Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/mEUgHf2-npSbePDXuEKAQ173VuQ.roa
File: mEUgHf2-npSbePDXuEKAQ173VuQ.roa (raw, json)
Hash identifier: GB1itJAJop0mRTZj9SaFp57ObyBZZywBCl1Y+WwSUFs=
Subject key identifier: 98:45:20:1D:FD:BE:9E:94:9B:78:F0:D7:B8:42:80:43:5E:F7:56:E4
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0199C2DC8D9CBFFC92187F5BE691318EC701
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/mEUgHf2-npSbePDXuEKAQ173VuQ.roa
Signing time: Wed 08 Oct 2025 08:07:38 +0000
ROA not before: Wed 08 Oct 2025 08:07:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216063
IP address blocks: 2.56.244.0/24 maxlen: 24
45.84.196.0/24 maxlen: 24
45.137.202.0/24 maxlen: 24
45.147.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 09:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c2:dc:8d:9c:bf:fc:92:18:7f:5b:e6:91:31:8e:c7:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Oct 8 08:07:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9845201dfdbe9e949b78f0d7b84280435ef756e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:18:ea:56:14:12:1f:e2:67:3a:d5:4a:e7:e3:
98:92:15:81:4a:92:fd:ff:99:08:bb:9e:ea:6a:a5:
93:ce:2c:ac:c2:81:44:e6:d0:d2:e9:ab:c7:cb:2d:
71:63:15:c4:8c:9e:12:c3:77:3a:99:49:d4:d3:b2:
8a:5a:fb:4a:b9:a0:96:f9:df:26:3d:f4:0d:6e:cd:
60:40:84:df:90:93:d9:9e:1a:e0:9e:be:8c:a0:c5:
4b:37:20:f4:cf:78:35:ce:00:16:fe:79:75:e6:df:
30:98:0a:43:f3:63:7c:be:22:bb:fc:2f:2d:26:d9:
4a:16:98:f7:1a:ad:3b:8f:6a:21:23:15:06:f2:16:
3f:74:f3:16:ad:30:54:95:90:80:1a:43:80:fd:ba:
0a:1c:88:e1:6d:39:f1:d1:10:50:7d:84:51:a2:e8:
7e:37:a4:93:88:24:61:d4:1a:b9:8b:2e:18:25:08:
92:ca:67:2d:d7:10:37:2c:5a:69:c8:5e:4f:ba:3a:
da:ba:66:7d:1f:c5:d1:9e:d0:f3:0c:35:95:4c:0d:
d9:07:86:e2:78:0e:b0:1d:57:72:8e:68:5b:4f:28:
d9:14:e3:86:ea:43:01:ad:86:fc:e4:be:c8:91:15:
06:1f:8f:ad:6a:4b:8d:d6:77:10:8f:b4:de:a3:ea:
ef:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:45:20:1D:FD:BE:9E:94:9B:78:F0:D7:B8:42:80:43:5E:F7:56:E4
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/mEUgHf2-npSbePDXuEKAQ173VuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.244.0/24
45.84.196.0/24
45.137.202.0/24
45.147.7.0/24
Signature Algorithm: sha256WithRSAEncryption
95:80:df:09:17:0b:bf:c5:d8:e5:bf:ca:be:38:91:6e:46:d0:
96:23:2f:89:88:4f:a2:c2:58:ec:54:c3:ac:b6:11:27:e8:d5:
fd:85:f4:8c:a0:50:4f:59:5e:5c:76:9d:8e:fe:71:bf:09:27:
41:75:c1:60:8a:f0:87:11:6a:c0:6c:ae:a1:4f:99:1c:d4:31:
cb:75:db:7b:1e:9e:09:ed:0e:ba:e9:40:a4:b0:6d:3a:cd:62:
06:3c:73:86:18:07:42:a5:e3:e8:39:b5:a3:9d:18:76:d1:36:
1b:c6:41:c1:f9:6d:0b:19:8e:b6:69:82:07:da:8b:ad:fe:c1:
42:9d:12:3d:f7:cf:76:18:9b:4d:a0:f5:18:51:c2:d3:bd:c6:
d5:05:19:23:d7:3a:60:d5:a5:59:26:c9:5f:1d:13:14:85:67:
5d:22:90:4a:23:ce:9a:8d:fc:2e:d7:c3:7b:db:5d:2e:7b:0e:
b1:9e:0d:4b:74:19:fa:87:7c:a4:a4:8d:14:66:41:59:60:27:
e5:48:a7:69:77:9e:cb:22:37:07:30:5b:33:1c:9a:a5:b7:b0:
f4:ac:48:7d:04:28:5e:ec:05:56:8c:3d:9b:94:d5:cc:cd:8e:
44:34:03:6d:53:ac:f9:ad:2e:5e:da:39:8c:2f:c3:86:ed:48:
6b:a1:e9:72
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZnC3I2cv/ySGH9b5pExjscBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUxMDA4MDgwNzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODQ1MjAxZGZkYmU5ZTk0OWI3OGYwZDdiODQyODA0MzVlZjc1NmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRjqVhQSH+JnOtVK5+OYkhWBSpL9
/5kIu57qaqWTziyswoFE5tDS6avHyy1xYxXEjJ4Sw3c6mUnU07KKWvtKuaCW+d8m
PfQNbs1gQITfkJPZnhrgnr6MoMVLNyD0z3g1zgAW/nl15t8wmApD82N8viK7/C8t
JtlKFpj3Gq07j2ohIxUG8hY/dPMWrTBUlZCAGkOA/boKHIjhbTnx0RBQfYRRouh+
N6STiCRh1Bq5iy4YJQiSymct1xA3LFppyF5PujraumZ9H8XRntDzDDWVTA3ZB4bi
eA6wHVdyjmhbTyjZFOOG6kMBrYb85L7IkRUGH4+takuN1ncQj7Teo+rvWQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJhFIB39vp6Um3jw17hCgENe91bkMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvbUVVZ0hmMi1ucFNiZVBEWHVFS0FRMTczVnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjj0AwQA
LVTEAwQALYnKAwQALZMHMA0GCSqGSIb3DQEBCwUAA4IBAQCVgN8JFwu/xdjlv8q+
OJFuRtCWIy+JiE+iwljsVMOsthEn6NX9hfSMoFBPWV5cdp2O/nG/CSdBdcFgivCH
EWrAbK6hT5kc1DHLddt7Hp4J7Q666UCksG06zWIGPHOGGAdCpePoObWjnRh20TYb
xkHB+W0LGY62aYIH2out/sFCnRI99892GJtNoPUYUcLTvcbVBRkj1zpg1aVZJslf
HRMUhWddIpBKI86ajfwu18N7210uew6xng1LdBn6h3ykpI0UZkFZYCflSKdpd57L
IjcHMFszHJqlt7D0rEh9BChe7AVWjD2blNXMzY5ENANtU6z5rS5e2jmML8OG7Uhr
oely
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:03 2025 by rpki-client