
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/pMAQCVNkPSRH_CBfHnLj9SWOU5w.roa
File: pMAQCVNkPSRH_CBfHnLj9SWOU5w.roa (raw, json)
Hash identifier: KKUudvbbbYbJdUkQGRngDn+KqBMSDxTbsA1BJV05K2s=
Subject key identifier: A4:C0:10:09:53:64:3D:24:47:FC:20:5F:1E:72:E3:F5:25:8E:53:9C
Certificate issuer: /CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Certificate serial: 019F137FDFD079102B8185FBC67432DFD1CB
Authority key identifier: 31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/pMAQCVNkPSRH_CBfHnLj9SWOU5w.roa
Signing time: Mon 29 Jun 2026 13:09:35 +0000
ROA not before: Mon 29 Jun 2026 13:09:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47217
IP address blocks: 5.100.233.0/24 maxlen: 24
94.142.149.0/24 maxlen: 24
212.103.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:13:7f:df:d0:79:10:2b:81:85:fb:c6:74:32:df:d1:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Validity
Not Before: Jun 29 13:09:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a4c0100953643d2447fc205f1e72e3f5258e539c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b3:cf:d6:f3:a3:27:8b:6f:4b:79:44:4c:12:
c9:8a:2e:ed:1b:f4:82:72:c2:e9:10:3f:73:51:32:
6b:b3:d1:29:28:41:0b:06:7e:19:c2:a8:7f:63:fd:
8e:20:e6:03:08:c1:5e:36:e2:b9:b2:37:48:2f:21:
54:1c:da:eb:96:42:9e:9a:16:ad:30:df:2a:d6:1f:
00:5f:6c:d0:8f:f6:ec:b7:32:87:b4:82:13:12:75:
44:48:fa:8f:35:d7:0f:e5:d8:7b:26:d3:4f:72:69:
e3:c4:80:68:a1:9a:de:f6:04:f1:75:66:f9:a3:30:
c8:96:03:87:e0:27:ff:11:57:af:88:06:93:67:d7:
0c:14:4c:61:d1:ec:18:d6:a8:c9:a9:1d:40:66:e1:
7e:18:35:8c:4f:82:db:42:18:e5:78:ce:ff:c4:06:
c5:2d:3a:f7:a5:9b:81:ae:9c:f3:85:2a:ea:0d:03:
17:e8:ac:e2:08:5c:30:26:20:71:bf:3f:0e:73:07:
ca:62:91:3a:4e:4f:bf:6c:05:61:6f:6c:c2:f8:2b:
bb:12:62:ca:f1:a3:1b:62:86:19:43:c5:c3:5e:c9:
fb:bd:67:75:ff:69:10:14:11:ef:b8:91:27:0c:96:
9f:35:c8:45:4c:af:c0:de:c2:95:6a:12:59:7b:a5:
d0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:C0:10:09:53:64:3D:24:47:FC:20:5F:1E:72:E3:F5:25:8E:53:9C
X509v3 Authority Key Identifier:
keyid:31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/pMAQCVNkPSRH_CBfHnLj9SWOU5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.233.0/24
94.142.149.0/24
212.103.202.0/24
Signature Algorithm: sha256WithRSAEncryption
42:07:d4:a9:1c:77:88:c9:d7:c5:f7:b7:2e:f2:5b:71:c8:4f:
b5:66:d3:3d:58:ce:25:4f:7c:dd:8b:37:d6:e5:ef:9d:4e:e1:
