Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/PMuBnubLVQVOJtu1KPECYxgQSmU.roa
File: PMuBnubLVQVOJtu1KPECYxgQSmU.roa (raw, json)
Hash identifier: lWLPa8iJfpTtbmIzFrmCpJRJw6x9gxaZmMv8VshSkxk=
Subject key identifier: 3C:CB:81:9E:E6:CB:55:05:4E:26:DB:B5:28:F1:02:63:18:10:4A:65
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 019C9AAFEFD6BBF01A1715BDB6474D653795
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/PMuBnubLVQVOJtu1KPECYxgQSmU.roa
Signing time: Thu 26 Feb 2026 16:02:27 +0000
ROA not before: Thu 26 Feb 2026 16:02:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6830
IP address blocks: 85.121.18.0/23 maxlen: 23
85.121.36.0/23 maxlen: 23
194.102.216.0/24 maxlen: 24
217.156.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9a:af:ef:d6:bb:f0:1a:17:15:bd:b6:47:4d:65:37:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Feb 26 16:02:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3ccb819ee6cb55054e26dbb528f1026318104a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3a:29:04:ef:ef:e0:82:69:28:42:17:ce:b4:
39:84:ce:cd:4e:6e:7e:51:8a:c0:e4:d8:72:b0:54:
80:d4:77:b1:cd:c6:71:20:cb:ab:a4:b5:8c:7e:b3:
bd:6f:44:3b:5b:8a:73:da:d9:14:0e:28:74:06:a0:
b2:98:09:66:63:17:20:e3:ee:c5:a8:87:8c:59:4a:
56:78:25:4e:a8:41:73:df:d9:d6:6e:a9:80:fc:9b:
97:2e:31:17:a4:19:f3:27:f1:1e:28:b2:1c:f4:58:
77:16:3b:49:fb:e8:e1:d4:52:67:00:a2:19:15:77:
0d:2f:a1:b3:9b:39:1b:f8:5d:8e:b5:9f:be:b3:d7:
38:7e:b0:c7:9b:f8:c4:dc:58:36:7a:7d:0b:5c:70:
8f:91:94:d3:f0:2d:8c:4a:48:d0:46:e1:7a:79:5a:
69:56:b3:23:ab:a6:72:28:31:f2:76:6a:72:fc:91:
2c:9b:cd:d4:f7:d2:9e:8a:d7:cd:80:53:2c:a7:54:
cd:c8:fe:4f:23:68:08:da:2f:31:9b:88:b6:51:7d:
7f:d8:b0:78:f3:06:a4:dc:59:a1:bc:b4:be:63:0f:
2f:e1:72:3a:79:34:99:2b:fa:d4:7e:60:0d:6e:6d:
74:2c:cd:13:70:17:54:26:15:4e:3f:36:05:9f:a1:
ef:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CB:81:9E:E6:CB:55:05:4E:26:DB:B5:28:F1:02:63:18:10:4A:65
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/PMuBnubLVQVOJtu1KPECYxgQSmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.121.18.0/23
85.121.36.0/23
194.102.216.0/24
217.156.91.0/24
Signature Algorithm: sha256WithRSAEncryption
84:b4:03:a9:ba:a0:18:c5:ff:e5:a9:54:38:a5:17:af:80:61:
33:62:de:71:a7:42:52:69:b4:1a:c6:6c:70:05:67:c3:dc:fe:
a2:f5:c4:5d:f8:9f:38:73:82:93:77:21:56:a9:1c:0d:ac:b4:
75:d7:6f:a3:de:bf:f6:e8:84:7a:3e:29:ba:45:5d:0a:e6:64:
f2:e2:3f:18:29:db:17:84:80:bd:b5:f8:a2:21:9f:af:46:c2:
75:aa:05:e3:9e:e3:5e:39:39:9e:91:de:a7:1a:8c:a9:02:1d:
d3:c1:35:64:b9:29:75:bd:ac:b4:a1:3d:eb:6c:6e:ec:aa:ce:
3b:e8:4b:80:64:97:89:a0:09:6e:43:56:cd:99:c0:8b:74:c9:
ed:98:ff:a4:fb:e7:b3:62:9e:69:f2:18:d6:0b:97:38:79:f4:
d4:41:ae:29:fc:59:df:e5:13:3e:93:17:d2:98:bf:30:15:9b:
89:f6:b2:fe:e9:2a:7a:9a:72:34:09:ef:a1:4a:71:ba:56:bc:
51:9e:ef:f9:88:7a:12:d6:d6:97:38:b5:59:c2:36:65:4f:e2:
31:6f:53:48:92:56:7a:10:4a:85:95:5b:97:95:33:f8:10:6e:
2b:5f:9f:4e:bd:1a:ef:7a:12:c8:88:d9:f0:8f:95:5b:0c:52:
aa:b2:13:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyar+/Wu/AaFxW9tkdNZTeVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjYwMjI2MTYwMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2NiODE5ZWU2Y2I1NTA1NGUyNmRiYjUyOGYxMDI2MzE4MTA0YTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDopBO/v4IJpKEIXzrQ5hM7NTm5+
UYrA5NhysFSA1HexzcZxIMurpLWMfrO9b0Q7W4pz2tkUDih0BqCymAlmYxcg4+7F
qIeMWUpWeCVOqEFz39nWbqmA/JuXLjEXpBnzJ/EeKLIc9Fh3FjtJ++jh1FJnAKIZ
FXcNL6Gzmzkb+F2OtZ++s9c4frDHm/jE3Fg2en0LXHCPkZTT8C2MSkjQRuF6eVpp
VrMjq6ZyKDHydmpy/JEsm83U99KeitfNgFMsp1TNyP5PI2gI2i8xm4i2UX1/2LB4
8wak3FmhvLS+Yw8v4XI6eTSZK/rUfmANbm10LM0TcBdUJhVOPzYFn6HvuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDzLgZ7my1UFTibbtSjxAmMYEEplMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvUE11Qm51YkxWUVZPSnR1MUtQRUNZeGdRU21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBVXkSAwQB
VXkkAwQAwmbYAwQA2ZxbMA0GCSqGSIb3DQEBCwUAA4IBAQCEtAOpuqAYxf/lqVQ4
pRevgGEzYt5xp0JSabQaxmxwBWfD3P6i9cRd+J84c4KTdyFWqRwNrLR112+j3r/2
6IR6Pim6RV0K5mTy4j8YKdsXhIC9tfiiIZ+vRsJ1qgXjnuNeOTmekd6nGoypAh3T
wTVkuSl1vay0oT3rbG7sqs476EuAZJeJoAluQ1bNmcCLdMntmP+k++ezYp5p8hjW
C5c4efTUQa4p/Fnf5RM+kxfSmL8wFZuJ9rL+6Sp6mnI0Ce+hSnG6VrxRnu/5iHoS
1taXOLVZwjZlT+Ixb1NIklZ6EEqFlVuXlTP4EG4rX59OvRrvehLIiNnwj5VbDFKq
shMW
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:33:10 2026 by rpki-client