Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/m-7mOQODx43IT_d3no0RM9sJgRA.roa
File: m-7mOQODx43IT_d3no0RM9sJgRA.roa (raw, json)
Hash identifier: hvZm9QUYUtBcunbi5zG4w6xmxB9rKmbMfgtU8ivMI0Y=
Subject key identifier: 9B:EE:E6:39:03:83:C7:8D:C8:4F:F7:77:9E:8D:11:33:DB:09:81:10
Certificate issuer: /CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Certificate serial: 019EA6465F51D76D190FE64BC45A1DA401A8
Authority key identifier: 90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/m-7mOQODx43IT_d3no0RM9sJgRA.roa
Signing time: Mon 08 Jun 2026 08:08:10 +0000
ROA not before: Mon 08 Jun 2026 08:08:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15874
IP address blocks: 37.130.0.0/18 maxlen: 24
37.130.49.0/24 maxlen: 24
37.130.55.0/24 maxlen: 24
46.174.232.0/22 maxlen: 22
46.174.238.0/24 maxlen: 24
91.231.24.0/24 maxlen: 24
91.231.26.0/24 maxlen: 24
91.231.27.0/24 maxlen: 24
185.237.56.0/22 maxlen: 24
2a0c:1680::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 14:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a6:46:5f:51:d7:6d:19:0f:e6:4b:c4:5a:1d:a4:01:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90b8a15466c3ff1e915d780a10b0baa9ad694860
Validity
Not Before: Jun 8 08:08:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9beee6390383c78dc84ff7779e8d1133db098110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:f7:17:d2:00:45:e6:49:cd:25:e3:26:9f:8c:
7c:0e:0e:35:3e:09:bc:82:44:e6:9b:8c:6e:8c:ea:
d4:e0:03:c6:93:5a:63:26:6a:ae:ae:6d:cb:74:84:
f7:85:3c:da:2b:e0:7f:f7:a9:d9:0d:38:d3:2f:ce:
54:85:84:d6:c9:cb:a5:91:de:f8:1d:29:16:09:9b:
bf:53:a5:d0:0b:77:f2:47:8d:ee:f9:b8:48:53:c6:
33:a1:33:f9:dd:2a:90:da:db:a3:bb:5d:a4:cc:ae:
fc:2b:fb:d5:cf:0e:b6:86:3e:07:2e:1b:dd:1e:6e:
99:e4:1f:6a:6d:d0:e5:78:f2:d6:e9:26:b6:45:be:
00:95:db:f2:2b:4a:66:f8:7d:41:83:69:f1:d9:a2:
c4:f7:61:97:14:99:e9:d7:df:cc:ce:90:9b:43:cc:
9f:2e:5f:7c:27:87:9c:40:ff:7d:3c:23:a8:4d:60:
88:f1:67:67:bc:71:f4:e7:7e:37:36:e5:55:52:4c:
5a:cc:5d:b1:b8:92:94:33:52:e8:2f:7a:c4:cc:5b:
e5:bf:dd:cd:67:20:0b:37:15:fd:46:bb:0a:dd:91:
4b:6d:e3:b6:54:e6:a5:e8:7f:21:eb:16:9f:7c:dc:
1d:64:9d:84:33:43:3f:ec:31:c9:7a:16:39:26:28:
e6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:EE:E6:39:03:83:C7:8D:C8:4F:F7:77:9E:8D:11:33:DB:09:81:10
X509v3 Authority Key Identifier:
keyid:90:B8:A1:54:66:C3:FF:1E:91:5D:78:0A:10:B0:BA:A9:AD:69:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kLihVGbD_x6RXXgKELC6qa1pSGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/m-7mOQODx43IT_d3no0RM9sJgRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a2df44-38b2-4d12-8347-78e997869952/1/kLihVGbD_x6RXXgKELC6qa1pSGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.0.0/18
