Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/tMgInHV22f-CeoBaWbbEcAJMWDw.roa
File: tMgInHV22f-CeoBaWbbEcAJMWDw.roa (raw, json)
Hash identifier: U9eDta2G7h7PugkzwDcFaQ6DccCcSqul2jtQDduFi0s=
Subject key identifier: B4:C8:08:9C:75:76:D9:FF:82:7A:80:5A:59:B6:C4:70:02:4C:58:3C
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0199320489E96122D8306FA38A9C8CFF4BD9
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/tMgInHV22f-CeoBaWbbEcAJMWDw.roa
Signing time: Wed 10 Sep 2025 05:06:22 +0000
ROA not before: Wed 10 Sep 2025 05:06:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20910
IP address blocks: 37.148.168.0/21 maxlen: 32
62.84.0.0/20 maxlen: 32
62.205.192.0/18 maxlen: 32
77.38.128.0/17 maxlen: 32
85.254.120.0/23 maxlen: 23
87.226.0.0/17 maxlen: 32
89.201.0.0/17 maxlen: 32
91.142.0.0/20 maxlen: 32
91.188.32.0/19 maxlen: 32
93.177.192.0/18 maxlen: 32
94.30.128.0/17 maxlen: 32
109.110.0.0/19 maxlen: 32
136.169.0.0/17 maxlen: 32
185.144.184.0/22 maxlen: 32
188.112.128.0/18 maxlen: 32
195.62.128.0/19 maxlen: 32
195.244.128.0/20 maxlen: 32
213.180.96.0/19 maxlen: 32
217.198.224.0/20 maxlen: 32
217.199.96.0/19 maxlen: 32
2a00:9000::/29 maxlen: 32
2a00:f4a0::/29 maxlen: 32
2a03:6740::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:32:04:89:e9:61:22:d8:30:6f:a3:8a:9c:8c:ff:4b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Sep 10 05:06:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4c8089c7576d9ff827a805a59b6c470024c583c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0d:d4:52:c7:6d:99:66:81:ac:bd:69:b4:61:
0a:8f:68:42:6b:38:e9:63:19:fd:34:30:46:19:bb:
04:26:4e:11:1f:06:05:bc:de:7c:ea:4d:96:ff:64:
72:7b:62:3f:83:e9:7b:55:59:87:c2:d9:82:fc:3a:
79:d2:a7:9b:e4:bd:38:48:f5:cd:f2:87:56:18:48:
66:32:92:a1:4c:2b:e1:b0:7e:35:f2:ed:e1:bf:88:
6e:ab:3a:03:a2:35:51:ab:66:a4:be:c9:88:69:c5:
52:07:22:6f:e7:ff:f5:1d:6b:7c:85:cf:cd:05:fd:
ed:46:26:c6:3c:c8:aa:d3:7d:fd:e0:af:d6:25:e3:
ef:72:62:6b:2e:eb:0c:d3:6e:59:08:ec:f1:09:11:
2a:cc:b1:dc:89:59:15:c1:e8:c2:9e:e1:3e:fd:c3:
d2:0c:a5:8e:1f:ca:94:fe:a3:d9:48:bc:b0:ac:75:
59:b8:de:de:10:3d:69:d7:73:12:0d:5e:99:43:b6:
65:6c:05:0f:12:9b:2c:d6:29:fa:ca:3c:e7:9a:13:
02:d0:3a:20:c8:63:0f:0e:b6:ed:59:bb:d4:45:65:
b4:9c:2b:51:e8:83:5a:36:98:9b:a4:b0:56:b2:ec:
dd:bf:31:0f:43:0f:03:e2:4b:11:91:83:bf:c0:da:
26:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C8:08:9C:75:76:D9:FF:82:7A:80:5A:59:B6:C4:70:02:4C:58:3C
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/tMgInHV22f-CeoBaWbbEcAJMWDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.168.0/21
62.84.0.0/20
62.205.192.0/18
77.38.128.0/17
85.254.120.0/23
87.226.0.0/17
