Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/MTOjup8y1UXD0CJugetRyShLlFM.roa
File: MTOjup8y1UXD0CJugetRyShLlFM.roa (raw, json)
Hash identifier: did6Im7PvxOeWT+FnqE9v3BCYzUp9wbU09/sziP8S8g=
Subject key identifier: 31:33:A3:BA:9F:32:D5:45:C3:D0:22:6E:81:EB:51:C9:28:4B:94:53
Certificate issuer: /CN=235163d39db88816cddc597a5db5eae707d3de39
Certificate serial: 019B7F854E1CE072A65475E5B97EC83F77E2
Authority key identifier: 23:51:63:D3:9D:B8:88:16:CD:DC:59:7A:5D:B5:EA:E7:07:D3:DE:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I1Fj0524iBbN3Fl6XbXq5wfT3jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/MTOjup8y1UXD0CJugetRyShLlFM.roa
Signing time: Fri 02 Jan 2026 16:23:21 +0000
ROA not before: Fri 02 Jan 2026 16:23:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203819
IP address blocks: 45.150.123.0/24 maxlen: 24
2a0f:be01::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/I1Fj0524iBbN3Fl6XbXq5wfT3jk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/I1Fj0524iBbN3Fl6XbXq5wfT3jk.mft
rsync://rpki.ripe.net/repository/DEFAULT/I1Fj0524iBbN3Fl6XbXq5wfT3jk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:85:4e:1c:e0:72:a6:54:75:e5:b9:7e:c8:3f:77:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=235163d39db88816cddc597a5db5eae707d3de39
Validity
Not Before: Jan 2 16:23:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3133a3ba9f32d545c3d0226e81eb51c9284b9453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:35:c9:4b:21:87:1d:b7:db:b7:c1:99:3b:56:
53:d7:7b:08:d1:49:47:cb:84:90:e6:e1:9f:26:65:
25:a6:c5:9f:62:24:51:10:4f:b3:93:17:9c:78:3f:
8b:95:94:c4:7d:cd:03:06:c0:6d:1c:2a:ad:40:5a:
37:61:6f:51:b0:3c:21:90:d5:6b:04:0b:cc:03:c1:
7d:6e:f7:55:4a:fc:18:a2:dc:b5:9e:49:91:24:ca:
17:23:12:2f:26:53:b9:8c:3b:9e:7f:07:93:23:16:
8d:e2:8c:c6:9b:29:62:83:bc:9d:22:aa:db:13:9b:
7b:ae:22:c5:9e:6d:11:1f:0c:17:dd:12:08:f3:0a:
98:e9:9c:37:d7:bc:14:bf:17:f3:63:84:8d:2e:f7:
ea:f7:00:08:0d:e7:3c:6c:4a:1b:d5:b0:54:74:df:
e9:5d:fd:1d:cd:7f:0f:35:b7:ca:6f:4a:18:af:b8:
9c:12:fc:4c:42:be:3f:00:de:00:a3:2a:6c:a7:2e:
73:e7:48:98:50:a8:9b:14:82:a2:b5:56:2e:2b:0d:
14:aa:c8:e8:40:f5:bd:bd:0e:88:5a:9d:88:89:98:
93:2a:5f:42:72:9a:09:9a:e8:ef:8f:6d:c2:e2:b5:
d1:9a:f2:72:f1:53:b7:47:aa:70:af:4c:d7:cf:dd:
b4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:33:A3:BA:9F:32:D5:45:C3:D0:22:6E:81:EB:51:C9:28:4B:94:53
X509v3 Authority Key Identifier:
keyid:23:51:63:D3:9D:B8:88:16:CD:DC:59:7A:5D:B5:EA:E7:07:D3:DE:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I1Fj0524iBbN3Fl6XbXq5wfT3jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/MTOjup8y1UXD0CJugetRyShLlFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d7558e-9a6c-4711-8ef8-9150296daa0a/1/I1Fj0524iBbN3Fl6XbXq5wfT3jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.123.0/24
