Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/mpo6uqeFJcVEymYhbokwncZAxQ0.roa
File: mpo6uqeFJcVEymYhbokwncZAxQ0.roa (raw, json)
Hash identifier: xDX+hEEq/OpgZ8TV5s5BRRtgICwL0x2s9KNTGmjZNUA=
Subject key identifier: 9A:9A:3A:BA:A7:85:25:C5:44:CA:66:21:6E:89:30:9D:C6:40:C5:0D
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 019D72352A829CB153FA0E41FE20FBBA1292
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/mpo6uqeFJcVEymYhbokwncZAxQ0.roa
Signing time: Thu 09 Apr 2026 12:26:20 +0000
ROA not before: Thu 09 Apr 2026 12:26:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 86.110.34.0/24 maxlen: 24
86.110.44.0/24 maxlen: 24
86.110.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 20:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:35:2a:82:9c:b1:53:fa:0e:41:fe:20:fb:ba:12:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Apr 9 12:26:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a9a3abaa78525c544ca66216e89309dc640c50d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:54:e5:6f:ea:52:55:90:3d:d7:f4:9d:b2:b1:
97:15:bd:c2:0e:94:d2:3a:b1:8f:ad:64:11:7c:49:
07:2b:c7:3c:7c:b3:fb:6b:c8:94:95:99:bf:78:fc:
90:7c:98:6c:2d:98:18:41:14:98:d2:f7:68:58:3d:
18:8c:a8:de:31:9a:35:42:64:61:62:b7:44:02:a5:
f7:4c:7f:65:29:88:15:44:01:ed:1b:cc:24:be:47:
d8:6b:6a:0f:a0:1e:cd:d0:52:3e:03:b4:11:d8:13:
8f:1b:76:9d:a2:7c:11:db:25:33:34:88:2b:da:84:
5d:e7:6e:10:42:6d:9c:e8:d9:89:b8:95:2a:84:04:
95:2b:55:b1:20:56:5d:10:3f:53:5f:d9:47:86:c0:
1c:59:28:7b:df:4e:63:3c:d7:c1:5a:ee:39:e9:63:
95:1f:5b:56:c2:3a:1e:fb:3e:a3:49:99:39:df:60:
f4:11:d0:f7:de:dd:81:22:b0:97:86:72:74:c9:ec:
b8:a8:6e:44:6d:89:f3:e6:4a:bd:71:d8:1c:7c:24:
bd:b9:95:b8:8b:32:75:d6:56:87:8f:64:ec:99:d5:
af:21:ed:e1:91:cd:30:ae:18:25:1b:d5:d6:b8:58:
ea:76:17:8e:06:fe:c7:18:40:10:5c:7a:71:8f:af:
08:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:9A:3A:BA:A7:85:25:C5:44:CA:66:21:6E:89:30:9D:C6:40:C5:0D
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/mpo6uqeFJcVEymYhbokwncZAxQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.34.0/24
86.110.44.0/24
86.110.63.0/24
Signature Algorithm: sha256WithRSAEncryption
05:df:46:3a:fb:49:10:17:32:45:64:04:67:67:10:bb:17:ac:
4c:23:6a:1d:e2:17:3b:1c:85:07:6b:bc:33:7d:19:bd:90:7f:
0e:9c:a5:52:e3:d1:2f:40:71:ca:a6:7a:bf:25:c7:68:f3:da:
dc:9f:e8:39:a3:3a:c1:c3:b7:1b:f6:57:92:7a:5e:7d:90:5e:
75:8b:13:29:8b:5c:b8:da:bc:21:7b:11:96:18:48:34:57:2c:
c0:82:87:f9:60:82:44:6e:aa:48:04:cc:66:41:c0:b0:a9:8f:
22:be:6b:a5:fd:b4:61:5e:2e:da:be:72:fb:7c:0c:59:cd:6f:
4c:8e:2b:bc:5f:55:e9:ce:52:95:df:ae:8a:48:d7:ee:01:f4:
5f:ec:9b:a3:ad:19:1d:d0:31:f7:92:9a:a1:1e:b3:6f:cb:fe:
f3:b0:ab:b2:47:ec:97:a2:2f:09:ed:96:38:49:e1:ff:63:83:
14:1c:97:17:42:4b:58:b4:a0:ea:a5:c3:cc:c5:6a:71:a9:be:
80:84:71:b9:b0:c1:5d:fb:51:aa:68:9d:a5:e5:d3:96:6e:a2:
db:d2:6c:71:71:cb:a6:80:1f:12:05:7c:3f:54:e0:1c:83:30:
3a:60:ae:d7:3d:8d:d4:05:07:50:b4:5d:50:c7:0a:18:6f:e4:
e4:00:04:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ1yNSqCnLFT+g5B/iD7uhKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjYwNDA5MTIyNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTlhM2FiYWE3ODUyNWM1NDRjYTY2MjE2ZTg5MzA5ZGM2NDBjNTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VTlb+pSVZA91/SdsrGXFb3CDpTS
OrGPrWQRfEkHK8c8fLP7a8iUlZm/ePyQfJhsLZgYQRSY0vdoWD0YjKjeMZo1QmRh
YrdEAqX3TH9lKYgVRAHtG8wkvkfYa2oPoB7N0FI+A7QR2BOPG3adonwR2yUzNIgr
2oRd524QQm2c6NmJuJUqhASVK1WxIFZdED9TX9lHhsAcWSh7305jPNfBWu456WOV
H1tWwjoe+z6jSZk532D0EdD33t2BIrCXhnJ0yey4qG5EbYnz5kq9cdgcfCS9uZW4
izJ11laHj2TsmdWvIe3hkc0wrhglG9XWuFjqdheOBv7HGEAQXHpxj68IJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJqaOrqnhSXFRMpmIW6JMJ3GQMUNMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvbXBvNnVxZUZKY1ZFeW1ZaGJva3duY1pBeFEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVm4iAwQA
Vm4sAwQAVm4/MA0GCSqGSIb3DQEBCwUAA4IBAQAF30Y6+0kQFzJFZARnZxC7F6xM
I2od4hc7HIUHa7wzfRm9kH8OnKVS49EvQHHKpnq/Jcdo89rcn+g5ozrBw7cb9leS
el59kF51ixMpi1y42rwhexGWGEg0VyzAgof5YIJEbqpIBMxmQcCwqY8ivmul/bRh
Xi7avnL7fAxZzW9Mjiu8X1XpzlKV366KSNfuAfRf7JujrRkd0DH3kpqhHrNvy/7z
sKuyR+yXoi8J7ZY4SeH/Y4MUHJcXQktYtKDqpcPMxWpxqb6AhHG5sMFd+1GqaJ2l
5dOWbqLb0mxxccumgB8SBXw/VOAcgzA6YK7XPY3UBQdQtF1QxwoYb+TkAATp
-----END CERTIFICATE-----
Generated at Fri Apr 17 04:33:43 2026 by rpki-client