Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/mpJW_dBaxdPfu3iYa_0doBzvu0E.roa
File: mpJW_dBaxdPfu3iYa_0doBzvu0E.roa (raw, json)
Hash identifier: w+iTLrbNl2+AfMzMaLxofFJf4BVytWoNmJuYajzvLGM=
Subject key identifier: 9A:92:56:FD:D0:5A:C5:D3:DF:BB:78:98:6B:FD:1D:A0:1C:EF:BB:41
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019EBBD706A38DFEE7FBD4C1353ED40FE83B
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/mpJW_dBaxdPfu3iYa_0doBzvu0E.roa
Signing time: Fri 12 Jun 2026 12:38:11 +0000
ROA not before: Fri 12 Jun 2026 12:38:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.112.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
45.132.48.0/24 maxlen: 24
45.157.136.0/24 maxlen: 24
62.68.83.0/24 maxlen: 24
62.68.86.0/24 maxlen: 24
62.68.87.0/24 maxlen: 24
62.204.36.0/24 maxlen: 24
62.233.45.0/24 maxlen: 24
62.233.49.0/24 maxlen: 24
62.233.56.0/24 maxlen: 24
62.233.60.0/24 maxlen: 24
80.68.145.0/24 maxlen: 24
80.68.158.0/24 maxlen: 24
80.91.209.0/24 maxlen: 24
80.91.210.0/24 maxlen: 24
91.226.247.0/24 maxlen: 24
93.177.104.0/24 maxlen: 24
94.143.226.0/24 maxlen: 24
94.158.191.0/24 maxlen: 24
130.193.79.0/24 maxlen: 24
130.255.169.0/24 maxlen: 24
146.19.137.0/24 maxlen: 24
146.19.148.0/24 maxlen: 24
146.19.150.0/24 maxlen: 24
146.19.152.0/24 maxlen: 24
146.19.187.0/24 maxlen: 24
146.19.190.0/24 maxlen: 24
176.56.38.0/24 maxlen: 24
185.122.206.0/24 maxlen: 24
185.155.101.0/24 maxlen: 24
185.218.1.0/24 maxlen: 24
193.3.22.0/24 maxlen: 24
193.239.209.0/24 maxlen: 24
195.64.112.0/24 maxlen: 24
195.64.114.0/24 maxlen: 24
195.93.249.0/24 maxlen: 24
195.96.136.0/24 maxlen: 24
195.96.157.0/24 maxlen: 24
212.52.5.0/24 maxlen: 24
217.114.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bb:d7:06:a3:8d:fe:e7:fb:d4:c1:35:3e:d4:0f:e8:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jun 12 12:38:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a9256fdd05ac5d3dfbb78986bfd1da01cefbb41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:86:14:89:f4:55:b1:09:ab:96:a5:38:d6:47:
8e:91:23:ed:3f:e1:99:be:c1:1f:d7:cc:5e:c4:a9:
e9:40:45:38:62:bf:41:c8:07:e9:b1:95:13:fd:b8:
bb:f6:6c:b3:cb:2a:42:81:47:82:97:33:4d:85:c0:
83:56:47:ec:2b:97:b4:44:ac:16:90:ef:35:84:4b:
45:84:83:40:fa:6c:15:a8:fd:3d:96:89:19:36:79:
6a:48:2b:a3:8e:03:f4:84:30:27:54:d3:0f:a7:ea:
99:9f:7e:54:76:d6:43:59:c5:1b:e1:26:49:b5:ca:
d0:e0:af:77:de:39:8d:12:ad:5f:18:93:20:90:5c:
42:bb:99:e4:d9:9d:da:c6:fc:68:4f:0a:c7:9b:60:
bb:00:77:25:ec:18:40:dc:43:f3:6d:9f:7d:3e:4f:
32:f3:17:87:95:01:92:b1:f2:00:38:1f:f4:49:c0:
ac:4f:44:cb:58:f8:9f:c0:53:c1:5c:95:7b:32:6b:
9d:b6:2b:ff:9a:6f:fa:66:32:35:79:9e:5c:85:7a:
10:85:bd:96:ed:30:46:17:fa:cc:b1:7b:30:a6:98:
32:8a:4b:d5:78:83:b8:e1:ed:0d:89:69:d3:d3:b6:
41:c4:04:f4:2a:dd:45:8d:1a:c0:83:44:af:e8:71:
a0:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:92:56:FD:D0:5A:C5:D3:DF:BB:78:98:6B:FD:1D:A0:1C:EF:BB:41
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/mpJW_dBaxdPfu3iYa_0doBzvu0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
45.132.48.0/24
45.157.136.0/24
