Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/MLqPVRAOIuiAPZ4X8z25iZk1ubM.roa
File: MLqPVRAOIuiAPZ4X8z25iZk1ubM.roa (raw, json)
Hash identifier: lRMxIdVNlIuoPap2CgDjjoQ+WibJEeXGXPpCNnlQJHY=
Subject key identifier: 30:BA:8F:55:10:0E:22:E8:80:3D:9E:17:F3:3D:B9:89:99:35:B9:B3
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 019D3F32F9021F150BBD7242C4DE1827F666
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/MLqPVRAOIuiAPZ4X8z25iZk1ubM.roa
Signing time: Mon 30 Mar 2026 14:43:18 +0000
ROA not before: Mon 30 Mar 2026 14:43:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
5.182.48.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
45.90.147.0/24 maxlen: 24
45.140.220.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.162.0/24 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.186.66.0/24 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.29.0/24 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
194.56.227.0/24 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b86:100::/40 maxlen: 48
2a0b:b86:fff0::/44 maxlen: 44
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffc0::/44 maxlen: 44
2a0b:b87:ffd2::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7086:fff0::/44 maxlen: 44
2a0b:7087:fff0::/44 maxlen: 44
2a0d:77c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3f:32:f9:02:1f:15:0b:bd:72:42:c4:de:18:27:f6:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Mar 30 14:43:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=30ba8f55100e22e8803d9e17f33db9899935b9b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:88:15:09:4e:23:3d:b5:40:c1:72:8c:77:cd:
c0:3d:52:e1:28:42:52:82:42:a6:9a:ef:38:ac:d9:
13:7d:a5:c4:76:40:8e:56:e3:c3:e9:cd:2b:c7:40:
15:e1:f8:fd:e8:88:3f:02:eb:60:85:5a:42:df:7a:
95:c3:d2:08:25:90:8a:24:2b:3a:13:6d:97:bf:94:
c9:80:39:8c:b2:fc:94:05:df:d7:e7:c2:c3:1e:9e:
a1:2f:e9:37:97:ce:c4:7a:4e:3a:c6:a2:81:78:5c:
20:b4:b6:04:0d:af:8d:06:d7:09:25:5c:9e:81:71:
3d:05:c5:a1:a3:8f:b1:fc:c7:7c:8d:b1:8b:b8:44:
0c:9a:06:80:bb:ed:4d:49:bf:13:28:8e:f2:ab:04:
01:36:0e:dd:fd:c2:ad:85:da:13:f8:21:e1:b2:84:
62:f3:1c:1a:f8:54:30:a5:97:9f:7d:ec:a7:85:b4:
b9:06:ef:eb:3b:b3:08:68:82:0b:b5:bd:91:35:59:
35:8d:25:92:82:5b:2e:0a:93:57:97:af:6d:11:d3:
ad:b9:b4:7c:96:22:89:02:96:fd:b3:33:f3:4a:93:
ae:cb:ac:f2:24:4b:4f:8b:fc:f0:3e:34:1a:4b:54:
41:62:e8:c5:c8:c6:6a:0e:5b:a8:59:93:b6:43:d1:
4f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:BA:8F:55:10:0E:22:E8:80:3D:9E:17:F3:3D:B9:89:99:35:B9:B3
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/MLqPVRAOIuiAPZ4X8z25iZk1ubM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
5.182.48.0/24
45.81.20.0/22
45.90.147.0/24
45.140.220.0/22
77.83.240.0/22
78.108.217.0/24
83.143.116.0/24
85.202.162.0/24
89.190.156.0/22
178.218.144.0/22
185.186.64.0/22
185.227.71.0/24
185.234.72.0/22
185.242.224.0/22
193.31.29.0-193.31.30.255
