Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/MJtGqW7EBoBUv03MjLuA1rZGnFk.roa
File: MJtGqW7EBoBUv03MjLuA1rZGnFk.roa (raw, json)
Hash identifier: JHIhHbc+O3brVI4S29z9gJ9Jp7NY0cEpDDfJ3vUoSrQ=
Subject key identifier: 30:9B:46:A9:6E:C4:06:80:54:BF:4D:CC:8C:BB:80:D6:B6:46:9C:59
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 01992AD71B85455CB5A46F5A71161913FE85
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/MJtGqW7EBoBUv03MjLuA1rZGnFk.roa
Signing time: Mon 08 Sep 2025 19:39:23 +0000
ROA not before: Mon 08 Sep 2025 19:39:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205949
IP address blocks: 144.56.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 08:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2a:d7:1b:85:45:5c:b5:a4:6f:5a:71:16:19:13:fe:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Sep 8 19:39:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=309b46a96ec4068054bf4dcc8cbb80d6b6469c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2c:73:49:70:a7:b1:82:c4:54:23:56:55:af:
97:6d:13:5a:b6:26:f8:f6:0f:1d:d6:00:71:5f:b7:
4c:f2:65:f0:f9:1c:4d:86:da:81:78:79:1a:39:1f:
c9:81:3c:8f:d4:45:40:1b:81:e3:76:2b:3e:15:e5:
39:70:17:09:ce:d8:fc:61:44:11:86:f9:19:14:6e:
e2:0a:87:18:e1:cb:b7:f8:64:c6:5a:05:bb:cf:b7:
ff:ae:c6:c2:e7:96:49:33:83:40:46:1a:04:a0:11:
93:69:6a:6f:da:c0:7a:83:01:9c:ba:10:6f:a7:96:
58:93:d5:e6:01:7a:27:c3:bf:12:cc:a8:80:63:1b:
50:6c:ec:ad:08:64:be:ae:bd:73:40:ac:72:b6:3e:
50:4d:58:aa:23:36:04:82:6f:ef:60:71:f3:3a:ed:
2a:14:07:d7:ad:78:b0:b4:57:bc:dd:6f:3a:06:a0:
ca:e0:bc:6a:40:ed:04:a9:0e:49:99:17:9a:29:d0:
aa:47:66:66:05:e0:11:f5:85:fe:95:e0:65:67:b1:
dd:3a:2c:39:ab:0a:83:07:41:db:2e:ca:f0:24:85:
bf:73:6c:a0:72:3b:b1:00:f4:c9:02:2c:c2:06:02:
d3:b5:45:25:50:0b:1a:53:c7:e4:30:03:99:e7:8e:
9c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9B:46:A9:6E:C4:06:80:54:BF:4D:CC:8C:BB:80:D6:B6:46:9C:59
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/MJtGqW7EBoBUv03MjLuA1rZGnFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.88.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:b9:25:37:71:d1:e5:35:9c:54:46:2b:a3:67:5e:cd:11:48:
cc:5c:c2:b2:79:1b:ae:bd:89:08:26:f3:f7:d9:2d:e6:f4:5d:
b0:73:91:4f:a4:78:00:b1:09:a7:88:e4:a6:f4:db:06:21:3f:
91:e6:0c:00:5e:fd:38:0d:aa:72:13:a3:ba:bc:f4:fd:f9:08:
27:33:d2:57:a0:28:23:99:88:07:15:b4:12:ca:96:81:47:d0:
18:ee:fe:5c:a1:f8:6d:87:94:ff:06:df:b6:b6:2c:51:3c:3e:
d1:11:de:f8:ac:7f:e8:46:da:76:43:89:ae:de:64:5a:21:f8:
fc:fc:c6:e5:8f:6e:fc:7b:11:ac:c6:18:00:38:ab:6f:7f:80:
a3:d1:26:2f:0d:ae:b1:75:63:25:da:5f:21:ae:9c:bc:ad:6c:
27:6c:a2:1a:9f:a1:15:14:bc:fc:58:a1:f8:fc:f6:fd:eb:a0:
26:8b:d7:dd:f5:f5:ee:cc:52:be:8d:d1:bb:11:e9:29:0c:ec:
4c:1a:be:ba:ba:d6:25:81:c8:15:89:1b:c0:b3:5a:79:61:e5:
d7:d1:58:03:00:64:df:00:8b:9a:67:7c:05:92:2d:10:1d:e7:
1f:98:8a:15:01:ff:17:23:a1:90:55:b0:e8:2e:b5:bc:79:0f:
29:6b:3f:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZkq1xuFRVy1pG9acRYZE/6FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwOTA4MTkzOTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDliNDZhOTZlYzQwNjgwNTRiZjRkY2M4Y2JiODBkNmI2NDY5YzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzixzSXCnsYLEVCNWVa+XbRNatib4
9g8d1gBxX7dM8mXw+RxNhtqBeHkaOR/JgTyP1EVAG4Hjdis+FeU5cBcJztj8YUQR
hvkZFG7iCocY4cu3+GTGWgW7z7f/rsbC55ZJM4NARhoEoBGTaWpv2sB6gwGcuhBv
p5ZYk9XmAXonw78SzKiAYxtQbOytCGS+rr1zQKxytj5QTViqIzYEgm/vYHHzOu0q
FAfXrXiwtFe83W86BqDK4LxqQO0EqQ5JmReaKdCqR2ZmBeAR9YX+leBlZ7HdOiw5
qwqDB0HbLsrwJIW/c2ygcjuxAPTJAizCBgLTtUUlUAsaU8fkMAOZ546cBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCbRqluxAaAVL9NzIy7gNa2RpxZMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvTUp0R3FXN0VCb0JVdjAzTWpMdUExclpHbkZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkDhYMA0G
CSqGSIb3DQEBCwUAA4IBAQB+uSU3cdHlNZxURiujZ17NEUjMXMKyeRuuvYkIJvP3
2S3m9F2wc5FPpHgAsQmniOSm9NsGIT+R5gwAXv04DapyE6O6vPT9+QgnM9JXoCgj
mYgHFbQSypaBR9AY7v5cofhth5T/Bt+2tixRPD7REd74rH/oRtp2Q4mu3mRaIfj8
/Mblj278exGsxhgAOKtvf4Cj0SYvDa6xdWMl2l8hrpy8rWwnbKIan6EVFLz8WKH4
/Pb966Ami9fd9fXuzFK+jdG7EekpDOxMGr66utYlgcgViRvAs1p5YeXX0VgDAGTf
AIuaZ3wFki0QHecfmIoVAf8XI6GQVbDoLrW8eQ8paz/C
-----END CERTIFICATE-----
Generated at Thu Sep 18 12:29:45 2025 by rpki-client