Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/mCi8IXM78zEe8k6a11x1wQYJJHk.roa
File: mCi8IXM78zEe8k6a11x1wQYJJHk.roa (raw, json)
Hash identifier: XXRc/LdihJuiCQ6i4r0S3QErFt5j7/TSAtBg4nnm1BY=
Subject key identifier: 98:28:BC:21:73:3B:F3:31:1E:F2:4E:9A:D7:5C:75:C1:06:09:24:79
Certificate issuer: /CN=751483655b35a2b847185f689c8fd1601dcc7187
Certificate serial: 019B79109D47412112EA4BE69E17B7B94CBB
Authority key identifier: 75:14:83:65:5B:35:A2:B8:47:18:5F:68:9C:8F:D1:60:1D:CC:71:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dRSDZVs1orhHGF9onI_RYB3McYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/mCi8IXM78zEe8k6a11x1wQYJJHk.roa
Signing time: Thu 01 Jan 2026 10:18:10 +0000
ROA not before: Thu 01 Jan 2026 10:18:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35171
IP address blocks: 45.143.32.0/22 maxlen: 22
45.143.32.0/24 maxlen: 24
45.143.33.0/24 maxlen: 24
45.143.34.0/24 maxlen: 24
45.143.35.0/24 maxlen: 24
85.118.240.0/21 maxlen: 21
85.118.240.0/24 maxlen: 24
85.118.241.0/24 maxlen: 24
85.118.242.0/24 maxlen: 24
85.118.243.0/24 maxlen: 24
85.118.244.0/24 maxlen: 24
85.118.245.0/24 maxlen: 24
85.118.246.0/24 maxlen: 24
85.118.247.0/24 maxlen: 24
2a11:5f40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/dRSDZVs1orhHGF9onI_RYB3McYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/dRSDZVs1orhHGF9onI_RYB3McYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/dRSDZVs1orhHGF9onI_RYB3McYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:10:9d:47:41:21:12:ea:4b:e6:9e:17:b7:b9:4c:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=751483655b35a2b847185f689c8fd1601dcc7187
Validity
Not Before: Jan 1 10:18:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9828bc21733bf3311ef24e9ad75c75c106092479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:12:e4:bd:78:77:47:02:a1:9b:9a:ce:70:07:
ff:15:33:6e:4e:91:fa:e9:c1:11:8f:a8:bc:da:cf:
d1:d2:fa:14:c7:97:ea:29:e0:91:86:86:13:b2:6e:
09:14:c1:b6:83:aa:4c:63:b1:5d:c0:97:c0:06:33:
87:cf:49:ba:92:12:e1:66:ee:be:35:71:a7:cb:c0:
72:73:29:32:9a:9d:2e:d4:38:41:71:42:5c:63:15:
32:7f:05:c2:42:b3:a7:9e:7c:c0:87:51:b5:53:02:
b5:05:51:4a:0f:d4:77:ec:8a:17:7d:9b:14:06:13:
c2:74:9e:c4:86:d8:84:d3:63:0b:3a:8d:94:e0:38:
16:f0:31:c8:6d:6f:01:c9:0b:7a:10:f0:32:8e:3f:
20:00:fc:f5:7e:f5:fc:05:27:fc:7e:68:60:bf:6a:
6b:cf:b9:62:04:50:2e:1a:a7:d5:c6:f2:87:92:40:
bc:4c:8a:16:72:d2:45:ad:a4:5b:28:11:e2:9c:23:
36:a9:bd:9a:50:59:ac:6d:57:28:06:e3:ad:9c:22:
dd:5a:af:b1:91:e9:44:4c:c1:8f:ab:47:50:39:f8:
4b:c4:d4:c4:d8:84:6b:7d:fe:4f:87:98:94:b5:1f:
fc:2a:09:c8:4a:33:0c:0d:66:46:29:12:0d:1e:a9:
78:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:28:BC:21:73:3B:F3:31:1E:F2:4E:9A:D7:5C:75:C1:06:09:24:79
X509v3 Authority Key Identifier:
