Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/MSyfV_HmRtHXBUfwLY3YCCruVgk.roa
File: MSyfV_HmRtHXBUfwLY3YCCruVgk.roa (raw, json)
Hash identifier: Qi+1BzluSN7PT+XM4AvNLv2RdCU3ddkeW+sSjpTzz7E=
Subject key identifier: 31:2C:9F:57:F1:E6:46:D1:D7:05:47:F0:2D:8D:D8:08:2A:EE:56:09
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019E8E5143594E83705D6B7996974C6CFB98
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/MSyfV_HmRtHXBUfwLY3YCCruVgk.roa
Signing time: Wed 03 Jun 2026 16:29:10 +0000
ROA not before: Wed 03 Jun 2026 16:29:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209693
IP address blocks: 31.76.22.0/24 maxlen: 24
31.76.23.0/24 maxlen: 24
64.188.76.0/24 maxlen: 24
64.188.77.0/24 maxlen: 24
64.188.78.0/24 maxlen: 24
64.188.79.0/24 maxlen: 24
64.188.80.0/24 maxlen: 24
64.188.81.0/24 maxlen: 24
64.188.82.0/24 maxlen: 24
64.188.83.0/24 maxlen: 24
77.239.126.0/24 maxlen: 24
87.251.16.0/24 maxlen: 24
87.251.17.0/24 maxlen: 24
87.251.18.0/24 maxlen: 24
87.251.19.0/24 maxlen: 24
144.31.168.0/22 maxlen: 24
193.23.216.0/24 maxlen: 24
193.23.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8e:51:43:59:4e:83:70:5d:6b:79:96:97:4c:6c:fb:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 3 16:29:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=312c9f57f1e646d1d70547f02d8dd8082aee5609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:b7:ec:8e:ab:9a:01:f0:ad:3f:35:4c:42:a1:
97:80:0e:69:89:02:6b:4a:bb:3d:6b:c5:6c:f4:50:
39:02:59:35:10:f5:09:d9:f4:95:51:43:8e:99:8c:
ce:27:bf:57:59:16:1d:43:fb:db:12:00:44:de:4b:
ad:ee:4a:08:20:cb:49:84:c4:86:71:b8:e0:e1:1b:
90:69:52:b9:5b:d3:9f:2c:c1:56:bf:56:10:0c:1e:
cf:ec:c5:73:1e:60:38:ef:fb:7d:cd:a9:c8:b9:6a:
a7:f9:ff:ad:e2:ac:24:81:87:68:80:d7:a8:61:4f:
fb:10:48:24:5a:f7:f4:08:2e:7f:32:5d:9b:d3:a0:
9b:d1:cb:da:10:8d:c1:25:25:a9:59:e2:55:7f:46:
86:c2:0f:6c:c0:95:8f:5f:b6:47:af:cf:e8:22:2b:
06:c7:52:57:df:df:2d:c2:4f:24:53:d2:1b:d7:c3:
4a:db:d2:09:10:e0:55:97:9f:1c:03:ed:b8:70:8c:
6c:84:3f:29:57:37:28:54:5b:dd:a7:5f:3b:9f:31:
3d:51:6f:76:77:2f:17:a8:ed:18:69:3f:52:af:43:
e6:dc:29:d9:6c:b5:eb:7c:49:a1:91:b2:18:7a:47:
e5:91:35:ae:8f:8e:c8:ae:38:3d:04:94:e0:31:b4:
b8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:2C:9F:57:F1:E6:46:D1:D7:05:47:F0:2D:8D:D8:08:2A:EE:56:09
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/MSyfV_HmRtHXBUfwLY3YCCruVgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.76.22.0/23
