Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/mGbAQxmjiNdAu-Zs5G32dsHWBXE.roa
File: mGbAQxmjiNdAu-Zs5G32dsHWBXE.roa (raw, json)
Hash identifier: JMUztoBnvYlG5WEaZWtEODvt69OyGAw7D5VrIEI87vM=
Subject key identifier: 98:66:C0:43:19:A3:88:D7:40:BB:E6:6C:E4:6D:F6:76:C1:D6:05:71
Certificate issuer: /CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Certificate serial: 019EB30729D8E2DBF7CD1FBF9A8518D6F13D
Authority key identifier: EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/mGbAQxmjiNdAu-Zs5G32dsHWBXE.roa
Signing time: Wed 10 Jun 2026 19:34:11 +0000
ROA not before: Wed 10 Jun 2026 19:34:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216416
IP address blocks: 145.11.16.0/21 maxlen: 21
157.173.16.0/21 maxlen: 21
157.173.25.0/24 maxlen: 24
157.173.26.0/24 maxlen: 24
157.173.27.0/24 maxlen: 24
157.173.29.0/24 maxlen: 24
157.173.30.0/24 maxlen: 24
185.207.136.0/24 maxlen: 24
185.207.137.0/24 maxlen: 24
185.207.138.0/24 maxlen: 24
185.207.139.0/24 maxlen: 24
188.137.152.0/24 maxlen: 24
188.137.153.0/24 maxlen: 24
188.137.154.0/24 maxlen: 24
188.137.155.0/24 maxlen: 24
188.137.156.0/24 maxlen: 24
188.137.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.mft
rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b3:07:29:d8:e2:db:f7:cd:1f:bf:9a:85:18:d6:f1:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Validity
Not Before: Jun 10 19:34:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9866c04319a388d740bbe66ce46df676c1d60571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4a:1a:99:2f:a4:70:b9:52:65:e7:96:20:a2:
93:83:f8:8c:8a:b1:23:da:aa:0b:e8:de:30:34:d7:
15:69:6c:9e:a7:ae:2e:1e:6b:89:9b:33:31:0e:a2:
e8:7a:77:19:b0:f7:f9:28:1c:30:46:66:d6:af:ae:
98:b6:f6:f6:ed:c7:62:90:6b:af:8c:9f:82:be:2b:
07:68:55:d3:32:d3:ee:40:42:c4:b5:1d:9b:2d:25:
d7:82:53:f0:bb:03:72:38:9c:bb:cb:89:c5:ac:9b:
41:a8:a5:81:4d:fa:6e:b3:b4:18:84:5f:78:6f:ad:
6d:2a:4e:0f:af:c0:5c:eb:6d:1f:45:e2:8f:4e:26:
3b:00:b0:fb:4b:8c:1c:40:15:18:70:8c:18:d1:48:
6b:37:e6:7b:41:6e:af:c6:2b:13:fd:89:4a:34:40:
86:99:8e:05:16:07:c1:ee:ea:38:2f:e3:aa:2b:6c:
0b:33:29:99:fe:da:1a:b5:0f:45:9f:17:d4:b1:e6:
28:7a:18:b7:f2:dc:d6:07:94:4e:cc:28:22:70:2c:
23:a7:c0:62:ce:e7:7c:22:47:b6:f1:9e:42:28:69:
4e:18:1e:f0:3a:08:e9:f7:17:6b:36:c1:c4:56:75:
17:db:58:d8:56:97:a5:62:40:b6:e1:66:be:70:d4:
62:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:66:C0:43:19:A3:88:D7:40:BB:E6:6C:E4:6D:F6:76:C1:D6:05:71
X509v3 Authority Key Identifier:
keyid:EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/mGbAQxmjiNdAu-Zs5G32dsHWBXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.11.16.0/21
