Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/MJUSGXNaON5-u4HtTmGH6ZtrgHA.roa
File: MJUSGXNaON5-u4HtTmGH6ZtrgHA.roa (raw, json)
Hash identifier: NNdIzpFlr2gfckuz7+ZEQiokzWnQGJIcuKaYbw6MC/U=
Subject key identifier: 30:95:12:19:73:5A:38:DE:7E:BB:81:ED:4E:61:87:E9:9B:6B:80:70
Certificate issuer: /CN=fa2e72abf7b1728fda6aa0b0413d8854812ea361
Certificate serial: 019EE5C8E2ADAE6EA4C7406E600AC1C6254D
Authority key identifier: FA:2E:72:AB:F7:B1:72:8F:DA:6A:A0:B0:41:3D:88:54:81:2E:A3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/MJUSGXNaON5-u4HtTmGH6ZtrgHA.roa
Signing time: Sat 20 Jun 2026 16:06:48 +0000
ROA not before: Sat 20 Jun 2026 16:06:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42106
IP address blocks: 185.231.223.0/24 maxlen: 24
185.252.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/1-i5yq_exco_aaqCwQT2IVIEuo2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/1-i5yq_exco_aaqCwQT2IVIEuo2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 05:46:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e5:c8:e2:ad:ae:6e:a4:c7:40:6e:60:0a:c1:c6:25:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa2e72abf7b1728fda6aa0b0413d8854812ea361
Validity
Not Before: Jun 20 16:06:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=30951219735a38de7ebb81ed4e6187e99b6b8070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8f:0f:50:a7:4e:58:43:bd:9e:5e:03:07:68:
6b:ba:dc:11:4a:84:26:56:f1:d4:9d:7f:16:1f:ef:
b6:26:89:c9:7b:35:47:30:14:b5:09:2e:7f:58:14:
6d:81:9d:2d:c4:7c:e3:e5:4c:ab:39:bd:bf:be:69:
54:88:30:0e:d7:9e:7e:26:b2:55:3d:e1:c4:42:be:
bf:fd:4a:11:fe:7f:64:65:52:cf:fd:f0:15:7d:23:
32:68:65:7c:f4:21:52:8a:f4:2e:5c:f5:63:11:12:
79:5e:b1:10:58:bc:9b:c1:c4:e0:ff:a4:5d:4e:b1:
1f:66:7d:60:99:0c:ba:57:13:b0:38:04:78:a2:f4:
68:2e:90:04:1c:34:d6:a7:4f:8b:8c:50:38:fa:a5:
46:fd:fe:0e:43:38:4b:41:08:2a:3b:40:98:99:f3:
72:22:62:8c:bf:49:04:86:29:7d:3d:d4:fa:ff:36:
59:53:e9:de:9a:0b:af:f7:a1:52:f3:ea:2f:76:81:
d6:38:62:a7:a0:c0:ad:7f:56:ad:25:fc:6d:5a:a8:
69:b9:e0:9e:ad:82:b4:4f:6d:ff:fe:2d:ff:bf:1e:
8c:64:42:b6:95:69:35:e7:6a:5d:17:6c:d3:58:a4:
0f:6f:98:aa:29:0e:4b:4b:89:c7:a3:a2:33:36:f6:
e9:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:95:12:19:73:5A:38:DE:7E:BB:81:ED:4E:61:87:E9:9B:6B:80:70
X509v3 Authority Key Identifier:
keyid:FA:2E:72:AB:F7:B1:72:8F:DA:6A:A0:B0:41:3D:88:54:81:2E:A3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-i5yq_exco_aaqCwQT2IVIEuo2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/MJUSGXNaON5-u4HtTmGH6ZtrgHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f61591-7ca8-4a9a-899f-a366da251a83/1/1-i5yq_exco_aaqCwQT2IVIEuo2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.223.0/24
