Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/mtLeMHG8ZBJEjfCUb8SAhw-oMv0.roa
File: mtLeMHG8ZBJEjfCUb8SAhw-oMv0.roa (raw, json)
Hash identifier: UYWv8pj0O0LoI1iLX8y710B8VMKzFLzFVK+OC5tWWqY=
Subject key identifier: 9A:D2:DE:30:71:BC:64:12:44:8D:F0:94:6F:C4:80:87:0F:A8:32:FD
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0198984524B519F999B6C8947EB79A121597
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/mtLeMHG8ZBJEjfCUb8SAhw-oMv0.roa
Signing time: Mon 11 Aug 2025 08:35:24 +0000
ROA not before: Mon 11 Aug 2025 08:35:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213541
IP address blocks: 31.40.194.0/24 maxlen: 24
77.83.48.0/24 maxlen: 24
77.83.49.0/24 maxlen: 24
86.62.53.0/24 maxlen: 24
86.62.54.0/24 maxlen: 24
91.132.126.0/24 maxlen: 24
91.132.127.0/24 maxlen: 24
95.214.244.0/22 maxlen: 24
193.160.74.0/24 maxlen: 24
193.160.75.0/24 maxlen: 24
194.124.41.0/24 maxlen: 24
213.109.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:98:45:24:b5:19:f9:99:b6:c8:94:7e:b7:9a:12:15:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Aug 11 08:35:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ad2de3071bc6412448df0946fc480870fa832fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:90:9b:17:f2:be:cd:01:78:36:05:3e:87:da:
a2:2d:32:a7:99:0f:c4:99:bb:f8:4b:c6:ad:d9:d1:
b8:f4:25:68:69:39:0a:4a:d0:e0:6d:dc:0b:5b:43:
f0:fc:a0:78:a4:ef:49:cb:93:34:a3:da:fd:19:c1:
9a:9a:5d:6a:b6:82:63:f0:87:43:75:60:3f:26:b0:
36:47:8b:60:d3:3f:7b:d0:3a:09:50:3a:11:cf:3f:
d5:22:b4:0d:94:b6:f9:85:11:db:13:69:8f:17:f1:
ab:ad:f0:a9:56:38:ab:ed:d1:2c:66:e3:db:39:fc:
08:77:91:cf:ca:42:74:e3:07:ff:34:b7:f5:6e:79:
f2:ca:e6:b3:db:73:b7:70:49:fd:8a:c4:ff:30:9f:
17:5a:20:3c:59:bc:53:f7:3d:24:5d:98:be:9a:cd:
a0:e5:01:99:c4:fc:07:9d:20:b3:09:f9:9c:81:39:
15:6f:41:2d:d7:a2:84:4d:9c:f6:5d:c4:46:90:32:
69:be:36:ae:ee:70:c0:86:54:14:a3:0b:0c:6b:ef:
fc:ab:f8:b4:9f:f7:16:3d:39:63:ff:c7:94:44:be:
d1:f3:c6:c8:0f:05:63:de:71:ae:0e:8d:af:51:aa:
f3:67:bc:39:c4:66:51:15:c3:d7:2c:6c:7c:7f:8c:
98:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D2:DE:30:71:BC:64:12:44:8D:F0:94:6F:C4:80:87:0F:A8:32:FD
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/mtLeMHG8ZBJEjfCUb8SAhw-oMv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.194.0/24
77.83.48.0/23
86.62.53.0-86.62.54.255
91.132.126.0/23
95.214.244.0/22
193.160.74.0/23
194.124.41.0/24
213.109.188.0/22
Signature Algorithm: sha256WithRSAEncryption
37:d0:7f:34:56:80:9b:5e:6a:11:7a:20:89:07:18:aa:99:3b:
9d:54:0e:4f:ca:fd:1f:cf:5d:57:a1:c7:d5:9b:65:bc:03:7d:
e6:ce:03:bf:53:ef:d9:86:a8:f8:25:40:a5:6c:ee:2d:6e:3c:
07:47:30:c1:4a:f1:1f:8e:b1:90:06:70:11:06:f9:b7:c8:ec:
3f:5e:ab:22:85:e7:df:07:66:d9:2b:b1:98:ae:a3:a3:79:b4:
fd:0c:42:1b:07:9f:27:88:ab:92:8d:d0:e1:fa:80:b1:d4:9f:
d4:2d:8d:4c:7e:9f:ea:3e:56:69:bc:64:f8:f7:00:f5:31:6a:
8a:a9:f0:33:4f:d0:42:3b:f5:6d:e0:c7:93:ed:7e:58:70:7b:
db:9e:bf:4b:c9:bf:5e:cb:6a:c7:7d:0c:0e:58:b4:18:a5:28:
59:ea:25:4f:04:8b:f7:b8:56:ab:e1:ce:d0:f6:6f:5e:4b:74:
66:26:ab:29:76:a2:ed:1d:a4:2c:d1:b8:5d:f0:19:e6:69:d2:
30:64:20:c3:08:b1:4a:53:76:f3:4d:22:59:f7:0a:08:51:0c:
3c:d4:90:94:01:4b:ba:24:0f:bc:61:82:24:ce:6a:93:93:67:
d0:47:34:19:bf:74:89:7c:07:fb:49:16:6c:2f:33:4c:c1:f9:
b9:26:24:dd
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZiYRSS1GfmZtsiUfreaEhWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwODExMDgzNTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQyZGUzMDcxYmM2NDEyNDQ4ZGYwOTQ2ZmM0ODA4NzBmYTgzMmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpCbF/K+zQF4NgU+h9qiLTKnmQ/E
mbv4S8at2dG49CVoaTkKStDgbdwLW0Pw/KB4pO9Jy5M0o9r9GcGaml1qtoJj8IdD
dWA/JrA2R4tg0z970DoJUDoRzz/VIrQNlLb5hRHbE2mPF/GrrfCpVjir7dEsZuPb
OfwId5HPykJ04wf/NLf1bnnyyuaz23O3cEn9isT/MJ8XWiA8WbxT9z0kXZi+ms2g
5QGZxPwHnSCzCfmcgTkVb0Et16KETZz2XcRGkDJpvjau7nDAhlQUowsMa+/8q/i0
n/cWPTlj/8eURL7R88bIDwVj3nGuDo2vUarzZ7w5xGZRFcPXLGx8f4yYeQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJrS3jBxvGQSRI3wlG/EgIcPqDL9MB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvbXRMZU1IRzhaQkpFamZDVWI4U0Fody1vTXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAHyjCAwQB
TVMwMAwDBABWPjUDBABWPjYDBAFbhH4DBAJf1vQDBAHBoEoDBADCfCkDBALVbbww
DQYJKoZIhvcNAQELBQADggEBADfQfzRWgJteahF6IIkHGKqZO51UDk/K/R/PXVeh
x9WbZbwDfebOA79T79mGqPglQKVs7i1uPAdHMMFK8R+OsZAGcBEG+bfI7D9eqyKF
598HZtkrsZiuo6N5tP0MQhsHnyeIq5KN0OH6gLHUn9QtjUx+n+o+Vmm8ZPj3APUx
aoqp8DNP0EI79W3gx5Ptflhwe9uev0vJv17Lasd9DA5YtBilKFnqJU8Ei/e4Vqvh
ztD2b15LdGYmqyl2ou0dpCzRuF3wGeZp0jBkIMMIsUpTdvNNIln3CghRDDzUkJQB
S7okD7xhgiTOapOTZ9BHNBm/dIl8B/tJFmwvM0zB+bkmJN0=
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:46:52 2025 by rpki-client