157.173.16.0/21
157.173.25.0-157.173.27.255
157.173.29.0-157.173.30.255
185.207.136.0/22
188.137.152.0-188.137.157.255
Signature Algorithm: sha256WithRSAEncryption
11:92:60:c0:0e:a9:dd:85:f8:72:e7:21:a4:6b:03:16:da:08:
88:6e:19:58:45:ce:d4:f7:cf:29:1e:09:ac:1e:99:68:c8:51:
3d:00:80:24:6d:8d:84:10:6d:14:4a:3b:8b:f3:fc:6f:47:57:
42:4c:82:4d:c0:61:8a:d3:09:a7:db:0b:7b:45:28:de:3c:1c:
07:f4:4e:25:12:a5:1b:7d:05:f0:13:ad:36:64:85:35:9a:57:
23:1c:5e:3b:da:a4:2e:06:e4:8a:4b:2f:50:f5:79:13:cc:d0:
80:a4:52:57:a5:02:9d:79:37:a0:b9:8d:9d:8e:dd:56:12:5d:
c3:06:65:82:b7:bb:83:fc:65:92:88:da:30:aa:49:9e:33:52:
a7:70:7d:f1:ec:fc:fa:cb:8e:93:43:16:25:59:c3:49:9b:88:
f8:b1:95:ee:ed:4d:cf:0a:3e:02:d0:b3:69:86:19:30:fe:1e:
c8:dc:ca:b8:24:81:9e:21:1c:fc:59:11:9b:b7:27:fc:a3:10:
00:5e:b4:56:16:f7:e3:86:66:d5:29:36:a2:59:0b:d7:3a:01:
e2:c5:1e:6b:c2:8d:31:87:5f:af:35:ea:fa:5f:a3:28:a4:06:
64:0e:9b:d4:e7:67:98:10:32:c8:ba:74:e1:13:c4:1b:b1:73:
66:c5:5d:fb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ6zBynY4tv3zR+/moUY1vE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTViNjIzNDdhMWI2NGNlYTQ5YTJhYjNhYjQ5ODNjMzQ4
NjFmYjIwHhcNMjYwNjEwMTkzNDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODY2YzA0MzE5YTM4OGQ3NDBiYmU2NmNlNDZkZjY3NmMxZDYwNTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEoamS+kcLlSZeeWIKKTg/iMirEj
2qoL6N4wNNcVaWyep64uHmuJmzMxDqLoencZsPf5KBwwRmbWr66Ytvb27cdikGuv
jJ+CvisHaFXTMtPuQELEtR2bLSXXglPwuwNyOJy7y4nFrJtBqKWBTfpus7QYhF94
b61tKk4Pr8Bc620fReKPTiY7ALD7S4wcQBUYcIwY0UhrN+Z7QW6vxisT/YlKNECG
mY4FFgfB7uo4L+OqK2wLMymZ/toatQ9FnxfUseYoehi38tzWB5ROzCgicCwjp8Bi
zud8Ike28Z5CKGlOGB7wOgjp9xdrNsHEVnUX21jYVpelYkC24Wa+cNRiXwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJhmwEMZo4jXQLvmbORt9nbB1gVxMB8GA1UdIwQY
MBaAFO+ltiNHobZM6kmiqzq0mDw0hh+yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQt
MDEzZDJhMTFjMGE1LzEvbUdiQVF4bWppTmRBdS1aczVHMzJkc0hXQlhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQtMDEzZDJhMTFjMGE1
LzEvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQDkQsQAwQD
na0QMAwDBACdrRkDBAKdrRgwDAMEAJ2tHQMEAJ2tHgMEArnPiDAMAwQDvImYAwQB
vImcMA0GCSqGSIb3DQEBCwUAA4IBAQARkmDADqndhfhy5yGkawMW2giIbhlYRc7U
988pHgmsHployFE9AIAkbY2EEG0USjuL8/xvR1dCTIJNwGGK0wmn2wt7RSjePBwH
9E4lEqUbfQXwE602ZIU1mlcjHF472qQuBuSKSy9Q9XkTzNCApFJXpQKdeTeguY2d
jt1WEl3DBmWCt7uD/GWSiNowqkmeM1KncH3x7Pz6y46TQxYlWcNJm4j4sZXu7U3P
Cj4C0LNphhkw/h7I3Mq4JIGeIRz8WRGbtyf8oxAAXrRWFvfjhmbVKTaiWQvXOgHi
xR5rwo0xh1+vNer6X6MopAZkDpvU52eYEDLIunThE8QbsXNmxV37
-----END CERTIFICATE-----
Generated at Sat Jun 13 16:24:45 2026 by rpki-client