78:9c:ea:2b:be:fc:c1:05:2c:3e:d5:43:6b:c0:76:f1:99:ca:
d5:b0:ce:22:d1:4c:2e:5f:fe:87:9f:1b:3f:03:e7:a8:07:b9:
d7:29:fa:8d:81:49:58:a1:40:a5:e6:92:e0:e4:12:f5:a9:1c:
fe:f0:12:b6:a7:3a:81:37:a5:96:d1:13:c6:9f:55:0e:b3:19:
a1:c3:5d:3d:c8:ef:42:34:1b:17:c4:84:25:5c:ac:e9:f0:85:
71:f2:a5:fb:26:71:d3:43:61:8d:41:7e:70:ef:1f:a7:fa:1b:
36:ba:ab:a8:6c:52:ec:24:62:5c:d8:e7:70:1a:f1:82:0a:4d:
23:17:e3:e5:fc:ae:f0:78:1c:2c:aa:52:b8:6c:0b:1e:b8:2f:
73:7f:2d:5d:85:2b:3d:56:15:90:d3:80:70:a7:cb:9c:df:90:
20:36:26:b4:2c:fe:85:b0:f2:aa:6d:d2:e8:50:cc:de:8b:54:
c8:a6:bf:97:2b:c9:fc:f9:a1:4a:fe:16:db:f4:29:44:68:fe:
78:6a:59:4c:34:b8:17:90:25:10:49:2c:aa:55:dd:f6:ab:72:
22:2d:0c:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ8Tf9/QeRArgYX7xnQy39HLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYjBmNjRjNjlkMzMwYjY2ZWJjZDAzYTliZjBmZGMxOWYz
MTQ3ZDgwHhcNMjYwNjI5MTMwOTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGMwMTAwOTUzNjQzZDI0NDdmYzIwNWYxZTcyZTNmNTI1OGU1MzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7PP1vOjJ4tvS3lETBLJii7tG/SC
csLpED9zUTJrs9EpKEELBn4Zwqh/Y/2OIOYDCMFeNuK5sjdILyFUHNrrlkKemhat
MN8q1h8AX2zQj/bstzKHtIITEnVESPqPNdcP5dh7JtNPcmnjxIBooZre9gTxdWb5
ozDIlgOH4Cf/EVeviAaTZ9cMFExh0ewY1qjJqR1AZuF+GDWMT4LbQhjleM7/xAbF
LTr3pZuBrpzzhSrqDQMX6KziCFwwJiBxvz8OcwfKYpE6Tk+/bAVhb2zC+Cu7EmLK
8aMbYoYZQ8XDXsn7vWd1/2kQFBHvuJEnDJafNchFTK/A3sKVahJZe6XQ/wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKTAEAlTZD0kR/wgXx5y4/UljlOcMB8GA1UdIwQY
MBaAFDGw9kxp0zC2brzQOpvw/cGfMUfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWJEMlRHblRNTFp1dk5BNm1fRDl3Wjh4UjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8yZmI0NzMtOGU2Yi00ZjBkLWFkMzAt
ZDQ5MzQ0OTNhNjc5LzEvcE1BUUNWTmtQU1JIX0NCZkhuTGo5U1dPVTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8yZmI0NzMtOGU2Yi00ZjBkLWFkMzAtZDQ5MzQ0OTNhNjc5
LzEvTWJEMlRHblRNTFp1dk5BNm1fRDl3Wjh4UjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABWTpAwQA
Xo6VAwQA1GfKMA0GCSqGSIb3DQEBCwUAA4IBAQBCB9SpHHeIydfF97cu8ltxyE+1
ZtM9WM4lT3zdizfW5e+dTuF4nOorvvzBBSw+1UNrwHbxmcrVsM4i0UwuX/6Hnxs/
A+eoB7nXKfqNgUlYoUCl5pLg5BL1qRz+8BK2pzqBN6WW0RPGn1UOsxmhw109yO9C
NBsXxIQlXKzp8IVx8qX7JnHTQ2GNQX5w7x+n+hs2uquobFLsJGJc2OdwGvGCCk0j
F+Pl/K7weBwsqlK4bAseuC9zfy1dhSs9VhWQ04Bwp8uc35AgNia0LP6FsPKqbdLo
UMzei1TIpr+XK8n8+aFK/hbb9ClEaP54allMNLgXkCUQSSyqVd32q3IiLQwP
-----END CERTIFICATE-----
Generated at Wed Jul 1 00:12:09 2026 by rpki-client