Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/CvTWeK7xp9gyjdFy-y9UwtpH8uE.roa
File: CvTWeK7xp9gyjdFy-y9UwtpH8uE.roa (raw, json)
Hash identifier: 733OwKswiweiXSLuyQj7UGTmZLfaZ6qRpmED62r0qvA=
Subject key identifier: 0A:F4:D6:78:AE:F1:A7:D8:32:8D:D1:72:FB:2F:54:C2:DA:47:F2:E1
Certificate issuer: /CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Certificate serial: 019E64EE4329D5BF1AC348B9E3372DBF5338
Authority key identifier: 31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/CvTWeK7xp9gyjdFy-y9UwtpH8uE.roa
Signing time: Tue 26 May 2026 15:36:36 +0000
ROA not before: Tue 26 May 2026 15:36:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 37.49.232.0/23 maxlen: 24
37.49.236.0/22 maxlen: 24
77.95.66.0/23 maxlen: 24
77.95.70.0/23 maxlen: 24
77.95.71.0/24 maxlen: 24
185.1.144.0/24 maxlen: 24
193.105.232.0/24 maxlen: 24
2001:7f8:47:47::/64 maxlen: 64
2001:7f8:54::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 14:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:64:ee:43:29:d5:bf:1a:c3:48:b9:e3:37:2d:bf:53:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Validity
Not Before: May 26 15:36:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0af4d678aef1a7d8328dd172fb2f54c2da47f2e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7a:c2:f6:29:5c:5f:84:42:99:d4:2e:a8:01:
7c:3e:25:e1:94:e5:5c:1e:9d:c2:a6:bf:53:fe:b2:
03:e5:a2:cb:b5:ac:2e:46:b6:fe:60:bb:ca:0a:49:
36:35:a1:4d:be:dd:b2:97:07:aa:07:8d:8c:fa:17:
d9:72:3c:71:0b:6f:96:f1:21:71:4e:df:9a:f1:91:
bb:f8:31:dd:64:bc:86:48:d1:4e:45:b5:7a:67:df:
1a:25:66:e6:74:c9:1d:19:dd:b7:98:9d:d7:c0:83:
07:42:c3:16:e7:c0:e5:ae:f0:76:2e:e7:15:3d:67:
19:88:05:32:48:b1:08:67:4a:33:18:61:58:96:e2:
fb:85:ec:ca:f3:15:17:24:d3:4d:f8:01:0b:68:36:
cb:b0:75:2b:b2:9e:ca:54:c3:91:fe:de:af:13:18:
ad:d8:0d:8b:51:cf:73:2d:e3:22:71:b9:a5:b1:07:
7d:34:55:6c:ef:b9:4b:a8:dc:0c:dd:f7:23:99:ee:
c5:5f:91:24:12:ad:03:2c:43:90:43:c0:1e:4e:83:
09:d0:11:2f:3c:02:2f:8d:75:37:7e:41:de:cb:3e:
ef:7c:81:a3:8c:b2:1c:4d:79:6b:45:2a:c6:02:e3:
70:11:c1:92:99:76:d8:8c:9a:ee:99:ac:b9:d9:5f:
e7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F4:D6:78:AE:F1:A7:D8:32:8D:D1:72:FB:2F:54:C2:DA:47:F2:E1
X509v3 Authority Key Identifier:
keyid:31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/CvTWeK7xp9gyjdFy-y9UwtpH8uE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.232.0/23
37.49.236.0/22
77.95.66.0/23
77.95.70.0/23
185.1.144.0/24
193.105.232.0/24
IPv6:
2001:7f8:47:47::/64
