Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/MokO4jiYwe9TS2omj2ikwVpofng.roa
File: MokO4jiYwe9TS2omj2ikwVpofng.roa (raw, json)
Hash identifier: gtOwexkMJ+fWFlaIuQkWe6uyxrapgzkAX5UJ2TjfWz4=
Subject key identifier: 32:89:0E:E2:38:98:C1:EF:53:4B:6A:26:8F:68:A4:C1:5A:68:7E:78
Certificate issuer: /CN=70bf553042f1a43827dc034500bbd1068a7297ca
Certificate serial: 01992D22DF90D0305EBAA348247157D77102
Authority key identifier: 70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/MokO4jiYwe9TS2omj2ikwVpofng.roa
Signing time: Tue 09 Sep 2025 06:21:24 +0000
ROA not before: Tue 09 Sep 2025 06:21:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207137
IP address blocks: 185.135.45.0/24 maxlen: 24
2a13:240::/48 maxlen: 48
2a13:240:1::/48 maxlen: 48
2a13:240:2::/48 maxlen: 48
2a13:240:3::/48 maxlen: 48
2a13:240:4::/48 maxlen: 48
2a13:240:5::/48 maxlen: 48
2a13:240:6::/48 maxlen: 48
2a13:240:7::/48 maxlen: 48
2a13:240:8::/48 maxlen: 48
2a13:240:9::/48 maxlen: 48
2a13:240:a::/48 maxlen: 48
2a13:240:b::/48 maxlen: 48
2a13:240:c::/48 maxlen: 48
2a13:240:d::/48 maxlen: 48
2a13:240:e::/48 maxlen: 48
2a13:240:f::/48 maxlen: 48
2a13:240:4200::/40 maxlen: 40
2a13:240:4300::/40 maxlen: 40
2a13:240:4400::/40 maxlen: 40
2a13:240:4500::/40 maxlen: 40
2a13:240:4600::/40 maxlen: 40
2a13:240:4700::/40 maxlen: 40
2a13:240:4800::/40 maxlen: 40
2a13:240:4900::/40 maxlen: 40
2a13:240:4a00::/40 maxlen: 40
2a13:240:4b00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.mft
rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:22:df:90:d0:30:5e:ba:a3:48:24:71:57:d7:71:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70bf553042f1a43827dc034500bbd1068a7297ca
Validity
Not Before: Sep 9 06:21:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32890ee23898c1ef534b6a268f68a4c15a687e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c8:91:a9:5d:0d:dc:6f:35:dd:9b:c2:80:4e:
51:a5:90:40:91:0c:7c:91:d8:4d:8a:5e:dc:ed:a1:
34:8c:f4:87:32:6a:24:d2:26:18:23:40:d9:b7:8a:
9b:38:71:4b:ac:ed:c0:f0:8f:56:39:e6:78:09:b9:
09:48:4a:34:9a:e4:0d:65:8f:bd:df:ab:13:86:ac:
3a:ef:08:9a:b7:cf:c2:a4:d8:7a:c9:45:e5:f1:ae:
06:c3:ca:4a:1b:1c:3e:7f:e3:83:34:29:9f:f2:3b:
88:d5:29:19:74:4a:15:22:b2:5c:c0:37:eb:e1:06:
c8:b7:c1:87:20:eb:4c:ff:15:b8:b3:a3:a7:88:bd:
95:8d:96:e7:67:c6:e5:48:35:9d:ba:53:ef:37:ff:
0e:38:c5:61:61:82:7b:b1:55:cc:7f:74:07:0f:a8:
26:24:7b:09:3c:ac:ed:9a:03:29:6f:9d:d6:f0:73:
68:f0:9d:07:c5:7d:89:89:3a:d4:d6:9a:d9:7b:ad:
95:8d:e9:12:d0:12:35:d7:1d:d9:1a:d7:29:e0:b6:
16:bd:68:95:5a:f8:88:5d:67:a4:59:61:00:ed:2e:
fb:c4:0d:78:c7:72:4c:63:a1:38:50:d9:3b:75:d1:
2e:f5:45:7c:f8:88:c3:21:2a:c2:46:a2:4b:7f:08:
de:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:89:0E:E2:38:98:C1:EF:53:4B:6A:26:8F:68:A4:C1:5A:68:7E:78
