Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/MajfXDBPJ-8bvfu1umqM-S8pvBQ.roa
File: MajfXDBPJ-8bvfu1umqM-S8pvBQ.roa (raw, json)
Hash identifier: CEHYz4QAd7itD4+ik6D1h+9KZ5OjbrSY9iGAJ+cByd0=
Subject key identifier: 31:A8:DF:5C:30:4F:27:EF:1B:BD:FB:B5:BA:6A:8C:F9:2F:29:BC:14
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 0198F5C9715E63162E8663006385A2098E41
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/MajfXDBPJ-8bvfu1umqM-S8pvBQ.roa
Signing time: Fri 29 Aug 2025 12:24:36 +0000
ROA not before: Fri 29 Aug 2025 12:24:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.243.0/24 maxlen: 24
88.218.250.0/24 maxlen: 24
193.28.183.0/24 maxlen: 24
194.147.88.0/24 maxlen: 24
194.156.94.0/24 maxlen: 24
194.169.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 00:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f5:c9:71:5e:63:16:2e:86:63:00:63:85:a2:09:8e:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Aug 29 12:24:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31a8df5c304f27ef1bbdfbb5ba6a8cf92f29bc14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:26:4e:cf:e0:4a:e4:c6:12:54:84:f7:62:3b:
d5:61:08:1b:38:45:32:1a:4c:37:e1:4e:6a:72:59:
89:6b:21:77:15:08:b5:d8:4e:c8:e3:7e:7c:30:06:
a2:d2:bf:c0:57:14:f4:29:de:ee:80:f9:89:44:fb:
76:18:21:c4:4c:93:70:e3:6d:c6:e7:f6:b8:eb:06:
78:e5:51:14:06:72:c7:5c:b8:54:1d:85:b2:69:45:
b5:7f:4b:96:82:e1:f8:90:1d:3c:db:cb:60:47:14:
4e:47:7d:16:74:a2:d2:7e:fc:98:ef:b5:de:91:86:
58:34:bb:15:94:94:57:8d:9a:b6:1d:c5:50:ec:4a:
c4:a0:a0:e6:57:bc:6f:4b:c7:13:f1:90:94:58:40:
52:61:58:48:e7:67:fb:d5:a5:4a:53:61:15:6e:84:
41:67:ac:47:c9:9a:ea:e4:9a:e9:59:e9:8d:f7:6e:
72:98:6a:f1:56:74:a1:d2:4a:19:2d:05:b1:4d:c1:
c3:29:7a:3f:91:4d:f2:04:bd:39:a9:85:9c:99:85:
82:d9:45:6a:63:a9:32:ba:c0:34:2e:1e:c2:eb:53:
1b:55:b2:90:6f:fa:24:a1:46:15:0a:a8:02:3b:06:
b6:b2:c3:5a:1a:a8:9f:bb:52:b3:26:0a:b9:f7:b0:
4e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A8:DF:5C:30:4F:27:EF:1B:BD:FB:B5:BA:6A:8C:F9:2F:29:BC:14
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/MajfXDBPJ-8bvfu1umqM-S8pvBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.243.0/24
88.218.250.0/24
193.28.183.0/24
194.147.88.0/24
194.156.94.0/24
194.169.86.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:18:8b:ed:9a:9e:d5:43:22:27:bb:8b:db:1c:15:de:73:49:
29:0c:58:f2:92:9d:90:7a:fe:c5:13:2a:bb:2f:cc:0f:0c:01:
d3:ab:bc:2c:94:03:bb:f3:8a:f2:de:86:d8:43:73:81:05:6d:
32:34:3c:be:79:50:d5:d4:41:83:9b:db:d5:95:f0:9d:ca:b1:
97:9d:4b:7f:96:09:bd:e8:ea:a2:fe:55:2e:99:32:fd:7f:f7:
c0:c6:19:a7:4c:37:86:86:68:6f:4a:e8:fb:0c:c4:a2:1a:86:
9f:8a:5d:d6:a7:ea:c1:61:fb:c8:4a:d1:71:ca:97:c7:1a:b7:
6d:78:d2:2b:3b:6a:bf:29:29:a2:8b:06:d8:30:32:0c:5a:ba:
b2:6f:21:92:c6:a5:4c:de:9c:1f:f9:76:52:68:35:68:47:27:
fd:43:a1:d3:b2:85:fc:61:e7:19:12:27:4b:64:55:42:9b:26:
a8:85:07:8d:07:b8:17:62:80:f6:57:d2:f3:dc:5f:b0:70:1a:
69:76:43:a1:ce:94:b2:6e:b2:a7:96:2b:e3:00:b7:3f:b4:6f:
77:db:fa:75:3a:e4:9b:08:af:9b:45:7f:02:62:6e:82:11:37:
73:ed:5a:3a:cb:bd:e9:20:ce:2b:3d:5f:e2:fe:03:cb:a5:20:
e9:ba:5d:39
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZj1yXFeYxYuhmMAY4WiCY5BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwODI5MTIyNDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWE4ZGY1YzMwNGYyN2VmMWJiZGZiYjViYTZhOGNmOTJmMjliYzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SZOz+BK5MYSVIT3YjvVYQgbOEUy
Gkw34U5qclmJayF3FQi12E7I4358MAai0r/AVxT0Kd7ugPmJRPt2GCHETJNw423G
5/a46wZ45VEUBnLHXLhUHYWyaUW1f0uWguH4kB0828tgRxROR30WdKLSfvyY77Xe
kYZYNLsVlJRXjZq2HcVQ7ErEoKDmV7xvS8cT8ZCUWEBSYVhI52f71aVKU2EVboRB
Z6xHyZrq5JrpWemN925ymGrxVnSh0koZLQWxTcHDKXo/kU3yBL05qYWcmYWC2UVq
Y6kyusA0Lh7C61MbVbKQb/okoUYVCqgCOwa2ssNaGqifu1KzJgq597BOqwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDGo31wwTyfvG737tbpqjPkvKbwUMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvTWFqZlhEQlBKLThidmZ1MXVtcU0tUzhwdkJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjjzAwQA
WNr6AwQAwRy3AwQAwpNYAwQAwpxeAwQAwqlWMA0GCSqGSIb3DQEBCwUAA4IBAQAc
GIvtmp7VQyInu4vbHBXec0kpDFjykp2Qev7FEyq7L8wPDAHTq7wslAO784ry3obY
Q3OBBW0yNDy+eVDV1EGDm9vVlfCdyrGXnUt/lgm96Oqi/lUumTL9f/fAxhmnTDeG
hmhvSuj7DMSiGoafil3Wp+rBYfvIStFxypfHGrdteNIrO2q/KSmiiwbYMDIMWrqy
byGSxqVM3pwf+XZSaDVoRyf9Q6HTsoX8YecZEidLZFVCmyaohQeNB7gXYoD2V9Lz
3F+wcBppdkOhzpSybrKnlivjALc/tG932/p1OuSbCK+bRX8CYm6CETdz7Vo6y73p
IM4rPV/i/gPLpSDpul05
-----END CERTIFICATE-----
Generated at Sat Sep 6 09:31:55 2025 by rpki-client