Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/MXdV921MJ9HnU0g8Ibj56jqCHec.roa
File: MXdV921MJ9HnU0g8Ibj56jqCHec.roa (raw, json)
Hash identifier: WqDnr1oQ50UZLn7z3oCewJtJXaNubJJPYPVKuEtg2us=
Subject key identifier: 31:77:55:F7:6D:4C:27:D1:E7:53:48:3C:21:B8:F9:EA:3A:82:1D:E7
Certificate issuer: /CN=f62eeb879085c94194297dd9e4cd249cd2516515
Certificate serial: 019E079F3D55455A2BE1D7241222E69181C6
Authority key identifier: F6:2E:EB:87:90:85:C9:41:94:29:7D:D9:E4:CD:24:9C:D2:51:65:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/MXdV921MJ9HnU0g8Ibj56jqCHec.roa
Signing time: Fri 08 May 2026 12:45:36 +0000
ROA not before: Fri 08 May 2026 12:45:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42473
IP address blocks: 159.195.0.0/24 maxlen: 24
159.195.90.0/24 maxlen: 24
159.195.155.0/24 maxlen: 24
2a0a:4cc0::/43 maxlen: 43
2a0a:4cc0:40::/43 maxlen: 43
2a0a:4cc0:80::/43 maxlen: 43
2a0a:4cc0:c0::/43 maxlen: 43
2a0a:4cc0:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.mft
rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:07:9f:3d:55:45:5a:2b:e1:d7:24:12:22:e6:91:81:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f62eeb879085c94194297dd9e4cd249cd2516515
Validity
Not Before: May 8 12:45:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=317755f76d4c27d1e753483c21b8f9ea3a821de7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:85:92:46:d0:36:77:c0:6b:cf:4a:84:ad:22:
6a:48:46:cb:b0:c4:c6:b0:68:90:91:65:89:f1:4e:
1b:56:2a:90:95:4a:91:09:44:7b:cf:ad:27:0e:72:
11:9b:e3:36:ae:c0:a7:d1:c5:cd:5e:79:0b:0e:96:
cc:73:56:db:54:51:0b:ae:ee:9b:8d:6a:ea:37:d4:
7c:45:54:99:41:46:5a:7c:9b:11:45:7e:ca:ea:b1:
54:91:6c:95:55:91:a5:39:b4:02:75:94:23:aa:a4:
f2:d5:f8:e8:76:98:c4:bd:b4:f3:8b:f4:76:44:e5:
23:1a:11:ec:1e:48:80:ed:73:3f:9d:84:ab:88:fb:
dc:96:f9:ec:00:67:1c:4a:6e:55:78:e8:79:3c:ad:
6c:5d:ce:a9:af:7b:a2:1d:b7:82:ff:81:b0:f7:fd:
76:68:cc:99:c7:2a:0d:ff:16:66:25:72:a4:9d:6a:
72:33:05:0c:7b:49:94:3b:99:75:f9:83:ac:77:e0:
3c:76:8f:14:9a:e4:cf:08:37:cc:df:d6:e3:1b:2e:
65:5b:fd:26:bc:d6:92:b0:fb:ad:f2:2f:f1:55:ce:
ba:04:f0:f4:ee:f6:e1:78:59:91:e8:a6:18:fa:93:
89:d7:62:4a:c9:39:45:b0:17:ef:e7:a9:0f:a7:be:
e5:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:77:55:F7:6D:4C:27:D1:E7:53:48:3C:21:B8:F9:EA:3A:82:1D:E7
X509v3 Authority Key Identifier:
keyid:F6:2E:EB:87:90:85:C9:41:94:29:7D:D9:E4:CD:24:9C:D2:51:65:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/MXdV921MJ9HnU0g8Ibj56jqCHec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.195.0.0/24
159.195.90.0/24
159.195.155.0/24
IPv6:
2a0a:4cc0::/43
2a0a:4cc0:40::/43
2a0a:4cc0:80::/43
2a0a:4cc0:c0::/43
2a0a:4cc0:2000::/48