X509v3 Authority Key Identifier:
keyid:70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/MokO4jiYwe9TS2omj2ikwVpofng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.45.0/24
IPv6:
2a13:240::/44
2a13:240:4200::-2a13:240:4bff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a0:54:91:99:63:dd:4d:10:1d:df:42:69:59:41:39:c8:5b:d7:
9b:83:23:77:8a:90:d0:2d:46:40:28:53:57:68:77:3b:30:5f:
ef:54:46:cd:f2:9d:6f:e9:85:74:2b:5c:72:d1:2e:b5:95:4d:
b1:9b:b6:a5:f6:d5:4e:b8:70:e7:8c:e8:62:9c:7c:c6:33:8d:
9d:dc:98:a0:f8:64:dd:59:d2:18:a0:c9:e3:2f:07:7d:ba:a7:
01:a7:ea:be:b2:8a:77:3d:2f:40:58:da:58:ad:50:84:81:b2:
4c:18:2a:ce:b3:6f:d5:85:a7:82:20:8c:10:a4:79:9a:0c:69:
d1:ad:91:af:8a:39:f4:6a:58:01:a3:ec:96:97:38:61:f0:43:
69:73:b7:8d:1a:2e:77:6e:29:38:f7:5d:95:15:54:e0:db:40:
36:0b:a1:a8:67:77:8e:ed:8a:17:90:98:37:7a:a5:88:81:c1:
f5:ca:0d:6b:b7:4b:cf:21:41:cc:8b:f8:2a:5c:24:63:29:b9:
b3:a3:08:32:30:70:aa:4f:06:81:37:c1:d8:6c:aa:a6:db:65:
f2:3f:47:53:ce:e9:e4:eb:5c:bd:73:78:2f:7f:a1:f3:56:3f:
ed:4c:06:72:94:89:b6:56:17:40:58:d5:7c:d8:be:f5:2a:05:
09:bd:4a:5d
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZktIt+Q0DBeuqNIJHFX13ECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmY1NTMwNDJmMWE0MzgyN2RjMDM0NTAwYmJkMTA2OGE3
Mjk3Y2EwHhcNMjUwOTA5MDYyMTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjg5MGVlMjM4OThjMWVmNTM0YjZhMjY4ZjY4YTRjMTVhNjg3ZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1siRqV0N3G813ZvCgE5RpZBAkQx8
kdhNil7c7aE0jPSHMmok0iYYI0DZt4qbOHFLrO3A8I9WOeZ4CbkJSEo0muQNZY+9
36sThqw67wiat8/CpNh6yUXl8a4Gw8pKGxw+f+ODNCmf8juI1SkZdEoVIrJcwDfr
4QbIt8GHIOtM/xW4s6OniL2VjZbnZ8blSDWdulPvN/8OOMVhYYJ7sVXMf3QHD6gm
JHsJPKztmgMpb53W8HNo8J0HxX2JiTrU1prZe62VjekS0BI11x3ZGtcp4LYWvWiV
WviIXWekWWEA7S77xA14x3JMY6E4UNk7ddEu9UV8+IjDISrCRqJLfwjeZQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDKJDuI4mMHvU0tqJo9opMFaaH54MB8GA1UdIwQY
MBaAFHC/VTBC8aQ4J9wDRQC70QaKcpfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYt
NTM1ODQwMWZiNzk2LzEvTW9rTzRqaVl3ZTlUUzJvbWoyaWt3VnBvZm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYtNTM1ODQwMWZiNzk2
LzEvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQAuYctMCEE
AgACMBsDBwQqEwJAAAAwEAMGASoTAkBCAwYCKhMCQEgwDQYJKoZIhvcNAQELBQAD
ggEBAKBUkZlj3U0QHd9CaVlBOchb15uDI3eKkNAtRkAoU1dodzswX+9URs3ynW/p
hXQrXHLRLrWVTbGbtqX21U64cOeM6GKcfMYzjZ3cmKD4ZN1Z0higyeMvB326pwGn
6r6yinc9L0BY2litUISBskwYKs6zb9WFp4IgjBCkeZoMadGtka+KOfRqWAGj7JaX
OGHwQ2lzt40aLnduKTj3XZUVVODbQDYLoahnd47tiheQmDd6pYiBwfXKDWu3S88h
QcyL+CpcJGMpubOjCDIwcKpPBoE3wdhsqqbbZfI/R1PO6eTrXL1zeC9/ofNWP+1M
BnKUibZWF0BY1XzYvvUqBQm9Sl0=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:54:55 2025 by rpki-client