Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/6af319-5f93-43db-8b27-7054ea6a60d6/1/mQRNvpgGDTxl1ClE8lP4fBCE_zY.roa
File: mQRNvpgGDTxl1ClE8lP4fBCE_zY.roa (raw, json)
Hash identifier: Y4EjZw1j54zSv6D2ykaYLyeNan8XUPzgXS8YGYvdiOM=
Subject key identifier: 99:04:4D:BE:98:06:0D:3C:65:D4:29:44:F2:53:F8:7C:10:84:FF:36
Certificate issuer: /CN=51a2c2c06ddb84669a89a99fb8756095134c8766
Certificate serial: 0199BDF12698C69167EDF43912DA5178C8E9
Authority key identifier: 51:A2:C2:C0:6D:DB:84:66:9A:89:A9:9F:B8:75:60:95:13:4C:87:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UaLCwG3bhGaaiamfuHVglRNMh2Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/6af319-5f93-43db-8b27-7054ea6a60d6/1/mQRNvpgGDTxl1ClE8lP4fBCE_zY.roa
Signing time: Tue 07 Oct 2025 09:12:01 +0000
ROA not before: Tue 07 Oct 2025 09:12:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51330
IP address blocks: 93.95.30.0/24 maxlen: 24
185.192.181.0/24 maxlen: 24
185.247.127.0/24 maxlen: 24
2a12:b5c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/6af319-5f93-43db-8b27-7054ea6a60d6/1/UaLCwG3bhGaaiamfuHVglRNMh2Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/6af319-5f93-43db-8b27-7054ea6a60d6/1/UaLCwG3bhGaaiamfuHVglRNMh2Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/UaLCwG3bhGaaiamfuHVglRNMh2Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:bd:f1:26:98:c6:91:67:ed:f4:39:12:da:51:78:c8:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51a2c2c06ddb84669a89a99fb8756095134c8766
Validity
Not Before: Oct 7 09:12:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99044dbe98060d3c65d42944f253f87c1084ff36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:88:68:90:28:59:fb:43:03:e3:b0:6a:4c:4d:
f8:34:e8:68:82:6b:d6:64:47:2f:94:2b:77:ed:b8:
6c:19:e2:16:f8:83:1d:f0:74:23:51:70:50:8b:31:
48:26:89:3a:97:b4:d4:e7:f7:ef:11:27:f7:91:2d:
94:0d:e7:90:ff:97:7c:75:39:7c:14:97:43:2a:3d:
5b:24:79:74:0d:0c:ab:e9:ca:08:ab:d9:5a:14:5a:
c8:fe:0f:27:17:58:c4:9b:2c:53:f2:54:ed:e3:b4:
4a:dc:d0:f8:69:e1:f2:15:2a:33:a9:2b:60:c6:3b:
47:fb:4a:53:28:1e:52:da:4d:4c:fb:23:0e:56:96:
1b:ff:1c:07:95:9f:5e:0b:5d:08:7f:0a:df:59:59:
be:3f:6d:04:9e:47:03:99:0c:ef:1d:1f:3c:2f:02:
f0:f8:9b:28:53:98:fc:e4:62:cd:0c:d5:2f:0c:8f:
f0:89:7a:39:f5:80:73:9d:52:55:a3:c8:e1:91:00:
66:bc:d9:27:35:28:cb:59:e8:4e:3d:28:05:72:92:
46:6e:12:5f:91:23:51:38:95:67:d5:42:c3:5e:6a:
6f:11:7d:c2:81:69:2c:86:ab:de:c4:ed:e0:99:6c:
0e:ec:4a:d2:8d:b2:48:e7:58:b1:2b:32:f7:45:c5:
54:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:04:4D:BE:98:06:0D:3C:65:D4:29:44:F2:53:F8:7C:10:84:FF:36
X509v3 Authority Key Identifier:
keyid:51:A2:C2:C0:6D:DB:84:66:9A:89:A9:9F:B8:75:60:95:13:4C:87:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UaLCwG3bhGaaiamfuHVglRNMh2Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/6af319-5f93-43db-8b27-7054ea6a60d6/1/mQRNvpgGDTxl1ClE8lP4fBCE_zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/6af319-5f93-43db-8b27-7054ea6a60d6/1/UaLCwG3bhGaaiamfuHVglRNMh2Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.30.0/24
