Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/mcWyzJOHr9Zx7r67vsArKVYzm-M.roa
File: mcWyzJOHr9Zx7r67vsArKVYzm-M.roa (raw, json)
Hash identifier: jPJa6OTo4Vh6SlUAyeSF3ybtpQx5852t+NVU3VYBCWg=
Subject key identifier: 99:C5:B2:CC:93:87:AF:D6:71:EE:BE:BB:BE:C0:2B:29:56:33:9B:E3
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 019ED466557B555FB0F2614ABD3B438E63B5
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/mcWyzJOHr9Zx7r67vsArKVYzm-M.roa
Signing time: Wed 17 Jun 2026 07:05:36 +0000
ROA not before: Wed 17 Jun 2026 07:05:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200943
IP address blocks: 129.233.200.0/23 maxlen: 23
129.233.202.0/24 maxlen: 24
153.96.62.0/23 maxlen: 23
153.96.64.0/22 maxlen: 22
153.96.142.0/24 maxlen: 24
153.96.160.0/24 maxlen: 24
153.96.162.0/23 maxlen: 24
153.96.164.0/22 maxlen: 24
153.96.186.0/23 maxlen: 23
153.97.174.0/23 maxlen: 23
153.97.176.0/23 maxlen: 23
192.44.9.0/24 maxlen: 24
192.88.97.0/24 maxlen: 24
192.102.146.0/23 maxlen: 23
192.102.149.0/24 maxlen: 24
192.102.154.0/23 maxlen: 23
192.102.157.0/24 maxlen: 24
192.102.166.0/24 maxlen: 24
192.102.173.0/24 maxlen: 24
2001:67c:61c::/48 maxlen: 48
2a03:db80:5460::/48 maxlen: 48
2a03:db80:5464::/48 maxlen: 48
2a03:db80:5470::/48 maxlen: 48
2a03:db80:5474::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 07:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d4:66:55:7b:55:5f:b0:f2:61:4a:bd:3b:43:8e:63:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jun 17 07:05:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=99c5b2cc9387afd671eebebbbec02b2956339be3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ea:65:7b:4d:fd:67:92:10:06:8b:f4:60:cc:
48:cb:1d:1a:72:b3:f0:86:8a:43:c0:38:92:b8:a1:
d0:7e:16:c7:4f:8d:dd:ff:f4:40:8a:6a:ac:1c:4e:
3e:ad:1d:cc:00:5e:25:44:d4:d3:ec:ae:3a:55:6a:
dd:94:68:07:f9:4c:40:74:90:d8:ef:0b:f7:1d:c5:
82:52:c2:e3:08:82:f9:b4:94:06:d3:3d:e9:8c:77:
c4:9c:1d:1c:59:f6:be:2c:fa:13:65:98:88:a2:e7:
21:fd:96:fd:9d:b2:af:00:2b:73:f3:9e:43:a4:10:
7e:25:39:89:d5:e7:48:82:71:51:42:08:c2:80:2a:
71:98:50:a3:e7:19:82:94:a1:9e:81:c8:15:a9:52:
83:8b:08:eb:c6:dd:27:38:3a:c0:ad:f8:88:d9:8f:
ea:58:5b:f6:ee:6a:81:41:00:1f:b8:cc:0f:c9:d5:
5e:ee:05:d0:79:89:fd:19:d6:1f:2e:e2:11:43:21:
9d:0b:e4:21:b2:0f:0e:51:16:91:20:de:05:de:73:
d6:35:a1:c2:8d:13:23:0c:da:ca:a2:e4:de:c9:92:
6e:1e:cf:31:ce:36:6c:32:a0:b4:1b:8a:ae:bd:ac:
e6:28:48:3c:fe:2d:7e:38:bf:e9:f5:ed:dc:d0:49:
b2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C5:B2:CC:93:87:AF:D6:71:EE:BE:BB:BE:C0:2B:29:56:33:9B:E3
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/mcWyzJOHr9Zx7r67vsArKVYzm-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.200.0-129.233.202.255
153.96.62.0-153.96.67.255
153.96.142.0/24
