Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mABcrs9FblDGzEalDK2YOItidt8.roa
File: mABcrs9FblDGzEalDK2YOItidt8.roa (raw, json)
Hash identifier: Xv28kswuEga9eK7I4vSocGSlX6M7h4HWv2G4ZfF2/ck=
Subject key identifier: 98:00:5C:AE:CF:45:6E:50:C6:CC:46:A5:0C:AD:98:38:8B:62:76:DF
Certificate issuer: /CN=993900f66e70b2fffd9c0ce92602f2f45c659961
Certificate serial: 019C9C8FAA50D7F915B573766E4608DA79D7
Authority key identifier: 99:39:00:F6:6E:70:B2:FF:FD:9C:0C:E9:26:02:F2:F4:5C:65:99:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mABcrs9FblDGzEalDK2YOItidt8.roa
Signing time: Fri 27 Feb 2026 00:46:26 +0000
ROA not before: Fri 27 Feb 2026 00:46:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34718
IP address blocks: 62.209.128.0/19 maxlen: 19
80.80.208.0/20 maxlen: 20
80.80.208.0/23 maxlen: 23
80.80.210.0/24 maxlen: 24
80.80.211.0/24 maxlen: 24
80.80.212.0/22 maxlen: 22
80.80.216.0/21 maxlen: 21
89.236.192.0/18 maxlen: 18
94.141.64.0/19 maxlen: 19
94.141.64.0/24 maxlen: 24
94.141.70.0/24 maxlen: 24
94.141.80.0/24 maxlen: 24
94.141.82.0/24 maxlen: 24
94.141.83.0/24 maxlen: 24
94.141.84.0/24 maxlen: 24
94.141.85.0/24 maxlen: 24
94.141.86.0/24 maxlen: 24
94.141.89.0/24 maxlen: 24
94.141.95.0/24 maxlen: 24
185.6.40.0/22 maxlen: 22
185.248.44.0/22 maxlen: 22
194.55.92.0/22 maxlen: 22
217.30.164.0/22 maxlen: 22
217.30.168.0/24 maxlen: 24
217.30.174.0/24 maxlen: 24
2a02:f10::/29 maxlen: 29
2a03:540::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mTkA9m5wsv_9nAzpJgLy9FxlmWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mTkA9m5wsv_9nAzpJgLy9FxlmWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9c:8f:aa:50:d7:f9:15:b5:73:76:6e:46:08:da:79:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=993900f66e70b2fffd9c0ce92602f2f45c659961
Validity
Not Before: Feb 27 00:46:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=98005caecf456e50c6cc46a50cad98388b6276df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c2:70:38:85:3f:e7:71:71:73:d0:92:14:4a:
a1:82:4e:b2:37:2f:17:7c:e7:60:0b:25:dc:fa:55:
6d:06:3e:3c:ef:f9:41:37:8d:d3:54:a0:dc:cd:fa:
75:8e:e3:44:81:af:cf:53:c5:36:e1:ef:ef:0d:ba:
70:79:da:68:ad:36:36:b3:5c:64:dc:09:8a:6e:e5:
b3:6e:d4:63:f9:7d:e8:bf:30:2c:4b:37:9d:59:8b:
ed:33:bd:ab:24:5a:33:84:8c:e9:92:b8:7e:0c:1b:
46:1e:6a:b5:e3:3f:b5:97:9b:59:7b:5b:7b:b2:fc:
55:b8:9c:7d:e4:19:02:6f:3f:df:03:e3:cd:8a:b3:
ae:39:97:bf:85:7a:7a:5b:cd:93:fd:a0:98:e2:82:
b8:17:99:cd:17:0f:b6:9e:14:f7:7c:2d:ce:b6:e1:
82:66:ab:d1:11:d3:92:9e:87:c3:21:95:e2:24:26:
08:82:e8:1e:26:70:80:a3:3c:c1:45:d3:30:93:96:
17:cd:f7:73:ea:73:16:10:96:07:8f:d8:04:9e:0b:
31:fd:62:33:29:ab:4c:be:34:11:49:a0:aa:a8:df:
7b:cd:14:19:8d:cd:1c:95:cf:29:1c:61:f1:70:7f:
33:1b:b7:ad:37:7f:84:a0:09:ab:d4:3c:b2:69:78:
ad:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:00:5C:AE:CF:45:6E:50:C6:CC:46:A5:0C:AD:98:38:8B:62:76:DF
X509v3 Authority Key Identifier:
