Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/mEdwgIPRh23OxSoHlQNJuRMghjc.roa
File: mEdwgIPRh23OxSoHlQNJuRMghjc.roa (raw, json)
Hash identifier: F8DBsuD0LXSZtLRp2HPMhvbe4OQSD53Wc5fBou6rnO4=
Subject key identifier: 98:47:70:80:83:D1:87:6D:CE:C5:2A:07:95:03:49:B9:13:20:86:37
Certificate issuer: /CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Certificate serial: 019C08D711E89E56289BA28773F6195B7B89
Authority key identifier: 0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/mEdwgIPRh23OxSoHlQNJuRMghjc.roa
Signing time: Thu 29 Jan 2026 08:20:38 +0000
ROA not before: Thu 29 Jan 2026 08:20:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12312
IP address blocks: 62.26.0.0/15 maxlen: 23
62.144.0.0/19 maxlen: 19
62.144.64.0/19 maxlen: 19
62.144.96.0/19 maxlen: 19
62.144.128.0/17 maxlen: 17
62.246.0.0/16 maxlen: 16
79.140.176.0/20 maxlen: 20
80.83.96.0/20 maxlen: 20
185.210.52.0/23 maxlen: 23
194.112.16.0/22 maxlen: 22
194.112.24.0/21 maxlen: 21
195.52.0.0/16 maxlen: 23
195.63.32.0/19 maxlen: 19
195.63.64.0/18 maxlen: 18
195.78.160.0/19 maxlen: 19
195.185.0.0/16 maxlen: 16
212.172.0.0/16 maxlen: 16
2001:4090::/32 maxlen: 32
2001:4091::/32 maxlen: 32
2a01:5c8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:08:d7:11:e8:9e:56:28:9b:a2:87:73:f6:19:5b:7b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a1d72ac0826e09bc0d17ddee8ba87d9731dd413
Validity
Not Before: Jan 29 08:20:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9847708083d1876dcec52a07950349b913208637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:66:db:bf:cd:52:29:d9:d3:18:0d:cb:6a:27:
f7:c2:b1:b0:a4:9c:47:e4:e4:96:29:12:99:cf:70:
20:38:5c:a2:32:36:47:ca:ef:97:ec:f0:28:e4:0e:
2b:58:00:3d:72:e3:01:f8:7e:bd:72:3f:f0:0d:f6:
a5:c8:c0:91:c4:9d:4d:01:5f:09:44:fe:8b:67:23:
30:95:64:19:40:7c:4e:ad:e2:e6:38:59:90:ab:e3:
8a:f6:e6:d8:bd:ea:d0:17:e4:a3:41:18:87:47:87:
44:23:bc:05:70:68:65:6b:f6:6a:6d:a7:bc:2b:d4:
af:90:56:f9:10:e0:a2:fc:df:0d:75:b9:12:4a:ef:
bd:c7:d3:7f:2b:47:97:93:1e:b9:1c:ff:74:da:a4:
59:63:a1:b5:0c:6d:70:9d:82:87:ee:e1:d2:50:a4:
01:9e:46:e7:1a:fa:aa:ba:05:e2:02:45:43:c8:92:
b5:64:84:38:d1:e0:07:39:55:ee:bb:cb:85:49:c8:
54:14:9d:bb:21:74:65:e6:46:fd:f6:2a:6e:80:f4:
77:a7:94:10:6b:24:c9:af:8e:7e:a7:71:13:99:96:
0c:f7:19:db:98:22:32:b8:b6:1c:ce:c2:d1:8b:68:
a3:63:1e:07:fb:fa:e8:37:c6:0e:f9:36:f9:22:26:
b4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:47:70:80:83:D1:87:6D:CE:C5:2A:07:95:03:49:B9:13:20:86:37
X509v3 Authority Key Identifier:
keyid:0A:1D:72:AC:08:26:E0:9B:C0:D1:7D:DE:E8:BA:87:D9:73:1D:D4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/mEdwgIPRh23OxSoHlQNJuRMghjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/6341da-2b34-4d45-9c17-958112a489a4/1/Ch1yrAgm4JvA0X3e6LqH2XMd1BM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.26.0.0/15
62.144.0.0/19
