Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/mcenyxUjxHM8AsRaChHWMUaGsHc.roa
File: mcenyxUjxHM8AsRaChHWMUaGsHc.roa (raw, json)
Hash identifier: ApxGpNNKbLb9ACLT7H1CuetY3/0kMwFumfrTvHL0F8I=
Subject key identifier: 99:C7:A7:CB:15:23:C4:73:3C:02:C4:5A:0A:11:D6:31:46:86:B0:77
Certificate issuer: /CN=5949b31ebb6e4cbbd0cc770cc6f4d50f78f0eb7b
Certificate serial: 019C421587DD507D8419C6DDB5A79E758E85
Authority key identifier: 59:49:B3:1E:BB:6E:4C:BB:D0:CC:77:0C:C6:F4:D5:0F:78:F0:EB:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WUmzHrtuTLvQzHcMxvTVD3jw63s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/mcenyxUjxHM8AsRaChHWMUaGsHc.roa
Signing time: Mon 09 Feb 2026 11:07:13 +0000
ROA not before: Mon 09 Feb 2026 11:07:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16236
IP address blocks: 151.88.0.0/16 maxlen: 16
151.88.22.0/24 maxlen: 24
151.88.40.0/24 maxlen: 24
151.88.41.0/24 maxlen: 24
151.88.54.0/24 maxlen: 24
151.88.55.0/24 maxlen: 24
151.88.109.0/24 maxlen: 24
151.88.176.0/24 maxlen: 24
151.91.0.0/16 maxlen: 16
151.91.35.0/24 maxlen: 24
151.91.38.0/24 maxlen: 24
151.92.0.0/16 maxlen: 16
151.92.2.0/24 maxlen: 24
151.92.4.0/24 maxlen: 24
151.92.12.0/24 maxlen: 24
151.92.83.0/24 maxlen: 24
151.92.154.0/24 maxlen: 24
151.92.155.0/24 maxlen: 24
151.92.158.0/24 maxlen: 24
151.92.166.0/24 maxlen: 24
151.92.198.0/24 maxlen: 24
194.104.188.0/24 maxlen: 24
194.104.189.0/24 maxlen: 24
194.104.190.0/24 maxlen: 24
194.104.191.0/24 maxlen: 24
2a00:ec20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/WUmzHrtuTLvQzHcMxvTVD3jw63s.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/WUmzHrtuTLvQzHcMxvTVD3jw63s.mft
rsync://rpki.ripe.net/repository/DEFAULT/WUmzHrtuTLvQzHcMxvTVD3jw63s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 02:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:42:15:87:dd:50:7d:84:19:c6:dd:b5:a7:9e:75:8e:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5949b31ebb6e4cbbd0cc770cc6f4d50f78f0eb7b
Validity
Not Before: Feb 9 11:07:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=99c7a7cb1523c4733c02c45a0a11d6314686b077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:07:75:bc:cf:98:eb:6a:8f:10:7a:ef:a2:92:
2e:04:7c:17:f2:64:88:ea:2f:e1:18:c2:8e:ae:36:
ae:b4:50:2e:80:1e:e6:d6:a0:57:19:8a:c0:f4:b4:
35:5c:c2:c5:d9:23:04:f9:51:c3:ba:b9:be:44:cd:
aa:c6:f1:e8:c9:2b:cb:4a:75:8e:ab:9b:f4:e0:94:
95:0b:60:55:07:90:2d:bc:8b:88:d8:8e:63:fb:04:
70:39:17:11:9b:7c:56:41:e0:c8:64:a5:95:36:0d:
89:6a:75:e7:9d:06:73:f8:b1:8c:af:f4:a7:96:23:
1c:14:cd:8f:a3:cb:10:62:aa:0e:1b:6a:bc:2a:9b:
93:36:ea:e6:2f:b4:ff:f7:c7:24:28:5a:22:0d:5a:
7d:65:c3:ec:96:26:f5:27:e0:55:92:37:bf:54:50:
aa:6e:0c:9d:47:3b:37:77:0f:eb:9b:56:4b:d4:66:
85:a5:09:bf:44:b1:df:e4:f8:d7:af:67:ea:5a:3d:
fe:f0:45:3f:39:88:c8:61:75:d7:d0:f0:bc:bd:dc:
d0:2d:cf:6d:5c:e8:2f:23:21:85:41:53:23:e7:1a:
88:54:c5:15:c7:c3:67:8c:b8:2f:fc:cb:3f:c9:2d:
c6:cc:33:26:a1:23:f4:a1:e7:c1:3e:a2:6f:35:e1:
ff:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C7:A7:CB:15:23:C4:73:3C:02:C4:5A:0A:11:D6:31:46:86:B0:77
X509v3 Authority Key Identifier:
