Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/b361ef-5f69-4bcb-983c-21128027255d/1/MLYNkRRQ88o0jRLfUL-66Ts7owk.roa
File: MLYNkRRQ88o0jRLfUL-66Ts7owk.roa (raw, json)
Hash identifier: 1qOMlKH7FctGbFfwx8gGNyhgQRBsMDafuOc9je+w+4g=
Subject key identifier: 30:B6:0D:91:14:50:F3:CA:34:8D:12:DF:50:BF:BA:E9:3B:3B:A3:09
Certificate issuer: /CN=f7977af580c850cc8bf90649f9bda8a6a48bf396
Certificate serial: 019D056F8C09697C1076D7B09B438343471A
Authority key identifier: F7:97:7A:F5:80:C8:50:CC:8B:F9:06:49:F9:BD:A8:A6:A4:8B:F3:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/95d69YDIUMyL-QZJ-b2opqSL85Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/b361ef-5f69-4bcb-983c-21128027255d/1/MLYNkRRQ88o0jRLfUL-66Ts7owk.roa
Signing time: Thu 19 Mar 2026 09:31:29 +0000
ROA not before: Thu 19 Mar 2026 09:31:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213173
IP address blocks: 31.3.216.0/24 maxlen: 24
84.54.12.0/24 maxlen: 24
131.222.133.0/24 maxlen: 24
193.176.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/b361ef-5f69-4bcb-983c-21128027255d/1/95d69YDIUMyL-QZJ-b2opqSL85Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/b361ef-5f69-4bcb-983c-21128027255d/1/95d69YDIUMyL-QZJ-b2opqSL85Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/95d69YDIUMyL-QZJ-b2opqSL85Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:05:6f:8c:09:69:7c:10:76:d7:b0:9b:43:83:43:47:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7977af580c850cc8bf90649f9bda8a6a48bf396
Validity
Not Before: Mar 19 09:31:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=30b60d911450f3ca348d12df50bfbae93b3ba309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:74:21:38:58:d6:5f:5a:5a:f6:e3:cd:4e:e2:
69:79:0e:5c:f0:26:30:a5:d4:3b:60:d4:c6:19:42:
39:6b:14:8f:5b:71:cc:34:f8:46:39:d0:1d:18:05:
74:f7:4a:47:6f:6e:13:ff:54:91:fc:22:7f:00:d7:
fb:90:a0:b0:2b:39:56:2a:ef:c8:65:11:46:e1:ad:
93:41:e1:b8:29:60:0d:fc:51:af:0f:84:f4:28:30:
01:09:f8:c5:26:05:bf:e7:d0:22:83:d4:4e:b3:8b:
74:38:65:44:d9:bf:5a:cd:20:67:d1:ca:d2:19:ee:
30:51:16:8b:3c:30:60:25:dd:95:d2:81:7d:ab:9d:
4c:91:ce:47:d2:fa:2e:73:eb:8d:9a:f4:ec:75:00:
13:95:2e:18:7b:00:53:ce:e9:54:af:da:c7:a2:8f:
22:2e:91:57:18:2c:fb:83:af:be:33:c7:9b:be:9f:
23:8f:d2:54:4f:c6:10:a1:72:a8:1b:89:0d:bb:40:
ea:96:0e:1d:39:9d:0d:d5:79:28:31:03:e6:2a:92:
f2:1b:67:a7:c5:38:a0:96:d8:e2:1e:c4:80:6f:c6:
56:0b:8d:50:84:06:25:93:0b:a3:62:43:b4:7a:40:
76:26:8f:06:11:41:39:f7:3e:4a:8c:5c:77:0b:94:
b3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:B6:0D:91:14:50:F3:CA:34:8D:12:DF:50:BF:BA:E9:3B:3B:A3:09
X509v3 Authority Key Identifier:
keyid:F7:97:7A:F5:80:C8:50:CC:8B:F9:06:49:F9:BD:A8:A6:A4:8B:F3:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/95d69YDIUMyL-QZJ-b2opqSL85Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/b361ef-5f69-4bcb-983c-21128027255d/1/MLYNkRRQ88o0jRLfUL-66Ts7owk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/b361ef-5f69-4bcb-983c-21128027255d/1/95d69YDIUMyL-QZJ-b2opqSL85Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.216.0/24
