Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/MXxB8CNpDAIx8mwfrj7VeXKYpB8.roa
File: MXxB8CNpDAIx8mwfrj7VeXKYpB8.roa (raw, json)
Hash identifier: EltR9XgNTj9jKy0CV+Z10iYbgpPCkgGBhTqaYwyJ1h0=
Subject key identifier: 31:7C:41:F0:23:69:0C:02:31:F2:6C:1F:AE:3E:D5:79:72:98:A4:1F
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 019ED30FEE42C2894FCCB1188C8C8110D163
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/MXxB8CNpDAIx8mwfrj7VeXKYpB8.roa
Signing time: Wed 17 Jun 2026 00:51:37 +0000
ROA not before: Wed 17 Jun 2026 00:51:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3257
IP address blocks: 138.226.16.0/20 maxlen: 20
138.226.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Jun 2026 08:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d3:0f:ee:42:c2:89:4f:cc:b1:18:8c:8c:81:10:d1:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Jun 17 00:51:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=317c41f023690c0231f26c1fae3ed5797298a41f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a0:04:9e:af:0d:dd:ee:7b:91:f9:43:7d:6c:
8a:d5:dd:a8:74:4b:5d:24:79:98:3c:27:f1:4a:c8:
dc:8f:f6:b9:85:61:0e:b1:b9:9b:73:1a:1a:80:a8:
3e:07:c0:53:1d:bf:c6:a8:23:af:22:7b:00:be:0e:
82:27:34:ca:6a:56:c2:81:3a:24:c7:8d:da:75:9a:
69:77:14:51:46:9c:66:5e:92:ec:34:26:b1:2e:ae:
be:30:0c:2e:82:99:12:a6:27:c9:35:1e:05:8a:92:
0b:38:db:7a:d7:ac:3e:c8:dd:dc:24:a0:c3:cc:99:
fa:46:58:46:1b:14:2f:36:bb:cc:74:da:6f:29:9f:
6d:0d:4d:da:20:1e:76:bf:84:cd:40:a7:5a:05:9f:
5e:26:af:80:94:92:10:da:5b:23:21:01:d3:55:ba:
27:a1:a0:b4:d8:01:b8:30:a5:9a:58:81:10:4d:4c:
3e:b3:8c:22:db:6d:94:8f:4d:24:cf:01:bc:21:c3:
54:77:7a:51:62:fb:00:5e:83:88:9e:68:c0:3f:6c:
ea:c9:ed:08:8e:17:ec:0b:51:52:98:a2:9a:73:f4:
3c:87:40:8f:37:18:5e:26:49:5e:97:e8:e4:33:66:
1c:5b:05:25:83:34:2b:3a:4e:a4:9e:59:63:42:13:
20:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:7C:41:F0:23:69:0C:02:31:F2:6C:1F:AE:3E:D5:79:72:98:A4:1F
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/MXxB8CNpDAIx8mwfrj7VeXKYpB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.226.16.0/20
138.226.96.0/20
Signature Algorithm: sha256WithRSAEncryption
5e:19:db:bf:62:f4:cb:71:36:ff:1c:37:d7:23:05:71:71:b1:
f1:c1:59:07:b1:0c:40:19:56:3a:7e:90:07:36:7b:6e:ca:15:
5f:94:e5:fa:b9:c4:4e:ae:f0:f1:32:6f:7d:65:7e:1f:01:03:
2d:35:72:a4:54:06:1d:60:7c:db:a0:f0:61:d0:1d:09:92:98:
34:29:12:e9:8c:c2:30:dc:e3:b0:6a:62:3e:db:7a:7b:91:06:
8c:a4:34:0e:88:14:cb:7e:3b:76:0f:2e:c3:38:93:13:42:3a:
1e:32:f0:e0:f5:e5:ce:d5:71:05:b0:28:f1:43:92:40:bd:1e:
6a:25:0e:d1:63:99:5a:ce:af:65:11:95:35:d7:49:dd:1a:70:
c7:94:8a:cc:ac:38:90:f3:df:6f:2b:0a:dd:2b:43:2b:d0:6a:
5e:62:a3:48:64:58:40:20:7d:2b:fb:57:e0:7b:3e:0b:70:72:
99:b0:1d:5d:0c:6a:41:12:df:07:41:bd:4e:40:fc:a2:6e:34:
b9:b4:74:47:a6:d2:2e:a3:01:30:f7:fa:c7:92:fa:e1:89:78:
ff:3d:02:c9:85:29:b7:fa:55:c0:55:42:85:81:81:79:90:76:
e0:0c:40:6f:b5:f9:51:23:b7:4a:bc:03:eb:92:d2:05:71:7e:
cc:0e:ab:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ7TD+5CwolPzLEYjIyBENFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjYwNjE3MDA1MTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTdjNDFmMDIzNjkwYzAyMzFmMjZjMWZhZTNlZDU3OTcyOThhNDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKAEnq8N3e57kflDfWyK1d2odEtd
JHmYPCfxSsjcj/a5hWEOsbmbcxoagKg+B8BTHb/GqCOvInsAvg6CJzTKalbCgTok
x43adZppdxRRRpxmXpLsNCaxLq6+MAwugpkSpifJNR4FipILONt616w+yN3cJKDD
zJn6RlhGGxQvNrvMdNpvKZ9tDU3aIB52v4TNQKdaBZ9eJq+AlJIQ2lsjIQHTVbon
oaC02AG4MKWaWIEQTUw+s4wi222Uj00kzwG8IcNUd3pRYvsAXoOInmjAP2zqye0I
jhfsC1FSmKKac/Q8h0CPNxheJklel+jkM2YcWwUlgzQrOk6knlljQhMgzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDF8QfAjaQwCMfJsH64+1XlymKQfMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvTVh4QjhDTnBEQUl4OG13ZnJqN1ZlWEtZcEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEiuIQAwQE
iuJgMA0GCSqGSIb3DQEBCwUAA4IBAQBeGdu/YvTLcTb/HDfXIwVxcbHxwVkHsQxA
GVY6fpAHNntuyhVflOX6ucROrvDxMm99ZX4fAQMtNXKkVAYdYHzboPBh0B0Jkpg0
KRLpjMIw3OOwamI+23p7kQaMpDQOiBTLfjt2Dy7DOJMTQjoeMvDg9eXO1XEFsCjx
Q5JAvR5qJQ7RY5lazq9lEZU110ndGnDHlIrMrDiQ899vKwrdK0Mr0GpeYqNIZFhA
IH0r+1fgez4LcHKZsB1dDGpBEt8HQb1OQPyibjS5tHRHptIuowEw9/rHkvrhiXj/
PQLJhSm3+lXAVUKFgYF5kHbgDEBvtflRI7dKvAPrktIFcX7MDqsZ
-----END CERTIFICATE-----
Generated at Thu Jun 25 14:15:39 2026 by rpki-client