Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MofNg4wPsDvPEM_zA-BRSDR_dws.roa
File: MofNg4wPsDvPEM_zA-BRSDR_dws.roa (raw, json)
Hash identifier: sGFd9QcM1Qe8UvYZsEvzan9NbEfrDrPMbjJPzTETxTw=
Subject key identifier: 32:87:CD:83:8C:0F:B0:3B:CF:10:CF:F3:03:E0:51:48:34:7F:77:0B
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019C63BCA5E66746DC9FD9A1A646F1FE8EAD
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MofNg4wPsDvPEM_zA-BRSDR_dws.roa
Signing time: Sun 15 Feb 2026 23:57:13 +0000
ROA not before: Sun 15 Feb 2026 23:57:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5511
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
185.227.240.0/24 maxlen: 32
185.227.241.0/24 maxlen: 32
185.227.242.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:63:bc:a5:e6:67:46:dc:9f:d9:a1:a6:46:f1:fe:8e:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Feb 15 23:57:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3287cd838c0fb03bcf10cff303e05148347f770b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0f:0e:40:45:b7:1e:89:1f:8b:b0:94:b4:f5:
79:b6:48:78:50:e9:fa:a5:bf:bc:1e:f2:d9:18:1f:
11:fb:22:42:32:86:a4:37:67:53:e6:c5:70:c3:18:
45:13:2a:fb:1d:bd:22:7a:38:33:d3:23:e5:42:17:
09:a1:c0:18:05:a0:e6:9a:e2:4b:bf:0e:85:bd:b9:
26:4e:05:4a:65:1b:41:fd:bf:4e:a6:ff:e8:45:a1:
79:2e:39:3d:67:62:ca:21:9c:d9:a9:3d:90:93:3e:
50:de:eb:60:7a:d9:40:82:9a:0e:5a:87:d3:73:82:
5a:60:31:c9:6b:40:69:fb:b5:36:fe:4e:68:f9:85:
b0:f6:88:a7:d8:df:66:19:eb:13:25:b2:60:da:63:
45:bf:9c:db:b9:d8:74:44:7a:39:74:5f:2c:65:17:
03:6d:3b:e4:da:d5:42:8f:f1:f2:b7:1b:44:9f:4e:
77:c6:47:80:21:79:70:04:e2:83:7b:20:4b:ac:28:
f8:aa:c3:c8:d4:41:91:29:cb:d6:27:9e:89:a4:d5:
22:fb:bb:3c:c8:4a:68:12:c6:3e:b8:f8:00:9b:7f:
68:1e:af:f3:65:30:74:3f:c9:a2:4f:e9:5a:e2:41:
f6:9f:61:42:f9:d6:5a:d6:c4:51:98:80:fa:78:d9:
2a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:87:CD:83:8C:0F:B0:3B:CF:10:CF:F3:03:E0:51:48:34:7F:77:0B
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/MofNg4wPsDvPEM_zA-BRSDR_dws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/24
45.136.2.0/23
128.0.119.0/24
185.117.23.0/24
185.211.48.0-185.211.50.255
185.227.240.0/22
193.201.209.0-193.201.211.255
194.36.102.0/23
194.124.64.0/24
194.124.66.0/23
195.85.68.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:a0:ad:66:14:94:93:4e:8d:ee:76:1d:5e:04:0e:bd:21:2b:
6e:15:89:42:06:6e:67:77:b0:a3:50:df:c0:b9:dc:fb:9e:72:
67:69:cd:04:fb:94:47:fc:43:3e:de:7a:4d:b5:ea:ed:c5:9e:
6d:9b:34:a4:ee:f7:f1:56:e0:4e:2c:5c:42:5c:7d:a4:2c:db:
7c:e3:26:13:39:5c:6c:c5:06:1a:b0:30:bc:b8:c6:14:52:e9:
9f:f5:2d:43:e9:22:cd:8a:3f:b1:8a:2c:a9:c8:48:0a:16:b5:
93:65:81:3d:5e:6b:41:e2:f1:56:89:7e:76:65:47:5f:44:3b:
c1:25:24:52:c2:e1:2e:e7:15:76:84:c4:3f:a5:c6:91:da:2f:
5f:ba:35:f7:1e:78:f4:4c:6f:97:c8:6a:d0:b2:b1:b2:6b:f5:
ca:53:aa:a5:55:7f:c4:5c:0b:b6:2a:79:bb:72:40:f5:4a:7c:
5f:e4:9f:97:01:02:40:0b:1a:3b:3b:85:5a:e4:73:eb:e1:ea:
cf:c4:18:00:5f:8d:1b:cd:26:a3:d5:ad:aa:a9:64:bc:9b:4b:
bf:c1:16:eb:54:e4:d2:97:b2:13:64:5f:c2:66:d0:0e:c4:83:
54:ec:f7:97:f4:75:9f:97:e2:6f:b6:06:37:73:30:ca:29:34:
0c:12:93:65
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZxjvKXmZ0bcn9mhpkbx/o6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjYwMjE1MjM1NzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjg3Y2Q4MzhjMGZiMDNiY2YxMGNmZjMwM2UwNTE0ODM0N2Y3NzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsA8OQEW3Hokfi7CUtPV5tkh4UOn6
pb+8HvLZGB8R+yJCMoakN2dT5sVwwxhFEyr7Hb0iejgz0yPlQhcJocAYBaDmmuJL
vw6FvbkmTgVKZRtB/b9Opv/oRaF5Ljk9Z2LKIZzZqT2Qkz5Q3utgetlAgpoOWofT
c4JaYDHJa0Bp+7U2/k5o+YWw9oin2N9mGesTJbJg2mNFv5zbudh0RHo5dF8sZRcD
bTvk2tVCj/HytxtEn053xkeAIXlwBOKDeyBLrCj4qsPI1EGRKcvWJ56JpNUi+7s8
yEpoEsY+uPgAm39oHq/zZTB0P8miT+la4kH2n2FC+dZa1sRRmID6eNkqXwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFDKHzYOMD7A7zxDP8wPgUUg0f3cLMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvTW9mTmc0d1BzRHZQRU1fekEtQlJTRFJfZHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQALYgAAwQB
LYgCAwQAgAB3AwQAuXUXMAwDBAS50zADBAC50zIDBAK54/AwDAMEAMHJ0QMEAsHJ
0AMEAcIkZgMEAMJ8QAMEAcJ8QgMEAMNVRDANBgkqhkiG9w0BAQsFAAOCAQEAPKCt
ZhSUk06N7nYdXgQOvSErbhWJQgZuZ3ewo1DfwLnc+55yZ2nNBPuUR/xDPt56TbXq
7cWebZs0pO738VbgTixcQlx9pCzbfOMmEzlcbMUGGrAwvLjGFFLpn/UtQ+kizYo/
sYosqchICha1k2WBPV5rQeLxVol+dmVHX0Q7wSUkUsLhLucVdoTEP6XGkdovX7o1
9x549Exvl8hq0LKxsmv1ylOqpVV/xFwLtip5u3JA9Up8X+SflwECQAsaOzuFWuRz
6+Hqz8QYAF+NG80mo9WtqqlkvJtLv8EW61Tk0peyE2RfwmbQDsSDVOz3l/R1n5fi
b7YGN3Mwyik0DBKTZQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:05:53 2026 by rpki-client