keyid:59:49:B3:1E:BB:6E:4C:BB:D0:CC:77:0C:C6:F4:D5:0F:78:F0:EB:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WUmzHrtuTLvQzHcMxvTVD3jw63s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/mcenyxUjxHM8AsRaChHWMUaGsHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/de5add-ac68-4fb1-8419-3180ae4274f3/1/WUmzHrtuTLvQzHcMxvTVD3jw63s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.88.0.0/16
151.91.0.0-151.92.255.255
194.104.188.0/22
IPv6:
2a00:ec20::/32
Signature Algorithm: sha256WithRSAEncryption
6c:a8:c2:74:b8:3e:fb:89:e6:3e:22:d5:3b:8f:a9:5b:0d:ee:
d9:d4:cd:bd:84:61:61:53:4f:0b:7f:b1:9d:a5:8c:61:00:5e:
c7:ba:1a:91:4c:f1:2e:7d:3d:a2:54:b1:2b:d2:49:8b:48:dd:
ec:f9:5f:96:f2:28:ee:25:41:36:8b:67:2a:96:78:f3:fa:82:
4f:dc:e8:74:1a:c3:7c:50:8d:58:9e:44:93:27:6f:97:39:54:
f6:cb:c0:21:0c:12:5b:4b:71:12:26:8a:9b:4f:8f:fa:95:12:
37:c9:57:0d:19:7b:cc:49:d9:49:b3:5e:2c:30:f3:ca:f0:7f:
20:8c:ae:bb:33:b7:e8:b9:82:8f:79:46:03:13:3a:53:56:5c:
a1:2a:2d:b8:48:58:4a:8d:20:53:ee:f5:4d:e6:ea:01:f8:e2:
94:4e:ca:97:45:84:12:6e:78:69:4d:2a:e4:1f:ba:c6:d3:8b:
14:3e:9d:7f:1e:f5:8c:f4:3e:b1:d0:d1:89:4b:ff:65:58:04:
15:a5:b5:15:62:56:70:76:c2:32:88:f9:cd:5e:08:8e:69:93:
f6:3a:f3:8b:af:ce:f4:bc:23:e4:ad:63:58:8d:0e:4c:eb:ba:
27:08:d1:b4:da:bd:db:4a:98:3d:bc:b6:25:52:df:2c:ec:85:
f7:e9:17:11
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZxCFYfdUH2EGcbdtaeedY6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NDliMzFlYmI2ZTRjYmJkMGNjNzcwY2M2ZjRkNTBmNzhm
MGViN2IwHhcNMjYwMjA5MTEwNzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWM3YTdjYjE1MjNjNDczM2MwMmM0NWEwYTExZDYzMTQ2ODZiMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgd1vM+Y62qPEHrvopIuBHwX8mSI
6i/hGMKOrjautFAugB7m1qBXGYrA9LQ1XMLF2SME+VHDurm+RM2qxvHoySvLSnWO
q5v04JSVC2BVB5AtvIuI2I5j+wRwORcRm3xWQeDIZKWVNg2JanXnnQZz+LGMr/Sn
liMcFM2Po8sQYqoOG2q8KpuTNurmL7T/98ckKFoiDVp9ZcPslib1J+BVkje/VFCq
bgydRzs3dw/rm1ZL1GaFpQm/RLHf5PjXr2fqWj3+8EU/OYjIYXXX0PC8vdzQLc9t
XOgvIyGFQVMj5xqIVMUVx8NnjLgv/Ms/yS3GzDMmoSP0oefBPqJvNeH/NQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJnHp8sVI8RzPALEWgoR1jFGhrB3MB8GA1UdIwQY
MBaAFFlJsx67bky70Mx3DMb01Q948Ot7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1VtekhydHVUTHZRekhjTXh2VFZEM2p3NjNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kZTVhZGQtYWM2OC00ZmIxLTg0MTkt
MzE4MGFlNDI3NGYzLzEvbWNlbnl4VWp4SE04QXNSYUNoSFdNVWFHc0hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kZTVhZGQtYWM2OC00ZmIxLTg0MTktMzE4MGFlNDI3NGYz
LzEvV1VtekhydHVUTHZRekhjTXh2VFZEM2p3NjNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMAl1gwCgMD
AJdbAwMAl1wDBALCaLwwDQQCAAIwBwMFACoA7CAwDQYJKoZIhvcNAQELBQADggEB
AGyownS4PvuJ5j4i1TuPqVsN7tnUzb2EYWFTTwt/sZ2ljGEAXse6GpFM8S59PaJU
sSvSSYtI3ez5X5byKO4lQTaLZyqWePP6gk/c6HQaw3xQjVieRJMnb5c5VPbLwCEM
EltLcRImiptPj/qVEjfJVw0Ze8xJ2UmzXiww88rwfyCMrrszt+i5go95RgMTOlNW
XKEqLbhIWEqNIFPu9U3m6gH44pROypdFhBJueGlNKuQfusbTixQ+nX8e9Yz0PrHQ
0YlL/2VYBBWltRViVnB2wjKI+c1eCI5pk/Y684uvzvS8I+StY1iNDkzruicI0bTa
vdtKmD28tiVS3yzshffpFxE=
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:29:14 2026 by rpki-client