Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/MjH0mCguKyAe-5Dh9UdmNGfhqQM.roa
File: MjH0mCguKyAe-5Dh9UdmNGfhqQM.roa (raw, json)
Hash identifier: 5eB9gBDQyLuH02CzAyJcgsM/kGpWR1V5i1JQVlFMYBY=
Subject key identifier: 32:31:F4:98:28:2E:2B:20:1E:FB:90:E1:F5:47:66:34:67:E1:A9:03
Certificate issuer: /CN=ff711054a89446a76f493ce2c127a948eba4a8ff
Certificate serial: 019C504E94AD76401EED6B8F81667741F98E
Authority key identifier: FF:71:10:54:A8:94:46:A7:6F:49:3C:E2:C1:27:A9:48:EB:A4:A8:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_3EQVKiURqdvSTziwSepSOukqP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/MjH0mCguKyAe-5Dh9UdmNGfhqQM.roa
Signing time: Thu 12 Feb 2026 05:24:13 +0000
ROA not before: Thu 12 Feb 2026 05:24:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7488
IP address blocks: 46.33.14.0/24 maxlen: 24
77.73.8.0/24 maxlen: 24
77.73.13.0/24 maxlen: 24
77.73.14.0/24 maxlen: 24
78.109.24.0/22 maxlen: 22
78.109.24.0/24 maxlen: 24
78.109.25.0/24 maxlen: 24
78.109.26.0/24 maxlen: 24
78.109.27.0/24 maxlen: 24
158.94.172.0/23 maxlen: 23
185.13.108.0/22 maxlen: 22
185.34.144.0/22 maxlen: 22
185.61.208.0/24 maxlen: 24
185.61.209.0/24 maxlen: 24
185.61.210.0/24 maxlen: 24
185.61.211.0/24 maxlen: 24
185.92.188.0/22 maxlen: 22
185.93.148.0/22 maxlen: 22
185.170.76.0/22 maxlen: 22
195.34.70.0/24 maxlen: 24
195.34.71.0/24 maxlen: 24
195.242.177.0/24 maxlen: 24
195.242.178.0/24 maxlen: 24
2a14:7a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/_3EQVKiURqdvSTziwSepSOukqP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/_3EQVKiURqdvSTziwSepSOukqP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/_3EQVKiURqdvSTziwSepSOukqP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:50:4e:94:ad:76:40:1e:ed:6b:8f:81:66:77:41:f9:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff711054a89446a76f493ce2c127a948eba4a8ff
Validity
Not Before: Feb 12 05:24:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3231f498282e2b201efb90e1f547663467e1a903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:98:9d:b3:83:21:9e:74:39:30:b6:f7:1d:11:
b7:be:44:ef:76:c7:16:5c:e8:a6:c8:5f:2d:47:4d:
4d:ad:e1:ba:82:57:0b:e3:f1:f9:b1:62:f8:5b:a1:
ec:3b:8f:80:08:98:b8:98:8e:fc:50:b0:b0:bb:3f:
a1:08:c9:b9:00:0a:a9:a4:4c:56:bb:ca:ad:76:17:
0e:d6:e7:eb:93:aa:59:6e:7e:62:0c:de:21:5c:22:
f7:5e:84:cf:ac:fe:27:c0:c6:3b:1f:43:08:56:e3:
47:2c:81:78:bc:12:ca:5f:c7:ac:e1:7c:53:eb:8f:
f2:36:a1:0c:5d:16:4a:3a:c0:69:9b:5c:28:9f:71:
d4:f3:f3:bd:2a:48:d3:1c:9e:06:66:45:e9:74:92:
e5:15:1a:6e:1e:39:03:7f:a2:34:f0:f4:28:e1:50:
b2:40:7a:9b:76:52:9b:93:c9:e0:5a:2a:fa:ce:2a:
91:07:fd:71:18:93:dd:ad:88:59:66:81:fc:a3:08:
2d:47:69:69:1c:4a:11:5d:01:8b:b8:f6:c4:b1:86:
34:c1:34:3c:e0:09:c5:e5:c8:70:b0:67:9d:a7:94:
15:99:6f:cb:fd:dd:1f:a7:0a:2c:28:65:0d:f1:32:
40:03:61:20:84:a4:0c:e8:9a:4a:dc:c7:a7:3c:d0:
a3:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:31:F4:98:28:2E:2B:20:1E:FB:90:E1:F5:47:66:34:67:E1:A9:03
X509v3 Authority Key Identifier:
