
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/MPzpEnc_NKGMglRjxz68QPLc1v0.roa
File: MPzpEnc_NKGMglRjxz68QPLc1v0.roa (raw, json)
Hash identifier: dgSlwD+UfhTLmc2/5Z+3vXkjdxMBiMr5vh6sZS4IVic=
Subject key identifier: 30:FC:E9:12:77:3F:34:A1:8C:82:54:63:C7:3E:BC:40:F2:DC:D6:FD
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 01998230893438044EF5F323B7B8E184E49E
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/MPzpEnc_NKGMglRjxz68QPLc1v0.roa
Signing time: Thu 25 Sep 2025 18:44:02 +0000
ROA not before: Thu 25 Sep 2025 18:44:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216127
IP address blocks: 77.239.96.0/22 maxlen: 24
144.31.200.0/23 maxlen: 24
185.184.120.0/24 maxlen: 24
185.184.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 05:11:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:82:30:89:34:38:04:4e:f5:f3:23:b7:b8:e1:84:e4:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Sep 25 18:44:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30fce912773f34a18c825463c73ebc40f2dcd6fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:cf:15:db:5d:b8:1d:c9:18:ce:93:14:45:4c:
6d:c9:df:f8:9e:f8:1a:d7:d1:12:87:bd:5a:78:6e:
c2:69:c1:94:71:ef:d5:c3:50:60:f5:3d:83:61:4d:
2d:f4:6f:4e:31:0f:d0:43:bf:82:cc:4c:25:c8:71:
ef:c7:ad:fd:12:81:4e:bb:e3:22:db:88:0f:9f:19:
b8:c9:77:c0:ee:1f:d3:b8:57:98:46:28:ce:ce:20:
79:cf:1f:fe:d2:36:a4:aa:69:61:d1:e0:63:20:ee:
d5:54:62:13:c4:96:2f:be:c3:0a:eb:33:29:32:5e:
0b:41:7c:e0:c6:7b:d9:ae:4b:86:53:ba:00:5a:ef:
c8:4d:b6:94:eb:a1:4f:66:3f:3c:0f:45:9c:5b:ff:
5a:fa:2f:46:6f:b0:e2:41:e6:80:67:5c:7a:d9:2d:
c8:c4:e2:19:30:1d:d9:e0:88:8b:32:38:6d:bc:16:
3e:48:8b:dc:c9:02:e6:5c:67:3c:c7:f4:ed:cc:b2:
17:d1:d1:63:33:3d:fd:57:02:e8:39:db:0d:c7:2b:
9e:08:0d:e8:0a:3e:98:2a:7f:2b:09:b0:f0:a5:7e:
ab:99:d3:e0:98:0c:c1:9c:fd:6e:59:8c:30:4a:37:
e9:be:d0:45:74:86:c3:f2:15:c0:2c:a5:22:74:a1:
ab:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:FC:E9:12:77:3F:34:A1:8C:82:54:63:C7:3E:BC:40:F2:DC:D6:FD
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/MPzpEnc_NKGMglRjxz68QPLc1v0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.239.96.0/22
144.31.200.0/23
185.184.120.0/23
Signature Algorithm: sha256WithRSAEncryption
40:02:b2:15:14:43:56:54:e8:a7:13:a2:c8:eb:29:a5:6a:3b:
e0:f3:3f:95:68:cf:e1:b7:02:6d:b6:e3:ff:02:a8:04:55:5c:
f8:18:5e:ac:79:6f:00:eb:96:0a:74:ff:c9:25:61:7f:fe:97:
c8:1e:9d:d1:71:3a:13:83:ef:41:4a:a3:d6:b9:1e:a3:98:28:
68:75:f5:5d:d1:46:3c:8d:df:c7:63:4d:e9:e4:c9:c5:84:52:
69:68:70:c0:9f:33:ab:1d:d9:0d:2f:22:c4:9f:b5:c2:31:bf:
35:6b:16:89:88:79:55:9a:d7:f6:a6:91:77:46:7d:fd:16:49:
db:9e:c9:e9:76:46:c4:67:77:6c:32:0f:ba:ac:09:66:f7:ec:
ee:fd:9d:98:5b:19:16:b2:5e:8e:d8:6d:2d:0f:5c:b3:07:74:
62:1d:95:7b:af:4a:37:62:a7:7f:65:54:48:d0:f5:e5:e9:3f:
28:36:02:aa:d9:11:31:87:21:24:94:ef:6e:ae:1a:5d:ec:3f:
4b:76:a3:f9:28:fd:01:5f:3d:08:06:c4:8e:90:46:c9:54:c7:
0f:81:3e:34:e0:ba:98:0a:c6:77:2e:fa:7f:28:85:8c:98:47:
3e:60:40:ae:d2:88:2f:0a:a3:47:a1:b3:79:51:88:c5:c9:6d:
e1:bb:1a:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZmCMIk0OARO9fMjt7jhhOSeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwOTI1MTg0NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGZjZTkxMjc3M2YzNGExOGM4MjU0NjNjNzNlYmM0MGYyZGNkNmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4s8V2124HckYzpMURUxtyd/4nvga
19ESh71aeG7CacGUce/Vw1Bg9T2DYU0t9G9OMQ/QQ7+CzEwlyHHvx639EoFOu+Mi
24gPnxm4yXfA7h/TuFeYRijOziB5zx/+0jakqmlh0eBjIO7VVGITxJYvvsMK6zMp
Ml4LQXzgxnvZrkuGU7oAWu/ITbaU66FPZj88D0WcW/9a+i9Gb7DiQeaAZ1x62S3I
xOIZMB3Z4IiLMjhtvBY+SIvcyQLmXGc8x/TtzLIX0dFjMz39VwLoOdsNxyueCA3o
Cj6YKn8rCbDwpX6rmdPgmAzBnP1uWYwwSjfpvtBFdIbD8hXALKUidKGrJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDD86RJ3PzShjIJUY8c+vEDy3Nb9MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvTVB6cEVuY19OS0dNZ2xSanh6NjhRUExjMXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCTe9gAwQB
kB/IAwQBubh4MA0GCSqGSIb3DQEBCwUAA4IBAQBAArIVFENWVOinE6LI6ymlajvg
8z+VaM/htwJttuP/AqgEVVz4GF6seW8A65YKdP/JJWF//pfIHp3RcToTg+9BSqPW
uR6jmChodfVd0UY8jd/HY03p5MnFhFJpaHDAnzOrHdkNLyLEn7XCMb81axaJiHlV
mtf2ppF3Rn39FknbnsnpdkbEZ3dsMg+6rAlm9+zu/Z2YWxkWsl6O2G0tD1yzB3Ri
HZV7r0o3Yqd/ZVRI0PXl6T8oNgKq2RExhyEklO9urhpd7D9LdqP5KP0BXz0IBsSO
kEbJVMcPgT404LqYCsZ3Lvp/KIWMmEc+YECu0ogvCqNHobN5UYjFyW3huxq2
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:28:47 2025 by rpki-client