Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/Mv_Xp5l807nw-rqGqbuWoihQJsA.roa
File: Mv_Xp5l807nw-rqGqbuWoihQJsA.roa (raw, json)
Hash identifier: /QAYHR//G6xKXhyDi9iwomTCbHIdTLPALGiOGNSVDb8=
Subject key identifier: 32:FF:D7:A7:99:7C:D3:B9:F0:FA:BA:86:A9:BB:96:A2:28:50:26:C0
Certificate issuer: /CN=d50697943676399ac5cac6a3e476545af0df49dd
Certificate serial: 0199DDA4F17B1B3A86F80CA55D2136687EDB
Authority key identifier: D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/Mv_Xp5l807nw-rqGqbuWoihQJsA.roa
Signing time: Mon 13 Oct 2025 12:56:38 +0000
ROA not before: Mon 13 Oct 2025 12:56:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 375
IP address blocks: 131.207.0.0/17 maxlen: 17
192.49.0.0/21 maxlen: 21
192.49.9.0/24 maxlen: 24
192.49.10.0/24 maxlen: 24
192.49.13.0/24 maxlen: 24
192.49.19.0/24 maxlen: 24
192.49.20.0/24 maxlen: 24
192.49.22.0/24 maxlen: 24
192.49.33.0/24 maxlen: 24
192.49.36.0/22 maxlen: 22
192.49.40.0/21 maxlen: 21
192.49.40.0/23 maxlen: 23
192.49.48.0/22 maxlen: 22
192.49.50.0/24 maxlen: 24
192.49.52.0/23 maxlen: 23
192.49.55.0/24 maxlen: 24
192.49.56.0/21 maxlen: 21
192.49.64.0/22 maxlen: 22
192.49.68.0/24 maxlen: 24
192.49.70.0/23 maxlen: 23
192.49.72.0/23 maxlen: 23
192.49.78.0/24 maxlen: 24
192.49.81.0/24 maxlen: 24
192.49.86.0/23 maxlen: 23
192.49.88.0/23 maxlen: 23
192.49.90.0/24 maxlen: 24
192.49.91.0/24 maxlen: 24
192.49.92.0/22 maxlen: 22
192.49.96.0/20 maxlen: 20
192.49.96.0/24 maxlen: 24
192.49.98.0/23 maxlen: 23
192.49.100.0/23 maxlen: 23
192.49.102.0/24 maxlen: 24
192.49.103.0/24 maxlen: 24
192.49.104.0/24 maxlen: 24
192.49.106.0/23 maxlen: 23
192.49.108.0/22 maxlen: 22
192.49.112.0/22 maxlen: 22
192.49.112.0/23 maxlen: 23
192.49.114.0/23 maxlen: 23
192.49.117.0/24 maxlen: 24
192.49.119.0/24 maxlen: 24
192.49.120.0/22 maxlen: 22
192.49.124.0/23 maxlen: 23
192.49.126.0/24 maxlen: 24
192.49.128.0/22 maxlen: 22
192.49.131.0/24 maxlen: 24
192.49.133.0/24 maxlen: 24
192.49.134.0/24 maxlen: 24
192.49.136.0/23 maxlen: 23
192.49.139.0/24 maxlen: 24
192.49.140.0/23 maxlen: 23
192.49.142.0/24 maxlen: 24
192.49.144.0/24 maxlen: 24
192.49.146.0/24 maxlen: 24
192.49.148.0/22 maxlen: 22
192.49.152.0/21 maxlen: 21
192.49.160.0/21 maxlen: 21
192.49.160.0/23 maxlen: 23
192.49.163.0/24 maxlen: 24
192.49.164.0/22 maxlen: 22
192.49.168.0/23 maxlen: 23
192.49.170.0/24 maxlen: 24
192.49.173.0/24 maxlen: 24
