Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/mLb62miOlcBmXA17b80DMbN_0Qw.roa
File: mLb62miOlcBmXA17b80DMbN_0Qw.roa (raw, json)
Hash identifier: JJVz2kNPhYwHA9PJI1NVZg4cakz5pR2R+HC0So0Ye1I=
Subject key identifier: 98:B6:FA:DA:68:8E:95:C0:66:5C:0D:7B:6F:CD:03:31:B3:7F:D1:0C
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 019D953DADB81B592E2F0D8558E923C4A73E
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/mLb62miOlcBmXA17b80DMbN_0Qw.roa
Signing time: Thu 16 Apr 2026 07:42:20 +0000
ROA not before: Thu 16 Apr 2026 07:42:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59763
IP address blocks: 79.124.88.0/23 maxlen: 24
79.124.91.0/24 maxlen: 24
79.124.92.0/22 maxlen: 24
82.118.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 16:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:95:3d:ad:b8:1b:59:2e:2f:0d:85:58:e9:23:c4:a7:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Apr 16 07:42:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=98b6fada688e95c0665c0d7b6fcd0331b37fd10c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d6:68:07:01:9c:93:e6:74:73:e2:60:3a:12:
eb:44:b9:74:2c:cd:fd:68:e7:89:a3:ac:89:7a:4d:
14:b4:60:4a:1a:1b:4d:33:2a:69:33:35:cf:87:c6:
81:c9:4c:4e:b5:31:6c:bf:53:40:20:b0:2d:90:5f:
45:52:2b:2a:8b:1e:02:3c:25:0b:c7:01:0d:51:a9:
60:22:3d:6c:8f:ed:c8:8b:3f:28:73:44:5a:5c:71:
8e:1e:f1:8b:f2:af:1f:e8:f5:fa:2e:b5:25:b7:3f:
56:04:d1:6e:9f:e4:42:b7:62:1b:48:e6:63:25:49:
0d:0a:ce:31:e0:2d:ff:83:78:5f:05:bb:30:58:75:
b7:ba:7f:f4:e6:7b:86:ce:ca:c4:78:b8:43:96:f3:
dd:5b:93:8d:09:0f:6d:5b:76:9c:cc:df:ef:42:1b:
e5:b7:36:d3:5e:0e:18:e9:64:58:73:1b:ba:d9:40:
c1:54:8f:1e:3d:a2:5a:9b:6b:ee:e3:99:7d:0b:94:
df:da:c7:4c:c7:52:b4:ae:9c:13:33:79:a7:23:f9:
a6:1a:08:ad:6d:74:a5:07:a8:0b:95:aa:ee:72:c3:
32:d8:ea:c4:cb:70:68:8a:bf:22:85:df:ec:e2:88:
54:f6:de:85:b9:82:d4:23:8e:73:9b:39:f5:88:85:
2f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:B6:FA:DA:68:8E:95:C0:66:5C:0D:7B:6F:CD:03:31:B3:7F:D1:0C
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/mLb62miOlcBmXA17b80DMbN_0Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.124.88.0/23
79.124.91.0-79.124.95.255
82.118.242.0/24
Signature Algorithm: sha256WithRSAEncryption
45:fd:79:88:fb:71:75:4d:e4:04:ab:3a:b0:b1:37:5e:0e:71:
91:4c:fd:13:e1:02:90:98:d6:ac:a8:64:03:11:8a:bd:9e:7f:
99:44:cc:38:cc:31:17:4c:d0:00:54:a9:63:b2:d0:77:4f:fd:
4d:91:84:1c:53:05:9d:5d:1e:df:68:13:da:af:72:d9:5c:cb:
7a:cf:00:78:e9:df:9f:03:e8:d2:1b:10:19:20:1c:6a:64:9e:
04:04:3c:6b:6f:16:61:b8:d2:69:ed:f2:b8:5b:b5:62:dd:2f:
4e:0c:21:0f:e1:ea:5f:12:25:18:61:ba:c8:17:3d:f3:28:2d:
e2:af:4e:67:01:c7:a7:cb:a1:81:d8:a0:05:14:42:36:6c:7d:
43:df:ce:1d:50:1e:4e:f8:50:10:ea:b3:9b:5a:ec:b9:b7:21:
ca:69:40:8c:da:1b:c1:53:23:ef:f4:02:37:5a:7a:a0:72:c6:
e2:c6:47:69:1f:47:1d:17:e6:22:ae:6b:57:2f:42:5c:08:25:
9a:88:e9:9a:32:a0:44:ac:31:5c:95:bf:9f:16:40:7f:b3:d9:
05:40:d3:97:89:36:ab:72:07:c3:d9:f7:fe:29:08:99:b2:00:
b8:51:16:2a:ea:4f:40:81:05:cd:bd:a5:b9:79:d6:e9:60:50:
ec:0d:0b:32
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ2VPa24G1kuLw2FWOkjxKc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjYwNDE2MDc0MjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGI2ZmFkYTY4OGU5NWMwNjY1YzBkN2I2ZmNkMDMzMWIzN2ZkMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNZoBwGck+Z0c+JgOhLrRLl0LM39
aOeJo6yJek0UtGBKGhtNMyppMzXPh8aByUxOtTFsv1NAILAtkF9FUisqix4CPCUL
xwENUalgIj1sj+3Iiz8oc0RaXHGOHvGL8q8f6PX6LrUltz9WBNFun+RCt2IbSOZj
JUkNCs4x4C3/g3hfBbswWHW3un/05nuGzsrEeLhDlvPdW5ONCQ9tW3aczN/vQhvl
tzbTXg4Y6WRYcxu62UDBVI8ePaJam2vu45l9C5Tf2sdMx1K0rpwTM3mnI/mmGgit
bXSlB6gLlarucsMy2OrEy3Boir8ihd/s4ohU9t6FuYLUI45zmzn1iIUvrQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJi2+tpojpXAZlwNe2/NAzGzf9EMMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvbUxiNjJtaU9sY0JtWEExN2I4MERNYk5fMFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBT3xYMAwD
BABPfFsDBAVPfEADBABSdvIwDQYJKoZIhvcNAQELBQADggEBAEX9eYj7cXVN5ASr
OrCxN14OcZFM/RPhApCY1qyoZAMRir2ef5lEzDjMMRdM0ABUqWOy0HdP/U2RhBxT
BZ1dHt9oE9qvctlcy3rPAHjp358D6NIbEBkgHGpkngQEPGtvFmG40mnt8rhbtWLd
L04MIQ/h6l8SJRhhusgXPfMoLeKvTmcBx6fLoYHYoAUUQjZsfUPfzh1QHk74UBDq
s5ta7Lm3IcppQIzaG8FTI+/0AjdaeqByxuLGR2kfRx0X5iKua1cvQlwIJZqI6Zoy
oESsMVyVv58WQH+z2QVA05eJNqtyB8PZ9/4pCJmyALhRFirqT0CBBc29pbl51ulg
UOwNCzI=
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:19:40 2026 by rpki-client