62.68.83.0/24
62.68.86.0/23
62.204.36.0/24
62.233.45.0/24
62.233.49.0/24
62.233.56.0/24
62.233.60.0/24
80.68.145.0/24
80.68.158.0/24
80.91.209.0-80.91.210.255
91.226.247.0/24
93.177.104.0/24
94.143.226.0/24
94.158.191.0/24
130.193.79.0/24
130.255.169.0/24
146.19.137.0/24
146.19.148.0/24
146.19.150.0/24
146.19.152.0/24
146.19.187.0/24
146.19.190.0/24
176.56.38.0/24
185.122.206.0/24
185.155.101.0/24
185.218.1.0/24
193.3.22.0/24
193.239.209.0/24
195.64.112.0/24
195.64.114.0/24
195.93.249.0/24
195.96.136.0/24
195.96.157.0/24
212.52.5.0/24
217.114.32.0/24
Signature Algorithm: sha256WithRSAEncryption
82:c7:56:52:c8:95:5a:2e:d9:9b:ae:4f:2b:91:74:a2:84:ce:
ff:61:1c:8d:3d:40:35:85:94:a4:38:1b:46:79:e3:e3:6c:34:
0c:b7:2f:e9:42:dc:54:e1:14:1d:11:22:de:3d:e7:f8:15:0f:
b1:00:33:53:a0:07:4b:41:03:e7:26:0a:59:f5:37:42:33:c8:
90:07:24:cc:2f:d5:3a:20:c5:07:4c:f2:79:3d:a7:9c:cc:71:
73:46:4e:d8:1a:db:53:bb:06:6f:8e:e0:ce:fa:b9:eb:f4:ee:
5e:3d:32:89:54:cb:d7:8b:61:3b:c7:30:45:ef:bc:a9:34:76:
38:c7:a4:b5:6c:33:bd:59:31:bf:c3:86:88:73:1e:52:55:c7:
f5:42:40:c8:da:e1:7b:04:0c:9a:5a:88:72:c0:f1:51:53:7c:
f6:86:e3:4a:2d:36:39:58:ab:9d:83:d7:ad:db:9e:31:b7:fb:
85:f5:b5:a9:f1:45:6a:b5:d5:cc:72:67:ba:37:54:5e:3c:1d:
fa:ac:4e:54:7e:c4:b9:de:fc:df:ca:19:de:59:a6:6b:11:d1:
11:ad:23:a6:91:0b:65:bf:27:fd:e8:d5:00:3d:1e:8b:6f:fc:
c3:60:ec:9c:06:5a:04:00:c7:c3:ae:76:98:e5:5d:65:09:4b:
46:4b:18:63
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZ671wajjf7n+9TBNT7UD+g7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwNjEyMTIzODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTkyNTZmZGQwNWFjNWQzZGZiYjc4OTg2YmZkMWRhMDFjZWZiYjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9IYUifRVsQmrlqU41keOkSPtP+GZ
vsEf18xexKnpQEU4Yr9ByAfpsZUT/bi79myzyypCgUeClzNNhcCDVkfsK5e0RKwW
kO81hEtFhINA+mwVqP09lokZNnlqSCujjgP0hDAnVNMPp+qZn35UdtZDWcUb4SZJ
tcrQ4K933jmNEq1fGJMgkFxCu5nk2Z3axvxoTwrHm2C7AHcl7BhA3EPzbZ99Pk8y
8xeHlQGSsfIAOB/0ScCsT0TLWPifwFPBXJV7Mmudtiv/mm/6ZjI1eZ5chXoQhb2W
7TBGF/rMsXswppgyikvVeIO44e0NiWnT07ZBxAT0Kt1FjRrAg0Sv6HGgAwIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFJqSVv3QWsXT37t4mGv9HaAc77tBMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvbXBKV19kQmF4ZFBmdTNpWWFfMGRvQnp2dTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsAwQB
AjhwAwQALYQwAwQALZ2IAwQAPkRTAwQBPkRWAwQAPswkAwQAPuktAwQAPukxAwQA
Puk4AwQAPuk8AwQAUESRAwQAUESeMAwDBABQW9EDBABQW9IDBABb4vcDBABdsWgD
BABej+IDBABenr8DBACCwU8DBACC/6kDBACSE4kDBACSE5QDBACSE5YDBACSE5gD
BACSE7sDBACSE74DBACwOCYDBAC5es4DBAC5m2UDBAC52gEDBADBAxYDBADB79ED
BADDQHADBADDQHIDBADDXfkDBADDYIgDBADDYJ0DBADUNAUDBADZciAwDQYJKoZI
hvcNAQELBQADggEBAILHVlLIlVou2ZuuTyuRdKKEzv9hHI09QDWFlKQ4G0Z54+Ns
NAy3L+lC3FThFB0RIt495/gVD7EAM1OgB0tBA+cmCln1N0IzyJAHJMwv1TogxQdM
8nk9p5zMcXNGTtga21O7Bm+O4M76uev07l49MolUy9eLYTvHMEXvvKk0djjHpLVs
M71ZMb/DhohzHlJVx/VCQMja4XsEDJpaiHLA8VFTfPaG40otNjlYq52D163bnjG3
+4X1tanxRWq11cxyZ7o3VF48HfqsTlR+xLne/N/KGd5ZpmsR0RGtI6aRC2W/J/3o
1QA9Hotv/MNg7JwGWgQAx8OudpjlXWUJS0ZLGGM=
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:23:00 2026 by rpki-client