Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/Mqx-zb562ywYV8pX6wNPPIxwnPA.roa
File: Mqx-zb562ywYV8pX6wNPPIxwnPA.roa (raw, json)
Hash identifier: OtbembzOi1Q67rhuvfY9lENyB3xApH7b2U9zu5YCpzg=
Subject key identifier: 32:AC:7E:CD:BE:7A:DB:2C:18:57:CA:57:EB:03:4F:3C:8C:70:9C:F0
Certificate issuer: /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial: 019D06088EEBEE8022AB41FDFB2A1BE7B731
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/Mqx-zb562ywYV8pX6wNPPIxwnPA.roa
Signing time: Thu 19 Mar 2026 12:18:37 +0000
ROA not before: Thu 19 Mar 2026 12:18:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 80.255.192.0/19 maxlen: 19
84.19.104.0/21 maxlen: 21
84.19.122.0/23 maxlen: 23
84.19.124.0/22 maxlen: 22
185.228.252.0/22 maxlen: 22
193.39.32.0/20 maxlen: 20
193.39.65.0/24 maxlen: 24
193.193.96.0/20 maxlen: 20
194.145.148.0/23 maxlen: 23
195.182.160.0/19 maxlen: 19
212.43.160.0/19 maxlen: 19
213.147.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 03:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:08:8e:eb:ee:80:22:ab:41:fd:fb:2a:1b:e7:b7:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Validity
Not Before: Mar 19 12:18:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=32ac7ecdbe7adb2c1857ca57eb034f3c8c709cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ec:ec:15:40:a6:99:40:d8:3e:21:99:9e:61:
3b:97:82:de:5f:e7:cf:23:d5:4c:10:55:17:71:97:
4c:9e:5a:6e:d7:21:3f:c3:7a:f8:1d:ac:2f:16:13:
d6:64:73:f1:69:b8:17:8b:a1:d9:94:ca:ce:91:0a:
00:09:08:70:4a:ac:9e:5f:13:29:59:08:82:b0:63:
43:45:92:ff:0f:6f:3d:c6:22:fc:61:06:68:8c:dd:
53:f7:ab:31:37:26:0f:ce:85:37:ad:fe:6d:e2:ba:
74:c7:15:39:9d:87:0f:1f:ac:68:52:41:9a:3f:cb:
65:8d:39:30:ae:10:b8:a9:d1:81:fe:ce:ac:47:39:
83:18:f8:32:ed:54:aa:de:0e:ad:4e:f6:41:be:25:
89:99:e7:4d:18:b2:b0:83:f1:19:71:ea:94:f6:55:
f4:ce:46:d7:67:de:a6:91:ff:7d:7a:aa:9e:73:66:
e2:49:54:3c:8e:10:9e:bb:1f:f8:62:20:d3:e1:b1:
76:09:5a:62:7e:8d:2e:0e:40:91:92:89:69:4a:00:
6d:9c:3d:ed:41:a0:68:bf:41:b6:3c:09:9b:85:fa:
4b:f7:34:69:3e:fc:bb:af:31:74:1a:97:bf:07:8f:
d2:0a:ee:03:06:9d:df:b3:b6:e8:89:a6:68:b0:98:
dd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:AC:7E:CD:BE:7A:DB:2C:18:57:CA:57:EB:03:4F:3C:8C:70:9C:F0
X509v3 Authority Key Identifier:
keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/Mqx-zb562ywYV8pX6wNPPIxwnPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.255.192.0/19
84.19.104.0/21
84.19.122.0-84.19.127.255
185.228.252.0/22
193.39.32.0/20
193.39.65.0/24
193.193.96.0/20
194.145.148.0/23
