Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MCq6k-s3AWIzZgNhvTJi58cNxNk.roa
File: MCq6k-s3AWIzZgNhvTJi58cNxNk.roa (raw, json)
Hash identifier: Vz2kD94uXuAhZkLbZcvOD6wub0xLzrqlTppPWmav2PQ=
Subject key identifier: 30:2A:BA:93:EB:37:01:62:33:66:03:61:BD:32:62:E7:C7:0D:C4:D9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019CC931769DF46E037EAD68514FB07341A8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MCq6k-s3AWIzZgNhvTJi58cNxNk.roa
Signing time: Sat 07 Mar 2026 16:46:27 +0000
ROA not before: Sat 07 Mar 2026 16:46:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215727
IP address blocks: 31.57.206.0/24 maxlen: 24
31.57.249.0/24 maxlen: 24
31.57.253.0/24 maxlen: 24
31.57.255.0/24 maxlen: 24
31.59.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c9:31:76:9d:f4:6e:03:7e:ad:68:51:4f:b0:73:41:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 7 16:46:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=302aba93eb37016233660361bd3262e7c70dc4d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:12:62:29:78:39:85:2d:a0:00:e3:aa:0e:07:
c8:8f:99:5c:03:a8:d4:7c:f6:32:ee:00:3a:15:e9:
df:04:44:ca:d7:b9:4a:ff:11:15:ac:aa:cf:63:a3:
3e:67:95:da:17:a5:7a:78:29:9a:69:51:f0:33:7a:
d8:59:fc:95:b3:a3:1c:f3:29:3c:b6:7d:f8:4d:70:
01:5e:8e:c8:48:5b:b0:cd:8c:91:93:ba:cf:26:11:
df:27:93:a2:50:6a:c9:55:29:f4:bb:2b:85:c8:42:
26:13:a9:70:50:a7:cc:88:61:2d:3d:07:84:a3:f7:
54:ff:01:f5:f8:2f:bf:07:32:14:3d:e5:e2:07:67:
3e:2f:b4:17:d9:b4:0a:8e:75:8e:a6:8f:ea:e7:88:
ed:36:71:c0:3b:9a:fa:af:13:dc:61:74:51:20:90:
86:e3:20:1d:a0:7b:09:30:a8:40:71:c0:93:46:48:
3b:a1:06:42:bf:bb:56:87:8a:03:17:c5:dd:82:b6:
21:14:51:fb:57:6f:4a:f8:66:e7:e9:22:b1:9e:8f:
ff:2f:3b:cd:3a:de:2a:f6:32:c7:c1:4b:81:ae:26:
ac:2c:92:c9:06:4f:dc:a5:96:9e:6c:93:a5:36:46:
8a:0f:b6:3c:e2:89:c4:b4:1d:e4:db:38:df:4e:a9:
76:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:2A:BA:93:EB:37:01:62:33:66:03:61:BD:32:62:E7:C7:0D:C4:D9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MCq6k-s3AWIzZgNhvTJi58cNxNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.206.0/24
31.57.249.0/24
31.57.253.0/24
31.57.255.0/24
31.59.99.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:4b:c6:c7:55:fd:36:e6:10:78:ac:7a:0f:fe:0e:27:c2:01:
07:1a:a3:5f:b3:34:d8:ba:59:57:da:77:2c:43:d1:85:19:f5:
e5:fc:cd:50:3a:3e:e0:6e:7d:a0:f5:62:1a:5b:30:0e:37:fe:
40:ae:be:29:7a:80:87:ac:bc:d6:f1:94:d3:96:6d:da:27:2d:
51:dd:55:d6:5e:02:75:73:52:6d:ab:07:c3:d8:a3:8c:9d:b7:
21:7c:9f:75:11:0e:f4:61:86:ff:a4:5f:d3:a1:a3:64:06:d5:
b6:02:fe:9b:29:63:15:10:49:82:25:7a:a9:78:f8:92:6d:b7:
93:61:c5:db:d6:21:a6:0a:96:de:3d:30:c1:fe:14:0f:09:5d:
f2:bf:96:8d:c6:7e:83:bf:40:1e:bc:51:a4:6a:da:21:07:cb:
48:92:aa:92:ef:5e:42:f6:1f:bd:75:2d:3c:d8:a1:6e:41:1e:
9a:a0:44:8a:ed:f2:0a:bf:42:47:cb:c4:e5:69:2a:ca:dc:81:
c2:42:d9:90:93:1c:10:d8:5a:86:f1:f8:00:f7:7e:ac:8a:19:
84:b1:a0:92:8a:6a:2e:fd:d8:7a:a9:15:ff:44:7b:19:97:a0:
52:fe:1b:52:37:85:64:79:fa:38:77:a0:93:57:6a:56:54:c0:
a8:f1:e9:12
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZzJMXad9G4Dfq1oUU+wc0GoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMzA3MTY0NjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDJhYmE5M2ViMzcwMTYyMzM2NjAzNjFiZDMyNjJlN2M3MGRjNGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBJiKXg5hS2gAOOqDgfIj5lcA6jU
fPYy7gA6FenfBETK17lK/xEVrKrPY6M+Z5XaF6V6eCmaaVHwM3rYWfyVs6Mc8yk8
tn34TXABXo7ISFuwzYyRk7rPJhHfJ5OiUGrJVSn0uyuFyEImE6lwUKfMiGEtPQeE
o/dU/wH1+C+/BzIUPeXiB2c+L7QX2bQKjnWOpo/q54jtNnHAO5r6rxPcYXRRIJCG
4yAdoHsJMKhAccCTRkg7oQZCv7tWh4oDF8XdgrYhFFH7V29K+Gbn6SKxno//LzvN
Ot4q9jLHwUuBriasLJLJBk/cpZaebJOlNkaKD7Y84onEtB3k2zjfTql2aQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDAqupPrNwFiM2YDYb0yYufHDcTZMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTUNxNmstczNBV0l6WmdOaHZUSmk1OGNOeE5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHznOAwQA
Hzn5AwQAHzn9AwQAHzn/AwQAHztjMA0GCSqGSIb3DQEBCwUAA4IBAQBvS8bHVf02
5hB4rHoP/g4nwgEHGqNfszTYullX2ncsQ9GFGfXl/M1QOj7gbn2g9WIaWzAON/5A
rr4peoCHrLzW8ZTTlm3aJy1R3VXWXgJ1c1JtqwfD2KOMnbchfJ91EQ70YYb/pF/T
oaNkBtW2Av6bKWMVEEmCJXqpePiSbbeTYcXb1iGmCpbePTDB/hQPCV3yv5aNxn6D
v0AevFGkatohB8tIkqqS715C9h+9dS082KFuQR6aoESK7fIKv0JHy8TlaSrK3IHC
QtmQkxwQ2FqG8fgA936sihmEsaCSimou/dh6qRX/RHsZl6BS/htSN4Vkefo4d6CT
V2pWVMCo8ekS
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:16:04 2026 by rpki-client