185.192.181.0/24
185.247.127.0/24
IPv6:
2a12:b5c0::/29
Signature Algorithm: sha256WithRSAEncryption
67:f5:4f:d9:ad:51:2a:66:a0:8c:0a:74:e9:16:a7:06:68:33:
c9:5a:f4:b9:04:3f:cd:6a:c6:8d:cd:2a:29:2a:ed:80:a6:00:
b8:2c:99:d8:b7:5c:11:1c:fa:c5:a5:14:00:55:59:a8:58:1f:
ec:fb:68:2b:c5:de:31:82:a8:c3:31:df:5d:81:a5:d8:7e:22:
aa:b5:4d:6e:8f:07:83:38:7c:50:d0:c5:f8:51:8b:c1:10:9d:
80:39:dc:5c:9b:97:a9:5d:be:85:d9:d8:ad:7e:f0:fc:2c:94:
af:21:66:fb:cb:24:c6:54:e7:c6:71:b8:26:ec:c0:7c:ea:07:
d0:23:a7:4f:1e:80:8d:c8:23:b2:92:1d:0d:0f:dd:9d:27:9d:
af:24:38:97:d8:43:81:bf:15:60:af:1b:26:b5:6f:da:5b:d8:
85:9b:b6:07:12:05:24:8b:45:90:bb:b9:3b:1f:2a:79:3a:ab:
db:fe:fe:03:63:fb:75:d2:70:ee:22:82:53:fe:7a:f1:49:08:
0d:bf:3e:18:cd:d1:cc:31:8b:fd:43:c4:23:60:28:61:5b:71:
96:91:9e:84:8a:23:d4:50:cf:c8:36:01:42:a0:2f:8a:77:06:
54:f9:f3:c9:a1:ad:ea:49:4f:53:a5:79:ff:5a:11:a5:b2:af:
9a:26:08:c7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZm98SaYxpFn7fQ5EtpReMjpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYTJjMmMwNmRkYjg0NjY5YTg5YTk5ZmI4NzU2MDk1MTM0
Yzg3NjYwHhcNMjUxMDA3MDkxMjAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTA0NGRiZTk4MDYwZDNjNjVkNDI5NDRmMjUzZjg3YzEwODRmZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YhokChZ+0MD47BqTE34NOhogmvW
ZEcvlCt37bhsGeIW+IMd8HQjUXBQizFIJok6l7TU5/fvESf3kS2UDeeQ/5d8dTl8
FJdDKj1bJHl0DQyr6coIq9laFFrI/g8nF1jEmyxT8lTt47RK3ND4aeHyFSozqStg
xjtH+0pTKB5S2k1M+yMOVpYb/xwHlZ9eC10IfwrfWVm+P20EnkcDmQzvHR88LwLw
+JsoU5j85GLNDNUvDI/wiXo59YBznVJVo8jhkQBmvNknNSjLWehOPSgFcpJGbhJf
kSNROJVn1ULDXmpvEX3CgWkshqvexO3gmWwO7ErSjbJI51ixKzL3RcVUUQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJkETb6YBg08ZdQpRPJT+HwQhP82MB8GA1UdIwQY
MBaAFFGiwsBt24Rmmompn7h1YJUTTIdmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWFMQ3dHM2JoR2FhaWFtZnVIVmdsUk5NaDJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy82YWYzMTktNWY5My00M2RiLThiMjct
NzA1NGVhNmE2MGQ2LzEvbVFSTnZwZ0dEVHhsMUNsRThsUDRmQkNFX3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy82YWYzMTktNWY5My00M2RiLThiMjctNzA1NGVhNmE2MGQ2
LzEvVWFMQ3dHM2JoR2FhaWFtZnVIVmdsUk5NaDJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAXV8eAwQA
ucC1AwQAufd/MA0EAgACMAcDBQMqErXAMA0GCSqGSIb3DQEBCwUAA4IBAQBn9U/Z
rVEqZqCMCnTpFqcGaDPJWvS5BD/NasaNzSopKu2ApgC4LJnYt1wRHPrFpRQAVVmo
WB/s+2grxd4xgqjDMd9dgaXYfiKqtU1ujweDOHxQ0MX4UYvBEJ2AOdxcm5epXb6F
2ditfvD8LJSvIWb7yyTGVOfGcbgm7MB86gfQI6dPHoCNyCOykh0ND92dJ52vJDiX
2EOBvxVgrxsmtW/aW9iFm7YHEgUki0WQu7k7Hyp5Oqvb/v4DY/t10nDuIoJT/nrx
SQgNvz4YzdHMMYv9Q8QjYChhW3GWkZ6EiiPUUM/INgFCoC+KdwZU+fPJoa3qSU9T
pXn/WhGlsq+aJgjH
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:54 2025 by rpki-client