Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/13b2a5-c045-490b-8af6-88c21e43cd1e/1/mpCz2Btceh8obeRlP3H4XUjWsec.roa
File: mpCz2Btceh8obeRlP3H4XUjWsec.roa (raw, json)
Hash identifier: nf7Yud3TW51o07Q7utOXvAePNCDCzrMuynSmG/Ni9pg=
Subject key identifier: 9A:90:B3:D8:1B:5C:7A:1F:28:6D:E4:65:3F:71:F8:5D:48:D6:B1:E7
Certificate issuer: /CN=57537938613d5268e83f4800130f1f9d569f7850
Certificate serial: 019C9F18CD28264191D6AAB5E7D80768646E
Authority key identifier: 57:53:79:38:61:3D:52:68:E8:3F:48:00:13:0F:1F:9D:56:9F:78:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1N5OGE9UmjoP0gAEw8fnVafeFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/13b2a5-c045-490b-8af6-88c21e43cd1e/1/mpCz2Btceh8obeRlP3H4XUjWsec.roa
Signing time: Fri 27 Feb 2026 12:35:28 +0000
ROA not before: Fri 27 Feb 2026 12:35:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39287
IP address blocks: 45.142.140.0/22 maxlen: 22
45.158.116.0/22 maxlen: 22
80.78.16.0/20 maxlen: 20
95.215.16.0/22 maxlen: 22
185.193.125.0/24 maxlen: 24
185.193.126.0/23 maxlen: 23
195.14.20.0/24 maxlen: 24
2001:67c:2354::/48 maxlen: 48
2001:67c:2358::/48 maxlen: 48
2a02:6f8::/32 maxlen: 32
2a0a:3840::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/13b2a5-c045-490b-8af6-88c21e43cd1e/1/V1N5OGE9UmjoP0gAEw8fnVafeFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/13b2a5-c045-490b-8af6-88c21e43cd1e/1/V1N5OGE9UmjoP0gAEw8fnVafeFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/V1N5OGE9UmjoP0gAEw8fnVafeFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9f:18:cd:28:26:41:91:d6:aa:b5:e7:d8:07:68:64:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57537938613d5268e83f4800130f1f9d569f7850
Validity
Not Before: Feb 27 12:35:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a90b3d81b5c7a1f286de4653f71f85d48d6b1e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:2d:e7:5c:52:b6:ba:c8:b8:ff:30:11:4a:bd:
7d:fe:40:9f:4d:94:0c:8d:40:f0:fc:b6:3d:59:d0:
1f:1f:3f:29:d7:ec:66:23:b7:ef:f7:22:33:7d:41:
e5:66:26:a8:71:bc:f1:c3:a6:42:29:88:1e:eb:05:
29:88:71:15:8c:d5:6d:5b:f8:16:36:32:f1:de:dd:
9d:46:e0:5e:6a:ee:8d:8f:04:71:fd:f0:5f:18:ec:
67:b4:28:92:d4:5f:99:04:f0:8a:3e:b6:95:f4:3c:
b6:62:80:af:fc:13:00:7c:15:2f:8a:b2:b7:5f:06:
20:a9:8d:7f:3d:45:95:4c:25:a2:e5:89:fb:f8:85:
77:f7:a5:e8:41:01:64:44:d6:27:d1:70:42:0d:33:
bf:31:68:6d:e4:a1:74:e1:2f:42:61:45:f6:b7:04:
f9:6c:5c:17:32:a5:df:14:5a:e9:37:65:b4:b3:ca:
eb:80:3c:0c:45:32:ba:fa:cc:fb:a9:a3:c3:d5:95:
3e:6b:72:3d:9d:22:5a:0d:b2:ba:62:1e:db:ec:6c:
79:20:47:a4:f1:df:24:06:b3:fa:e4:1c:c0:51:8a:
f9:29:48:77:eb:b4:1f:07:61:a9:5a:55:ff:a6:99:
e3:49:7a:7a:c1:3c:8b:3a:cc:4f:24:82:d4:b8:46:
75:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:90:B3:D8:1B:5C:7A:1F:28:6D:E4:65:3F:71:F8:5D:48:D6:B1:E7
X509v3 Authority Key Identifier:
keyid:57:53:79:38:61:3D:52:68:E8:3F:48:00:13:0F:1F:9D:56:9F:78:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1N5OGE9UmjoP0gAEw8fnVafeFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/13b2a5-c045-490b-8af6-88c21e43cd1e/1/mpCz2Btceh8obeRlP3H4XUjWsec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/13b2a5-c045-490b-8af6-88c21e43cd1e/1/V1N5OGE9UmjoP0gAEw8fnVafeFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.140.0/22