keyid:FF:71:10:54:A8:94:46:A7:6F:49:3C:E2:C1:27:A9:48:EB:A4:A8:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_3EQVKiURqdvSTziwSepSOukqP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/MjH0mCguKyAe-5Dh9UdmNGfhqQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/_3EQVKiURqdvSTziwSepSOukqP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.33.14.0/24
77.73.8.0/24
77.73.13.0-77.73.14.255
78.109.24.0/22
158.94.172.0/23
185.13.108.0/22
185.34.144.0/22
185.61.208.0/22
185.92.188.0/22
185.93.148.0/22
185.170.76.0/22
195.34.70.0/23
195.242.177.0-195.242.178.255
IPv6:
2a14:7a40::/29
Signature Algorithm: sha256WithRSAEncryption
12:c3:52:e3:b3:df:90:c5:5c:cd:36:42:d2:9e:49:01:6f:e7:
3d:9b:0c:f0:78:14:31:d8:b8:80:37:74:42:ab:35:87:0a:2e:
d2:eb:5f:24:4a:2f:80:16:28:0c:1b:3b:91:c5:f6:ff:3d:ea:
25:65:90:92:d0:46:5a:9c:5f:a1:1b:80:67:ed:3c:b5:03:31:
9b:31:39:65:4d:1f:66:15:73:c5:27:ff:d2:60:2e:57:68:8b:
30:51:e7:ce:49:87:6a:ed:d4:87:1b:e2:15:9c:0b:29:b0:0c:
29:e3:63:9a:8e:2a:87:ea:2c:15:5d:98:fd:d6:9c:c2:1a:3b:
ec:38:ea:64:de:55:df:18:2d:13:e8:8e:e0:0d:46:c6:02:e3:
c4:c1:88:40:7a:19:90:2e:8d:3e:6d:23:a7:23:35:64:ed:6e:
e2:06:08:7e:cc:ac:3f:2d:58:a5:b1:d7:b8:78:ed:73:10:6a:
1d:bf:c3:27:0e:c3:f0:7f:10:ae:73:cd:5f:78:3c:35:b8:5b:
c8:a3:6b:55:72:54:d6:a9:6f:95:c3:e9:a5:e2:2a:10:80:bf:
a0:ad:92:bd:09:92:69:5a:57:c8:d7:44:d0:3d:b8:d2:f6:8c:
03:53:63:2c:0f:92:8a:79:ac:2d:35:ee:74:68:cf:b4:99:c6:
9c:05:e3:e2
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZxQTpStdkAe7WuPgWZ3QfmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNzExMDU0YTg5NDQ2YTc2ZjQ5M2NlMmMxMjdhOTQ4ZWJh
NGE4ZmYwHhcNMjYwMjEyMDUyNDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjMxZjQ5ODI4MmUyYjIwMWVmYjkwZTFmNTQ3NjYzNDY3ZTFhOTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZids4MhnnQ5MLb3HRG3vkTvdscW
XOimyF8tR01NreG6glcL4/H5sWL4W6HsO4+ACJi4mI78ULCwuz+hCMm5AAqppExW
u8qtdhcO1ufrk6pZbn5iDN4hXCL3XoTPrP4nwMY7H0MIVuNHLIF4vBLKX8es4XxT
64/yNqEMXRZKOsBpm1won3HU8/O9KkjTHJ4GZkXpdJLlFRpuHjkDf6I08PQo4VCy
QHqbdlKbk8ngWir6ziqRB/1xGJPdrYhZZoH8owgtR2lpHEoRXQGLuPbEsYY0wTQ8
4AnF5chwsGedp5QVmW/L/d0fpwosKGUN8TJAA2EghKQM6JpK3MenPNCjIwIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFDIx9JgoLisgHvuQ4fVHZjRn4akDMB8GA1UdIwQY
MBaAFP9xEFSolEanb0k84sEnqUjrpKj/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzNFUVZLaVVScWR2U1R6aXdTZXBTT3VrcVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9iOGZjNTUtYjRjZC00ZDFmLTk5OTAt
NDdhYzM4OWQzMjYxLzEvTWpIMG1DZ3VLeUFlLTVEaDlVZG1OR2ZocVFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9iOGZjNTUtYjRjZC00ZDFmLTk5OTAtNDdhYzM4OWQzMjYx
LzEvXzNFUVZLaVVScWR2U1R6aXdTZXBTT3VrcVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwZAQCAAEwXgMEAC4hDgME
AE1JCDAMAwQATUkNAwQATUkOAwQCTm0YAwQBnl6sAwQCuQ1sAwQCuSKQAwQCuT3Q
AwQCuVy8AwQCuV2UAwQCuapMAwQBwyJGMAwDBADD8rEDBADD8rIwDQQCAAIwBwMF
AyoUekAwDQYJKoZIhvcNAQELBQADggEBABLDUuOz35DFXM02QtKeSQFv5z2bDPB4
FDHYuIA3dEKrNYcKLtLrXyRKL4AWKAwbO5HF9v896iVlkJLQRlqcX6EbgGftPLUD
MZsxOWVNH2YVc8Un/9JgLldoizBR585Jh2rt1Icb4hWcCymwDCnjY5qOKofqLBVd
mP3WnMIaO+w46mTeVd8YLRPojuANRsYC48TBiEB6GZAujT5tI6cjNWTtbuIGCH7M
rD8tWKWx17h47XMQah2/wycOw/B/EK5zzV94PDW4W8ija1VyVNapb5XD6aXiKhCA
v6Ctkr0JkmlaV8jXRNA9uNL2jANTYywPkop5rC017nRoz7SZxpwF4+I=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:44:17 2026 by rpki-client