Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/MCWE5kRVPKCNpSYp3Wzi86L1l30.roa
File: MCWE5kRVPKCNpSYp3Wzi86L1l30.roa (raw, json)
Hash identifier: imgRMf1CQPyZzpp0A3y+5vlU9xtC+jbyXS6nWPioLWQ=
Subject key identifier: 30:25:84:E6:44:55:3C:A0:8D:A5:26:29:DD:6C:E2:F3:A2:F5:97:7D
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019DDE28D1D9C8626AD45746CC6DCF1DA91A
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/MCWE5kRVPKCNpSYp3Wzi86L1l30.roa
Signing time: Thu 30 Apr 2026 11:31:50 +0000
ROA not before: Thu 30 Apr 2026 11:31:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31479
IP address blocks: 49.0.184.0/21 maxlen: 21
80.66.116.0/24 maxlen: 24
94.198.46.0/24 maxlen: 24
178.19.32.0/24 maxlen: 24
178.19.33.0/24 maxlen: 24
185.28.48.0/23 maxlen: 23
201.77.58.0/24 maxlen: 24
206.203.0.0/19 maxlen: 19
206.203.16.0/21 maxlen: 21
206.203.32.0/19 maxlen: 19
2001:4030::/32 maxlen: 32
2001:4030:16::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:de:28:d1:d9:c8:62:6a:d4:57:46:cc:6d:cf:1d:a9:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Apr 30 11:31:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=302584e644553ca08da52629dd6ce2f3a2f5977d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c0:8a:08:8f:46:24:46:2e:4d:d6:fa:3d:96:
af:50:32:ff:08:0f:aa:93:8e:63:be:0a:b9:ad:14:
7f:e4:a9:b5:6c:34:c7:4e:0a:d5:e0:81:f4:c2:e1:
8d:14:07:e6:17:83:73:e1:7a:b6:9d:80:50:16:91:
11:f5:aa:51:d4:24:0a:6a:dd:51:01:9d:0f:6f:4f:
8e:7b:26:19:ac:87:a2:94:3b:a5:0c:bd:7a:6f:86:
5b:66:ee:6f:8b:66:06:8b:e7:4c:f1:6c:0c:35:b1:
56:0f:98:44:28:b7:30:7a:e7:b5:c3:31:e6:90:5b:
77:dd:47:46:9b:e9:36:18:d7:6c:1b:3e:fe:14:ca:
03:6a:81:05:75:ca:88:ea:ab:55:ba:3f:bc:a8:88:
37:cf:b2:73:ac:8d:7b:83:ae:98:6c:7f:a0:48:07:
5c:ed:91:73:86:94:d9:7e:20:3b:e9:53:d5:1d:70:
2a:b2:2c:89:8f:1e:0c:44:d4:fb:5d:0f:24:20:1b:
98:3e:a7:29:22:4e:a9:02:71:6f:73:05:e9:12:d2:
2b:34:b2:8b:0e:c9:1e:82:54:c8:78:c5:c4:c2:61:
c7:4e:60:4c:77:5c:92:8f:25:e5:a0:18:4b:27:ad:
5e:2e:11:87:ef:83:80:f8:7e:99:c7:b7:bb:61:1b:
0e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:25:84:E6:44:55:3C:A0:8D:A5:26:29:DD:6C:E2:F3:A2:F5:97:7D
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/MCWE5kRVPKCNpSYp3Wzi86L1l30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
49.0.184.0/21
80.66.116.0/24
94.198.46.0/24
