Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/M-YJbaHJQuiAtpg8pVQN7Q2kMEA.roa
File: M-YJbaHJQuiAtpg8pVQN7Q2kMEA.roa (raw, json)
Hash identifier: 9W4AsYcd4kspYRLK6Yv1EhxLvtBnOrOiweA8OT965Jc=
Subject key identifier: 33:E6:09:6D:A1:C9:42:E8:80:B6:98:3C:A5:54:0D:ED:0D:A4:30:40
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019A02988D5204829DBA10A102DDE25EBEE8
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/M-YJbaHJQuiAtpg8pVQN7Q2kMEA.roa
Signing time: Mon 20 Oct 2025 17:09:03 +0000
ROA not before: Mon 20 Oct 2025 17:09:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51765
IP address blocks: 144.31.136.0/24 maxlen: 24
144.31.140.0/24 maxlen: 24
144.31.141.0/24 maxlen: 24
144.31.142.0/24 maxlen: 24
144.31.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 10:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:98:8d:52:04:82:9d:ba:10:a1:02:dd:e2:5e:be:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Oct 20 17:09:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33e6096da1c942e880b6983ca5540ded0da43040
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:31:63:c5:df:fd:19:6f:db:c1:5f:dc:e9:d3:
81:69:35:ef:d4:97:5a:64:cf:e0:18:99:64:dd:30:
43:f5:34:23:00:ea:a7:a2:19:1b:32:87:93:72:74:
3a:78:9e:dd:3b:f3:5e:68:4c:55:e5:08:2d:59:e7:
47:2a:b1:bf:e2:34:e0:22:bb:d7:23:c4:ca:b3:72:
b3:61:9f:78:88:85:a2:e7:1a:ad:3f:17:40:a1:ac:
55:d0:7f:9b:09:1c:5e:81:36:70:3f:9b:3b:1e:7c:
a9:0e:f7:9f:65:e4:c2:6f:ea:71:fe:56:f7:89:bf:
45:5d:b5:73:ac:5d:08:e3:e7:00:79:11:f4:7d:48:
ec:a7:d2:68:da:85:97:9e:40:36:7e:f6:61:91:88:
da:00:5c:f2:af:d0:60:28:00:be:84:db:25:d7:d1:
7a:0b:d8:c9:0e:b5:88:dc:34:91:27:1f:21:81:9d:
a6:98:e8:00:72:56:d9:2f:fd:3f:09:04:3c:37:75:
16:18:e9:c5:a8:92:97:c2:e5:48:08:d2:34:13:d5:
28:59:12:fe:2b:e1:e6:44:9a:a2:0e:5a:af:a8:b3:
2f:a1:8e:31:6d:cd:89:ff:82:90:a5:4a:4b:3e:d5:
93:be:07:b0:04:5e:16:d8:10:f0:bd:c6:67:f3:22:
db:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E6:09:6D:A1:C9:42:E8:80:B6:98:3C:A5:54:0D:ED:0D:A4:30:40
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/M-YJbaHJQuiAtpg8pVQN7Q2kMEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.31.136.0/24
144.31.140.0/22
Signature Algorithm: sha256WithRSAEncryption
45:a2:d7:ce:ce:ee:67:0b:bc:ba:61:5c:c5:43:e9:7f:ee:34:
c7:b1:94:74:61:fe:50:a1:62:de:51:33:59:3b:be:6e:81:6b:
5f:0a:e9:19:1b:d2:df:db:ab:80:03:11:f2:87:fb:f7:74:7d:
37:90:10:1f:42:a7:8f:10:28:04:ea:14:77:b4:8c:a8:4b:42:
cd:dc:e7:cb:7b:f8:d2:1b:ae:5e:bc:c6:f0:04:d9:6d:ec:30:
b8:05:dd:af:a1:55:37:fe:ef:a2:b5:e4:28:c9:02:f3:79:b8:
68:84:6a:97:f3:2e:ec:80:f8:a8:f8:fd:d2:47:30:61:31:4e:
da:30:e0:14:46:fc:df:9c:36:e5:ab:24:e6:eb:99:00:d8:c3:
c2:85:ea:81:35:5d:c5:14:fd:39:dc:77:80:8f:7d:67:bc:43:
8f:47:92:f0:eb:83:ed:6d:21:b7:cd:ba:68:11:6e:04:c5:68:
91:64:00:1a:8c:2f:3f:b3:41:0c:9c:0f:df:3a:39:79:b8:00:
4b:72:d9:fd:a0:bd:ca:d3:09:78:56:66:0a:d2:fb:db:02:8b:
dc:fc:23:ae:19:7c:88:78:76:4c:fa:9a:cb:2b:d8:ae:ec:02:
2b:b7:a2:ab:76:5f:ba:7c:40:45:ca:3c:3f:9a:9d:d4:94:a2:
41:a7:23:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZoCmI1SBIKduhChAt3iXr7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUxMDIwMTcwOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2U2MDk2ZGExYzk0MmU4ODBiNjk4M2NhNTU0MGRlZDBkYTQzMDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jFjxd/9GW/bwV/c6dOBaTXv1Jda
ZM/gGJlk3TBD9TQjAOqnohkbMoeTcnQ6eJ7dO/NeaExV5QgtWedHKrG/4jTgIrvX
I8TKs3KzYZ94iIWi5xqtPxdAoaxV0H+bCRxegTZwP5s7HnypDvefZeTCb+px/lb3
ib9FXbVzrF0I4+cAeRH0fUjsp9Jo2oWXnkA2fvZhkYjaAFzyr9BgKAC+hNsl19F6
C9jJDrWI3DSRJx8hgZ2mmOgAclbZL/0/CQQ8N3UWGOnFqJKXwuVICNI0E9UoWRL+
K+HmRJqiDlqvqLMvoY4xbc2J/4KQpUpLPtWTvgewBF4W2BDwvcZn8yLblQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDPmCW2hyULogLaYPKVUDe0NpDBAMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvTS1ZSmJhSEpRdWlBdHBnOHBWUU43UTJrTUVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkB+IAwQC
kB+MMA0GCSqGSIb3DQEBCwUAA4IBAQBFotfOzu5nC7y6YVzFQ+l/7jTHsZR0Yf5Q
oWLeUTNZO75ugWtfCukZG9Lf26uAAxHyh/v3dH03kBAfQqePECgE6hR3tIyoS0LN
3OfLe/jSG65evMbwBNlt7DC4Bd2voVU3/u+iteQoyQLzebhohGqX8y7sgPio+P3S
RzBhMU7aMOAURvzfnDblqyTm65kA2MPCheqBNV3FFP053HeAj31nvEOPR5Lw64Pt
bSG3zbpoEW4ExWiRZAAajC8/s0EMnA/fOjl5uABLctn9oL3K0wl4VmYK0vvbAovc
/COuGXyIeHZM+prLK9iu7AIrt6Krdl+6fEBFyjw/mp3UlKJBpyOs
-----END CERTIFICATE-----
Generated at Tue Oct 21 16:46:50 2025 by rpki-client