Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/M-P_71GHkU1TiCqJMqBscFalhuI.roa
File: M-P_71GHkU1TiCqJMqBscFalhuI.roa (raw, json)
Hash identifier: KrnTDerz2E59KS1kRwNlBAvzuiiGfaLzP6VlqG4pMRs=
Subject key identifier: 33:E3:FF:EF:51:87:91:4D:53:88:2A:89:32:A0:6C:70:56:A5:86:E2
Certificate issuer: /CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Certificate serial: 019C41780F81228F7902804221B7C6044B96
Authority key identifier: 84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/M-P_71GHkU1TiCqJMqBscFalhuI.roa
Signing time: Mon 09 Feb 2026 08:15:13 +0000
ROA not before: Mon 09 Feb 2026 08:15:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206238
IP address blocks: 31.14.180.0/23 maxlen: 23
45.81.170.0/23 maxlen: 23
91.132.40.0/22 maxlen: 22
178.239.16.0/22 maxlen: 24
188.212.112.0/22 maxlen: 22
188.213.88.0/21 maxlen: 24
194.145.194.0/23 maxlen: 23
217.148.134.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:41:78:0f:81:22:8f:79:02:80:42:21:b7:c6:04:4b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Validity
Not Before: Feb 9 08:15:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=33e3ffef5187914d53882a8932a06c7056a586e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:cd:f1:f4:9e:74:55:87:cd:1e:98:a3:3b:64:
e5:d7:b3:63:b1:ca:b9:b8:aa:02:c6:0f:c3:7a:41:
6d:0b:32:54:6d:17:3f:17:b3:b9:0b:05:95:b7:ed:
0c:57:b0:57:25:85:35:01:79:40:6b:cf:04:e7:70:
69:97:06:ee:b6:64:40:8d:f8:49:83:e3:78:3a:86:
83:1a:bf:79:74:92:7b:c1:0a:94:76:0c:92:3c:26:
01:69:9b:87:88:95:9c:12:1a:0d:ec:60:bb:04:a2:
3c:40:62:6a:ab:95:b9:12:9c:60:aa:66:08:84:ab:
78:c6:fd:06:f6:67:2c:c4:2f:29:ce:91:bc:01:bf:
33:96:b1:5b:09:ea:3c:e9:46:83:d1:eb:24:51:dd:
08:42:6c:fb:2c:78:83:24:ac:d6:f9:b8:6c:50:67:
b5:ad:dd:b7:b9:a1:28:7f:62:d6:ed:96:b4:7e:67:
80:a4:f0:8a:7f:d7:de:4b:b0:dd:cc:08:89:80:06:
00:1e:45:12:a9:61:69:92:a6:91:f9:73:1c:2e:3f:
24:f8:8b:6d:c8:48:31:b7:f8:ec:45:56:ac:cf:e2:
b3:a1:a2:4c:aa:ec:71:38:43:e7:21:0f:21:1f:4c:
d4:35:46:f8:13:22:a9:59:a7:92:13:6a:35:33:c6:
e8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E3:FF:EF:51:87:91:4D:53:88:2A:89:32:A0:6C:70:56:A5:86:E2
X509v3 Authority Key Identifier:
keyid:84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/M-P_71GHkU1TiCqJMqBscFalhuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.180.0/23
45.81.170.0/23
91.132.40.0/22
178.239.16.0/22
188.212.112.0/22
188.213.88.0/21
194.145.194.0/23
217.148.134.0/23