89.201.0.0/17
91.142.0.0/20
91.188.32.0/19
93.177.192.0/18
94.30.128.0/17
109.110.0.0/19
136.169.0.0/17
185.144.184.0/22
188.112.128.0/18
195.62.128.0/19
195.244.128.0/20
213.180.96.0/19
217.198.224.0/20
217.199.96.0/19
IPv6:
2a00:9000::/29
2a00:f4a0::/29
2a03:6740::/29
Signature Algorithm: sha256WithRSAEncryption
3c:54:74:c1:2a:45:de:81:3d:6f:62:24:c3:cc:4d:2b:9e:14:
d0:a4:3a:8a:60:36:76:53:6b:ab:31:39:ef:d9:a4:ad:50:8d:
ae:36:8a:2e:69:3e:78:df:80:43:06:eb:22:30:09:f2:bf:eb:
21:23:c0:7f:da:ac:1b:89:e1:bb:4d:75:43:26:17:da:a1:76:
2e:9b:77:16:90:be:78:9e:43:da:ce:8d:0c:50:b7:50:ae:1c:
41:d2:1f:92:2f:42:74:09:36:f1:ec:43:e1:d0:37:38:65:f4:
5d:e8:8b:7d:bc:b8:e7:aa:96:a0:d7:97:2a:1e:49:fc:78:ed:
b8:36:eb:0c:e7:0f:be:53:02:d1:d4:56:a8:6a:fb:f8:b4:09:
78:cd:10:4f:51:2f:b7:d8:ff:fe:ba:2b:03:a2:b6:f3:cd:4a:
a3:c1:d1:fd:7f:b4:9a:24:64:e0:e9:5f:43:6b:3a:d4:8e:b9:
bc:eb:44:bf:06:a9:da:72:69:8c:12:64:4b:d5:aa:97:b5:68:
22:cb:30:97:ef:a9:d3:96:62:7f:1e:f6:50:89:33:e3:c4:46:
ec:4a:50:4e:be:9d:03:95:89:84:c7:ba:b2:22:16:df:97:ea:
0f:69:02:e0:1d:4b:b1:40:69:d6:c1:77:5b:aa:e4:75:4d:82:
72:dd:e1:cc
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZkyBInpYSLYMG+jipyM/0vZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwOTEwMDUwNjIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGM4MDg5Yzc1NzZkOWZmODI3YTgwNWE1OWI2YzQ3MDAyNGM1ODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQ3UUsdtmWaBrL1ptGEKj2hCazjp
Yxn9NDBGGbsEJk4RHwYFvN586k2W/2Rye2I/g+l7VVmHwtmC/Dp50qeb5L04SPXN
8odWGEhmMpKhTCvhsH418u3hv4huqzoDojVRq2akvsmIacVSByJv5//1HWt8hc/N
Bf3tRibGPMiq03394K/WJePvcmJrLusM025ZCOzxCREqzLHciVkVwejCnuE+/cPS
DKWOH8qU/qPZSLywrHVZuN7eED1p13MSDV6ZQ7ZlbAUPEpss1in6yjznmhMC0Dog
yGMPDrbtWbvURWW0nCtR6INaNpibpLBWsuzdvzEPQw8D4ksRkYO/wNomuQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFLTICJx1dtn/gnqAWlm2xHACTFg8MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvdE1nSW5IVjIyZi1DZW9CYVdiYkVjQUpNV0R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTB+BAIAATB4AwQDJZSo
AwQEPlQAAwQGPs3AAwQHTSaAAwQBVf54AwQHV+IAAwQHWckAAwQEW44AAwQFW7wg
AwQGXbHAAwQHXh6AAwQFbW4AAwQHiKkAAwQCuZC4AwQGvHCAAwQFwz6AAwQEw/SA
AwQF1bRgAwQE2cbgAwQF2cdgMBsEAgACMBUDBQMqAJAAAwUDKgD0oAMFAyoDZ0Aw
DQYJKoZIhvcNAQELBQADggEBADxUdMEqRd6BPW9iJMPMTSueFNCkOopgNnZTa6sx
Oe/ZpK1Qja42ii5pPnjfgEMG6yIwCfK/6yEjwH/arBuJ4btNdUMmF9qhdi6bdxaQ
vnieQ9rOjQxQt1CuHEHSH5IvQnQJNvHsQ+HQNzhl9F3oi328uOeqlqDXlyoeSfx4
7bg26wznD75TAtHUVqhq+/i0CXjNEE9RL7fY//66KwOitvPNSqPB0f1/tJokZODp
X0NrOtSOubzrRL8GqdpyaYwSZEvVqpe1aCLLMJfvqdOWYn8e9lCJM+PERuxKUE6+
nQOViYTHurIiFt+X6g9pAuAdS7FAadbBd1uq5HVNgnLd4cw=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:15:00 2025 by rpki-client