Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/mUzfsxNnbwnbzrFO6bbwJeRdqc8.roa
File: mUzfsxNnbwnbzrFO6bbwJeRdqc8.roa (raw, json)
Hash identifier: WPhw5sZ8yc7m47awa7yiemQPPC2O/BN9I1sjAnPg0uQ=
Subject key identifier: 99:4C:DF:B3:13:67:6F:09:DB:CE:B1:4E:E9:B6:F0:25:E4:5D:A9:CF
Certificate issuer: /CN=6dfc1438ee0815a9bf8b73f9a7ced094f21ac79e
Certificate serial: 019D42EBB5247E2A4C484B005A26AF303035
Authority key identifier: 6D:FC:14:38:EE:08:15:A9:BF:8B:73:F9:A7:CE:D0:94:F2:1A:C7:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/mUzfsxNnbwnbzrFO6bbwJeRdqc8.roa
Signing time: Tue 31 Mar 2026 08:03:56 +0000
ROA not before: Tue 31 Mar 2026 08:03:56 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43256
IP address blocks: 31.209.128.0/24 maxlen: 24
31.209.129.0/24 maxlen: 24
31.209.130.0/24 maxlen: 24
31.209.131.0/24 maxlen: 24
31.209.132.0/24 maxlen: 24
31.209.133.0/24 maxlen: 24
31.209.134.0/24 maxlen: 24
31.209.135.0/24 maxlen: 24
185.8.47.0/24 maxlen: 24
217.171.88.0/24 maxlen: 24
217.171.89.0/24 maxlen: 24
217.171.90.0/24 maxlen: 24
217.171.91.0/24 maxlen: 24
217.171.92.0/24 maxlen: 24
217.171.93.0/24 maxlen: 24
217.171.94.0/24 maxlen: 24
217.171.95.0/24 maxlen: 24
2a03:31c0::/40 maxlen: 40
2a03:31c0:100::/40 maxlen: 40
2a03:31c0:200::/40 maxlen: 40
2a03:31c0:300::/40 maxlen: 40
2a03:31c0:400::/40 maxlen: 40
2a03:31c0:500::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bfwUOO4IFam_i3P5p87QlPIax54.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bfwUOO4IFam_i3P5p87QlPIax54.mft
rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:42:eb:b5:24:7e:2a:4c:48:4b:00:5a:26:af:30:30:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dfc1438ee0815a9bf8b73f9a7ced094f21ac79e
Validity
Not Before: Mar 31 08:03:56 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=994cdfb313676f09dbceb14ee9b6f025e45da9cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ca:2b:9f:1f:53:41:01:bc:db:a3:05:61:99:
ae:da:49:9f:4f:33:56:10:92:0d:61:62:6d:fe:f7:
b9:26:0c:12:d5:b5:6f:3d:3f:2b:52:e3:5a:35:16:
61:1c:87:2a:58:2e:ed:67:9e:eb:b3:10:2d:55:74:
b3:04:e6:9b:eb:4f:c5:ec:35:ef:26:25:e5:36:20:
54:12:83:79:39:c2:de:1b:85:0a:78:ee:a3:3b:39:
64:3f:8c:06:95:9a:44:b3:e4:9a:fd:e7:51:7d:f5:
72:ff:17:f5:1e:8c:f2:11:0e:5d:ca:f4:58:48:52:
2e:50:a4:52:51:2d:56:3b:13:77:6b:8d:1a:b3:75:
25:f5:89:7d:20:5c:e6:7c:6c:0f:1b:9b:f5:c2:92:
32:88:bf:9c:f1:d0:b6:37:e6:07:79:28:ed:b1:bf:
97:2f:6a:2d:54:0a:b1:2e:b8:40:99:aa:52:96:90:
08:5b:39:96:6c:30:e5:91:a4:b1:79:cf:40:71:54:
24:46:c9:65:f6:fe:d6:f8:3e:f3:2a:13:c3:90:37:
df:16:26:72:dc:68:35:bc:22:70:39:dd:d9:b7:8b:
a4:3d:af:0c:a7:50:91:0c:53:fe:0c:1f:e1:2b:c5:
c4:f5:1c:1d:ec:86:c7:74:9f:69:18:55:16:3c:f6:
83:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:4C:DF:B3:13:67:6F:09:DB:CE:B1:4E:E9:B6:F0:25:E4:5D:A9:CF
X509v3 Authority Key Identifier:
keyid:6D:FC:14:38:EE:08:15:A9:BF:8B:73:F9:A7:CE:D0:94:F2:1A:C7:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/mUzfsxNnbwnbzrFO6bbwJeRdqc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bfwUOO4IFam_i3P5p87QlPIax54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.128.0/21
185.8.47.0/24
217.171.88.0/21
IPv6:
2a03:31c0::-2a03:31c0:5ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2b:90:61:4c:51:14:1a:95:b1:c4:b0:7c:8e:5f:d0:5f:95:bb:
75:7f:2a:83:8e:d4:85:f0:14:1b:76:f5:cf:9b:bf:fc:fc:16:
13:f7:4a:ce:15:60:2d:de:3a:3f:91:ed:7a:a6:ee:28:c2:66:
e3:ff:67:c5:28:bc:4d:ca:a5:80:98:13:15:65:07:65:aa:6a:
0e:34:b6:2a:5b:69:4d:56:fa:1b:ad:54:40:6f:11:ee:70:9f:
6f:e7:12:a1:c2:b7:62:f0:71:9b:ec:47:6d:2d:75:f7:74:ec:
1e:f9:c2:8a:2e:65:56:08:a4:8d:16:30:96:dc:ee:a2:a0:65:
a3:22:f7:ab:64:da:08:f8:52:17:c6:2c:a6:ba:c8:af:3c:60:
4b:f6:fb:90:1b:1a:3c:f0:8e:14:50:46:57:88:ac:db:13:3e:
70:09:63:f7:75:c0:95:04:0f:02:f9:f5:31:41:f6:73:f3:0b:
ee:50:cf:91:c6:0d:a3:e0:c2:ce:da:4b:8a:5e:c6:74:59:96:
72:7b:a2:ec:dc:18:d7:6f:13:d1:d4:d2:97:ba:63:78:fe:af:
ca:47:fb:c3:d0:ee:d2:5c:ed:2b:04:97:66:a2:5b:c5:81:d9:
65:b1:7b:ee:23:39:aa:05:f8:28:e7:40:61:ff:6a:d7:89:97:
2b:91:7b:db
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZ1C67UkfipMSEsAWiavMDA1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZmMxNDM4ZWUwODE1YTliZjhiNzNmOWE3Y2VkMDk0ZjIx
YWM3OWUwHhcNMjYwMzMxMDgwMzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTRjZGZiMzEzNjc2ZjA5ZGJjZWIxNGVlOWI2ZjAyNWU0NWRhOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8ornx9TQQG826MFYZmu2kmfTzNW
EJINYWJt/ve5JgwS1bVvPT8rUuNaNRZhHIcqWC7tZ57rsxAtVXSzBOab60/F7DXv
JiXlNiBUEoN5OcLeG4UKeO6jOzlkP4wGlZpEs+Sa/edRffVy/xf1HozyEQ5dyvRY
SFIuUKRSUS1WOxN3a40as3Ul9Yl9IFzmfGwPG5v1wpIyiL+c8dC2N+YHeSjtsb+X
L2otVAqxLrhAmapSlpAIWzmWbDDlkaSxec9AcVQkRsll9v7W+D7zKhPDkDffFiZy
3Gg1vCJwOd3Zt4ukPa8Mp1CRDFP+DB/hK8XE9Rwd7IbHdJ9pGFUWPPaDMQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFJlM37MTZ28J286xTum28CXkXanPMB8GA1UdIwQY
MBaAFG38FDjuCBWpv4tz+afO0JTyGseeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZ3VU9PNElGYW1faTNQNXA4N1FsUElheDU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yZjk4Y2ItNmQ5NC00OGExLThkYmEt
ZDY0Njc2N2M1ZjEzLzEvbVV6ZnN4Tm5id25ienJGTzZiYndKZVJkcWM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yZjk4Y2ItNmQ5NC00OGExLThkYmEtZDY0Njc2N2M1ZjEz
LzEvYmZ3VU9PNElGYW1faTNQNXA4N1FsUElheDU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAYBAIAATASAwQDH9GAAwQA
uQgvAwQD2atYMBcEAgACMBEwDwMFBioDMcADBgEqAzHABDANBgkqhkiG9w0BAQsF
AAOCAQEAK5BhTFEUGpWxxLB8jl/QX5W7dX8qg47UhfAUG3b1z5u//PwWE/dKzhVg
Ld46P5HteqbuKMJm4/9nxSi8TcqlgJgTFWUHZapqDjS2KltpTVb6G61UQG8R7nCf
b+cSocK3YvBxm+xHbS1193TsHvnCii5lVgikjRYwltzuoqBloyL3q2TaCPhSF8Ys
prrIrzxgS/b7kBsaPPCOFFBGV4is2xM+cAlj93XAlQQPAvn1MUH2c/ML7lDPkcYN
o+DCztpLil7GdFmWcnui7NwY128T0dTSl7pjeP6vykf7w9Du0lztKwSXZqJbxYHZ
ZbF77iM5qgX4KOdAYf9q14mXK5F72w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:10:30 2026 by rpki-client