Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/MGsu4l7voY_M5h5SxaYNS62jTMg.roa
File: MGsu4l7voY_M5h5SxaYNS62jTMg.roa (raw, json)
Hash identifier: EHMQL5oMWDEuqXjWUujRNuI7YBF3ZVwiY8lLQy+jFpQ=
Subject key identifier: 30:6B:2E:E2:5E:EF:A1:8F:CC:E6:1E:52:C5:A6:0D:4B:AD:A3:4C:C8
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 019C8571B33B5140CA0D01EED84170C1BFE5
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/MGsu4l7voY_M5h5SxaYNS62jTMg.roa
Signing time: Sun 22 Feb 2026 13:02:26 +0000
ROA not before: Sun 22 Feb 2026 13:02:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211056
IP address blocks: 94.184.5.0/24 maxlen: 24
94.184.7.0/24 maxlen: 24
94.184.8.0/24 maxlen: 24
94.184.14.0/24 maxlen: 24
94.184.15.0/24 maxlen: 24
94.184.19.0/24 maxlen: 24
94.184.20.0/24 maxlen: 24
94.184.23.0/24 maxlen: 24
94.184.24.0/24 maxlen: 24
94.184.25.0/24 maxlen: 24
94.184.26.0/24 maxlen: 24
94.184.27.0/24 maxlen: 24
94.184.28.0/24 maxlen: 24
94.184.30.0/24 maxlen: 24
94.184.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.mft
rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:85:71:b3:3b:51:40:ca:0d:01:ee:d8:41:70:c1:bf:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Feb 22 13:02:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=306b2ee25eefa18fcce61e52c5a60d4bada34cc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:04:ce:0d:cd:33:1f:6a:76:07:ab:a5:ae:4d:
9b:c7:b6:cb:60:8b:82:1e:f4:ed:5f:2c:de:08:1f:
9c:c3:9b:11:90:9d:03:98:05:bc:c6:20:f8:aa:7d:
23:cc:9a:36:89:21:27:12:b3:6a:59:c9:b9:47:fb:
dc:3e:c1:9e:a9:c9:25:ae:2c:97:09:c1:2a:32:11:
55:35:9c:be:dc:e1:e6:d5:48:d8:ab:8c:f1:36:dc:
42:29:8b:b2:0f:c0:80:bf:e1:d2:97:c9:2f:c6:57:
1e:55:cd:47:47:2e:93:51:c8:37:b0:70:4b:5b:e3:
d6:c6:fc:14:81:4a:33:fd:aa:39:5d:e7:09:02:da:
de:c7:30:1c:c7:94:57:bf:96:e4:d4:2f:3d:fc:c0:
69:59:40:06:79:c2:3f:64:14:55:10:61:a8:10:08:
27:ed:7b:bb:e9:cd:49:90:dd:55:3f:65:62:22:fb:
85:a6:a1:ff:20:fe:f6:95:d1:a3:70:ea:45:04:7a:
63:8d:7c:3c:8a:d7:6c:22:e3:4f:38:26:9e:ea:b5:
e2:7f:cc:16:d8:01:e7:68:77:6b:5b:25:d1:0b:10:
7c:5b:9d:56:6c:f5:f9:5d:4c:a5:07:db:3d:89:d6:
3f:51:9e:33:1f:f9:b6:94:3a:5e:6c:9b:33:18:e4:
fa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:6B:2E:E2:5E:EF:A1:8F:CC:E6:1E:52:C5:A6:0D:4B:AD:A3:4C:C8
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/MGsu4l7voY_M5h5SxaYNS62jTMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.5.0/24
