Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/MJx0NqXihNoO1tdw0IEUkLpGMUA.roa
File: MJx0NqXihNoO1tdw0IEUkLpGMUA.roa (raw, json)
Hash identifier: R5lpynjE3FnYm+DWUM4Zhg7Pyn3VQ0fhxQKf9giZ73g=
Subject key identifier: 30:9C:74:36:A5:E2:84:DA:0E:D6:D7:70:D0:81:14:90:BA:46:31:40
Certificate issuer: /CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Certificate serial: 019CE21C9950B223BE1766CE5A18E9AB43E4
Authority key identifier: 2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/MJx0NqXihNoO1tdw0IEUkLpGMUA.roa
Signing time: Thu 12 Mar 2026 12:54:10 +0000
ROA not before: Thu 12 Mar 2026 12:54:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48830
IP address blocks: 85.132.14.0/24 maxlen: 24
85.132.19.0/24 maxlen: 24
85.132.104.0/24 maxlen: 24
85.132.105.0/24 maxlen: 24
94.20.26.0/24 maxlen: 24
94.20.27.0/24 maxlen: 24
94.20.28.0/24 maxlen: 24
94.20.31.0/24 maxlen: 24
94.20.32.0/24 maxlen: 24
94.20.69.0/24 maxlen: 24
94.20.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.mft
rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e2:1c:99:50:b2:23:be:17:66:ce:5a:18:e9:ab:43:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Validity
Not Before: Mar 12 12:54:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=309c7436a5e284da0ed6d770d0811490ba463140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5b:9d:f1:fe:8a:da:cd:47:37:63:ff:02:f4:
c8:ec:58:5c:58:32:67:0c:a5:28:af:fe:05:e8:00:
46:cb:3e:34:d7:e9:f3:3e:91:11:bf:bb:13:f6:86:
09:cb:1a:0b:8c:59:52:03:78:20:3d:cd:72:b9:aa:
4e:ff:c1:f6:19:9d:31:d4:c2:82:5c:7c:49:12:a7:
f1:42:84:db:31:cf:46:ad:69:47:29:de:65:24:9e:
7e:16:12:be:8f:2d:73:de:dc:a1:bc:39:2b:7e:53:
be:03:b3:01:69:24:b9:19:e4:6d:6c:6c:81:e2:44:
68:ea:5e:07:04:e0:1d:21:69:69:9c:f4:fc:73:51:
d1:c5:29:6d:5a:e9:df:df:9b:7b:a9:02:a8:80:90:
31:6c:58:04:99:1d:2f:58:0b:75:71:d0:8a:b6:7a:
2d:78:0e:79:55:9b:cd:5a:60:8d:31:a0:da:b4:36:
95:04:08:9a:c5:4f:05:53:37:5d:76:5a:f0:2f:f4:
9a:d2:f0:eb:26:6d:cb:21:56:4c:3f:c3:f0:9c:46:
1d:3d:00:4a:51:24:48:75:8b:ba:f5:e5:aa:67:f1:
ec:87:f4:20:e5:bb:22:b7:af:fd:1c:52:3e:e8:cd:
b4:7d:43:db:8c:63:c3:b7:7a:42:04:73:5e:95:c1:
b9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9C:74:36:A5:E2:84:DA:0E:D6:D7:70:D0:81:14:90:BA:46:31:40
X509v3 Authority Key Identifier:
keyid:2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/MJx0NqXihNoO1tdw0IEUkLpGMUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.132.14.0/24
85.132.19.0/24
85.132.104.0/23
94.20.26.0-94.20.28.255