195.182.160.0/19
212.43.160.0/19
213.147.224.0/19
Signature Algorithm: sha256WithRSAEncryption
30:6b:06:ef:4f:5b:ac:c4:0a:57:25:97:7f:30:d6:09:0d:81:
34:79:7c:0e:4f:b8:5f:1a:a3:41:49:2e:28:b0:f0:86:70:a4:
0e:c4:33:c3:03:02:9b:f6:c8:a7:04:d1:8b:61:27:14:63:86:
52:c4:7a:cd:7a:b2:65:2d:e4:5a:c9:0e:aa:6f:b6:ae:89:6c:
a7:fe:6a:a3:ab:41:64:45:70:d5:ea:c8:d7:ab:22:39:4a:ef:
52:9b:d1:33:7a:51:58:68:4f:54:56:c3:ce:e9:4d:54:f2:10:
83:40:a2:b0:e0:da:f0:88:f3:4a:40:85:20:0b:66:9e:a9:87:
f4:f2:cd:0f:22:8a:74:33:14:30:93:dd:c3:18:20:92:8a:5a:
12:e3:5f:de:6a:36:37:e7:14:1a:44:fa:ea:65:6d:df:85:d5:
ed:8a:c5:5a:ea:38:57:c3:14:ad:34:ba:c3:62:0e:38:90:f2:
71:73:b0:cf:16:6f:e5:6a:ae:04:c6:38:e1:ad:3a:d4:b3:fc:
8e:9f:d5:b2:ff:42:8a:94:99:a3:50:a2:2b:2c:19:3c:9d:49:
cd:5c:9e:76:bc:06:e3:d7:a2:00:f3:7c:5a:70:f4:0b:fb:30:
fe:10:74:d2:bb:78:54:67:9b:05:fd:43:97:0d:da:f9:bc:9e:
79:21:a7:8d
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZ0GCI7r7oAiq0H9+yob57cxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MzA3ZDI5ZjU1NDNmMjFlYTMwMDliOTUyM2ZlNzFiOGYx
MzY5Y2EwHhcNMjYwMzE5MTIxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmFjN2VjZGJlN2FkYjJjMTg1N2NhNTdlYjAzNGYzYzhjNzA5Y2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOzsFUCmmUDYPiGZnmE7l4LeX+fP
I9VMEFUXcZdMnlpu1yE/w3r4HawvFhPWZHPxabgXi6HZlMrOkQoACQhwSqyeXxMp
WQiCsGNDRZL/D289xiL8YQZojN1T96sxNyYPzoU3rf5t4rp0xxU5nYcPH6xoUkGa
P8tljTkwrhC4qdGB/s6sRzmDGPgy7VSq3g6tTvZBviWJmedNGLKwg/EZceqU9lX0
zkbXZ96mkf99eqqec2biSVQ8jhCeux/4YiDT4bF2CVpifo0uDkCRkolpSgBtnD3t
QaBov0G2PAmbhfpL9zRpPvy7rzF0Gpe/B4/SCu4DBp3fs7boiaZosJjdJwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFDKsfs2+etssGFfKV+sDTzyMcJzwMB8GA1UdIwQY
MBaAFBYwfSn1VD8h6jAJuVI/5xuPE2nKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2Yt
NGNmZTQwZjA3YTZiLzEvTXF4LXpiNTYyeXdZVjhwWDZ3TlBQSXh3blBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2YtNGNmZTQwZjA3YTZi
LzEvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQFUP/AAwQD
VBNoMAwDBAFUE3oDBAdUEwADBAK55PwDBATBJyADBADBJ0EDBATBwWADBAHCkZQD
BAXDtqADBAXUK6ADBAXVk+AwDQYJKoZIhvcNAQELBQADggEBADBrBu9PW6zEClcl
l38w1gkNgTR5fA5PuF8ao0FJLiiw8IZwpA7EM8MDApv2yKcE0YthJxRjhlLEes16
smUt5FrJDqpvtq6JbKf+aqOrQWRFcNXqyNerIjlK71Kb0TN6UVhoT1RWw87pTVTy
EINAorDg2vCI80pAhSALZp6ph/TyzQ8iinQzFDCT3cMYIJKKWhLjX95qNjfnFBpE
+uplbd+F1e2KxVrqOFfDFK00usNiDjiQ8nFzsM8Wb+VqrgTGOOGtOtSz/I6f1bL/
QoqUmaNQoissGTydSc1cnna8BuPXogDzfFpw9Av7MP4QdNK7eFRnmwX9Q5cN2vm8
nnkhp40=
-----END CERTIFICATE-----
Generated at Wed Mar 25 11:07:57 2026 by rpki-client