Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/Mk7_Zq9Rpk43_vAbKxyUcFK-u8s.roa
File: Mk7_Zq9Rpk43_vAbKxyUcFK-u8s.roa (raw, json)
Hash identifier: VGCcTcxG7jSWPwlxbtqAn1nYTHEFZWiZCyYyw1eM6QU=
Subject key identifier: 32:4E:FF:66:AF:51:A6:4E:37:FE:F0:1B:2B:1C:94:70:52:BE:BB:CB
Certificate issuer: /CN=90d753a2547e03a4b0d2f91c70e9ce4e44680418
Certificate serial: 019B775958AD327D9FB6D4576DCA77D00BC2
Authority key identifier: 90:D7:53:A2:54:7E:03:A4:B0:D2:F9:1C:70:E9:CE:4E:44:68:04:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/Mk7_Zq9Rpk43_vAbKxyUcFK-u8s.roa
Signing time: Thu 01 Jan 2026 02:18:22 +0000
ROA not before: Thu 01 Jan 2026 02:18:22 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35224
IP address blocks: 45.66.76.0/22 maxlen: 22
45.150.0.0/22 maxlen: 22
91.189.96.0/21 maxlen: 21
91.189.96.0/24 maxlen: 24
91.189.97.0/24 maxlen: 24
91.189.98.0/24 maxlen: 24
91.189.99.0/24 maxlen: 24
91.189.100.0/24 maxlen: 24
91.189.101.0/24 maxlen: 24
91.189.102.0/24 maxlen: 24
91.189.103.0/24 maxlen: 24
92.118.0.0/22 maxlen: 22
94.231.240.0/20 maxlen: 20
94.231.240.0/24 maxlen: 24
94.231.241.0/24 maxlen: 24
94.231.242.0/23 maxlen: 23
94.231.244.0/22 maxlen: 22
94.231.248.0/24 maxlen: 24
94.231.249.0/24 maxlen: 24
94.231.250.0/24 maxlen: 24
94.231.251.0/24 maxlen: 24
94.231.252.0/24 maxlen: 24
94.231.253.0/24 maxlen: 24
94.231.254.0/24 maxlen: 24
94.231.255.0/24 maxlen: 24
185.9.252.0/22 maxlen: 22
185.9.252.0/24 maxlen: 24
185.9.253.0/24 maxlen: 24
185.9.254.0/24 maxlen: 24
185.9.255.0/24 maxlen: 24
193.239.92.0/22 maxlen: 22
193.239.186.0/23 maxlen: 23
195.222.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft
rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:59:58:ad:32:7d:9f:b6:d4:57:6d:ca:77:d0:0b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d753a2547e03a4b0d2f91c70e9ce4e44680418
Validity
Not Before: Jan 1 02:18:22 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=324eff66af51a64e37fef01b2b1c947052bebbcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9b:32:13:bd:5c:87:1b:60:d3:6c:9e:4e:bf:
3f:55:e1:88:ec:b8:2d:7a:dd:7e:5d:3c:13:f9:de:
c3:cb:48:4e:b6:31:4a:d3:f6:e2:cb:23:2d:8d:1f:
b6:5a:2c:6d:6d:e9:60:a8:02:73:a7:1b:7b:8f:82:
8b:3e:c0:05:03:38:73:93:5f:94:cb:78:a1:6d:15:
28:dd:15:c4:28:28:9c:bc:a2:f8:37:df:ed:93:29:
d1:a6:15:5d:8d:8f:b7:6d:d7:2a:67:25:79:e0:73:
2d:62:d2:9f:ca:2f:08:75:97:4f:11:6e:08:00:a9:
82:9a:29:d0:bb:88:92:04:5c:3a:ad:18:54:33:a5:
b2:56:fc:a1:6f:90:ba:96:6e:8a:f5:bb:d9:94:02:
94:70:23:58:aa:0a:78:74:39:62:b9:05:b8:05:19:
c4:0b:23:51:e7:71:5c:83:58:fd:a3:ab:e0:1b:2d:
de:5b:f2:91:b1:49:0e:b2:cc:72:dd:27:28:ea:ae:
2d:92:98:d3:fa:bd:1f:82:b2:18:ee:2a:f3:28:17:
57:d9:e9:b5:7e:7c:66:55:8c:84:6c:24:ac:1f:f0:
c5:94:4b:66:e5:69:36:c2:ac:e7:84:2a:4d:a7:4d:
b7:af:a1:9f:9f:f3:e3:62:bd:39:0b:4f:1d:0d:be:
07:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:4E:FF:66:AF:51:A6:4E:37:FE:F0:1B:2B:1C:94:70:52:BE:BB:CB
