Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/Mwa4BYhszDC6EiMM8uEuQovtbu0.roa
File: Mwa4BYhszDC6EiMM8uEuQovtbu0.roa (raw, json)
Hash identifier: +62IJVapKeotHfACQPyX6dSOxf44Up4jXmezBFrKB6Y=
Subject key identifier: 33:06:B8:05:88:6C:CC:30:BA:12:23:0C:F2:E1:2E:42:8B:ED:6E:ED
Certificate issuer: /CN=d89b44e2c057f01a99261f94bbf6da1bf1865f39
Certificate serial: 019B7758863EA6864E571A9DA32127D9AF14
Authority key identifier: D8:9B:44:E2:C0:57:F0:1A:99:26:1F:94:BB:F6:DA:1B:F1:86:5F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/Mwa4BYhszDC6EiMM8uEuQovtbu0.roa
Signing time: Thu 01 Jan 2026 02:17:28 +0000
ROA not before: Thu 01 Jan 2026 02:17:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203321
IP address blocks: 94.142.254.0/24 maxlen: 24
2a12:5c40::/48 maxlen: 48
2a12:5c40:1::/48 maxlen: 48
2a12:5c40:2::/48 maxlen: 48
2a12:5c40:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:58:86:3e:a6:86:4e:57:1a:9d:a3:21:27:d9:af:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d89b44e2c057f01a99261f94bbf6da1bf1865f39
Validity
Not Before: Jan 1 02:17:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3306b805886ccc30ba12230cf2e12e428bed6eed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:33:8c:46:97:79:7a:04:97:02:ac:04:bd:c7:
66:6b:cb:be:95:39:76:12:03:5b:b5:80:92:a6:34:
b7:8a:79:5c:94:79:26:c9:15:59:3c:03:18:67:f5:
fa:32:5c:9e:aa:b4:3f:4d:10:cc:78:18:3c:ed:d0:
05:a3:32:83:53:5b:38:eb:b7:25:19:86:1a:25:07:
79:c6:64:57:ea:62:65:90:8b:1b:b0:5f:1f:46:2b:
b5:3f:c0:ab:73:95:4c:ea:39:de:1f:ab:32:70:40:
97:66:cd:8e:66:46:eb:6d:1c:33:0a:77:45:df:fe:
81:ec:f6:e6:2f:82:9a:84:ee:bd:7c:04:1a:a7:b5:
1b:fd:b8:35:02:82:8f:a9:e4:c3:8a:b4:03:90:c3:
c2:6e:c2:e6:d2:90:a8:4a:f6:52:0b:7d:bb:31:c0:
f1:5f:3a:1a:d7:e4:58:06:24:de:34:54:64:95:44:
16:2b:83:82:d7:93:69:da:a1:fe:61:68:11:be:27:
38:09:2e:a3:3f:f4:df:6a:e3:12:1d:2e:b9:bf:45:
75:56:74:c6:f0:d9:2b:8a:21:2f:3d:e6:e2:e8:37:
fa:8d:81:12:82:c2:eb:a7:3b:88:c5:f6:e2:5b:0f:
1d:80:45:2a:b0:11:94:6d:92:25:b6:03:5e:63:67:
c0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:06:B8:05:88:6C:CC:30:BA:12:23:0C:F2:E1:2E:42:8B:ED:6E:ED
X509v3 Authority Key Identifier:
keyid:D8:9B:44:E2:C0:57:F0:1A:99:26:1F:94:BB:F6:DA:1B:F1:86:5F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/Mwa4BYhszDC6EiMM8uEuQovtbu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.254.0/24
IPv6:
2a12:5c40::/46
Signature Algorithm: sha256WithRSAEncryption