45.158.116.0/22
80.78.16.0/20
95.215.16.0/22
185.193.125.0-185.193.127.255
195.14.20.0/24
IPv6:
2001:67c:2354::/48
2001:67c:2358::/48
2a02:6f8::/32
2a0a:3840::/29
Signature Algorithm: sha256WithRSAEncryption
3c:1a:97:96:34:83:cf:98:85:db:cc:a6:b9:69:c0:c9:b7:a2:
f1:63:ee:1d:1e:86:be:a9:31:a0:ab:ba:36:47:69:dc:ae:3f:
98:5c:b4:06:8e:5c:5e:e6:b6:d1:3a:3c:0c:5b:6c:42:6f:9d:
fb:96:a3:dc:54:6d:9d:db:eb:22:5f:83:12:d3:2e:53:ed:45:
73:90:db:f7:44:b2:c2:45:b2:35:cb:b9:ae:7a:7c:2c:a4:dc:
44:12:30:2d:6c:fd:39:14:4c:80:c4:ca:d0:6c:67:6d:63:e4:
0b:4d:af:08:39:28:eb:3b:b9:20:53:18:ac:6d:36:18:f3:b6:
f1:1e:13:32:a4:28:4f:17:e9:bd:a4:48:94:34:40:b2:b8:90:
a0:64:50:aa:ef:c5:4e:1b:e7:4b:3a:5c:44:a7:dc:1c:97:53:
6c:56:9b:68:59:4c:5f:9d:a2:ed:c8:dd:7b:cb:db:43:d4:3e:
b7:77:72:50:f9:e1:df:5d:82:1b:78:fd:de:d3:2e:db:c4:3b:
44:b7:8a:b3:01:34:47:4c:11:10:6f:8e:00:f4:25:1a:5f:15:
34:6e:ac:ee:ff:f0:e5:52:2d:b5:cb:f0:ec:46:43:e5:f4:67:
10:0a:1c:13:8a:b2:32:97:14:63:df:05:78:3e:6c:1d:7a:e1:
20:86:74:6a
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZyfGM0oJkGR1qq159gHaGRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTM3OTM4NjEzZDUyNjhlODNmNDgwMDEzMGYxZjlkNTY5
Zjc4NTAwHhcNMjYwMjI3MTIzNTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTkwYjNkODFiNWM3YTFmMjg2ZGU0NjUzZjcxZjg1ZDQ4ZDZiMWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8y3nXFK2usi4/zARSr19/kCfTZQM
jUDw/LY9WdAfHz8p1+xmI7fv9yIzfUHlZiaocbzxw6ZCKYge6wUpiHEVjNVtW/gW
NjLx3t2dRuBeau6NjwRx/fBfGOxntCiS1F+ZBPCKPraV9Dy2YoCv/BMAfBUvirK3
XwYgqY1/PUWVTCWi5Yn7+IV396XoQQFkRNYn0XBCDTO/MWht5KF04S9CYUX2twT5
bFwXMqXfFFrpN2W0s8rrgDwMRTK6+sz7qaPD1ZU+a3I9nSJaDbK6Yh7b7Gx5IEek
8d8kBrP65BzAUYr5KUh367QfB2GpWlX/ppnjSXp6wTyLOsxPJILUuEZ1CwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJqQs9gbXHofKG3kZT9x+F1I1rHnMB8GA1UdIwQY
MBaAFFdTeThhPVJo6D9IABMPH51Wn3hQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFONU9HRTlVbWpvUDBnQUV3OGZuVmFmZUZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8xM2IyYTUtYzA0NS00OTBiLThhZjYt
ODhjMjFlNDNjZDFlLzEvbXBDejJCdGNlaDhvYmVSbFAzSDRYVWpXc2VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8xM2IyYTUtYzA0NS00OTBiLThhZjYtODhjMjFlNDNjZDFl
LzEvVjFONU9HRTlVbWpvUDBnQUV3OGZuVmFmZUZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDAyBAIAATAsAwQCLY6MAwQC
LZ50AwQEUE4QAwQCX9cQMAwDBAC5wX0DBAe5wQADBADDDhQwJgQCAAIwIAMHACAB
BnwjVAMHACABBnwjWAMFACoCBvgDBQMqCjhAMA0GCSqGSIb3DQEBCwUAA4IBAQA8
GpeWNIPPmIXbzKa5acDJt6LxY+4dHoa+qTGgq7o2R2ncrj+YXLQGjlxe5rbROjwM
W2xCb537lqPcVG2d2+siX4MS0y5T7UVzkNv3RLLCRbI1y7muenwspNxEEjAtbP05
FEyAxMrQbGdtY+QLTa8IOSjrO7kgUxisbTYY87bxHhMypChPF+m9pEiUNECyuJCg
ZFCq78VOG+dLOlxEp9wcl1NsVptoWUxfnaLtyN17y9tD1D63d3JQ+eHfXYIbeP3e
0y7bxDtEt4qzATRHTBEQb44A9CUaXxU0bqzu//DlUi21y/DsRkPl9GcQChwTirIy
lxRj3wV4PmwdeuEghnRq
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:34:44 2026 by rpki-client