84.54.12.0/24
131.222.133.0/24
193.176.239.0/24
Signature Algorithm: sha256WithRSAEncryption
06:71:46:9f:b0:cb:92:2a:92:81:32:9a:a9:18:8b:6f:b6:94:
7d:b5:2b:4c:41:74:fe:af:c7:7d:12:3e:59:54:f2:bb:b0:53:
33:49:29:62:02:c0:bd:80:a3:49:0c:79:8e:fa:49:4c:80:17:
78:de:76:06:e0:1c:68:e9:5d:fd:ec:4b:50:0d:9e:93:f3:4f:
ca:a7:19:13:68:be:bd:9e:95:dd:b9:7e:dd:de:9c:da:92:a7:
c4:6e:17:3d:a8:1b:40:43:d1:86:c0:10:85:ca:55:2e:66:c2:
eb:bf:a0:b5:a7:63:12:20:f4:aa:aa:1e:83:3b:6b:03:39:9e:
63:63:79:c0:f9:0d:ae:91:91:7d:ed:31:c2:18:df:6f:b4:79:
e0:f9:32:71:d5:bb:ef:12:d4:31:b4:b2:d0:b2:9c:98:92:11:
9a:80:18:6f:84:13:90:52:1c:8a:ea:79:6b:7a:95:3e:fb:60:
c7:60:e3:69:c2:f5:a6:61:fd:cd:2a:5c:fa:cc:c5:f4:53:5d:
ac:66:7c:c9:e7:ab:9b:e3:b7:f9:d2:c5:0d:ff:c1:8a:77:78:
b1:b4:3e:66:e6:fa:8d:96:69:cb:e1:74:17:44:5a:4b:b2:10:
cc:63:c8:9d:3d:6c:21:47:b6:d0:ff:4d:cb:0b:d8:a3:d3:3c:
8b:f4:5a:68
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ0Fb4wJaXwQdtewm0ODQ0caMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3OTc3YWY1ODBjODUwY2M4YmY5MDY0OWY5YmRhOGE2YTQ4
YmYzOTYwHhcNMjYwMzE5MDkzMTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGI2MGQ5MTE0NTBmM2NhMzQ4ZDEyZGY1MGJmYmFlOTNiM2JhMzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHQhOFjWX1pa9uPNTuJpeQ5c8CYw
pdQ7YNTGGUI5axSPW3HMNPhGOdAdGAV090pHb24T/1SR/CJ/ANf7kKCwKzlWKu/I
ZRFG4a2TQeG4KWAN/FGvD4T0KDABCfjFJgW/59Aig9ROs4t0OGVE2b9azSBn0crS
Ge4wURaLPDBgJd2V0oF9q51Mkc5H0vouc+uNmvTsdQATlS4YewBTzulUr9rHoo8i
LpFXGCz7g6++M8ebvp8jj9JUT8YQoXKoG4kNu0Dqlg4dOZ0N1XkoMQPmKpLyG2en
xTigltjiHsSAb8ZWC41QhAYlkwujYkO0ekB2Jo8GEUE59z5KjFx3C5SzeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDC2DZEUUPPKNI0S31C/uuk7O6MJMB8GA1UdIwQY
MBaAFPeXevWAyFDMi/kGSfm9qKaki/OWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTVkNjlZRElVTXlMLVFaSi1iMm9wcVNMODVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iMzYxZWYtNWY2OS00YmNiLTk4M2Mt
MjExMjgwMjcyNTVkLzEvTUxZTmtSUlE4OG8walJMZlVMLTY2VHM3b3drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iMzYxZWYtNWY2OS00YmNiLTk4M2MtMjExMjgwMjcyNTVk
LzEvOTVkNjlZRElVTXlMLVFaSi1iMm9wcVNMODVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHwPYAwQA
VDYMAwQAg96FAwQAwbDvMA0GCSqGSIb3DQEBCwUAA4IBAQAGcUafsMuSKpKBMpqp
GItvtpR9tStMQXT+r8d9Ej5ZVPK7sFMzSSliAsC9gKNJDHmO+klMgBd43nYG4Bxo
6V397EtQDZ6T80/KpxkTaL69npXduX7d3pzakqfEbhc9qBtAQ9GGwBCFylUuZsLr
v6C1p2MSIPSqqh6DO2sDOZ5jY3nA+Q2ukZF97THCGN9vtHng+TJx1bvvEtQxtLLQ
spyYkhGagBhvhBOQUhyK6nlrepU++2DHYONpwvWmYf3NKlz6zMX0U12sZnzJ56ub
47f50sUN/8GKd3ixtD5m5vqNlmnL4XQXRFpLshDMY8idPWwhR7bQ/03LC9ij0zyL
9Fpo
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:59:12 2026 by rpki-client