSi+3OM0xwH4OK7pjMB8GA1UdIwQY
MBaAFC0vkzn7uMszxSJ1HFMPOiCnU1R8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFMtVE9mdTR5elBGSW5VY1V3ODZJS2RUVkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85NWZhNjEtMTdmYi00ODkwLTk1OTgt
MWQzYTFlOWI3NTQ1LzEvbU1qUXdzS0YyNFpLTDdjNHpUSEFmZzRydW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi85NWZhNjEtMTdmYi00ODkwLTk1OTgtMWQzYTFlOWI3NTQ1
LzEvTFMtVE9mdTR5elBGSW5VY1V3ODZJS2RUVkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQBLq6MMAwD
BAPAIsgDBADAIs4wDQQCAAIwBwMFACoGM0EwDQYJKoZIhvcNAQELBQADggEBAIEZ
804+J8ri+GlK6sKIPGy8hQq++8U9D6gwY6VZzcdmmRHyYKMP/S/b+pqXJseIZR/I
iBNLxF5PnrivjGk+LhSgI1kNOdWf79wQVozlvPKfkP9OBnAqdfUULmyLD4YLeMhU
8h9lx+2wIZGF2bNAW1cQr5TK1ZVhYCusBLfR6HBOn37qZrwSWtLHQn+D0IuSfoCA
ExZgwnmCpDyCdfdS/VX5PXQrXo5f66dBo87VV6KICGA7qC8qN/L2ofVYKB+aTgeS
qqxCguakFqxe69SdyFPBWv2YTU4DO3A22/6p4r9KQLpteKOO4ifwx2xA+HCgoRWj
TmNInrhavhqx/TBER90=
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:53:32 2026 by rpki-client