46.174.232.0/22
46.174.238.0/24
91.231.24.0/24
91.231.26.0/23
185.237.56.0/22
IPv6:
2a0c:1680::/29
Signature Algorithm: sha256WithRSAEncryption
c0:51:89:e7:99:23:e5:c6:5a:79:ed:34:85:d2:b0:61:70:81:
25:a5:a9:75:ab:2c:35:1d:8a:d8:61:34:10:1d:d0:2a:83:7d:
b3:0e:5f:ab:32:fc:ac:2c:14:1e:6f:c1:17:6e:cb:7a:dc:c9:
10:4d:6b:d9:da:8a:e0:6b:a5:58:48:26:a8:7f:69:65:7e:64:
c1:4b:f4:da:13:ae:e3:f0:9f:e7:a0:ab:9a:60:c0:dd:cf:c1:
dc:69:9b:9b:9b:ad:8e:7d:74:6a:9c:35:03:da:70:5b:9f:e9:
5f:6b:34:c6:d1:bf:20:81:76:9a:1e:ef:78:02:d5:0d:59:49:
eb:ca:2e:e6:18:a3:f4:47:b6:eb:71:a1:97:a6:61:54:c4:5d:
11:5a:51:f4:27:79:c2:cb:a3:df:0f:74:2f:9c:88:d5:01:fb:
b1:ad:1d:c0:44:cb:eb:26:e8:cb:bf:82:72:05:64:01:bf:fd:
c4:f0:46:55:13:83:09:77:fa:78:82:0d:f6:54:fb:ba:a2:7b:
a9:4b:b4:c3:13:bb:db:e7:a2:0d:6f:53:07:c8:25:1d:8e:e7:
fd:b1:6c:a1:b2:6a:a1:05:67:61:ea:91:ca:83:26:1f:11:c4:
84:28:53:bc:be:40:6d:b4:b1:ca:ec:b5:9c:eb:6f:76:d4:86:
ad:16:0a:4e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZ6mRl9R120ZD+ZLxFodpAGoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYjhhMTU0NjZjM2ZmMWU5MTVkNzgwYTEwYjBiYWE5YWQ2
OTQ4NjAwHhcNMjYwNjA4MDgwODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmVlZTYzOTAzODNjNzhkYzg0ZmY3Nzc5ZThkMTEzM2RiMDk4MTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/vcX0gBF5knNJeMmn4x8Dg41Pgm8
gkTmm4xujOrU4APGk1pjJmqurm3LdIT3hTzaK+B/96nZDTjTL85UhYTWyculkd74
HSkWCZu/U6XQC3fyR43u+bhIU8YzoTP53SqQ2tuju12kzK78K/vVzw62hj4HLhvd
Hm6Z5B9qbdDlePLW6Sa2Rb4AldvyK0pm+H1Bg2nx2aLE92GXFJnp19/MzpCbQ8yf
Ll98J4ecQP99PCOoTWCI8WdnvHH05343NuVVUkxazF2xuJKUM1LoL3rEzFvlv93N
ZyALNxX9RrsK3ZFLbeO2VOal6H8h6xaffNwdZJ2EM0M/7DHJehY5JijmVQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJvu5jkDg8eNyE/3d56NETPbCYEQMB8GA1UdIwQY
MBaAFJC4oVRmw/8ekV14ChCwuqmtaUhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDct
NzhlOTk3ODY5OTUyLzEvbS03bU9RT0R4NDNJVF9kM25vMFJNOXNKZ1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hMmRmNDQtMzhiMi00ZDEyLTgzNDctNzhlOTk3ODY5OTUy
LzEva0xpaFZHYkRfeDZSWFhnS0VMQzZxYTFwU0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQGJYIAAwQC
Lq7oAwQALq7uAwQAW+cYAwQBW+caAwQCue04MA0EAgACMAcDBQMqDBaAMA0GCSqG
SIb3DQEBCwUAA4IBAQDAUYnnmSPlxlp57TSF0rBhcIElpal1qyw1HYrYYTQQHdAq
g32zDl+rMvysLBQeb8EXbst63MkQTWvZ2orga6VYSCaof2llfmTBS/TaE67j8J/n
oKuaYMDdz8HcaZubm62OfXRqnDUD2nBbn+lfazTG0b8ggXaaHu94AtUNWUnryi7m
GKP0R7brcaGXpmFUxF0RWlH0J3nCy6PfD3QvnIjVAfuxrR3ARMvrJujLv4JyBWQB
v/3E8EZVE4MJd/p4gg32VPu6onupS7TDE7vb56INb1MHyCUdjuf9sWyhsmqhBWdh
6pHKgyYfEcSEKFO8vkBttLHK7LWc62921IatFgpO
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:06:05 2026 by rpki-client