X509v3 Authority Key Identifier:
keyid:90:D7:53:A2:54:7E:03:A4:B0:D2:F9:1C:70:E9:CE:4E:44:68:04:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/Mk7_Zq9Rpk43_vAbKxyUcFK-u8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.76.0/22
45.150.0.0/22
91.189.96.0/21
92.118.0.0/22
94.231.240.0/20
185.9.252.0/22
193.239.92.0/22
193.239.186.0/23
195.222.116.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:a7:f2:99:ec:fd:a5:96:f1:72:21:16:81:3b:43:fa:ba:56:
b3:83:c9:e3:4c:15:82:68:02:12:44:ce:8c:5e:e3:7e:65:16:
48:09:25:23:87:84:e6:33:3f:e5:4a:0f:ce:88:41:a5:9d:58:
29:0f:4c:16:a2:14:f3:35:e3:6e:5d:4d:ed:8b:26:fc:1e:89:
12:d7:dc:21:87:a3:29:d9:1d:b2:8f:49:01:83:44:79:b3:dd:
2e:96:7c:1a:e6:d1:c9:ad:79:05:72:9a:2f:e4:fc:08:00:fe:
2b:98:e9:d7:aa:c5:df:b7:33:41:27:64:bc:43:1e:7f:df:b5:
81:35:3a:91:9d:18:85:da:ed:d5:fd:fd:6f:12:75:dd:d0:25:
42:9d:e5:8f:8c:77:3a:9e:d0:88:d7:cb:b0:dc:d9:74:98:6f:
ee:ee:5a:3e:96:13:49:ff:6a:56:11:a2:a1:08:b3:95:88:49:
a3:fd:10:88:02:8a:31:42:43:4a:bc:d3:b4:26:8a:0a:de:c5:
19:a7:c2:fe:a3:11:4b:b2:50:74:1d:74:5b:a7:f8:ac:aa:cd:
2e:2b:fd:24:58:51:6a:49:2d:d8:0a:66:48:75:17:ba:69:75:
38:ae:b1:f3:b4:41:01:7e:9d:16:27:b4:f4:83:63:8f:f1:81:
46:6a:0b:31
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZt3WVitMn2fttRXbcp30AvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDc1M2EyNTQ3ZTAzYTRiMGQyZjkxYzcwZTljZTRlNDQ2
ODA0MTgwHhcNMjYwMTAxMDIxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjRlZmY2NmFmNTFhNjRlMzdmZWYwMWIyYjFjOTQ3MDUyYmViYmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5syE71chxtg02yeTr8/VeGI7Lgt
et1+XTwT+d7Dy0hOtjFK0/biyyMtjR+2WixtbelgqAJzpxt7j4KLPsAFAzhzk1+U
y3ihbRUo3RXEKCicvKL4N9/tkynRphVdjY+3bdcqZyV54HMtYtKfyi8IdZdPEW4I
AKmCminQu4iSBFw6rRhUM6WyVvyhb5C6lm6K9bvZlAKUcCNYqgp4dDliuQW4BRnE
CyNR53Fcg1j9o6vgGy3eW/KRsUkOssxy3Sco6q4tkpjT+r0fgrIY7irzKBdX2em1
fnxmVYyEbCSsH/DFlEtm5Wk2wqznhCpNp023r6Gfn/PjYr05C08dDb4HGQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDJO/2avUaZON/7wGysclHBSvrvLMB8GA1UdIwQY
MBaAFJDXU6JUfgOksNL5HHDpzk5EaAQYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jYzkwOTktNzEwMS00NzJlLWFlZmMt
NWViNjZiY2UzMThkLzEvTWs3X1pxOVJwazQzX3ZBYkt4eVVjRkstdThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jYzkwOTktNzEwMS00NzJlLWFlZmMtNWViNjZiY2UzMThk
LzEva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLUJMAwQC
LZYAAwQDW71gAwQCXHYAAwQEXufwAwQCuQn8AwQCwe9cAwQBwe+6AwQCw950MA0G
CSqGSIb3DQEBCwUAA4IBAQAbp/KZ7P2llvFyIRaBO0P6ulazg8njTBWCaAISRM6M
XuN+ZRZICSUjh4TmMz/lSg/OiEGlnVgpD0wWohTzNeNuXU3tiyb8HokS19whh6Mp
2R2yj0kBg0R5s90ulnwa5tHJrXkFcpov5PwIAP4rmOnXqsXftzNBJ2S8Qx5/37WB
NTqRnRiF2u3V/f1vEnXd0CVCneWPjHc6ntCI18uw3Nl0mG/u7lo+lhNJ/2pWEaKh
CLOViEmj/RCIAooxQkNKvNO0JooK3sUZp8L+oxFLslB0HXRbp/isqs0uK/0kWFFq
SS3YCmZIdRe6aXU4rrHztEEBfp0WJ7T0g2OP8YFGagsx
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:20:06 2026 by rpki-client