Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/mdY5Sztkc4Vni8OjzOm5E7-UAg4.roa
File: mdY5Sztkc4Vni8OjzOm5E7-UAg4.roa (raw, json)
Hash identifier: 4tfYSlcZaMhBe9xCHiaJ05NUurhwg+qzrotu7ul3MS8=
Subject key identifier: 99:D6:39:4B:3B:64:73:85:67:8B:C3:A3:CC:E9:B9:13:BF:94:02:0E
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019D2F04976860ACA2619662EAC1B4E56A7B
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/mdY5Sztkc4Vni8OjzOm5E7-UAg4.roa
Signing time: Fri 27 Mar 2026 11:18:43 +0000
ROA not before: Fri 27 Mar 2026 11:18:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 137409
IP address blocks: 14.102.61.0/24 maxlen: 24
14.102.62.0/24 maxlen: 24
14.102.84.0/24 maxlen: 24
14.102.86.0/24 maxlen: 24
45.150.180.0/24 maxlen: 24
62.169.128.0/24 maxlen: 24
66.56.87.0/24 maxlen: 24
103.61.196.0/24 maxlen: 24
158.173.167.0/24 maxlen: 24
158.173.243.0/24 maxlen: 24
158.173.246.0/24 maxlen: 24
158.173.247.0/24 maxlen: 24
167.160.28.0/24 maxlen: 24
170.62.238.0/24 maxlen: 24
192.253.209.0/24 maxlen: 24
198.55.31.0/24 maxlen: 24
203.188.175.0/24 maxlen: 24
203.188.189.0/24 maxlen: 24
203.188.190.0/24 maxlen: 24
203.188.191.0/24 maxlen: 24
212.32.71.0/24 maxlen: 24
212.32.73.0/24 maxlen: 24
212.32.76.0/24 maxlen: 24
213.254.163.0/24 maxlen: 24
213.254.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2f:04:97:68:60:ac:a2:61:96:62:ea:c1:b4:e5:6a:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 27 11:18:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=99d6394b3b647385678bc3a3cce9b913bf94020e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:82:86:c3:a0:ba:9e:c8:cd:69:04:46:06:fc:
89:6d:c6:55:fd:18:dd:17:cb:54:c1:d8:1c:3c:e2:
19:c2:6a:6c:d1:73:e4:40:4b:a6:92:83:1d:f8:2a:
2f:97:95:f7:84:91:03:c5:e3:f3:3e:3a:93:ef:6e:
05:74:d8:63:fb:02:0f:4e:ec:37:63:34:24:98:95:
e6:74:81:20:09:59:6e:2e:7f:a7:bc:14:42:76:29:
5c:d3:9f:a6:d4:4e:b1:3d:c3:a7:f7:db:1f:a8:24:
0e:18:8f:f8:ab:34:4c:cf:5f:00:99:b8:4a:f4:66:
3c:00:61:ad:bf:dc:a6:39:11:d0:14:e7:53:c3:20:
10:64:be:bd:04:0f:a8:9d:87:72:a3:f4:01:60:5e:
3d:5e:96:5d:9c:d3:0f:21:a2:a7:bd:9f:98:14:0f:
c3:2b:d8:a8:13:8a:fb:c2:c9:f9:79:c8:86:0f:d5:
b2:5b:58:d6:a3:92:03:b5:d3:28:ee:3c:0d:bd:9b:
61:87:77:09:e0:2f:00:23:56:f8:06:c3:30:03:01:
c0:c6:f7:85:b5:04:4d:a7:69:44:ef:77:5f:86:1b:
bb:93:27:cf:c0:34:25:7d:52:46:ab:f9:84:0a:12:
bb:e4:ee:52:db:09:37:21:a9:cc:93:4b:9c:d2:57:
e7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D6:39:4B:3B:64:73:85:67:8B:C3:A3:CC:E9:B9:13:BF:94:02:0E
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/mdY5Sztkc4Vni8OjzOm5E7-UAg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.61.0-14.102.62.255
14.102.84.0/24