2001:7f8:54::/48
Signature Algorithm: sha256WithRSAEncryption
63:29:8c:85:72:f8:f6:26:c5:be:76:db:08:71:ed:49:5a:83:
9e:ab:36:5f:11:d6:72:cf:c6:15:86:b4:81:1e:80:65:83:07:
f6:6d:72:c0:34:84:da:b3:16:89:3b:c9:c6:2a:34:ae:21:86:
61:03:07:20:b5:fa:ba:14:b5:c7:dc:9b:69:22:77:f4:f3:9a:
03:56:bd:3c:3e:a0:88:c5:8e:7a:b2:d8:83:04:40:b2:8b:d9:
a0:b3:e2:eb:7c:67:96:8a:96:e0:c2:3e:08:97:b0:cd:18:bc:
7b:3a:5d:d7:66:64:47:db:29:7e:3e:64:1e:f0:dd:01:d1:df:
a2:2d:0a:c2:36:12:d4:a9:00:9a:54:73:ca:c8:8c:a4:ad:17:
7b:17:53:5a:5b:49:61:00:56:bb:38:89:67:79:29:71:c0:18:
d5:68:ce:f9:6d:b4:87:41:79:36:00:17:22:b9:bc:54:4c:c7:
af:86:b6:93:e7:31:f7:ef:6f:e9:dc:88:c4:08:c8:c3:f6:bb:
02:91:e4:d3:56:87:c4:21:16:66:c2:f6:9e:f7:4d:9b:49:aa:
b7:cd:15:34:48:ac:73:52:86:a0:aa:15:47:c8:2b:e8:65:5c:
c4:36:d8:a6:1e:8e:09:8f:ec:98:61:7d:9a:b8:42:50:d1:92:
d8:41:6d:cf
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZ5k7kMp1b8aw0i54zctv1M4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMWQ2MmI3ZmQ5ZmNmYzg3ZGZlYTk4NzUxNTc2N2M4Mzhl
MjFiYjkwHhcNMjYwNTI2MTUzNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWY0ZDY3OGFlZjFhN2Q4MzI4ZGQxNzJmYjJmNTRjMmRhNDdmMmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHrC9ilcX4RCmdQuqAF8PiXhlOVc
Hp3Cpr9T/rID5aLLtawuRrb+YLvKCkk2NaFNvt2ylweqB42M+hfZcjxxC2+W8SFx
Tt+a8ZG7+DHdZLyGSNFORbV6Z98aJWbmdMkdGd23mJ3XwIMHQsMW58DlrvB2LucV
PWcZiAUySLEIZ0ozGGFYluL7hezK8xUXJNNN+AELaDbLsHUrsp7KVMOR/t6vExit
2A2LUc9zLeMicbmlsQd9NFVs77lLqNwM3fcjme7FX5EkEq0DLEOQQ8AeToMJ0BEv
PAIvjXU3fkHeyz7vfIGjjLIcTXlrRSrGAuNwEcGSmXbYjJrumay52V/nHwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFAr01niu8afYMo3RcvsvVMLaR/LhMB8GA1UdIwQY
MBaAFDEdYrf9n8/Iff6ph1FXZ8g44hu5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEt
ODUwZjM0OTA2MjI5LzEvQ3ZUV2VLN3hwOWd5amRGeS15OVV3dHBIOHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEtODUwZjM0OTA2MjI5
LzEvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAqBAIAATAkAwQBJTHoAwQC
JTHsAwQBTV9CAwQBTV9GAwQAuQGQAwQAwWnoMBoEAgACMBQDCQAgAQf4AEcARwMH
ACABB/gAVDANBgkqhkiG9w0BAQsFAAOCAQEAYymMhXL49ibFvnbbCHHtSVqDnqs2
XxHWcs/GFYa0gR6AZYMH9m1ywDSE2rMWiTvJxio0riGGYQMHILX6uhS1x9ybaSJ3
9POaA1a9PD6giMWOerLYgwRAsovZoLPi63xnloqW4MI+CJewzRi8ezpd12ZkR9sp
fj5kHvDdAdHfoi0KwjYS1KkAmlRzysiMpK0XexdTWltJYQBWuziJZ3kpccAY1WjO
+W20h0F5NgAXIrm8VEzHr4a2k+cx9+9v6dyIxAjIw/a7ApHk01aHxCEWZsL2nvdN
m0mqt80VNEisc1KGoKoVR8gr6GVcxDbYph6OCY/smGF9mrhCUNGS2EFtzw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:17:45 2026 by rpki-client