153.96.160.0/24
153.96.162.0-153.96.167.255
153.96.186.0/23
153.97.174.0-153.97.177.255
192.44.9.0/24
192.88.97.0/24
192.102.146.0/23
192.102.149.0/24
192.102.154.0/23
192.102.157.0/24
192.102.166.0/24
192.102.173.0/24
IPv6:
2001:67c:61c::/48
2a03:db80:5460::/48
2a03:db80:5464::/48
2a03:db80:5470::/48
2a03:db80:5474::/48
Signature Algorithm: sha256WithRSAEncryption
5a:f7:0c:59:18:5a:e8:4e:40:29:ad:2c:40:cd:c4:51:31:a4:
7a:54:06:17:cb:a1:44:cc:9e:23:de:fa:59:6c:9f:9f:f5:00:
52:50:0a:7d:c6:95:be:a3:15:ca:3e:01:57:f1:c0:a1:15:1b:
d2:ec:69:ab:50:df:f3:3a:f4:b3:10:82:d7:f5:00:60:96:43:
17:e0:71:9b:3c:07:f5:ec:ad:24:f1:40:76:f0:47:57:7b:6d:
8c:20:28:6a:90:8d:7b:f2:86:d1:a6:fd:28:a7:6f:27:9c:b0:
80:88:88:19:f4:14:38:f6:63:bb:e4:14:2a:d9:91:6c:78:26:
05:f8:98:25:a5:c2:68:00:3f:28:35:75:ca:08:14:a2:fc:86:
fd:d2:53:c5:89:eb:08:8b:31:6f:4a:b8:03:26:4d:98:52:2a:
3d:9c:e3:99:a7:d1:dc:56:cd:51:f8:c5:3f:93:b0:e7:41:d4:
38:c8:6b:53:f0:13:f3:d6:78:5c:49:ea:6f:37:d0:b5:ef:25:
a9:f2:cf:3d:db:a1:e5:ac:82:d7:0f:32:e5:75:be:17:86:ef:
47:3b:4d:dc:fe:1f:b1:3f:13:31:73:d2:7b:b1:b2:fd:1b:d1:
e8:20:50:24:47:38:b5:d7:5d:3c:57:c9:60:be:a5:b6:42:2d:
e4:ca:d5:72
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZ7UZlV7VV+w8mFKvTtDjmO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjYwNjE3MDcwNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWM1YjJjYzkzODdhZmQ2NzFlZWJlYmJiZWMwMmIyOTU2MzM5YmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ople039Z5IQBov0YMxIyx0acrPw
hopDwDiSuKHQfhbHT43d//RAimqsHE4+rR3MAF4lRNTT7K46VWrdlGgH+UxAdJDY
7wv3HcWCUsLjCIL5tJQG0z3pjHfEnB0cWfa+LPoTZZiIouch/Zb9nbKvACtz855D
pBB+JTmJ1edIgnFRQgjCgCpxmFCj5xmClKGegcgVqVKDiwjrxt0nODrArfiI2Y/q
WFv27mqBQQAfuMwPydVe7gXQeYn9GdYfLuIRQyGdC+Qhsg8OURaRIN4F3nPWNaHC
jRMjDNrKouTeyZJuHs8xzjZsMqC0G4quvazmKEg8/i1+OL/p9e3c0EmynQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFJnFssyTh6/Wce6+u77AKylWM5vjMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvbWNXeXpKT0hyOVp4N3I2N3ZzQXJLVll6bS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBgAQCAAEwejAMAwQD
genIAwQAgenKMAwDBAGZYD4DBAKZYEADBACZYI4DBACZYKAwDAMEAZlgogMEA5lg
oAMEAZlgujAMAwQBmWGuAwQBmWGwAwQAwCwJAwQAwFhhAwQBwGaSAwQAwGaVAwQB
wGaaAwQAwGadAwQAwGamAwQAwGatMDMEAgACMC0DBwAgAQZ8BhwDBwAqA9uAVGAD
BwAqA9uAVGQDBwAqA9uAVHADBwAqA9uAVHQwDQYJKoZIhvcNAQELBQADggEBAFr3
DFkYWuhOQCmtLEDNxFExpHpUBhfLoUTMniPe+llsn5/1AFJQCn3Glb6jFco+AVfx
wKEVG9LsaatQ3/M69LMQgtf1AGCWQxfgcZs8B/XsrSTxQHbwR1d7bYwgKGqQjXvy
htGm/SinbyecsICIiBn0FDj2Y7vkFCrZkWx4JgX4mCWlwmgAPyg1dcoIFKL8hv3S
U8WJ6wiLMW9KuAMmTZhSKj2c45mn0dxWzVH4xT+TsOdB1DjIa1PwE/PWeFxJ6m83
0LXvJanyzz3boeWsgtcPMuV1vheG70c7Tdz+H7E/EzFz0nuxsv0b0eggUCRHOLXX
XTxXyWC+pbZCLeTK1XI=
-----END CERTIFICATE-----
Generated at Wed Jun 17 11:13:30 2026 by rpki-client