193.34.76.0/22
193.221.192.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:1ff:ffff:ffff:ffff:ffff:ffff
2a0b:b86:fff0::/44
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffc0::/44
2a0b:b87:ffd2::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0b:7086:fff0::/44
2a0b:7087:fff0::/44
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
5f:23:f0:b7:5d:53:bd:0c:c9:54:ef:09:05:ef:8a:96:b9:4a:
7d:cf:4b:e2:14:46:1b:65:7f:ed:16:5d:21:62:82:f0:e2:e4:
e1:9b:c1:f1:98:3d:c8:ef:fb:97:ac:75:07:7e:4a:c3:c6:b4:
4b:01:73:4a:f3:ca:9b:44:45:d7:95:cc:07:3d:5f:3f:a9:23:
10:53:68:44:d9:f2:85:ef:dd:59:d2:a9:ce:06:41:89:ae:cd:
2a:ba:5f:9f:52:70:70:33:32:5f:4c:26:66:3d:66:b1:59:8f:
0e:fe:fd:bd:87:18:05:1d:6e:9e:f0:be:c4:63:91:cd:5d:ae:
2e:4a:ef:74:61:87:17:c8:79:59:53:8b:9c:2a:98:21:09:c6:
5f:ef:21:b5:24:13:3f:95:bd:b8:73:46:cb:c0:d5:6b:ba:bf:
64:4c:54:0e:b5:9d:80:31:d5:5e:84:cb:a6:12:ba:73:d8:4a:
4d:af:1f:c8:42:14:d0:a4:e1:1a:b0:42:31:34:0b:16:0c:6b:
bc:d3:d6:47:6a:34:fa:45:8b:28:f7:6d:9d:77:36:08:f3:36:
7d:fc:4f:84:cb:66:30:01:a0:f7:c0:02:14:ad:3b:6d:63:04:
20:d3:ae:7c:05:fd:f9:1e:eb:40:dd:8c:e2:85:75:49:77:dd:
bb:fb:c1:b8
-----BEGIN CERTIFICATE-----
MIIGHjCCBQagAwIBAgISAZ0/MvkCHxULvXJCxN4YJ/ZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjYwMzMwMTQ0MzE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGJhOGY1NTEwMGUyMmU4ODAzZDllMTdmMzNkYjk4OTk5MzViOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmIgVCU4jPbVAwXKMd83APVLhKEJS
gkKmmu84rNkTfaXEdkCOVuPD6c0rx0AV4fj96Ig/AutghVpC33qVw9IIJZCKJCs6
E22Xv5TJgDmMsvyUBd/X58LDHp6hL+k3l87Eek46xqKBeFwgtLYEDa+NBtcJJVye
gXE9BcWho4+x/Md8jbGLuEQMmgaAu+1NSb8TKI7yqwQBNg7d/cKthdoT+CHhsoRi
8xwa+FQwpZeffeynhbS5Bu/rO7MIaIILtb2RNVk1jSWSglsuCpNXl69tEdOtubR8
liKJApb9szPzSpOuy6zyJEtPi/zwPjQaS1RBYujFyMZqDluoWZO2Q9FPqQIDAQAB
o4IDKjCCAyYwHQYDVR0OBBYEFDC6j1UQDiLogD2eF/M9uYmZNbmzMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvTUxxUFZSQU9JdWlBUFo0WDh6MjVpWmsxdWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPgYIKwYBBQUHAQcBAf8EggEtMIIBKTCBjQQCAAEwgYYD
BAICOKQDBAAFtjADBAItURQDBAAtWpMDBAItjNwDBAJNU/ADBABObNkDBABTj3QD
BABVyqIDBAJZvpwDBAKy2pADBAK5ukADBAC540cDBAK56kgDBAK58uAwDAMEAMEf
HQMEAMEfHgMEAsEiTAMEAsHdwAMEAsIyEAMEAsI44AMEAtRrDDCBlgQCAAIwgY8D
BwQqCwuCAAAwDwMFAioLC4QDBgEqCwuGAAMHBCoLC4b/8AMHACoLC4f/EgMHACoL
C4f/tAMHBCoLC4f/wAMHACoLC4f/0gMHACoLC4f/2gMHACoLC4f/7AMHBCoLC4f/
8DASAwcEKgtwgAAQAwcGKgtwgAAAAwcEKgtwhv/wAwcEKgtwh//wAwUDKg13wDAN
BgkqhkiG9w0BAQsFAAOCAQEAXyPwt11TvQzJVO8JBe+KlrlKfc9L4hRGG2V/7RZd
IWKC8OLk4ZvB8Zg9yO/7l6x1B35Kw8a0SwFzSvPKm0RF15XMBz1fP6kjEFNoRNny
he/dWdKpzgZBia7NKrpfn1JwcDMyX0wmZj1msVmPDv79vYcYBR1unvC+xGORzV2u
LkrvdGGHF8h5WVOLnCqYIQnGX+8htSQTP5W9uHNGy8DVa7q/ZExUDrWdgDHVXoTL
phK6c9hKTa8fyEIU0KThGrBCMTQLFgxrvNPWR2o0+kWLKPdtnXc2CPM2ffxPhMtm
MAGg98ACFK07bWMEINOufAX9+R7rQN2M4oV1SXfdu/vBuA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:31:30 2026 by rpki-client