Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MW8766wMKXUGsgRWHzcEHo6feGA.roa
File: MW8766wMKXUGsgRWHzcEHo6feGA.roa (raw, json)
Hash identifier: ccRFDtSbTNFBDcxO26pq8UJZb87mYQrvO1w0Ql5V670=
Subject key identifier: 31:6F:3B:EB:AC:0C:29:75:06:B2:04:56:1F:37:04:1E:8E:9F:78:60
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019C090F921552EB0BD4F84951E6F3C86B01
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MW8766wMKXUGsgRWHzcEHo6feGA.roa
Signing time: Thu 29 Jan 2026 09:22:21 +0000
ROA not before: Thu 29 Jan 2026 09:22:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216024
IP address blocks: 193.124.203.0/24 maxlen: 24
194.87.148.0/24 maxlen: 24
194.87.189.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:09:0f:92:15:52:eb:0b:d4:f8:49:51:e6:f3:c8:6b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 29 09:22:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=316f3bebac0c297506b204561f37041e8e9f7860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:62:57:5a:4d:76:47:96:1a:51:79:11:9c:b8:
73:17:b7:ae:3f:26:72:fe:9d:b8:7a:cf:f3:97:bf:
70:37:32:d7:45:91:37:52:62:6e:88:25:47:a6:77:
b5:e9:64:71:87:ff:8e:bd:e1:c4:72:d9:cf:ce:eb:
52:61:6f:de:2e:14:11:5a:f8:a3:00:a5:4f:5c:44:
91:4b:6e:3a:01:b0:8d:0b:03:e4:ef:9b:3d:b4:9a:
ad:6e:ed:d9:9a:c5:84:70:3d:c4:b0:77:7e:c7:4c:
c7:f3:5d:ec:08:94:c7:0e:a7:5a:0f:54:39:f8:3e:
ef:c5:11:0a:1a:94:c7:d7:84:fa:ab:76:9a:c9:32:
a6:69:42:6f:33:cb:ed:0e:98:8d:ac:04:75:49:4f:
23:71:2d:18:52:d5:51:ef:48:1d:2f:21:30:72:66:
29:97:e8:6e:a7:0f:40:0b:d7:d6:7d:65:5d:94:9c:
d1:c0:a3:61:e5:00:0e:4f:f2:b2:60:d1:44:95:94:
16:fe:30:b8:71:60:01:4f:90:33:b9:43:ec:20:b4:
ec:5f:21:24:e7:d3:40:1f:66:07:06:ff:34:a0:60:
fb:93:67:37:f8:90:69:28:4f:bd:89:33:7c:06:08:
ce:37:81:1c:ca:f6:b5:bf:31:4c:e5:78:4d:87:74:
8d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:6F:3B:EB:AC:0C:29:75:06:B2:04:56:1F:37:04:1E:8E:9F:78:60
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MW8766wMKXUGsgRWHzcEHo6feGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.203.0/24
194.87.148.0/24
194.87.189.0/24
195.133.2.0/24
195.133.28.0/24
Signature Algorithm: sha256WithRSAEncryption
26:90:51:2b:b9:25:6c:c5:f2:18:f0:2d:1e:7c:03:4b:8a:cf:
c2:e7:a2:27:33:46:ca:19:10:89:95:4a:c5:cc:bb:f8:88:94:
57:03:af:a2:7a:e9:c2:65:20:ef:3e:71:4f:33:5c:72:06:19:
a6:2a:26:8b:e6:07:2e:b2:db:fa:22:05:98:76:36:08:5c:84:
7d:e4:fd:ca:07:f5:75:48:33:4f:0c:cf:27:de:43:4c:c8:c6:
5f:cf:80:a2:ee:b7:f3:e7:bc:05:4d:50:02:1d:a4:8a:cc:20:
9d:f4:4d:e1:68:45:00:b0:8a:9f:2a:e9:42:9c:91:b0:da:3f:
8d:a1:da:ce:81:1a:9d:80:dc:c8:ee:0f:6a:43:34:ec:75:c8:
00:de:e5:22:4a:2d:a9:4a:8f:20:10:d8:86:13:85:b8:db:dd:
37:57:a1:f6:c0:8b:1f:dd:4c:da:20:a0:bc:41:06:26:3d:b8:
2c:bc:c8:57:98:80:0f:c6:f7:86:13:a5:ad:96:70:ab:58:c1:
b4:18:b0:e7:a5:e7:bc:ac:94:ed:21:74:ee:aa:10:7d:f8:ea:
90:e9:c2:b9:17:be:0d:b5:52:ba:63:e2:38:27:c9:93:59:be:
cc:c8:eb:25:16:d2:b3:45:20:9a:05:56:5f:09:9e:97:aa:e7:
2c:d8:70:c6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZwJD5IVUusL1PhJUebzyGsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwMTI5MDkyMjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTZmM2JlYmFjMGMyOTc1MDZiMjA0NTYxZjM3MDQxZThlOWY3ODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22JXWk12R5YaUXkRnLhzF7euPyZy
/p24es/zl79wNzLXRZE3UmJuiCVHpne16WRxh/+OveHEctnPzutSYW/eLhQRWvij
AKVPXESRS246AbCNCwPk75s9tJqtbu3ZmsWEcD3EsHd+x0zH813sCJTHDqdaD1Q5
+D7vxREKGpTH14T6q3aayTKmaUJvM8vtDpiNrAR1SU8jcS0YUtVR70gdLyEwcmYp
l+hupw9AC9fWfWVdlJzRwKNh5QAOT/KyYNFElZQW/jC4cWABT5AzuUPsILTsXyEk
59NAH2YHBv80oGD7k2c3+JBpKE+9iTN8BgjON4Ecyva1vzFM5XhNh3SNHQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDFvO+usDCl1BrIEVh83BB6On3hgMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTVc4NzY2d01LWFVHc2dSV0h6Y0VIbzZmZUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXzLAwQA
wleUAwQAwle9AwQAw4UCAwQAw4UcMA0GCSqGSIb3DQEBCwUAA4IBAQAmkFEruSVs
xfIY8C0efANLis/C56InM0bKGRCJlUrFzLv4iJRXA6+ieunCZSDvPnFPM1xyBhmm
KiaL5gcustv6IgWYdjYIXIR95P3KB/V1SDNPDM8n3kNMyMZfz4Ci7rfz57wFTVAC
HaSKzCCd9E3haEUAsIqfKulCnJGw2j+NodrOgRqdgNzI7g9qQzTsdcgA3uUiSi2p
So8gENiGE4W42903V6H2wIsf3UzaIKC8QQYmPbgsvMhXmIAPxveGE6WtlnCrWMG0
GLDnpee8rJTtIXTuqhB9+OqQ6cK5F74NtVK6Y+I4J8mTWb7MyOslFtKzRSCaBVZf
CZ6Xqucs2HDG
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:33:23 2026 by rpki-client