62.144.64.0-62.144.255.255
62.246.0.0/16
79.140.176.0/20
80.83.96.0/20
185.210.52.0/23
194.112.16.0/22
194.112.24.0/21
195.52.0.0/16
195.63.32.0-195.63.127.255
195.78.160.0/19
195.185.0.0/16
212.172.0.0/16
IPv6:
2001:4090::/31
2a01:5c8::/32
Signature Algorithm: sha256WithRSAEncryption
4c:ff:64:01:30:d6:bc:cc:57:d5:23:16:e6:2e:e3:9e:b0:b1:
01:82:8f:1e:54:ae:86:60:de:3b:b3:ab:a8:95:82:03:50:bc:
a0:ff:58:d6:2e:e5:fc:58:eb:cc:32:43:42:18:7f:f2:c6:b2:
73:21:46:4f:9d:fb:2d:61:65:db:7c:03:06:5f:34:96:68:7d:
e2:6d:69:80:99:31:c0:61:6d:42:ff:e7:71:cc:0c:1e:72:ab:
73:5c:16:fc:45:71:ea:5f:0c:41:87:46:8f:93:8b:b9:fe:49:
33:6e:fa:24:08:87:5d:5b:50:cf:2d:d0:17:dc:dd:9b:ae:87:
98:30:6f:07:9d:bd:a0:1a:98:e6:a1:59:f7:32:44:2e:7d:60:
e7:ad:0b:45:81:59:65:a0:30:b5:d9:98:ff:fd:4f:45:c8:01:
44:52:01:8b:70:b3:92:fe:e2:c6:8d:d1:50:74:d6:56:5f:1d:
9f:fa:56:ab:0f:35:b1:2e:a9:fe:ee:04:60:86:c3:72:83:49:
b5:98:13:c2:bf:96:27:8d:12:ed:61:bf:11:70:2d:01:be:e5:
9d:02:21:11:17:2c:d0:f5:aa:92:47:b6:b8:f4:ef:10:2e:36:
cb:6e:21:d5:87:13:1b:2d:32:19:b6:4f:39:99:22:49:56:94:
79:52:32:a7
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZwI1xHonlYom6KHc/YZW3uJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMWQ3MmFjMDgyNmUwOWJjMGQxN2RkZWU4YmE4N2Q5NzMx
ZGQ0MTMwHhcNMjYwMTI5MDgyMDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODQ3NzA4MDgzZDE4NzZkY2VjNTJhMDc5NTAzNDliOTEzMjA4NjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWbbv81SKdnTGA3Laif3wrGwpJxH
5OSWKRKZz3AgOFyiMjZHyu+X7PAo5A4rWAA9cuMB+H69cj/wDfalyMCRxJ1NAV8J
RP6LZyMwlWQZQHxOreLmOFmQq+OK9ubYverQF+SjQRiHR4dEI7wFcGhla/Zqbae8
K9SvkFb5EOCi/N8NdbkSSu+9x9N/K0eXkx65HP902qRZY6G1DG1wnYKH7uHSUKQB
nkbnGvqqugXiAkVDyJK1ZIQ40eAHOVXuu8uFSchUFJ27IXRl5kb99ipugPR3p5QQ
ayTJr45+p3ETmZYM9xnbmCIyuLYczsLRi2ijYx4H+/roN8YO+Tb5Iia0ZwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFJhHcICD0YdtzsUqB5UDSbkTIIY3MB8GA1UdIwQY
MBaAFAodcqwIJuCbwNF93ui6h9lzHdQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTct
OTU4MTEyYTQ4OWE0LzEvbUVkd2dJUFJoMjNPeFNvSGxRTkp1Uk1naGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82MzQxZGEtMmIzNC00ZDQ1LTljMTctOTU4MTEyYTQ4OWE0
LzEvQ2gxeXJBZ200SnZBMFgzZTZMcUgyWE1kMUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwZAQCAAEwXgMDAT4aAwQF
PpAAMAsDBAY+kEADAwA+kAMDAD72AwQET4ywAwQEUFNgAwQBudI0AwQCwnAQAwQD
wnAYAwMAwzQwDAMEBcM/IAMEB8M/AAMEBcNOoAMDAMO5AwMA1KwwFAQCAAIwDgMF
ASABQJADBQAqAQXIMA0GCSqGSIb3DQEBCwUAA4IBAQBM/2QBMNa8zFfVIxbmLuOe
sLEBgo8eVK6GYN47s6uolYIDULyg/1jWLuX8WOvMMkNCGH/yxrJzIUZPnfstYWXb
fAMGXzSWaH3ibWmAmTHAYW1C/+dxzAwecqtzXBb8RXHqXwxBh0aPk4u5/kkzbvok
CIddW1DPLdAX3N2broeYMG8Hnb2gGpjmoVn3MkQufWDnrQtFgVlloDC12Zj//U9F
yAFEUgGLcLOS/uLGjdFQdNZWXx2f+larDzWxLqn+7gRghsNyg0m1mBPCv5YnjRLt
Yb8RcC0BvuWdAiERFyzQ9aqSR7a49O8QLjbLbiHVhxMbLTIZtk85mSJJVpR5UjKn
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:19:44 2026 by rpki-client