Signature Algorithm: sha256WithRSAEncryption
16:09:03:9e:92:fa:18:4d:b1:bd:48:d3:51:6b:4d:ed:69:6d:
c9:e5:1e:5e:bc:eb:83:6c:14:cb:9d:25:df:8c:2a:45:e1:3e:
35:9f:e0:f1:ab:c9:0e:a7:9d:d6:9f:a0:4e:87:6a:7b:82:0b:
91:45:40:61:67:80:a3:dd:e3:82:b1:25:98:89:21:86:91:b0:
70:33:e1:9e:19:b7:47:6e:11:08:05:97:29:ef:2c:6d:40:eb:
ac:6e:bb:57:a5:ac:31:ce:82:45:c0:4f:6a:0f:94:58:58:b1:
43:dc:fc:ee:6d:6c:08:b6:b4:24:2d:cb:a7:16:d9:c2:f6:11:
73:93:44:74:ac:64:73:a5:94:6a:de:a9:b2:79:f4:f5:a4:a0:
1d:c0:64:31:c0:24:db:c9:d1:a7:a8:53:3a:9b:65:9c:8e:58:
a5:d1:04:76:2e:4d:02:d0:73:3f:a7:33:69:ad:a4:21:5a:06:
4a:ef:8c:a2:9a:b1:ce:52:eb:6e:3c:24:30:75:58:39:f7:31:
bd:8d:47:bb:9a:31:ad:26:fc:f9:c1:e6:ad:95:d3:a8:fd:1c:
18:1d:bf:9a:d3:cc:77:23:05:35:fe:94:aa:7f:06:6e:be:ac:
c7:2e:c1:af:27:9b:c6:f4:a4:ac:d6:12:de:42:cb:9a:09:da:
d3:31:6e:2c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZxBeA+BIo95AoBCIbfGBEuWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YmZjNDUxZmM0ZjI0MTFhZGRkMDBhOWZiYjE3MzQ2YWQ2
ZTg5OTYwHhcNMjYwMjA5MDgxNTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2UzZmZlZjUxODc5MTRkNTM4ODJhODkzMmEwNmM3MDU2YTU4NmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApc3x9J50VYfNHpijO2Tl17Njscq5
uKoCxg/DekFtCzJUbRc/F7O5CwWVt+0MV7BXJYU1AXlAa88E53BplwbutmRAjfhJ
g+N4OoaDGr95dJJ7wQqUdgySPCYBaZuHiJWcEhoN7GC7BKI8QGJqq5W5EpxgqmYI
hKt4xv0G9mcsxC8pzpG8Ab8zlrFbCeo86UaD0eskUd0IQmz7LHiDJKzW+bhsUGe1
rd23uaEof2LW7Za0fmeApPCKf9feS7DdzAiJgAYAHkUSqWFpkqaR+XMcLj8k+Itt
yEgxt/jsRVasz+KzoaJMquxxOEPnIQ8hH0zUNUb4EyKpWaeSE2o1M8bo6QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDPj/+9Rh5FNU4gqiTKgbHBWpYbiMB8GA1UdIwQY
MBaAFIS/xFH8TyQRrd0Aqfuxc0atbomWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYt
ZjY2MzE3OTc3OTY4LzEvTS1QXzcxR0hrVTFUaUNxSk1xQnNjRmFsaHVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYtZjY2MzE3OTc3OTY4
LzEvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBHw60AwQB
LVGqAwQCW4QoAwQCsu8QAwQCvNRwAwQDvNVYAwQBwpHCAwQB2ZSGMA0GCSqGSIb3
DQEBCwUAA4IBAQAWCQOekvoYTbG9SNNRa03taW3J5R5evOuDbBTLnSXfjCpF4T41
n+Dxq8kOp53Wn6BOh2p7gguRRUBhZ4Cj3eOCsSWYiSGGkbBwM+GeGbdHbhEIBZcp
7yxtQOusbrtXpawxzoJFwE9qD5RYWLFD3PzubWwItrQkLcunFtnC9hFzk0R0rGRz
pZRq3qmyefT1pKAdwGQxwCTbydGnqFM6m2Wcjlil0QR2Lk0C0HM/pzNpraQhWgZK
74yimrHOUutuPCQwdVg59zG9jUe7mjGtJvz5weatldOo/RwYHb+a08x3IwU1/pSq
fwZuvqzHLsGvJ5vG9KSs1hLeQsuaCdrTMW4s
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:50:21 2026 by rpki-client