94.184.7.0-94.184.8.255
94.184.14.0/23
94.184.19.0-94.184.20.255
94.184.23.0-94.184.28.255
94.184.30.0/23
Signature Algorithm: sha256WithRSAEncryption
35:16:34:f8:5f:a4:77:02:a7:64:50:39:79:de:cf:a1:f5:71:
0e:a1:fa:d9:55:85:23:71:95:c0:3d:c4:c0:48:a8:7f:a7:43:
a1:b8:60:e3:77:cf:25:b9:5c:1d:eb:bf:b9:cc:07:c5:8b:5d:
e7:7a:35:27:97:4c:36:3f:62:da:c3:c8:7b:a4:b1:55:8c:8e:
f6:8f:77:5a:25:fb:0b:ad:45:62:8d:5f:85:7f:8a:05:e4:ec:
cf:f4:ac:5e:8a:7e:64:fa:6b:f9:b6:95:49:45:2e:b5:c1:5a:
e4:eb:90:06:a2:22:72:7f:e2:1f:86:14:62:82:eb:a5:01:e2:
6b:94:eb:3b:1b:af:e3:e3:74:33:44:7d:b5:0b:98:9c:39:3e:
e3:90:ed:9d:8e:25:50:65:bd:a2:b6:67:cf:9b:a0:d0:59:b9:
03:10:b9:65:40:88:9c:ca:40:3f:76:bb:bf:2a:de:8d:81:e5:
e5:ba:64:c9:90:ff:b7:0a:6f:56:fb:23:7a:9f:a3:66:eb:90:
8f:88:46:f6:81:d1:3b:27:1d:9a:44:99:ba:f2:02:bf:eb:37:
32:1e:bf:40:58:24:a8:b8:08:24:57:dc:eb:e3:a2:50:6b:2e:
79:98:c4:41:5e:e9:73:13:7d:11:ca:15:5d:92:39:36:63:ee:
34:47:f2:14
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZyFcbM7UUDKDQHu2EFwwb/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjYwMjIyMTMwMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDZiMmVlMjVlZWZhMThmY2NlNjFlNTJjNWE2MGQ0YmFkYTM0Y2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7gTODc0zH2p2B6ulrk2bx7bLYIuC
HvTtXyzeCB+cw5sRkJ0DmAW8xiD4qn0jzJo2iSEnErNqWcm5R/vcPsGeqcklriyX
CcEqMhFVNZy+3OHm1UjYq4zxNtxCKYuyD8CAv+HSl8kvxlceVc1HRy6TUcg3sHBL
W+PWxvwUgUoz/ao5XecJAtrexzAcx5RXv5bk1C89/MBpWUAGecI/ZBRVEGGoEAgn
7Xu76c1JkN1VP2ViIvuFpqH/IP72ldGjcOpFBHpjjXw8itdsIuNPOCae6rXif8wW
2AHnaHdrWyXRCxB8W51WbPX5XUylB9s9idY/UZ4zH/m2lDpebJszGOT6lwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDBrLuJe76GPzOYeUsWmDUuto0zIMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvTUdzdTRsN3ZvWV9NNWg1U3hhWU5TNjJqVE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAXrgFMAwD
BABeuAcDBABeuAgDBAFeuA4wDAMEAF64EwMEAF64FDAMAwQAXrgXAwQAXrgcAwQB
XrgeMA0GCSqGSIb3DQEBCwUAA4IBAQA1FjT4X6R3AqdkUDl53s+h9XEOofrZVYUj
cZXAPcTASKh/p0OhuGDjd88luVwd67+5zAfFi13nejUnl0w2P2Law8h7pLFVjI72
j3daJfsLrUVijV+Ff4oF5OzP9Kxein5k+mv5tpVJRS61wVrk65AGoiJyf+IfhhRi
guulAeJrlOs7G6/j43QzRH21C5icOT7jkO2djiVQZb2itmfPm6DQWbkDELllQIic
ykA/dru/Kt6NgeXlumTJkP+3Cm9W+yN6n6Nm65CPiEb2gdE7Jx2aRJm68gK/6zcy
Hr9AWCSouAgkV9zr46JQay55mMRBXulzE30RyhVdkjk2Y+40R/IU
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:55:15 2026 by rpki-client