IPv6:
2a0f:be01::/40
Signature Algorithm: sha256WithRSAEncryption
1e:cc:8e:97:18:9d:77:20:9f:cb:26:78:c9:68:2b:aa:d3:fd:
ee:bc:a5:33:1e:ee:fd:11:3f:c7:00:64:63:ed:df:b4:20:45:
af:c7:3e:19:6a:42:b9:32:9b:d1:ee:7f:0f:6d:2c:f9:32:bc:
39:63:98:9d:7b:c5:81:56:4e:51:69:ff:57:03:f3:68:17:b5:
21:55:a2:b0:e5:76:64:67:19:3f:9c:d1:a2:72:a5:e5:4d:a7:
1a:78:74:a2:14:e1:a5:a3:fb:4b:9d:d2:14:86:95:8d:fe:51:
4b:ac:a0:22:b4:8d:c5:ed:69:0b:6d:7e:12:42:af:65:ab:1a:
27:74:49:22:66:dd:43:61:7e:7a:3b:0d:82:11:1c:c2:5c:55:
60:c5:01:ac:c1:fb:4e:e2:aa:67:96:a1:ff:5e:32:ec:02:37:
09:dc:ea:db:34:07:5f:a6:97:6c:55:38:8a:a8:37:7f:68:5c:
ac:e4:94:18:18:20:6e:30:a5:34:9c:58:2c:6d:11:07:e8:3d:
a4:fc:70:f5:28:19:f7:b1:30:73:fb:e7:fa:25:26:cd:31:9b:
45:0e:6b:41:e0:db:9e:fd:12:72:ff:1d:1b:7c:51:4b:36:63:
58:6d:15:6f:1d:a2:51:63:dc:dc:4f:d6:af:0d:78:ea:84:b7:
cf:4a:f0:2b
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZt/hU4c4HKmVHXluX7IP3fiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNTE2M2QzOWRiODg4MTZjZGRjNTk3YTVkYjVlYWU3MDdk
M2RlMzkwHhcNMjYwMTAyMTYyMzIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTMzYTNiYTlmMzJkNTQ1YzNkMDIyNmU4MWViNTFjOTI4NGI5NDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzXJSyGHHbfbt8GZO1ZT13sI0UlH
y4SQ5uGfJmUlpsWfYiRREE+zkxeceD+LlZTEfc0DBsBtHCqtQFo3YW9RsDwhkNVr
BAvMA8F9bvdVSvwYoty1nkmRJMoXIxIvJlO5jDuefweTIxaN4ozGmylig7ydIqrb
E5t7riLFnm0RHwwX3RII8wqY6Zw317wUvxfzY4SNLvfq9wAIDec8bEob1bBUdN/p
Xf0dzX8PNbfKb0oYr7icEvxMQr4/AN4Aoypspy5z50iYUKibFIKitVYuKw0Uqsjo
QPW9vQ6IWp2IiZiTKl9CcpoJmujvj23C4rXRmvJy8VO3R6pwr0zXz920DwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFDEzo7qfMtVFw9AiboHrUckoS5RTMB8GA1UdIwQY
MBaAFCNRY9OduIgWzdxZel216ucH0945MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTFGajA1MjRpQmJOM0ZsNlhiWHE1d2ZUM2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kNzU1OGUtOWE2Yy00NzExLThlZjgt
OTE1MDI5NmRhYTBhLzEvTVRPanVwOHkxVVhEMENKdWdldFJ5U2hMbEZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kNzU1OGUtOWE2Yy00NzExLThlZjgtOTE1MDI5NmRhYTBh
LzEvSTFGajA1MjRpQmJOM0ZsNlhiWHE1d2ZUM2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQALZZ7MA4E
AgACMAgDBgAqD74BADANBgkqhkiG9w0BAQsFAAOCAQEAHsyOlxiddyCfyyZ4yWgr
qtP97rylMx7u/RE/xwBkY+3ftCBFr8c+GWpCuTKb0e5/D20s+TK8OWOYnXvFgVZO
UWn/VwPzaBe1IVWisOV2ZGcZP5zRonKl5U2nGnh0ohThpaP7S53SFIaVjf5RS6yg
IrSNxe1pC21+EkKvZasaJ3RJImbdQ2F+ejsNghEcwlxVYMUBrMH7TuKqZ5ah/14y
7AI3Cdzq2zQHX6aXbFU4iqg3f2hcrOSUGBggbjClNJxYLG0RB+g9pPxw9SgZ97Ew
c/vn+iUmzTGbRQ5rQeDbnv0Scv8dG3xRSzZjWG0Vbx2iUWPc3E/Wrw146oS3z0rw
Kw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:34:52 2026 by rpki-client