Signature Algorithm: sha256WithRSAEncryption
4e:15:24:5b:c5:9f:26:37:77:a7:2f:bd:d0:86:9c:4a:4c:b2:
1e:bd:a2:a4:ed:17:c4:5c:4d:30:a5:ca:5b:28:54:17:4b:44:
9a:87:3b:ca:26:01:e6:a7:4f:72:05:c6:bd:46:67:24:d7:20:
79:7f:12:4e:0a:ea:bf:14:78:cc:85:99:a8:f0:b6:de:cf:10:
8f:73:68:ec:c5:f8:f4:86:aa:07:52:ad:3b:3d:8f:3e:e2:b4:
9c:ad:22:d3:b4:65:fd:c3:c8:11:3c:43:7b:99:94:ab:c5:ec:
5f:60:b3:a3:8f:e3:b1:48:45:b2:c5:c1:50:20:f1:cd:93:e3:
8e:f1:78:38:ae:72:4a:8f:e1:45:0d:de:ee:bf:93:b3:5a:da:
43:87:94:32:34:7f:12:5a:af:75:87:c3:ef:29:da:f4:e9:32:
97:a4:86:98:51:f7:f6:97:f4:82:65:fc:ae:84:37:0c:f8:09:
38:2f:fe:4d:88:0c:ad:13:bb:02:b4:42:99:e1:d9:cf:92:fb:
db:98:0d:5a:3e:9b:87:5d:d6:be:ab:5c:3d:13:f0:4d:6a:89:
f9:b9:4c:d7:70:8e:6a:a4:9d:17:6e:e6:3b:3c:4e:7d:93:07:
7e:2f:ad:11:03:15:63:a1:ed:91:8a:cf:24:83:63:29:c5:8e:
a9:a6:d9:2d
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZ4Hnz1VRVor4dckEiLmkYHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MmVlYjg3OTA4NWM5NDE5NDI5N2RkOWU0Y2QyNDljZDI1
MTY1MTUwHhcNMjYwNTA4MTI0NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTc3NTVmNzZkNGMyN2QxZTc1MzQ4M2MyMWI4ZjllYTNhODIxZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA44WSRtA2d8Brz0qErSJqSEbLsMTG
sGiQkWWJ8U4bViqQlUqRCUR7z60nDnIRm+M2rsCn0cXNXnkLDpbMc1bbVFELru6b
jWrqN9R8RVSZQUZafJsRRX7K6rFUkWyVVZGlObQCdZQjqqTy1fjodpjEvbTzi/R2
ROUjGhHsHkiA7XM/nYSriPvclvnsAGccSm5VeOh5PK1sXc6pr3uiHbeC/4Gw9/12
aMyZxyoN/xZmJXKknWpyMwUMe0mUO5l1+YOsd+A8do8UmuTPCDfM39bjGy5lW/0m
vNaSsPut8i/xVc66BPD07vbheFmR6KYY+pOJ12JKyTlFsBfv56kPp77l2wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDF3VfdtTCfR51NIPCG4+eo6gh3nMB8GA1UdIwQY
MBaAFPYu64eQhclBlCl92eTNJJzSUWUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWk3cmg1Q0Z5VUdVS1gzWjVNMGtuTkpSWlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85MWRhOGItMDUwMi00OGRmLTg1MzIt
NWZiZjlhMjliNmUxLzEvTVhkVjkyMU1KOUhuVTBnOEliajU2anFDSGVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85MWRhOGItMDUwMi00OGRmLTg1MzItNWZiZjlhMjliNmUx
LzEvOWk3cmg1Q0Z5VUdVS1gzWjVNMGtuTkpSWlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAYBAIAATASAwQAn8MAAwQA
n8NaAwQAn8ObMDMEAgACMC0DBwUqCkzAAAADBwUqCkzAAEADBwUqCkzAAIADBwUq
CkzAAMADBwAqCkzAIAAwDQYJKoZIhvcNAQELBQADggEBAE4VJFvFnyY3d6cvvdCG
nEpMsh69oqTtF8RcTTClylsoVBdLRJqHO8omAeanT3IFxr1GZyTXIHl/Ek4K6r8U
eMyFmajwtt7PEI9zaOzF+PSGqgdSrTs9jz7itJytItO0Zf3DyBE8Q3uZlKvF7F9g
s6OP47FIRbLFwVAg8c2T447xeDiuckqP4UUN3u6/k7Na2kOHlDI0fxJar3WHw+8p
2vTpMpekhphR9/aX9IJl/K6ENwz4CTgv/k2IDK0TuwK0Qpnh2c+S+9uYDVo+m4dd
1r6rXD0T8E1qifm5TNdwjmqknRdu5js8Tn2TB34vrREDFWOh7ZGKzySDYynFjqmm
2S0=
-----END CERTIFICATE-----
Generated at Wed May 13 07:52:45 2026 by rpki-client