Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MrGlrQEaqelpYkewLKWRmhPzvLs.roa
File: MrGlrQEaqelpYkewLKWRmhPzvLs.roa (raw, json)
Hash identifier: ev29NHhvnXhsI3wNHMoq5mpnAhclG5VANuff60FkAx8=
Subject key identifier: 32:B1:A5:AD:01:1A:A9:E9:69:62:47:B0:2C:A5:91:9A:13:F3:BC:BB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01992DEE8EBEF69A83D856AD33F590BED746
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MrGlrQEaqelpYkewLKWRmhPzvLs.roa
Signing time: Tue 09 Sep 2025 10:03:52 +0000
ROA not before: Tue 09 Sep 2025 10:03:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 62.76.226.0/24 maxlen: 24
62.76.227.0/24 maxlen: 24
62.76.231.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.181.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
192.124.188.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
194.87.3.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.24.0/24 maxlen: 24
194.87.33.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
194.87.165.0/24 maxlen: 24
194.87.166.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.56.0/24 maxlen: 24
195.133.57.0/24 maxlen: 24
195.133.60.0/24 maxlen: 24
195.133.61.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:ee:8e:be:f6:9a:83:d8:56:ad:33:f5:90:be:d7:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 9 10:03:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32b1a5ad011aa9e9696247b02ca5919a13f3bcbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c1:f8:7f:af:3e:1f:d6:c4:7e:51:73:6c:1d:
77:72:65:81:40:1e:69:84:7b:73:f3:86:5b:dc:5b:
03:74:af:5c:6e:49:fc:29:02:87:8b:1f:ab:45:03:
34:61:6f:77:73:61:9c:8b:92:8e:a2:c5:c0:bf:3e:
fe:b6:61:56:20:14:6e:d4:e9:6f:15:4a:de:bc:4b:
9a:a0:1c:91:15:3b:20:5e:40:a9:8a:ce:75:c7:fc:
a3:7b:6e:05:71:92:15:95:81:31:80:52:8f:b6:e7:
d5:43:02:2c:64:4f:f5:de:2a:f2:99:cf:7e:a1:1b:
54:3f:d7:36:5e:db:13:35:58:c3:51:5d:02:41:e9:
22:dc:38:11:2f:53:98:59:8e:6d:b1:78:64:cc:b6:
b3:8d:f8:0f:44:98:97:07:a1:28:06:8f:c2:ba:1c:
f3:65:d3:ea:5e:d1:71:08:88:75:58:53:e7:4a:8e:
20:c1:c2:12:af:8d:87:9d:20:73:cf:c3:dc:4a:6c:
dd:04:38:49:7f:0e:ed:0c:42:2a:4d:43:83:90:74:
73:39:c4:6b:af:1d:54:37:a7:ac:67:a9:82:8d:75:
c2:da:e1:f7:f5:97:ae:ea:22:87:fc:19:1c:cb:66:
f7:2d:ac:83:f4:bb:02:0e:d8:d6:89:01:49:ff:b5:
de:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B1:A5:AD:01:1A:A9:E9:69:62:47:B0:2C:A5:91:9A:13:F3:BC:BB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MrGlrQEaqelpYkewLKWRmhPzvLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/23
62.76.231.0/24
62.76.235.0/24
185.72.10.0/24
192.124.181.0/24
192.124.183.0/24
192.124.188.0/24
192.124.190.0/24
193.124.3.0/24
193.124.6.0/24
193.124.91.0/24
194.58.60.0/24
194.58.67.0/24
194.87.3.0/24