64.188.76.0-64.188.83.255
77.239.126.0/24
87.251.16.0/22
144.31.168.0/22
193.23.216.0/24
193.23.221.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:fe:12:4f:43:0d:05:6c:4c:0c:c1:d9:61:66:be:52:c1:c1:
27:83:f1:c0:39:91:63:6c:4a:df:b7:2a:aa:1e:6e:c7:e3:08:
23:01:d8:11:c1:9b:39:4d:44:06:50:c6:c0:f9:07:ce:ec:73:
48:d5:09:bf:d7:6d:5e:72:30:0a:61:07:14:4b:a6:67:42:6c:
b5:ad:5e:32:ad:aa:bc:7b:7b:95:17:40:7d:e9:ae:13:99:42:
28:bd:11:d1:ac:e6:5b:b4:e6:e8:b2:24:07:ba:5e:6c:6c:0f:
eb:1a:f1:d6:7d:a5:85:b6:0b:e5:3b:d4:20:90:20:b5:12:8c:
c0:c0:34:90:9c:d4:c3:9d:8d:b4:88:7a:da:9b:62:e2:d4:cb:
81:9f:2a:b2:de:0a:c4:1d:c8:10:15:d0:26:59:9a:0b:a5:dd:
fe:44:59:55:7b:5f:f5:3e:29:b0:06:55:f5:71:f7:57:b7:e7:
ac:0c:53:6c:2d:b0:75:0c:be:29:d5:87:d9:79:24:41:05:4c:
89:7e:1e:58:68:83:06:09:f3:04:b7:9c:ca:79:51:b9:c4:58:
f2:1a:6e:57:61:0f:c2:b5:bd:40:4e:72:f1:d1:9b:50:66:6e:
2b:a0:28:2f:f8:07:28:df:7b:81:4d:23:1e:2a:40:e0:2c:ff:
6e:bd:08:a7
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZ6OUUNZToNwXWt5lpdMbPuYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjAzMTYyOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTJjOWY1N2YxZTY0NmQxZDcwNTQ3ZjAyZDhkZDgwODJhZWU1NjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7rfsjquaAfCtPzVMQqGXgA5piQJr
Srs9a8Vs9FA5Alk1EPUJ2fSVUUOOmYzOJ79XWRYdQ/vbEgBE3kut7koIIMtJhMSG
cbjg4RuQaVK5W9OfLMFWv1YQDB7P7MVzHmA47/t9zanIuWqn+f+t4qwkgYdogNeo
YU/7EEgkWvf0CC5/Ml2b06Cb0cvaEI3BJSWpWeJVf0aGwg9swJWPX7ZHr8/oIisG
x1JX398twk8kU9Ib18NK29IJEOBVl58cA+24cIxshD8pVzcoVFvdp187nzE9UW92
dy8XqO0YaT9Sr0Pm3CnZbLXrfEmhkbIYekflkTWuj47Irjg9BJTgMbS4bQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFDEsn1fx5kbR1wVH8C2N2Agq7lYJMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvTVN5ZlZfSG1SdEhYQlVmd0xZM1lDQ3J1VmdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBH0wWMAwD
BAJAvEwDBAJAvFADBABN734DBAJX+xADBAKQH6gDBADBF9gDBADBF90wDQYJKoZI
hvcNAQELBQADggEBAG7+Ek9DDQVsTAzB2WFmvlLBwSeD8cA5kWNsSt+3Kqoebsfj
CCMB2BHBmzlNRAZQxsD5B87sc0jVCb/XbV5yMAphBxRLpmdCbLWtXjKtqrx7e5UX
QH3prhOZQii9EdGs5lu05uiyJAe6XmxsD+sa8dZ9pYW2C+U71CCQILUSjMDANJCc
1MOdjbSIetqbYuLUy4GfKrLeCsQdyBAV0CZZmgul3f5EWVV7X/U+KbAGVfVx91e3
56wMU2wtsHUMvinVh9l5JEEFTIl+HlhogwYJ8wS3nMp5UbnEWPIabldhD8K1vUBO
cvHRm1BmbiugKC/4Byjfe4FNIx4qQOAs/269CKc=
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:52:05 2026 by rpki-client