Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/cmNgBnss5651dgshwfVwyFMZHbI.roa
File: cmNgBnss5651dgshwfVwyFMZHbI.roa (raw, json)
Hash identifier: X9Ba1n2nfmkx5MGe69TtB8EofEogFH9Nj7M1kJAuZVk=
Subject key identifier: 72:63:60:06:7B:2C:E7:AE:75:76:0B:21:C1:F5:70:C8:53:19:1D:B2
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0199A68D9DF0C38959D8110926C2B8640823
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/cmNgBnss5651dgshwfVwyFMZHbI.roa
Signing time: Thu 02 Oct 2025 20:12:02 +0000
ROA not before: Thu 02 Oct 2025 20:12:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 193.233.161.0/24 maxlen: 24
193.233.202.0/23 maxlen: 24
193.233.244.0/24 maxlen: 24
193.233.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 17:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a6:8d:9d:f0:c3:89:59:d8:11:09:26:c2:b8:64:08:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Oct 2 20:12:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=726360067b2ce7ae75760b21c1f570c853191db2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f6:b9:da:da:f6:ac:3b:15:c0:08:04:cb:fb:
11:0e:d1:a1:dd:3f:12:38:b7:c8:d1:82:e6:7a:fc:
61:04:75:77:62:f9:b1:21:0b:71:a5:21:79:2b:e8:
83:2f:e9:31:58:dd:a9:43:d5:ad:e6:06:a5:c0:a1:
db:b2:4b:09:15:3a:6d:7a:fe:67:53:6b:ba:36:77:
ba:ef:df:6c:93:34:c0:fc:df:43:0e:bc:67:5d:44:
aa:6c:5a:12:a6:07:f3:b0:54:01:cd:d7:4a:a2:89:
55:ec:62:02:cc:41:00:ad:e8:54:8d:25:6c:db:2f:
94:5a:a4:d5:dd:24:9d:86:da:db:b0:5b:00:45:ff:
0d:e7:51:85:b1:4e:70:25:76:79:1e:68:08:f2:68:
9d:fc:5e:4a:ba:20:c7:b0:3d:ee:96:93:d7:9e:41:
d6:ad:03:f2:fb:24:d7:b2:27:56:16:65:e2:81:68:
c2:a7:83:b2:9d:bb:80:15:0e:69:7c:a1:39:de:4d:
ca:7f:8f:a8:06:2f:9c:8d:16:69:74:01:df:5f:23:
79:37:f5:94:08:fe:09:61:ca:4c:ba:09:1f:1d:88:
da:87:09:60:e1:94:46:5b:be:1d:4f:61:29:00:1a:
ac:f0:5b:8a:6c:cb:25:74:95:b3:98:fb:58:c2:9b:
47:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:63:60:06:7B:2C:E7:AE:75:76:0B:21:C1:F5:70:C8:53:19:1D:B2
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/cmNgBnss5651dgshwfVwyFMZHbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.161.0/24
193.233.202.0/23
193.233.244.0/23
Signature Algorithm: sha256WithRSAEncryption
18:7a:dc:b1:0b:94:9c:b7:e1:e5:46:95:51:26:08:9b:df:99:
19:70:ef:af:dd:b5:2c:ce:ca:94:75:30:86:21:f6:52:2a:c9:
98:18:06:3e:97:05:0a:57:89:f9:5a:81:74:a0:64:e8:1c:2d:
47:04:7a:25:9c:69:bb:45:0e:fc:08:a3:77:aa:88:cb:2b:9f:
8b:f2:4c:c7:43:72:4c:22:b0:ce:4f:ed:98:01:2e:71:d4:73:
fd:0b:da:f7:67:8f:a6:0d:f8:bb:5e:e9:4f:95:05:76:e1:6d:
0b:ff:05:90:69:55:d5:c1:f7:bc:ed:79:c4:cb:e9:b1:95:1d:
e9:20:3c:f1:6e:f7:11:72:a7:e6:2a:ae:da:22:46:43:49:cd:
85:80:5b:74:8a:43:49:67:cd:16:fc:28:86:b4:44:8f:b5:77:
7a:94:de:ec:7a:63:95:a4:80:39:ec:a3:70:e8:81:ec:d3:2f:
86:f5:7b:01:cf:eb:30:d0:10:4a:cf:a0:38:fa:5f:c6:09:46:
6b:cc:ae:88:1f:3f:c7:31:1a:f9:67:be:39:79:36:ae:bd:f7:
3e:79:ec:b6:a8:cf:f5:cb:c4:22:60:e8:71:f7:60:42:19:80:
27:33:df:28:5e:c6:4d:f5:49:00:5c:05:b2:37:d4:5d:65:21:
5a:fc:1b:f9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZmmjZ3ww4lZ2BEJJsK4ZAgjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUxMDAyMjAxMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjYzNjAwNjdiMmNlN2FlNzU3NjBiMjFjMWY1NzBjODUzMTkxZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPa52tr2rDsVwAgEy/sRDtGh3T8S
OLfI0YLmevxhBHV3YvmxIQtxpSF5K+iDL+kxWN2pQ9Wt5galwKHbsksJFTptev5n
U2u6Nne6799skzTA/N9DDrxnXUSqbFoSpgfzsFQBzddKoolV7GICzEEArehUjSVs
2y+UWqTV3SSdhtrbsFsARf8N51GFsU5wJXZ5HmgI8mid/F5KuiDHsD3ulpPXnkHW
rQPy+yTXsidWFmXigWjCp4OynbuAFQ5pfKE53k3Kf4+oBi+cjRZpdAHfXyN5N/WU
CP4JYcpMugkfHYjahwlg4ZRGW74dT2EpABqs8FuKbMsldJWzmPtYwptHmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHJjYAZ7LOeudXYLIcH1cMhTGR2yMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvY21OZ0Juc3M1NjUxZGdzaHdmVnd5Rk1aSGJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwemhAwQB
wenKAwQBwen0MA0GCSqGSIb3DQEBCwUAA4IBAQAYetyxC5Sct+HlRpVRJgib35kZ
cO+v3bUszsqUdTCGIfZSKsmYGAY+lwUKV4n5WoF0oGToHC1HBHolnGm7RQ78CKN3
qojLK5+L8kzHQ3JMIrDOT+2YAS5x1HP9C9r3Z4+mDfi7XulPlQV24W0L/wWQaVXV
wfe87XnEy+mxlR3pIDzxbvcRcqfmKq7aIkZDSc2FgFt0ikNJZ80W/CiGtESPtXd6
lN7semOVpIA57KNw6IHs0y+G9XsBz+sw0BBKz6A4+l/GCUZrzK6IHz/HMRr5Z745
eTauvfc+eey2qM/1y8QiYOhx92BCGYAnM98oXsZN9UkAXAWyN9RdZSFa/Bv5
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:41:06 2025 by rpki-client