keyid:75:14:83:65:5B:35:A2:B8:47:18:5F:68:9C:8F:D1:60:1D:CC:71:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dRSDZVs1orhHGF9onI_RYB3McYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/mCi8IXM78zEe8k6a11x1wQYJJHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/1279fc-1b27-407c-81f4-a7fb36cc2fe3/1/dRSDZVs1orhHGF9onI_RYB3McYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.32.0/22
85.118.240.0/21
IPv6:
2a11:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
2a:a6:79:7f:d5:51:10:ca:67:74:88:be:c3:4a:db:fa:30:55:
44:a7:c5:9e:3e:d9:f0:24:95:53:75:41:75:14:bd:4f:90:e5:
58:f4:a7:61:64:97:3f:98:fd:6d:36:db:81:7c:f9:b4:c4:28:
98:e8:82:15:d1:a7:14:33:c9:de:f2:35:f5:64:bc:47:2c:4c:
c8:aa:56:93:0f:8c:98:9f:ae:e2:38:ab:58:8b:1b:95:5d:a8:
90:e6:7f:b4:25:b1:62:83:83:e3:c4:5b:60:20:d8:46:8f:c9:
18:a1:a2:01:ba:26:d6:1e:59:1a:61:15:44:fa:38:05:e8:d2:
15:1a:29:9f:dd:01:74:fc:30:b3:21:d1:a8:aa:3b:0d:c6:0a:
ce:3b:b5:fe:4d:d4:85:4c:5d:84:c0:ca:76:7c:09:48:b2:6b:
14:56:92:af:ec:ff:e6:df:07:fa:bd:4b:20:31:f2:62:8c:32:
a7:e4:41:fe:01:f0:9b:ed:86:a1:d4:86:9c:ab:93:aa:76:02:
16:7f:13:32:97:43:6d:55:bb:6c:e8:50:82:1c:1c:71:90:58:
6a:58:f6:89:45:07:2f:5a:93:b9:10:47:6b:fb:8b:43:21:2c:
c0:29:c9:33:e0:b3:d8:52:0c:51:02:67:b1:a7:89:ab:52:c9:
56:c7:0b:4e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZt5EJ1HQSES6kvmnhe3uUy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MTQ4MzY1NWIzNWEyYjg0NzE4NWY2ODljOGZkMTYwMWRj
YzcxODcwHhcNMjYwMTAxMTAxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODI4YmMyMTczM2JmMzMxMWVmMjRlOWFkNzVjNzVjMTA2MDkyNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBLkvXh3RwKhm5rOcAf/FTNuTpH6
6cERj6i82s/R0voUx5fqKeCRhoYTsm4JFMG2g6pMY7FdwJfABjOHz0m6khLhZu6+
NXGny8Bycykymp0u1DhBcUJcYxUyfwXCQrOnnnzAh1G1UwK1BVFKD9R37IoXfZsU
BhPCdJ7EhtiE02MLOo2U4DgW8DHIbW8ByQt6EPAyjj8gAPz1fvX8BSf8fmhgv2pr
z7liBFAuGqfVxvKHkkC8TIoWctJFraRbKBHinCM2qb2aUFmsbVcoBuOtnCLdWq+x
kelETMGPq0dQOfhLxNTE2IRrff5Ph5iUtR/8KgnISjMMDWZGKRINHql4UwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJgovCFzO/MxHvJOmtdcdcEGCSR5MB8GA1UdIwQY
MBaAFHUUg2VbNaK4RxhfaJyP0WAdzHGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFJTRFpWczFvcmhIR0Y5b25JX1JZQjNNY1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8xMjc5ZmMtMWIyNy00MDdjLTgxZjQt
YTdmYjM2Y2MyZmUzLzEvbUNpOElYTTc4ekVlOGs2YTExeDF3UVlKSkhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8xMjc5ZmMtMWIyNy00MDdjLTgxZjQtYTdmYjM2Y2MyZmUz
LzEvZFJTRFpWczFvcmhIR0Y5b25JX1JZQjNNY1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLY8gAwQD
VXbwMA0EAgACMAcDBQMqEV9AMA0GCSqGSIb3DQEBCwUAA4IBAQAqpnl/1VEQymd0
iL7DStv6MFVEp8WePtnwJJVTdUF1FL1PkOVY9KdhZJc/mP1tNtuBfPm0xCiY6IIV
0acUM8ne8jX1ZLxHLEzIqlaTD4yYn67iOKtYixuVXaiQ5n+0JbFig4PjxFtgINhG
j8kYoaIBuibWHlkaYRVE+jgF6NIVGimf3QF0/DCzIdGoqjsNxgrOO7X+TdSFTF2E
wMp2fAlIsmsUVpKv7P/m3wf6vUsgMfJijDKn5EH+AfCb7Yah1Iacq5OqdgIWfxMy
l0NtVbts6FCCHBxxkFhqWPaJRQcvWpO5EEdr+4tDISzAKckz4LPYUgxRAmexp4mr
UslWxwtO
-----END CERTIFICATE-----
Generated at Sun Mar 1 16:23:55 2026 by rpki-client