Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/mbEhJhu8tsAzWhHE4rl5peqQOF8.roa
File: mbEhJhu8tsAzWhHE4rl5peqQOF8.roa (raw, json)
Hash identifier: Nn+Cgu7LOR6nMODgKh9QXXY7i8XiOMkzfzJkJHtgkLg=
Subject key identifier: 99:B1:21:26:1B:BC:B6:C0:33:5A:11:C4:E2:B9:79:A5:EA:90:38:5F
Certificate issuer: /CN=592e7c1f2394c3e3aaa8ccb647fd83671d6098b7
Certificate serial: 019D7A19BC291AFBA6A3F24BF8FA98F4955A
Authority key identifier: 59:2E:7C:1F:23:94:C3:E3:AA:A8:CC:B6:47:FD:83:67:1D:60:98:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WS58HyOUw-OqqMy2R_2DZx1gmLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/mbEhJhu8tsAzWhHE4rl5peqQOF8.roa
Signing time: Sat 11 Apr 2026 01:13:20 +0000
ROA not before: Sat 11 Apr 2026 01:13:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213637
IP address blocks: 2.56.63.0/24 maxlen: 24
37.247.111.0/24 maxlen: 24
46.20.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/WS58HyOUw-OqqMy2R_2DZx1gmLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/WS58HyOUw-OqqMy2R_2DZx1gmLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WS58HyOUw-OqqMy2R_2DZx1gmLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 01:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:7a:19:bc:29:1a:fb:a6:a3:f2:4b:f8:fa:98:f4:95:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=592e7c1f2394c3e3aaa8ccb647fd83671d6098b7
Validity
Not Before: Apr 11 01:13:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=99b121261bbcb6c0335a11c4e2b979a5ea90385f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:67:e4:71:c9:f8:30:54:a9:30:7b:94:18:2e:
04:f7:23:5b:0d:8f:d3:35:08:a3:80:ea:ae:05:fc:
ea:6c:87:ab:58:48:e1:3a:98:11:5d:a7:86:66:33:
f1:39:98:63:a7:69:7a:ce:df:a3:ba:ec:f8:b3:6b:
37:75:d3:3c:ff:31:1c:58:17:0a:65:b7:20:9d:53:
b4:ad:4b:d5:9c:fc:02:e3:ec:57:af:db:6c:18:01:
27:db:61:ac:bc:98:2e:27:40:79:85:b8:c8:77:e6:
9c:9b:92:16:f4:dc:2c:29:71:4c:4d:8b:0c:b7:d4:
06:aa:5f:be:d4:cd:ca:d9:4a:ac:d3:8e:a5:33:ae:
b2:ee:ee:56:65:9b:4f:4c:a8:bd:af:d0:ec:24:3e:
96:2c:d1:37:2d:13:25:43:7f:ec:d2:38:cc:33:8c:
47:eb:af:d1:4f:c1:27:ce:51:43:af:79:a5:57:a6:
57:91:bf:dc:fc:10:33:ae:46:0f:8c:28:5a:cc:0f:
ba:1e:af:0d:0b:7b:82:59:ed:c8:40:1d:37:b7:6e:
c2:45:c1:7a:88:61:19:7c:8f:87:99:cd:11:75:00:
ac:6e:13:f4:31:03:64:f7:dd:aa:9f:72:25:28:09:
62:79:3c:6e:0d:f0:ca:a0:a1:11:89:1d:1a:29:9f:
95:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B1:21:26:1B:BC:B6:C0:33:5A:11:C4:E2:B9:79:A5:EA:90:38:5F
X509v3 Authority Key Identifier:
keyid:59:2E:7C:1F:23:94:C3:E3:AA:A8:CC:B6:47:FD:83:67:1D:60:98:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WS58HyOUw-OqqMy2R_2DZx1gmLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/mbEhJhu8tsAzWhHE4rl5peqQOF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/WS58HyOUw-OqqMy2R_2DZx1gmLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.63.0/24
