Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/MvNOIexf0DPR_5mX9o8MNfNjKaM.roa
File: MvNOIexf0DPR_5mX9o8MNfNjKaM.roa (raw, json)
Hash identifier: 6YwOd7aw3VJRR9QWyvpTt/Nkk6e29quTwQwRnUi5Iic=
Subject key identifier: 32:F3:4E:21:EC:5F:D0:33:D1:FF:99:97:F6:8F:0C:35:F3:63:29:A3
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 019DD88E2BA00E30E5550D2BC0BFCE83C820
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/MvNOIexf0DPR_5mX9o8MNfNjKaM.roa
Signing time: Wed 29 Apr 2026 09:24:49 +0000
ROA not before: Wed 29 Apr 2026 09:24:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203963
IP address blocks: 31.133.80.0/22 maxlen: 24
31.133.88.0/22 maxlen: 24
176.103.224.0/22 maxlen: 24
176.103.232.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d8:8e:2b:a0:0e:30:e5:55:0d:2b:c0:bf:ce:83:c8:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Apr 29 09:24:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=32f34e21ec5fd033d1ff9997f68f0c35f36329a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7e:34:e9:a7:b0:52:ce:0a:54:69:c1:12:56:
d7:fc:29:8d:17:99:bf:46:66:00:bc:82:52:6a:e7:
7e:ad:cd:1b:74:54:25:08:14:51:6d:10:1b:57:8d:
45:3e:cb:c2:14:0e:ca:35:cf:74:95:ee:13:0e:af:
b7:8d:85:2d:f9:7d:56:89:ba:2a:13:8c:1d:78:46:
61:4f:ae:24:d8:17:c9:59:fb:56:da:17:ca:af:7b:
89:2e:39:9a:63:35:51:f6:d5:be:0c:30:01:c5:31:
c4:71:ec:f5:27:7c:7f:f4:0b:30:44:29:40:a7:d2:
8d:fa:bc:0b:77:75:8c:0d:97:f4:28:9f:b8:41:20:
ac:9d:11:5b:55:f2:da:2c:5f:5f:f5:df:56:aa:2a:
88:0d:9a:34:da:ab:ab:42:c8:90:4e:58:7c:aa:23:
f0:7a:64:04:43:d8:f8:74:95:02:3d:26:fb:29:96:
d8:39:bf:33:bd:5e:b9:7b:62:ff:5e:05:d5:d6:9a:
84:ea:a7:20:ba:64:6a:c1:af:f1:3d:6a:8f:9b:db:
0e:1f:ed:08:b2:87:7d:d2:23:5f:88:15:da:3d:95:
48:64:ae:31:41:58:e7:2f:9d:2b:e2:79:26:11:27:
29:fe:e8:95:30:fd:65:d7:d1:40:66:23:2a:67:23:
03:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F3:4E:21:EC:5F:D0:33:D1:FF:99:97:F6:8F:0C:35:F3:63:29:A3
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/MvNOIexf0DPR_5mX9o8MNfNjKaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.80.0/22
31.133.88.0/22
176.103.224.0/22
176.103.232.0/22
Signature Algorithm: sha256WithRSAEncryption
82:a6:3e:85:30:d5:79:2d:4d:56:18:d6:2f:1e:21:49:3a:96:
6d:ef:95:c4:bc:06:c9:ea:04:f1:3f:63:fb:11:82:8d:9e:bf:
45:be:bf:55:e3:09:f3:4a:a9:fd:5d:21:c3:ff:87:87:ac:c4:
4a:44:2d:81:42:2b:3e:a7:b1:bc:28:94:82:f7:f0:4f:07:77:
f4:74:50:ed:79:45:79:9d:5f:04:79:6e:a9:0e:84:bd:10:c4:
68:fb:a5:46:a2:f0:3b:1f:8f:fc:cb:c1:bc:77:45:d8:24:bb:
43:89:0c:e3:8c:05:85:69:e8:af:68:fb:83:d0:96:94:fa:21:
4b:93:cf:79:12:3d:7f:4b:84:3c:38:11:b3:f3:af:78:b6:d5:
eb:98:aa:75:5b:ea:71:77:bb:a5:26:1d:02:9b:78:19:23:c9:
c3:c2:63:60:21:9d:99:86:5e:16:89:9e:cb:e2:c0:d3:ac:cf:
84:94:8a:2e:95:c5:45:b9:f4:94:0c:d4:b7:c7:5d:4f:5e:35:
7a:40:83:b0:63:64:b7:8c:cc:60:13:1f:bc:54:9f:b3:e3:33:
f7:32:2c:48:fd:69:75:2d:b4:05:ad:91:3b:3a:f1:0d:36:dc:
15:31:e1:35:48:18:56:ec:5f:05:ec:57:91:a0:c0:fe:5d:fc:
07:9c:7b:b8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3YjiugDjDlVQ0rwL/Og8ggMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjYwNDI5MDkyNDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmYzNGUyMWVjNWZkMDMzZDFmZjk5OTdmNjhmMGMzNWYzNjMyOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3406aewUs4KVGnBElbX/CmNF5m/
RmYAvIJSaud+rc0bdFQlCBRRbRAbV41FPsvCFA7KNc90le4TDq+3jYUt+X1Wiboq
E4wdeEZhT64k2BfJWftW2hfKr3uJLjmaYzVR9tW+DDABxTHEcez1J3x/9AswRClA
p9KN+rwLd3WMDZf0KJ+4QSCsnRFbVfLaLF9f9d9WqiqIDZo02qurQsiQTlh8qiPw
emQEQ9j4dJUCPSb7KZbYOb8zvV65e2L/XgXV1pqE6qcgumRqwa/xPWqPm9sOH+0I
sod90iNfiBXaPZVIZK4xQVjnL50r4nkmEScp/uiVMP1l19FAZiMqZyMDewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDLzTiHsX9Az0f+Zl/aPDDXzYymjMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvTXZOT0lleGYwRFBSXzVtWDlvOE1OZk5qS2FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH4VQAwQC
H4VYAwQCsGfgAwQCsGfoMA0GCSqGSIb3DQEBCwUAA4IBAQCCpj6FMNV5LU1WGNYv
HiFJOpZt75XEvAbJ6gTxP2P7EYKNnr9Fvr9V4wnzSqn9XSHD/4eHrMRKRC2BQis+
p7G8KJSC9/BPB3f0dFDteUV5nV8EeW6pDoS9EMRo+6VGovA7H4/8y8G8d0XYJLtD
iQzjjAWFaeivaPuD0JaU+iFLk895Ej1/S4Q8OBGz8694ttXrmKp1W+pxd7ulJh0C
m3gZI8nDwmNgIZ2Zhl4WiZ7L4sDTrM+ElIoulcVFufSUDNS3x11PXjV6QIOwY2S3
jMxgEx+8VJ+z4zP3MixI/Wl1LbQFrZE7OvENNtwVMeE1SBhW7F8F7FeRoMD+XfwH
nHu4
-----END CERTIFICATE-----
Generated at Wed May 6 04:11:43 2026 by rpki-client