185.252.133.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:63:cd:bf:e7:b0:96:9b:4b:f0:0d:d0:90:ae:8e:f6:05:40:
89:5e:b0:63:88:e3:ab:7c:4e:a9:1b:2f:78:fe:a6:06:08:a9:
40:84:17:4e:9a:1d:80:81:f7:5a:49:d1:6f:c3:22:81:44:1a:
f9:7e:a4:6c:73:d4:14:f2:df:a7:5d:57:d7:0b:3c:bd:b5:82:
10:46:f2:1e:00:f5:f9:ca:6c:73:1d:41:06:aa:95:3c:10:2a:
ea:24:b2:7d:c0:91:44:3e:b3:8f:bc:73:73:9e:b3:c2:d9:ec:
eb:95:d4:33:e6:24:b7:39:93:73:82:93:c7:2d:06:8f:2f:17:
fc:39:f4:bd:69:42:4a:9e:7d:3c:35:f1:e5:a2:e9:a6:f7:f3:
ed:b6:58:6a:f4:b7:6e:6f:5f:cb:82:89:f7:a7:11:46:67:b2:
56:fe:2a:18:17:b2:21:80:f5:21:84:ba:c9:76:5d:02:06:02:
bb:b1:09:d4:94:5e:fb:4b:5e:05:8d:e3:19:0e:01:63:dd:23:
f4:22:90:f8:d1:fa:11:dc:ef:6e:f2:50:d9:82:75:1e:78:83:
a9:9a:0a:24:d5:ee:bc:70:e9:b6:25:07:3e:73:6c:7d:0e:5f:
1b:9d:7d:e9:50:25:92:79:ba:bc:6c:b6:01:66:c2:c3:df:61:
ad:0e:af:f9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ7lyOKtrm6kx0BuYArBxiVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhMmU3MmFiZjdiMTcyOGZkYTZhYTBiMDQxM2Q4ODU0ODEy
ZWEzNjEwHhcNMjYwNjIwMTYwNjQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDk1MTIxOTczNWEzOGRlN2ViYjgxZWQ0ZTYxODdlOTliNmI4MDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw48PUKdOWEO9nl4DB2hrutwRSoQm
VvHUnX8WH++2JonJezVHMBS1CS5/WBRtgZ0txHzj5UyrOb2/vmlUiDAO155+JrJV
PeHEQr6//UoR/n9kZVLP/fAVfSMyaGV89CFSivQuXPVjERJ5XrEQWLybwcTg/6Rd
TrEfZn1gmQy6VxOwOAR4ovRoLpAEHDTWp0+LjFA4+qVG/f4OQzhLQQgqO0CYmfNy
ImKMv0kEhil9PdT6/zZZU+nemguv96FS8+ovdoHWOGKnoMCtf1atJfxtWqhpueCe
rYK0T23//i3/vx6MZEK2lWk152pdF2zTWKQPb5iqKQ5LS4nHo6IzNvbpwwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDCVEhlzWjjefruB7U5hh+mba4BwMB8GA1UdIwQY
MBaAFPoucqv3sXKP2mqgsEE9iFSBLqNhMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1pNXlxX2V4Y29fYWFxQ3dRVDJJVklFdW8yRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMvZjYxNTkxLTdjYTgtNGE5YS04OTlm
LWEzNjZkYTI1MWE4My8xL01KVVNHWE5hT041LXU0SHRUbUdINlp0cmdIQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWMvZjYxNTkxLTdjYTgtNGE5YS04OTlmLWEzNjZkYTI1MWE4
My8xLzEtaTV5cV9leGNvX2FhcUN3UVQySVZJRXVvMkUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAC5598D
BAC5/IUwDQYJKoZIhvcNAQELBQADggEBAI9jzb/nsJabS/AN0JCujvYFQIlesGOI
46t8TqkbL3j+pgYIqUCEF06aHYCB91pJ0W/DIoFEGvl+pGxz1BTy36ddV9cLPL21
ghBG8h4A9fnKbHMdQQaqlTwQKuoksn3AkUQ+s4+8c3Oes8LZ7OuV1DPmJLc5k3OC
k8ctBo8vF/w59L1pQkqefTw18eWi6ab38+22WGr0t25vX8uCifenEUZnslb+KhgX
siGA9SGEusl2XQIGAruxCdSUXvtLXgWN4xkOAWPdI/QikPjR+hHc727yUNmCdR54
g6maCiTV7rxw6bYlBz5zbH0OXxudfelQJZJ5urxstgFmwsPfYa0Or/k=
-----END CERTIFICATE-----
Generated at Mon Jun 29 12:36:03 2026 by rpki-client