
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/1a85a8-e4f8-498b-a5ae-a4be172c76ba/1/0mSInaOcQzcUaKnk3U9INfBb53Q.roa
File: 0mSInaOcQzcUaKnk3U9INfBb53Q.roa (raw, json)
Hash identifier: qM+YFRRYDhlfBg0HbT486tTWhmPISPFkNx0SGBRbZjE=
Subject key identifier: D2:64:88:9D:A3:9C:43:37:14:68:A9:E4:DD:4F:48:35:F0:5B:E7:74
Certificate issuer: /CN=e3f19cc5e38d8f9c1d6547177665f89211dec899
Certificate serial: 01990F9184F90025DDED4651F2F14515C0F2
Authority key identifier: E3:F1:9C:C5:E3:8D:8F:9C:1D:65:47:17:76:65:F8:92:11:DE:C8:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4_GcxeONj5wdZUcXdmX4khHeyJk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/1a85a8-e4f8-498b-a5ae-a4be172c76ba/1/0mSInaOcQzcUaKnk3U9INfBb53Q.roa
Signing time: Wed 03 Sep 2025 12:33:38 +0000
ROA not before: Wed 03 Sep 2025 12:33:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61146
IP address blocks: 31.216.136.0/21 maxlen: 21
62.108.216.0/21 maxlen: 21
185.176.184.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/1a85a8-e4f8-498b-a5ae-a4be172c76ba/1/4_GcxeONj5wdZUcXdmX4khHeyJk.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/1a85a8-e4f8-498b-a5ae-a4be172c76ba/1/4_GcxeONj5wdZUcXdmX4khHeyJk.mft
rsync://rpki.ripe.net/repository/DEFAULT/4_GcxeONj5wdZUcXdmX4khHeyJk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0f:91:84:f9:00:25:dd:ed:46:51:f2:f1:45:15:c0:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3f19cc5e38d8f9c1d6547177665f89211dec899
Validity
Not Before: Sep 3 12:33:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d264889da39c43371468a9e4dd4f4835f05be774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e8:ad:ed:f5:df:72:fe:e1:15:1d:9f:58:06:
34:17:fe:6d:42:14:df:51:ec:41:0f:88:27:ae:c0:
dc:6a:3e:37:e7:b2:29:80:5c:0f:d9:78:62:82:78:
47:85:2b:2a:f6:08:78:8d:98:6a:27:d0:e8:1b:b3:
5b:a4:a6:18:08:e1:23:00:e2:9b:f4:9e:3f:83:94:
02:ca:f4:3f:b7:28:e5:0b:97:43:6d:de:8f:df:2a:
ae:79:9c:08:e7:a3:6a:1c:9a:ba:94:be:3f:82:fd:
f2:e6:d3:1f:65:9f:97:88:b1:1c:c3:80:3a:be:bc:
fa:ec:8f:ac:89:e2:de:ce:2d:17:7a:fc:90:19:00:
c4:77:f3:47:20:67:6c:aa:b1:5e:b7:04:88:ec:4a:
25:88:b3:0e:72:9d:6d:f2:c5:dc:e8:74:d8:19:d8:
fa:1f:7f:c0:86:27:45:7c:03:96:5f:c5:9d:21:39:
59:8e:4f:98:20:be:11:2d:0f:e6:07:c0:82:c1:32:
9b:04:f2:db:0d:c7:fc:84:ab:8d:0d:bb:48:93:a3:
08:13:85:49:31:d5:91:b5:c1:a7:cf:a6:0d:57:d3:
ca:e6:36:85:b6:ac:87:c7:4a:26:88:38:82:bd:ec:
52:73:c8:23:7a:d5:fd:ab:d2:94:6c:71:3a:7e:18:
80:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:64:88:9D:A3:9C:43:37:14:68:A9:E4:DD:4F:48:35:F0:5B:E7:74
X509v3 Authority Key Identifier:
keyid:E3:F1:9C:C5:E3:8D:8F:9C:1D:65:47:17:76:65:F8:92:11:DE:C8:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4_GcxeONj5wdZUcXdmX4khHeyJk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a85a8-e4f8-498b-a5ae-a4be172c76ba/1/0mSInaOcQzcUaKnk3U9INfBb53Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/1a85a8-e4f8-498b-a5ae-a4be172c76ba/1/4_GcxeONj5wdZUcXdmX4khHeyJk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.136.0/21