194.87.7.0/24
194.87.16.0/24
194.87.24.0/24
194.87.33.0/24
194.87.36.0/24
194.87.90.0/24
194.87.165.0-194.87.166.255
194.87.229.0/24
194.87.231.0/24
194.135.23.0/24
195.58.55.0/24
195.133.12.0/24
195.133.35.0/24
195.133.56.0/23
195.133.60.0/23
212.192.242.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
67:ed:96:39:6c:47:8c:08:bd:ae:6d:09:b3:5c:e6:90:ce:ed:
5d:14:f8:29:bb:1f:a2:10:5d:f3:36:4c:86:9a:e9:b7:d0:c4:
8b:b8:a2:e0:e7:00:22:02:23:09:04:21:c1:e6:c7:7e:5f:d2:
46:da:2f:76:e2:ee:03:f0:90:2b:28:8f:ac:46:64:4b:3e:09:
ec:82:0f:78:e1:f4:3f:6b:05:ac:74:b9:5f:05:53:b9:c5:3e:
96:fb:c9:b7:d3:d8:56:74:fe:b1:ba:44:08:eb:6f:6f:64:1f:
ae:94:44:0d:4c:08:13:01:9d:99:92:c5:20:cd:c4:5e:3c:ce:
2f:7d:78:2a:11:ca:3c:46:49:60:77:08:22:57:78:af:13:58:
82:5c:a6:03:dc:4f:10:25:c9:07:d2:76:0d:54:b2:72:9a:0b:
61:94:3c:bf:e4:1a:a5:9c:36:09:31:74:88:82:3b:ce:d8:59:
75:f9:c3:5b:c1:3b:ed:2e:04:b9:d2:14:dd:eb:88:d9:02:1d:
8b:46:88:0c:b6:78:ed:9c:e2:e6:57:49:3f:fb:d7:01:c6:63:
dc:7a:2f:10:dc:81:b3:de:1c:3e:20:6e:aa:7b:4c:c6:76:8c:
40:f3:42:73:54:88:d7:e3:f3:e7:c3:5c:b7:c3:41:9f:e5:db:
0a:24:e1:6b
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZkt7o6+9pqD2FatM/WQvtdGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwOTA5MTAwMzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmIxYTVhZDAxMWFhOWU5Njk2MjQ3YjAyY2E1OTE5YTEzZjNiY2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcH4f68+H9bEflFzbB13cmWBQB5p
hHtz84Zb3FsDdK9cbkn8KQKHix+rRQM0YW93c2Gci5KOosXAvz7+tmFWIBRu1Olv
FUrevEuaoByRFTsgXkCpis51x/yje24FcZIVlYExgFKPtufVQwIsZE/13irymc9+
oRtUP9c2XtsTNVjDUV0CQeki3DgRL1OYWY5tsXhkzLazjfgPRJiXB6EoBo/Cuhzz
ZdPqXtFxCIh1WFPnSo4gwcISr42HnSBzz8PcSmzdBDhJfw7tDEIqTUODkHRzOcRr
rx1UN6esZ6mCjXXC2uH39Zeu6iKH/Bkcy2b3LayD9LsCDtjWiQFJ/7XeYwIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFDKxpa0BGqnpaWJHsCylkZoT87y7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTXJHbHJRRWFxZWxwWWtld0xLV1JtaFB6dkxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCByQQCAAEwgcIDBAE+
TOIDBAA+TOcDBAA+TOsDBAC5SAoDBADAfLUDBADAfLcDBADAfLwDBADAfL4DBADB
fAMDBADBfAYDBADBfFsDBADCOjwDBADCOkMDBADCVwMDBADCVwcDBADCVxADBADC
VxgDBADCVyEDBADCVyQDBADCV1owDAMEAMJXpQMEAMJXpgMEAMJX5QMEAMJX5wME
AMKHFwMEAMM6NwMEAMOFDAMEAMOFIwMEAcOFOAMEAcOFPAMEANTA8gMEANTBDzAN
BgkqhkiG9w0BAQsFAAOCAQEAZ+2WOWxHjAi9rm0Js1zmkM7tXRT4KbsfohBd8zZM
hprpt9DEi7ii4OcAIgIjCQQhwebHfl/SRtovduLuA/CQKyiPrEZkSz4J7IIPeOH0
P2sFrHS5XwVTucU+lvvJt9PYVnT+sbpECOtvb2QfrpREDUwIEwGdmZLFIM3EXjzO
L314KhHKPEZJYHcIIld4rxNYglymA9xPECXJB9J2DVSycpoLYZQ8v+QapZw2CTF0
iII7zthZdfnDW8E77S4EudIU3euI2QIdi0aIDLZ47Zzi5ldJP/vXAcZj3HovENyB
s94cPiBuqntMxnaMQPNCc1SI1+Pz58Nct8NBn+XbCiThaw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:36 2025 by rpki-client