37.247.111.0/24
46.20.15.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:9e:78:9e:78:33:e9:55:07:9e:d1:8f:bc:a0:44:ed:86:ba:
2e:82:33:f8:fa:10:7c:f2:77:2c:d8:4e:3c:8d:48:2f:c0:1e:
5a:d4:46:36:34:e7:0a:31:bf:1f:45:e1:e8:01:85:e4:e7:bf:
51:43:65:66:de:ae:20:a8:92:9a:6a:05:e7:b9:9c:f6:e9:dc:
3a:76:46:6e:0d:15:ed:55:52:ce:f5:ca:e7:92:1f:02:5a:49:
14:6d:50:cf:60:b3:5d:bb:4f:2d:cb:c7:e6:bd:8a:34:fb:e5:
fa:ae:98:f2:5c:6a:c1:cd:ac:de:8a:93:f0:bf:a2:84:76:f1:
96:d7:7b:3c:7e:b1:0a:bb:9f:22:3f:19:80:2a:c3:28:23:69:
9b:d3:96:84:0a:c3:72:c9:1d:0a:d9:f6:6e:33:68:8e:80:4e:
66:df:85:e5:2a:f4:44:3f:1d:e1:be:04:22:c5:60:4d:e1:f5:
1e:21:5d:88:de:07:01:55:eb:a9:2a:c5:f9:b3:90:ff:77:18:
bd:e8:18:f8:24:62:21:a3:23:2a:18:d0:9a:da:52:34:1b:2b:
11:8f:1e:e3:16:00:5f:db:29:d1:4c:3e:3c:a7:09:e8:f6:ed:
a7:0a:f2:5e:b2:50:ea:e9:99:c7:75:a4:5a:f8:0b:c3:0a:3c:
dc:cc:cc:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ16GbwpGvumo/JL+PqY9JVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5MmU3YzFmMjM5NGMzZTNhYWE4Y2NiNjQ3ZmQ4MzY3MWQ2
MDk4YjcwHhcNMjYwNDExMDExMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWIxMjEyNjFiYmNiNmMwMzM1YTExYzRlMmI5NzlhNWVhOTAzODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGfkccn4MFSpMHuUGC4E9yNbDY/T
NQijgOquBfzqbIerWEjhOpgRXaeGZjPxOZhjp2l6zt+juuz4s2s3ddM8/zEcWBcK
ZbcgnVO0rUvVnPwC4+xXr9tsGAEn22GsvJguJ0B5hbjId+acm5IW9NwsKXFMTYsM
t9QGql++1M3K2Uqs046lM66y7u5WZZtPTKi9r9DsJD6WLNE3LRMlQ3/s0jjMM4xH
66/RT8EnzlFDr3mlV6ZXkb/c/BAzrkYPjChazA+6Hq8NC3uCWe3IQB03t27CRcF6
iGEZfI+Hmc0RdQCsbhP0MQNk992qn3IlKAlieTxuDfDKoKERiR0aKZ+VVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJmxISYbvLbAM1oRxOK5eaXqkDhfMB8GA1UdIwQY
MBaAFFkufB8jlMPjqqjMtkf9g2cdYJi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1M1OEh5T1V3LU9xcU15MlJfMkRaeDFnbUxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi85NTcxZDYtOTc0Zi00MzI3LWI5ZTAt
NDQzYmU2M2ZjMTIzLzEvbWJFaEpodTh0c0F6V2hIRTRybDVwZXFRT0Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi85NTcxZDYtOTc0Zi00MzI3LWI5ZTAtNDQzYmU2M2ZjMTIz
LzEvV1M1OEh5T1V3LU9xcU15MlJfMkRaeDFnbUxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjg/AwQA
JfdvAwQALhQPMA0GCSqGSIb3DQEBCwUAA4IBAQCKnnieeDPpVQee0Y+8oETthrou
gjP4+hB88ncs2E48jUgvwB5a1EY2NOcKMb8fReHoAYXk579RQ2Vm3q4gqJKaagXn
uZz26dw6dkZuDRXtVVLO9crnkh8CWkkUbVDPYLNdu08ty8fmvYo0++X6rpjyXGrB
zazeipPwv6KEdvGW13s8frEKu58iPxmAKsMoI2mb05aECsNyyR0K2fZuM2iOgE5m
34XlKvREPx3hvgQixWBN4fUeIV2I3gcBVeupKsX5s5D/dxi96Bj4JGIhoyMqGNCa
2lI0GysRjx7jFgBf2ynRTD48pwno9u2nCvJeslDq6ZnHdaRa+AvDCjzczMzj
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:29:09 2026 by rpki-client