178.19.32.0/23
185.28.48.0/23
201.77.58.0/24
206.203.0.0/18
IPv6:
2001:4030::/32
Signature Algorithm: sha256WithRSAEncryption
82:dc:7d:d6:f7:1a:b0:f5:53:1b:fe:e8:d2:9f:2c:18:ca:11:
a4:82:ec:60:11:65:bc:2b:1c:2e:95:a8:17:60:fb:5d:89:d0:
09:54:8b:73:50:1b:08:cd:33:c4:2b:6f:82:3a:52:91:0e:49:
27:a5:93:38:1a:0d:c3:7a:6f:b9:3f:ff:d9:4a:75:c2:3e:72:
71:44:20:5d:a4:53:f3:a8:bd:96:44:5e:4d:70:af:52:a1:7e:
3b:4c:54:67:8e:b8:c2:3f:6d:31:9b:0a:36:34:f2:76:f6:4d:
db:ae:a4:b2:da:ff:9c:5a:f6:32:35:fc:ff:4b:ac:04:ec:06:
75:4f:db:3a:40:6c:1e:80:23:a9:24:ab:10:52:a6:3b:9b:95:
3d:81:2d:2e:0f:21:91:ea:14:12:1a:c2:ff:24:37:e4:3e:42:
13:f4:d7:3e:4b:c2:c7:4f:40:ba:c4:58:da:41:4c:01:f9:bc:
91:92:08:6b:03:f8:f3:d8:f2:2c:b0:96:df:7c:1f:79:52:ad:
b9:20:fa:5e:fb:c1:48:60:ee:40:9e:4b:9f:0c:f8:22:19:45:
86:9c:49:f9:a5:47:ff:ed:32:18:35:98:f1:b3:6b:ee:a2:11:
b0:52:75:ed:aa:6c:68:d6:7c:02:f1:50:6b:77:25:56:4e:ee:
23:28:a9:f3
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZ3eKNHZyGJq1FdGzG3PHakaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwNDMwMTEzMTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDI1ODRlNjQ0NTUzY2EwOGRhNTI2MjlkZDZjZTJmM2EyZjU5NzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcCKCI9GJEYuTdb6PZavUDL/CA+q
k45jvgq5rRR/5Km1bDTHTgrV4IH0wuGNFAfmF4Nz4Xq2nYBQFpER9apR1CQKat1R
AZ0Pb0+OeyYZrIeilDulDL16b4ZbZu5vi2YGi+dM8WwMNbFWD5hEKLcweue1wzHm
kFt33UdGm+k2GNdsGz7+FMoDaoEFdcqI6qtVuj+8qIg3z7JzrI17g66YbH+gSAdc
7ZFzhpTZfiA76VPVHXAqsiyJjx4MRNT7XQ8kIBuYPqcpIk6pAnFvcwXpEtIrNLKL
DskeglTIeMXEwmHHTmBMd1ySjyXloBhLJ61eLhGH74OA+H6Zx7e7YRsOQQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFDAlhOZEVTygjaUmKd1s4vOi9Zd9MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvTUNXRTVrUlZQS0NOcFNZcDNXemk4NkwxbDMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDMQC4AwQA
UEJ0AwQAXsYuAwQBshMgAwQBuRwwAwQAyU06AwQGzssAMA0EAgACMAcDBQAgAUAw
MA0GCSqGSIb3DQEBCwUAA4IBAQCC3H3W9xqw9VMb/ujSnywYyhGkguxgEWW8Kxwu
lagXYPtdidAJVItzUBsIzTPEK2+COlKRDkknpZM4Gg3Dem+5P//ZSnXCPnJxRCBd
pFPzqL2WRF5NcK9SoX47TFRnjrjCP20xmwo2NPJ29k3brqSy2v+cWvYyNfz/S6wE
7AZ1T9s6QGwegCOpJKsQUqY7m5U9gS0uDyGR6hQSGsL/JDfkPkIT9Nc+S8LHT0C6
xFjaQUwB+byRkghrA/jz2PIssJbffB95Uq25IPpe+8FIYO5AnkufDPgiGUWGnEn5
pUf/7TIYNZjxs2vuohGwUnXtqmxo1nwC8VBrdyVWTu4jKKnz
-----END CERTIFICATE-----
Generated at Wed May 13 08:45:31 2026 by rpki-client