14.102.86.0/24
45.150.180.0/24
62.169.128.0/24
66.56.87.0/24
103.61.196.0/24
158.173.167.0/24
158.173.243.0/24
158.173.246.0/23
167.160.28.0/24
170.62.238.0/24
192.253.209.0/24
198.55.31.0/24
203.188.175.0/24
203.188.189.0-203.188.191.255
212.32.71.0/24
212.32.73.0/24
212.32.76.0/24
213.254.163.0/24
213.254.175.0/24
Signature Algorithm: sha256WithRSAEncryption
96:33:6e:d3:df:8e:11:ab:d1:82:71:66:80:00:a7:b5:fa:6c:
f9:62:e0:4e:12:48:e2:c1:bc:1d:92:00:eb:52:da:5d:e5:15:
3f:e1:fe:df:e8:c5:96:9e:36:4e:8d:c6:ea:85:9f:5b:ef:da:
42:db:ed:a0:b1:ba:cd:17:1e:30:45:6e:2e:21:2f:b4:ed:9b:
d3:c1:f7:c1:01:01:5f:b5:e7:82:dd:a2:d7:47:2a:bb:0f:18:
4c:7a:12:16:7f:ac:ba:40:31:29:15:a6:f5:ef:e4:a8:cd:83:
11:39:da:0e:ff:92:5f:d5:4e:22:de:82:7e:66:be:7d:90:69:
1c:87:86:ef:f1:59:92:77:89:2a:7a:77:91:f9:10:1d:d0:2f:
32:38:ac:2b:c3:77:48:0e:5f:ef:12:0e:84:e9:d5:55:82:05:
cf:3d:b5:00:67:b4:f0:8f:2b:7f:ac:ab:19:3b:a4:86:4d:2a:
0e:c9:ad:c6:bf:26:5a:83:ba:cf:5a:90:38:c7:84:52:8f:5f:
dd:4b:92:53:61:53:24:16:5f:b3:87:ca:19:f0:77:11:40:2a:
3b:12:52:9d:42:fd:27:67:bf:d8:a5:9e:1e:c3:0d:f9:8e:c8:
36:96:59:64:9e:81:40:07:af:41:15:53:2c:60:eb:08:99:10:
62:3f:54:81
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZ0vBJdoYKyiYZZi6sG05Wp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwMzI3MTExODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQ2Mzk0YjNiNjQ3Mzg1Njc4YmMzYTNjY2U5YjkxM2JmOTQwMjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7IKGw6C6nsjNaQRGBvyJbcZV/Rjd
F8tUwdgcPOIZwmps0XPkQEumkoMd+Covl5X3hJEDxePzPjqT724FdNhj+wIPTuw3
YzQkmJXmdIEgCVluLn+nvBRCdilc05+m1E6xPcOn99sfqCQOGI/4qzRMz18AmbhK
9GY8AGGtv9ymORHQFOdTwyAQZL69BA+onYdyo/QBYF49XpZdnNMPIaKnvZ+YFA/D
K9ioE4r7wsn5eciGD9WyW1jWo5IDtdMo7jwNvZthh3cJ4C8AI1b4BsMwAwHAxveF
tQRNp2lE73dfhhu7kyfPwDQlfVJGq/mEChK75O5S2wk3IanMk0uc0lfnwQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFJnWOUs7ZHOFZ4vDo8zpuRO/lAIOMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvbWRZNVN6dGtjNFZuaThPanpPbTVFNy1VQWc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4wDAME
AA5mPQMEAA5mPgMEAA5mVAMEAA5mVgMEAC2WtAMEAD6pgAMEAEI4VwMEAGc9xAME
AJ6tpwMEAJ6t8wMEAZ6t9gMEAKegHAMEAKo+7gMEAMD90QMEAMY3HwMEAMu8rzAM
AwQAy7y9AwQGy7yAAwQA1CBHAwQA1CBJAwQA1CBMAwQA1f6jAwQA1f6vMA0GCSqG
SIb3DQEBCwUAA4IBAQCWM27T344Rq9GCcWaAAKe1+mz5YuBOEkjiwbwdkgDrUtpd
5RU/4f7f6MWWnjZOjcbqhZ9b79pC2+2gsbrNFx4wRW4uIS+07ZvTwffBAQFfteeC
3aLXRyq7DxhMehIWf6y6QDEpFab17+SozYMROdoO/5Jf1U4i3oJ+Zr59kGkch4bv
8VmSd4kqeneR+RAd0C8yOKwrw3dIDl/vEg6E6dVVggXPPbUAZ7Twjyt/rKsZO6SG
TSoOya3GvyZag7rPWpA4x4RSj1/dS5JTYVMkFl+zh8oZ8HcRQCo7ElKdQv0nZ7/Y
pZ4eww35jsg2lllknoFAB69BFVMsYOsImRBiP1SB
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:36:38 2026 by rpki-client