192.49.174.0/23 maxlen: 23
192.49.176.0/20 maxlen: 20
192.49.192.0/18 maxlen: 18
2a03:9b80::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:dd:a4:f1:7b:1b:3a:86:f8:0c:a5:5d:21:36:68:7e:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50697943676399ac5cac6a3e476545af0df49dd
Validity
Not Before: Oct 13 12:56:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32ffd7a7997cd3b9f0faba86a9bb96a2285026c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8a:fc:48:ec:da:dc:bb:fa:60:36:6c:52:5d:
51:f0:6a:61:57:e6:61:11:78:6e:d7:04:02:fa:5c:
d8:ec:a7:ba:d6:ef:cc:37:a2:31:7f:0f:d3:0e:91:
35:2e:f6:ba:22:26:9b:78:a0:68:0f:d8:74:94:5b:
73:f2:04:d4:74:2c:8b:db:af:fb:68:b4:2f:6b:c8:
d5:ab:2b:1b:3a:22:76:09:0b:03:a7:1c:bb:07:a3:
a1:94:15:60:c2:9f:99:11:74:f5:20:e9:c4:7b:70:
f1:7d:a9:fb:2b:4e:55:fd:e7:8e:e6:31:d8:24:ac:
9f:e6:84:43:e6:b8:af:42:a8:ad:d0:27:8b:4b:7f:
d0:1d:44:44:4e:0b:b7:3e:c5:54:9c:2c:28:0b:ac:
48:8d:a6:49:15:87:04:08:19:36:14:aa:e5:b1:1e:
e5:22:87:16:86:22:e5:aa:cb:43:f0:fb:94:d4:20:
b7:64:31:bf:fa:98:93:ef:db:51:19:7b:f5:ea:b5:
c6:6c:46:1e:0c:4b:53:fd:b0:68:bf:fc:54:d2:92:
ad:42:e5:ee:a3:ae:a6:8a:85:e2:c7:90:4e:ee:6a:
f5:50:8c:5e:d0:96:cc:69:7c:0b:77:1e:2e:b0:49:
e7:5c:4f:79:df:61:26:b8:19:72:da:41:77:4a:ff:
79:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:FF:D7:A7:99:7C:D3:B9:F0:FA:BA:86:A9:BB:96:A2:28:50:26:C0
X509v3 Authority Key Identifier:
keyid:D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/Mv_Xp5l807nw-rqGqbuWoihQJsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.207.0.0/17
192.49.0.0/21
192.49.9.0-192.49.10.255
192.49.13.0/24
192.49.19.0-192.49.20.255
192.49.22.0/24
192.49.33.0/24
192.49.36.0-192.49.53.255
192.49.55.0-192.49.68.255
192.49.70.0-192.49.73.255
192.49.78.0/24
192.49.81.0/24
192.49.86.0-192.49.115.255
192.49.117.0/24
192.49.119.0-192.49.126.255
192.49.128.0/22
192.49.133.0-192.49.134.255
192.49.136.0/23
192.49.139.0-192.49.142.255
192.49.144.0/24
192.49.146.0/24
192.49.148.0-192.49.170.255
192.49.173.0-192.49.255.255
IPv6:
2a03:9b80::/34
Signature Algorithm: sha256WithRSAEncryption
6c:aa:fe:7f:4e:1d:3c:c2:ff:ae:8c:c2:4c:4d:6c:ce:65:d5:
72:6e:24:e8:3c:17:81:4d:e5:93:3f:c4:bc:0a:38:f8:9f:ff:
e9:9e:a7:37:2d:c6:db:37:13:f8:40:9f:ac:7c:d5:53:ee:4d:
18:e3:bd:10:2a:4b:f9:42:ae:c2:a1:ba:20:10:a7:da:29:80:
08:2f:62:23:04:b6:fa:fc:73:21:7a:71:49:e0:61:24:bf:61:
01:79:02:8a:d1:71:2a:eb:87:1a:f7:25:1f:9e:2e:e0:b2:ee:
ce:9a:6d:b7:63:f0:98:cf:ab:3d:ec:3e:13:e0:e0:bc:aa:96:
2c:d6:28:61:63:d1:ad:a4:aa:6e:24:63:fa:2a:b3:bc:03:e2:
a9:27:32:bf:72:c8:f3:5a:94:dc:97:c3:cc:ce:6b:f7:f1:8c:
e1:01:21:96:00:78:14:00:12:f4:ff:4b:66:49:87:2d:ef:07:
4b:d6:b7:c4:88:c9:f0:74:41:ec:f3:dc:e4:2e:0f:25:91:fe:
86:2a:57:7f:a0:7f:91:0c:ca:a9:f8:9c:93:1a:48:55:16:85:
a7:af:35:51:d4:1f:b0:3d:5d:e2:9a:22:e5:fa:5e:c6:1f:80:
70:f7:40:28:58:ef:5c:d6:01:e5:a1:c5:aa:41:1d:d8:c0:45:
01:92:00:87
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISAZndpPF7GzqG+AylXSE2aH7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDY5Nzk0MzY3NjM5OWFjNWNhYzZhM2U0NzY1NDVhZjBk
ZjQ5ZGQwHhcNMjUxMDEzMTI1NjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmZmZDdhNzk5N2NkM2I5ZjBmYWJhODZhOWJiOTZhMjI4NTAyNmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Yr8SOza3Lv6YDZsUl1R8GphV+Zh
EXhu1wQC+lzY7Ke61u/MN6Ixfw/TDpE1Lva6IiabeKBoD9h0lFtz8gTUdCyL26/7
aLQva8jVqysbOiJ2CQsDpxy7B6OhlBVgwp+ZEXT1IOnEe3Dxfan7K05V/eeO5jHY
JKyf5oRD5rivQqit0CeLS3/QHURETgu3PsVUnCwoC6xIjaZJFYcECBk2FKrlsR7l
IocWhiLlqstD8PuU1CC3ZDG/+piT79tRGXv16rXGbEYeDEtT/bBov/xU0pKtQuXu
o66mioXix5BO7mr1UIxe0JbMaXwLdx4usEnnXE9532EmuBly2kF3Sv95FQIDAQAB
o4IC+jCCAvYwHQYDVR0OBBYEFDL/16eZfNO58Pq6hqm7lqIoUCbAMB8GA1UdIwQY
MBaAFNUGl5Q2djmaxcrGo+R2VFrw30ndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2Yt
OGQyM2FjNWNiNTAyLzEvTXZfWHA1bDgwN253LXJxR3FidVdvaWhRSnNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2YtOGQyM2FjNWNiNTAy
LzEvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDgYIKwYBBQUHAQcBAf8Egf4wgfswgegEAgABMIHhAwQH
g88AAwQDwDEAMAwDBADAMQkDBADAMQoDBADAMQ0wDAMEAMAxEwMEAMAxFAMEAMAx
FgMEAMAxITAMAwQCwDEkAwQBwDE0MAwDBADAMTcDBADAMUQwDAMEAcAxRgMEAcAx
SAMEAMAxTgMEAMAxUTAMAwQBwDFWAwQCwDFwAwQAwDF1MAwDBADAMXcDBADAMX4D
BALAMYAwDAMEAMAxhQMEAMAxhgMEAcAxiDAMAwQAwDGLAwQAwDGOAwQAwDGQAwQA
wDGSMAwDBALAMZQDBADAMaowCwMEAMAxrQMDAcAwMA4EAgACMAgDBgYqA5uAADAN
BgkqhkiG9w0BAQsFAAOCAQEAbKr+f04dPML/rozCTE1szmXVcm4k6DwXgU3lkz/E
vAo4+J//6Z6nNy3G2zcT+ECfrHzVU+5NGOO9ECpL+UKuwqG6IBCn2imACC9iIwS2
+vxzIXpxSeBhJL9hAXkCitFxKuuHGvclH54u4LLuzpptt2PwmM+rPew+E+DgvKqW
LNYoYWPRraSqbiRj+iqzvAPiqScyv3LI81qU3JfDzM5r9/GM4QEhlgB4FAAS9P9L
ZkmHLe8HS9a3xIjJ8HRB7PPc5C4PJZH+hipXf6B/kQzKqfickxpIVRaFp681UdQf
sD1d4poi5fpexh+AcPdAKFjvXNYB5aHFqkEd2MBFAZIAhw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:04:09 2025 by rpki-client