Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MVdaz8ics8Sd-XffD7C430qY11I.roa
File: MVdaz8ics8Sd-XffD7C430qY11I.roa (raw, json)
Hash identifier: xtPCUH6KPnYcKU0oSSaYFdckSNDB0iw7+CjSZPjS4rE=
Subject key identifier: 31:57:5A:CF:C8:9C:B3:C4:9D:F9:77:DF:0F:B0:B8:DF:4A:98:D7:52
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 019D5391EF55FD99819FE9D3E89765EC5D51
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MVdaz8ics8Sd-XffD7C430qY11I.roa
Signing time: Fri 03 Apr 2026 13:39:25 +0000
ROA not before: Fri 03 Apr 2026 13:39:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212422
IP address blocks: 193.59.94.0/24 maxlen: 24
193.59.95.0/24 maxlen: 24
193.59.98.0/24 maxlen: 24
193.59.102.0/24 maxlen: 24
193.59.103.0/24 maxlen: 24
194.181.181.0/24 maxlen: 24
194.181.250.0/24 maxlen: 24
195.164.53.0/24 maxlen: 24
195.164.99.0/24 maxlen: 24
195.187.35.0/24 maxlen: 24
195.187.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:53:91:ef:55:fd:99:81:9f:e9:d3:e8:97:65:ec:5d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Apr 3 13:39:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=31575acfc89cb3c49df977df0fb0b8df4a98d752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0e:05:e9:49:7b:1e:83:43:85:fa:d1:8d:9e:
7f:40:98:e2:31:8c:dd:89:b0:2e:21:a9:c4:67:2a:
bc:f4:8a:e2:c2:e8:53:25:47:1d:dc:b6:e2:84:2b:
b2:83:4a:4e:d5:a8:ab:11:92:51:3c:61:0e:b0:66:
3c:87:85:c5:2a:71:91:9e:5c:bc:4a:57:d9:0e:14:
08:4d:24:4e:53:3d:a0:34:e1:e6:0c:f0:28:13:c1:
ce:c2:cf:8b:82:fa:b7:72:92:c5:f6:0d:55:ea:8a:
0a:65:0b:2f:b9:55:d3:32:85:35:5b:bc:e0:fd:f0:
65:d2:5d:83:d9:47:f4:da:0d:b2:c2:39:b0:13:36:
dc:c5:4b:6b:52:91:b4:76:f1:39:88:fc:38:61:b0:
a8:83:75:06:4c:60:b2:dc:a0:0b:87:d9:0d:a0:73:
88:6b:2d:f2:84:6c:ec:e1:ff:ff:73:e4:76:16:f4:
8d:a5:87:81:7c:59:e9:3c:6e:55:3c:de:6a:36:ad:
a3:7d:e1:15:da:ea:1d:c4:24:7b:df:67:21:91:d8:
e9:56:9f:75:d7:25:b4:c2:b7:58:bc:4d:a0:79:e7:
30:16:4e:d0:8c:16:c4:63:ad:8c:f9:29:f6:ab:20:
0d:f4:2d:40:a4:05:4c:61:8c:ee:46:71:ba:90:bc:
28:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:57:5A:CF:C8:9C:B3:C4:9D:F9:77:DF:0F:B0:B8:DF:4A:98:D7:52
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MVdaz8ics8Sd-XffD7C430qY11I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.59.94.0/23
193.59.98.0/24
193.59.102.0/23
194.181.181.0/24
194.181.250.0/24
195.164.53.0/24
195.164.99.0/24
195.187.35.0/24
195.187.53.0/24
Signature Algorithm: sha256WithRSAEncryption
00:af:69:7b:23:b6:79:f7:d4:f6:0f:3f:e1:5d:3b:ea:76:92:
d4:7d:69:6b:33:b2:03:1b:39:3b:77:05:f2:fa:08:ae:34:10:
b6:9d:e4:17:4b:0b:2a:aa:cc:22:21:1e:7a:71:ca:6c:15:26:
39:e7:f2:9b:bd:d4:5c:04:86:4a:1f:13:c7:8c:0a:b9:88:26:
f8:b6:dc:be:c2:2f:fb:12:02:85:8f:fc:0a:32:2b:e7:e6:a0:
30:9c:60:50:9a:e9:a8:64:ec:56:8d:06:50:50:28:49:99:c3:
6f:57:02:aa:87:0c:b5:a8:41:3f:bb:62:fe:97:4a:48:b1:c3:
dd:98:d5:5f:aa:aa:11:42:b1:c2:dd:c5:ea:5a:dd:2b:58:e1:
6e:8d:f6:18:0b:a5:a6:0c:c1:df:c8:9a:1c:db:5e:d4:b3:64:
07:67:77:26:ed:e3:72:c9:d2:ac:a4:a7:fa:7a:6b:2c:8e:19:
69:f2:72:68:2a:96:b4:5a:92:cf:13:65:3d:25:d8:17:35:8c:
13:69:d1:1f:da:40:d5:ac:38:33:2a:ff:21:ce:56:8b:a4:cc:
cb:59:43:d3:63:f1:27:33:07:e8:c8:4d:0e:aa:40:b2:21:a3:
d8:c6:4b:bd:79:3f:ec:ee:8b:5b:07:e8:f1:d5:bd:bd:f7:39:
3b:5e:69:e9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ1Tke9V/ZmBn+nT6Jdl7F1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjYwNDAzMTMzOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTU3NWFjZmM4OWNiM2M0OWRmOTc3ZGYwZmIwYjhkZjRhOThkNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg4F6Ul7HoNDhfrRjZ5/QJjiMYzd
ibAuIanEZyq89IriwuhTJUcd3LbihCuyg0pO1airEZJRPGEOsGY8h4XFKnGRnly8
SlfZDhQITSROUz2gNOHmDPAoE8HOws+Lgvq3cpLF9g1V6ooKZQsvuVXTMoU1W7zg
/fBl0l2D2Uf02g2ywjmwEzbcxUtrUpG0dvE5iPw4YbCog3UGTGCy3KALh9kNoHOI
ay3yhGzs4f//c+R2FvSNpYeBfFnpPG5VPN5qNq2jfeEV2uodxCR732chkdjpVp91
1yW0wrdYvE2geecwFk7QjBbEY62M+Sn2qyAN9C1ApAVMYYzuRnG6kLwohQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDFXWs/InLPEnfl33w+wuN9KmNdSMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvTVZkYXo4aWNzOFNkLVhmZkQ3QzQzMHFZMTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBwTteAwQA
wTtiAwQBwTtmAwQAwrW1AwQAwrX6AwQAw6Q1AwQAw6RjAwQAw7sjAwQAw7s1MA0G
CSqGSIb3DQEBCwUAA4IBAQAAr2l7I7Z599T2Dz/hXTvqdpLUfWlrM7IDGzk7dwXy
+giuNBC2neQXSwsqqswiIR56ccpsFSY55/KbvdRcBIZKHxPHjAq5iCb4tty+wi/7
EgKFj/wKMivn5qAwnGBQmumoZOxWjQZQUChJmcNvVwKqhwy1qEE/u2L+l0pIscPd
mNVfqqoRQrHC3cXqWt0rWOFujfYYC6WmDMHfyJoc217Us2QHZ3cm7eNyydKspKf6
emssjhlp8nJoKpa0WpLPE2U9JdgXNYwTadEf2kDVrDgzKv8hzlaLpMzLWUPTY/En
MwfoyE0OqkCyIaPYxku9eT/s7otbB+jx1b299zk7Xmnp
-----END CERTIFICATE-----
Generated at Sun Apr 19 13:59:21 2026 by rpki-client