94.20.31.0-94.20.32.255
94.20.69.0-94.20.70.255
Signature Algorithm: sha256WithRSAEncryption
72:e8:8a:25:d5:08:e3:dc:89:cd:78:53:50:25:60:e0:69:d0:
e3:60:05:2b:a6:ba:f0:1b:e2:63:6a:a7:57:b5:e8:a5:27:c3:
7a:3f:a7:b6:c6:65:77:42:54:84:9c:7e:f8:b0:08:3e:0c:13:
ee:03:66:23:15:83:3a:23:22:28:74:fc:4c:09:b3:53:fe:f9:
24:48:0f:4a:6a:ec:4d:c3:96:03:74:5a:46:c3:ab:3b:99:ed:
93:87:09:07:0e:d3:4d:4f:83:64:e7:ed:3a:59:c3:62:53:c4:
38:6d:ac:e1:1f:4b:52:73:b1:2d:45:73:01:54:39:ea:ca:ee:
ba:70:b8:0d:42:d0:72:5e:fa:ae:26:8e:ed:36:8f:8d:0f:65:
0c:fa:02:b6:05:11:52:00:a9:69:a2:3a:6e:e7:cd:e2:c4:4d:
34:12:7d:dc:f6:ea:4e:a0:31:96:1f:ea:c2:fb:50:fe:8e:d0:
88:a6:ad:1b:23:55:65:40:df:2e:38:a8:a7:31:1d:ac:df:02:
3d:36:19:93:6a:3d:5b:f8:46:79:65:54:bb:74:fe:b2:a0:33:
c4:5c:8b:1f:93:9b:2d:50:db:67:c0:5f:c5:2c:46:60:68:e9:
40:f9:a8:d4:39:12:b8:d4:35:82:76:e0:44:b3:34:8a:a3:5d:
f7:db:8d:33
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZziHJlQsiO+F2bOWhjpq0PkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMjUyYTQ3NzI0MmZiNDVmMjBiYjA4MDIwYTQwM2EyYmI0
NjZhOWIwHhcNMjYwMzEyMTI1NDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDljNzQzNmE1ZTI4NGRhMGVkNmQ3NzBkMDgxMTQ5MGJhNDYzMTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFud8f6K2s1HN2P/AvTI7FhcWDJn
DKUor/4F6ABGyz401+nzPpERv7sT9oYJyxoLjFlSA3ggPc1yuapO/8H2GZ0x1MKC
XHxJEqfxQoTbMc9GrWlHKd5lJJ5+FhK+jy1z3tyhvDkrflO+A7MBaSS5GeRtbGyB
4kRo6l4HBOAdIWlpnPT8c1HRxSltWunf35t7qQKogJAxbFgEmR0vWAt1cdCKtnot
eA55VZvNWmCNMaDatDaVBAiaxU8FUzdddlrwL/Sa0vDrJm3LIVZMP8PwnEYdPQBK
USRIdYu69eWqZ/Hsh/Qg5bsit6/9HFI+6M20fUPbjGPDt3pCBHNelcG5oQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDCcdDal4oTaDtbXcNCBFJC6RjFAMB8GA1UdIwQY
MBaAFC4lKkdyQvtF8guwgCCkA6K7RmqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmIt
MTZmMTQ2YmVmOTk1LzEvTUp4ME5xWGloTm9PMXRkdzBJRVVrTHBHTVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmItMTZmMTQ2YmVmOTk1
LzEvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAVYQOAwQA
VYQTAwQBVYRoMAwDBAFeFBoDBABeFBwwDAMEAF4UHwMEAF4UIDAMAwQAXhRFAwQA
XhRGMA0GCSqGSIb3DQEBCwUAA4IBAQBy6Iol1Qjj3InNeFNQJWDgadDjYAUrprrw
G+JjaqdXteilJ8N6P6e2xmV3QlSEnH74sAg+DBPuA2YjFYM6IyIodPxMCbNT/vkk
SA9KauxNw5YDdFpGw6s7me2ThwkHDtNNT4Nk5+06WcNiU8Q4bazhH0tSc7EtRXMB
VDnqyu66cLgNQtByXvquJo7tNo+ND2UM+gK2BRFSAKlpojpu583ixE00En3c9upO
oDGWH+rC+1D+jtCIpq0bI1VlQN8uOKinMR2s3wI9NhmTaj1b+EZ5ZVS7dP6yoDPE
XIsfk5stUNtnwF/FLEZgaOlA+ajUORK41DWCduBEszSKo133240z
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:19:29 2026 by rpki-client