keyid:99:39:00:F6:6E:70:B2:FF:FD:9C:0C:E9:26:02:F2:F4:5C:65:99:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mABcrs9FblDGzEalDK2YOItidt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mTkA9m5wsv_9nAzpJgLy9FxlmWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.209.128.0/19
80.80.208.0/20
89.236.192.0/18
94.141.64.0/19
185.6.40.0/22
185.248.44.0/22
194.55.92.0/22
217.30.164.0-217.30.168.255
217.30.174.0/24
IPv6:
2a02:f10::/29
2a03:540::/32
Signature Algorithm: sha256WithRSAEncryption
a0:48:e6:5f:bf:4b:2e:e5:d9:fd:09:4c:5d:f4:10:34:bb:86:
ed:5a:ab:6d:78:7e:5c:81:a7:72:bc:a9:71:09:38:99:14:28:
a4:8e:6e:89:9b:38:03:27:c9:4a:8a:04:c2:a4:5a:2c:9b:24:
a0:84:6b:17:73:7b:d1:30:a8:4f:99:43:c8:56:80:49:2b:0b:
c8:d6:16:76:ec:0f:60:8f:dc:5c:d3:12:c0:d4:2d:20:c8:d6:
39:c1:39:1c:8e:62:fb:08:10:97:b7:0c:aa:ad:a8:03:90:a7:
b8:be:7c:4e:28:73:7b:3e:3f:0a:fa:c5:aa:be:09:db:47:94:
02:9e:dd:3a:24:86:81:fb:eb:43:ca:b2:61:3a:82:58:86:49:
c8:82:f5:84:44:f3:e8:6b:7e:e4:c5:6d:02:a4:cd:5b:70:86:
42:22:c8:d2:fb:cf:78:22:dc:11:a6:f7:e2:fc:58:86:9d:52:
64:f6:c8:cb:b4:64:d2:24:d2:27:4c:36:bc:b1:1d:ff:0d:69:
fb:92:8b:98:52:b5:f5:42:2f:38:13:b1:b2:67:03:33:9b:a0:
c8:79:80:f9:3e:4f:3a:94:2c:c2:2c:62:34:75:17:e2:fb:b1:
99:fb:a3:a3:2c:09:81:b6:12:f7:37:65:9f:0b:6a:ff:b0:4b:
40:92:5b:ee
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZycj6pQ1/kVtXN2bkYI2nnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzkwMGY2NmU3MGIyZmZmZDljMGNlOTI2MDJmMmY0NWM2
NTk5NjEwHhcNMjYwMjI3MDA0NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODAwNWNhZWNmNDU2ZTUwYzZjYzQ2YTUwY2FkOTgzODhiNjI3NmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcJwOIU/53Fxc9CSFEqhgk6yNy8X
fOdgCyXc+lVtBj487/lBN43TVKDczfp1juNEga/PU8U24e/vDbpwedporTY2s1xk
3AmKbuWzbtRj+X3ovzAsSzedWYvtM72rJFozhIzpkrh+DBtGHmq14z+1l5tZe1t7
svxVuJx95BkCbz/fA+PNirOuOZe/hXp6W82T/aCY4oK4F5nNFw+2nhT3fC3OtuGC
ZqvREdOSnofDIZXiJCYIgugeJnCAozzBRdMwk5YXzfdz6nMWEJYHj9gEngsx/WIz
KatMvjQRSaCqqN97zRQZjc0clc8pHGHxcH8zG7etN3+EoAmr1DyyaXitoQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJgAXK7PRW5QxsxGpQytmDiLYnbfMB8GA1UdIwQY
MBaAFJk5APZucLL//ZwM6SYC8vRcZZlhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRrQTltNXdzdl85bkF6cEpnTHk5RnhsbVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jMWNmNmYtNTRjZC00MzRhLTgzN2Qt
ZGVmNmVmYjQ0MzE5LzEvbUFCY3JzOUZibERHekVhbERLMllPSXRpZHQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jMWNmNmYtNTRjZC00MzRhLTgzN2QtZGVmNmVmYjQ0MzE5
LzEvbVRrQTltNXdzdl85bkF6cEpnTHk5RnhsbVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQFPtGAAwQE
UFDQAwQGWezAAwQFXo1AAwQCuQYoAwQCufgsAwQCwjdcMAwDBALZHqQDBADZHqgD
BADZHq4wFAQCAAIwDgMFAyoCDxADBQAqAwVAMA0GCSqGSIb3DQEBCwUAA4IBAQCg
SOZfv0su5dn9CUxd9BA0u4btWqtteH5cgadyvKlxCTiZFCikjm6JmzgDJ8lKigTC
pFosmySghGsXc3vRMKhPmUPIVoBJKwvI1hZ27A9gj9xc0xLA1C0gyNY5wTkcjmL7
CBCXtwyqragDkKe4vnxOKHN7Pj8K+sWqvgnbR5QCnt06JIaB++tDyrJhOoJYhknI
gvWERPPoa37kxW0CpM1bcIZCIsjS+894ItwRpvfi/FiGnVJk9sjLtGTSJNInTDa8
sR3/DWn7kouYUrX1Qi84E7GyZwMzm6DIeYD5Pk86lCzCLGI0dRfi+7GZ+6OjLAmB
thL3N2WfC2r/sEtAklvu
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:35:35 2026 by rpki-client