62.108.216.0/21
185.176.184.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:20:37:87:cd:4b:c9:c7:cb:9b:b5:7d:59:49:bf:e7:6e:47:
ed:5b:e7:56:cf:9c:b9:f9:a3:6d:36:38:28:0b:02:8b:dd:f6:
f2:04:ae:09:dc:ae:94:2c:61:14:82:04:51:a5:c5:48:e5:fa:
2f:09:67:36:b5:07:35:69:29:de:bc:90:12:0c:f3:73:1d:ea:
33:b1:1c:16:f4:61:9e:6c:79:8d:bc:ee:12:64:b3:f6:51:d0:
c2:a6:4d:71:a4:9a:18:19:92:cb:92:43:8c:6d:91:4b:ab:aa:
37:f8:da:fe:89:fb:85:5c:6c:4a:7e:5b:bb:fb:af:ef:e5:62:
82:4b:aa:bc:37:a4:be:fd:3f:19:dc:5c:dc:cd:3a:2f:f0:fa:
a0:e2:c9:c3:9a:b1:a3:d6:b7:31:fd:f4:f6:2f:a3:80:a5:8b:
96:ed:4f:b5:04:90:8d:a7:cc:f4:31:90:cc:5b:e2:61:f8:19:
11:7c:77:41:99:a1:ee:ad:d0:26:98:9f:c8:0b:00:36:b5:ab:
7d:56:5e:9c:40:3a:62:a9:ba:2b:8f:bc:2e:a8:aa:64:3f:7c:
01:28:f4:62:c1:3b:2d:9c:92:bb:72:55:1f:b0:07:df:14:de:
b5:7e:5c:83:46:01:2b:36:6c:34:aa:1d:ff:2a:8a:0c:9e:57:
7b:81:e0:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZkPkYT5ACXd7UZR8vFFFcDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZjE5Y2M1ZTM4ZDhmOWMxZDY1NDcxNzc2NjVmODkyMTFk
ZWM4OTkwHhcNMjUwOTAzMTIzMzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjY0ODg5ZGEzOWM0MzM3MTQ2OGE5ZTRkZDRmNDgzNWYwNWJlNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOit7fXfcv7hFR2fWAY0F/5tQhTf
UexBD4gnrsDcaj4357IpgFwP2XhignhHhSsq9gh4jZhqJ9DoG7NbpKYYCOEjAOKb
9J4/g5QCyvQ/tyjlC5dDbd6P3yqueZwI56NqHJq6lL4/gv3y5tMfZZ+XiLEcw4A6
vrz67I+sieLezi0XevyQGQDEd/NHIGdsqrFetwSI7EoliLMOcp1t8sXc6HTYGdj6
H3/AhidFfAOWX8WdITlZjk+YIL4RLQ/mB8CCwTKbBPLbDcf8hKuNDbtIk6MIE4VJ
MdWRtcGnz6YNV9PK5jaFtqyHx0omiDiCvexSc8gjetX9q9KUbHE6fhiAbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNJkiJ2jnEM3FGip5N1PSDXwW+d0MB8GA1UdIwQY
MBaAFOPxnMXjjY+cHWVHF3Zl+JIR3siZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNF9HY3hlT05qNXdkWlVjWGRtWDRraEhleUprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8xYTg1YTgtZTRmOC00OThiLWE1YWUt
YTRiZTE3MmM3NmJhLzEvMG1TSW5hT2NRemNVYUtuazNVOUlOZkJiNTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8xYTg1YTgtZTRmOC00OThiLWE1YWUtYTRiZTE3MmM3NmJh
LzEvNF9HY3hlT05qNXdkWlVjWGRtWDRraEhleUprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDH9iIAwQD
PmzYAwQCubC4MA0GCSqGSIb3DQEBCwUAA4IBAQBMIDeHzUvJx8ubtX1ZSb/nbkft
W+dWz5y5+aNtNjgoCwKL3fbyBK4J3K6ULGEUggRRpcVI5fovCWc2tQc1aSnevJAS
DPNzHeozsRwW9GGebHmNvO4SZLP2UdDCpk1xpJoYGZLLkkOMbZFLq6o3+Nr+ifuF
XGxKflu7+6/v5WKCS6q8N6S+/T8Z3FzczTov8Pqg4snDmrGj1rcx/fT2L6OApYuW
7U+1BJCNp8z0MZDMW+Jh+BkRfHdBmaHurdAmmJ/ICwA2tat9Vl6cQDpiqborj7wu
qKpkP3wBKPRiwTstnJK7clUfsAffFN61flyDRgErNmw0qh3/KooMnld7geD0
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:51:21 2025 by rpki-client