42:59:18:0d:7d:7e:7c:0b:76:6c:1c:00:45:48:d7:17:5a:87:
cb:4e:a6:37:1b:cc:42:c5:e1:80:5a:67:d8:02:09:56:7a:1c:
34:76:b7:93:54:c0:96:9f:6d:a6:7a:eb:11:58:50:41:0e:6f:
78:ad:43:66:75:e1:88:d0:fc:f1:12:bf:cd:06:ad:a1:ab:81:
69:96:29:44:60:7c:97:83:53:41:1a:05:ee:7c:fc:a6:7e:2f:
7a:36:c7:47:6a:9e:a1:10:e9:a5:99:3e:2c:f5:1c:23:38:6b:
55:cf:e9:5a:b2:2e:50:ca:43:a8:92:02:44:87:3e:88:f6:94:
81:f7:05:84:03:28:8e:89:46:3b:f5:eb:d9:ad:d1:30:e2:b4:
31:70:27:3e:12:c1:3b:cb:f2:63:7c:5b:8a:fb:00:9e:f2:42:
2c:cf:3c:4c:df:2f:e7:6d:20:33:3a:4c:c1:36:10:d5:e5:42:
2e:36:3f:c5:15:10:c8:64:c7:18:2f:90:28:98:e5:f1:f8:fd:
8b:3d:b9:2b:35:70:7d:de:a2:fa:4f:cf:8d:e3:8b:99:b8:a1:
e5:9e:09:43:69:2b:05:62:b1:02:00:af:41:6a:a3:bf:22:41:
02:0b:7a:d8:4f:d1:53:e7:3e:88:a1:e8:77:1f:fc:03:b1:f3:
e3:90:33:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZt3WIY+poZOVxqdoyEn2a8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OWI0NGUyYzA1N2YwMWE5OTI2MWY5NGJiZjZkYTFiZjE4
NjVmMzkwHhcNMjYwMTAxMDIxNzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzA2YjgwNTg4NmNjYzMwYmExMjIzMGNmMmUxMmU0MjhiZWQ2ZWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDOMRpd5egSXAqwEvcdma8u+lTl2
EgNbtYCSpjS3inlclHkmyRVZPAMYZ/X6MlyeqrQ/TRDMeBg87dAFozKDU1s467cl
GYYaJQd5xmRX6mJlkIsbsF8fRiu1P8Crc5VM6jneH6sycECXZs2OZkbrbRwzCndF
3/6B7PbmL4KahO69fAQap7Ub/bg1AoKPqeTDirQDkMPCbsLm0pCoSvZSC327McDx
Xzoa1+RYBiTeNFRklUQWK4OC15Np2qH+YWgRvic4CS6jP/TfauMSHS65v0V1VnTG
8NkriiEvPebi6Df6jYESgsLrpzuIxfbiWw8dgEUqsBGUbZIltgNeY2fAtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDMGuAWIbMwwuhIjDPLhLkKL7W7tMB8GA1UdIwQY
MBaAFNibROLAV/AamSYflLv22hvxhl85MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wMGE3MWUtZGVmOC00YTRmLWE0OTkt
YjYwZmJiMTRjMTlkLzEvTXdhNEJZaHN6REM2RWlNTTh1RXVRb3Z0YnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8wMGE3MWUtZGVmOC00YTRmLWE0OTktYjYwZmJiMTRjMTlk
LzEvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAXo7+MA8E
AgACMAkDBwIqElxAAAAwDQYJKoZIhvcNAQELBQADggEBAEJZGA19fnwLdmwcAEVI
1xdah8tOpjcbzELF4YBaZ9gCCVZ6HDR2t5NUwJafbaZ66xFYUEEOb3itQ2Z14YjQ
/PESv80GraGrgWmWKURgfJeDU0EaBe58/KZ+L3o2x0dqnqEQ6aWZPiz1HCM4a1XP
6VqyLlDKQ6iSAkSHPoj2lIH3BYQDKI6JRjv169mt0TDitDFwJz4SwTvL8mN8W4r7
AJ7yQizPPEzfL+dtIDM6TME2ENXlQi42P8UVEMhkxxgvkCiY5fH4/Ys9uSs1cH3e
ovpPz43ji5m4oeWeCUNpKwVisQIAr0Fqo78iQQILethP0VPnPoih6Hcf/AOx8+OQ
Mz8=
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:04:44 2026 by rpki-client