Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/_MJ8L0xXa8uELsCSSJBkL-Wf3SQ.roa
File: _MJ8L0xXa8uELsCSSJBkL-Wf3SQ.roa (raw, json)
Hash identifier: M2SLYenCaom3wMvyLhDeiEjf9I3alZKI5no3LFe/Cgg=
Subject key identifier: FC:C2:7C:2F:4C:57:6B:CB:84:2E:C0:92:48:90:64:2F:E5:9F:DD:24
Certificate issuer: /CN=7a362d783284659dc04eedaf8b8a6fe6e930bd27
Certificate serial: 019C9E75CFFF1F84354E990BF925F11024B9
Authority key identifier: 7A:36:2D:78:32:84:65:9D:C0:4E:ED:AF:8B:8A:6F:E6:E9:30:BD:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejYteDKEZZ3ATu2vi4pv5ukwvSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/_MJ8L0xXa8uELsCSSJBkL-Wf3SQ.roa
Signing time: Fri 27 Feb 2026 09:37:26 +0000
ROA not before: Fri 27 Feb 2026 09:37:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203067
IP address blocks: 46.175.48.0/22 maxlen: 22
46.175.48.0/24 maxlen: 24
46.175.49.0/24 maxlen: 24
46.175.52.0/24 maxlen: 24
46.175.53.0/24 maxlen: 24
46.175.54.0/24 maxlen: 24
46.175.55.0/24 maxlen: 24
185.145.48.0/24 maxlen: 24
185.145.49.0/24 maxlen: 24
185.145.50.0/24 maxlen: 24
185.145.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/ejYteDKEZZ3ATu2vi4pv5ukwvSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/ejYteDKEZZ3ATu2vi4pv5ukwvSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ejYteDKEZZ3ATu2vi4pv5ukwvSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:75:cf:ff:1f:84:35:4e:99:0b:f9:25:f1:10:24:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a362d783284659dc04eedaf8b8a6fe6e930bd27
Validity
Not Before: Feb 27 09:37:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fcc27c2f4c576bcb842ec0924890642fe59fdd24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c7:68:79:95:0b:88:62:2d:81:b1:bb:aa:42:
c3:7b:50:fb:80:38:2a:2c:5c:2f:f2:48:97:aa:a1:
a7:9e:f8:5e:7f:65:b0:be:ef:b4:63:d4:af:e3:e8:
2b:15:e0:95:4f:73:f6:70:15:4e:95:65:8d:d9:47:
23:ec:5b:b1:43:b7:97:fa:88:a4:a1:8a:f6:a4:58:
85:b4:50:b0:23:c0:b6:59:6c:eb:6a:d3:79:ff:7e:
5a:12:0d:fc:e5:61:0d:09:e9:68:a9:42:f9:a3:fa:
ed:ca:16:f0:3b:61:43:31:c8:00:1f:52:4a:a2:b0:
90:1b:b2:ff:3a:37:42:cd:f4:3e:8f:79:86:16:2f:
f1:b8:b6:47:4d:a6:04:10:3d:df:86:47:d8:59:97:
50:63:72:a5:94:92:de:9d:34:2f:ac:f9:2c:9d:b9:
61:26:67:32:4c:97:49:8d:fb:91:49:25:10:d2:c0:
aa:a1:b8:8a:b3:8f:e6:4e:e3:d2:5c:61:07:f9:b0:
7d:94:d2:a9:17:79:85:2c:a1:9f:fb:8e:d3:35:2e:
64:23:f0:1b:b6:90:f1:9b:bb:0a:fd:c1:42:8e:b8:
4c:31:2e:aa:4b:9b:66:1b:e8:9a:9b:7b:e7:82:00:
42:37:95:06:ac:9f:d7:32:d0:33:82:04:59:e3:b6:
13:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:C2:7C:2F:4C:57:6B:CB:84:2E:C0:92:48:90:64:2F:E5:9F:DD:24
X509v3 Authority Key Identifier:
keyid:7A:36:2D:78:32:84:65:9D:C0:4E:ED:AF:8B:8A:6F:E6:E9:30:BD:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejYteDKEZZ3ATu2vi4pv5ukwvSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/_MJ8L0xXa8uELsCSSJBkL-Wf3SQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/be68b9-9b62-4b3e-a6a4-865031fa0bf7/1/ejYteDKEZZ3ATu2vi4pv5ukwvSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.48.0/21
185.145.48.0/22
Signature Algorithm: sha256WithRSAEncryption
92:11:c0:86:de:fc:21:c3:f2:3b:a4:fb:18:c2:b7:6f:21:bd:
71:cd:39:7d:dc:24:51:4f:28:49:fc:a9:cf:fc:9f:ba:11:c7:
f7:82:93:1e:38:f8:5c:d9:95:a2:07:5a:b0:d5:46:5d:9c:12:
4c:60:ff:17:ce:26:b9:c8:d0:3f:97:50:dd:5c:73:10:da:9f:
d7:e9:f5:3d:fc:15:8f:23:eb:32:99:ef:e1:d4:87:b8:f9:87:
ce:0f:b5:d1:80:59:7d:8b:07:3e:55:49:f6:de:d5:2e:5f:6b:
9a:09:75:bb:6c:6a:98:a0:e3:6a:18:6e:24:48:c5:f7:9b:10:
ce:de:d3:72:43:e9:f1:02:a0:ef:22:d1:e6:4f:7d:62:ea:2d:
ea:2f:35:dc:37:e3:e2:8f:4a:f2:1d:2e:e8:5b:d4:1c:f0:f4:
9f:5e:54:3f:a6:d9:33:00:4b:6f:b8:a2:9d:af:53:1d:25:f9:
a7:6a:ed:07:a5:29:84:a9:b4:6f:9f:7b:6c:65:32:04:d4:10:
91:23:aa:4d:75:b1:3b:3c:6b:6d:a3:28:35:ab:95:b4:f5:3d:
8b:4c:d2:df:50:88:4f:25:6a:af:d9:d9:e3:41:37:4e:f9:cd:
ec:c9:2a:9c:07:19:04:aa:9e:9d:f9:b7:e6:36:ce:61:31:44:
ab:91:67:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyedc//H4Q1TpkL+SXxECS5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzYyZDc4MzI4NDY1OWRjMDRlZWRhZjhiOGE2ZmU2ZTkz
MGJkMjcwHhcNMjYwMjI3MDkzNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2MyN2MyZjRjNTc2YmNiODQyZWMwOTI0ODkwNjQyZmU1OWZkZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8doeZULiGItgbG7qkLDe1D7gDgq
LFwv8kiXqqGnnvhef2Wwvu+0Y9Sv4+grFeCVT3P2cBVOlWWN2Ucj7FuxQ7eX+oik
oYr2pFiFtFCwI8C2WWzratN5/35aEg385WENCeloqUL5o/rtyhbwO2FDMcgAH1JK
orCQG7L/OjdCzfQ+j3mGFi/xuLZHTaYEED3fhkfYWZdQY3KllJLenTQvrPksnblh
JmcyTJdJjfuRSSUQ0sCqobiKs4/mTuPSXGEH+bB9lNKpF3mFLKGf+47TNS5kI/Ab
tpDxm7sK/cFCjrhMMS6qS5tmG+iam3vnggBCN5UGrJ/XMtAzggRZ47YTyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPzCfC9MV2vLhC7AkkiQZC/ln90kMB8GA1UdIwQY
MBaAFHo2LXgyhGWdwE7tr4uKb+bpML0nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWpZdGVES0VaWjNBVHUydmk0cHY1dWt3dlNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9iZTY4YjktOWI2Mi00YjNlLWE2YTQt
ODY1MDMxZmEwYmY3LzEvX01KOEwweFhhOHVFTHNDU1NKQmtMLVdmM1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9iZTY4YjktOWI2Mi00YjNlLWE2YTQtODY1MDMxZmEwYmY3
LzEvZWpZdGVES0VaWjNBVHUydmk0cHY1dWt3dlNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLq8wAwQC
uZEwMA0GCSqGSIb3DQEBCwUAA4IBAQCSEcCG3vwhw/I7pPsYwrdvIb1xzTl93CRR
TyhJ/KnP/J+6Ecf3gpMeOPhc2ZWiB1qw1UZdnBJMYP8Xzia5yNA/l1DdXHMQ2p/X
6fU9/BWPI+syme/h1Ie4+YfOD7XRgFl9iwc+VUn23tUuX2uaCXW7bGqYoONqGG4k
SMX3mxDO3tNyQ+nxAqDvItHmT31i6i3qLzXcN+Pij0ryHS7oW9Qc8PSfXlQ/ptkz
AEtvuKKdr1MdJfmnau0HpSmEqbRvn3tsZTIE1BCRI6pNdbE7PGttoyg1q5W09T2L
TNLfUIhPJWqv2dnjQTdO+c3sySqcBxkEqp6d+bfmNs5hMUSrkWeI
-----END CERTIFICATE-----
Generated at Tue Mar 3 00:23:47 2026 by rpki-client