Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/MnZ1UPaVCGVHsNlWr6g8E6HAsqk.roa
File: MnZ1UPaVCGVHsNlWr6g8E6HAsqk.roa (raw, json)
Hash identifier: FH915nFqYYP34soWy98+e7VhhgoPoCqjvzoYA7ew36s=
Subject key identifier: 32:76:75:50:F6:95:08:65:47:B0:D9:56:AF:A8:3C:13:A1:C0:B2:A9
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 01977872B58D58166B4CED38951815D61374
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/MnZ1UPaVCGVHsNlWr6g8E6HAsqk.roa
Signing time: Mon 16 Jun 2025 11:14:32 +0000
ROA not before: Mon 16 Jun 2025 11:14:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 5.182.36.0/24 maxlen: 24
5.182.37.0/24 maxlen: 24
5.182.38.0/24 maxlen: 24
5.182.39.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.146.0/24 maxlen: 24
45.8.147.0/24 maxlen: 24
45.67.34.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.87.152.0/24 maxlen: 24
45.87.153.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.87.155.0/24 maxlen: 24
45.89.52.0/22 maxlen: 24
45.89.52.0/24 maxlen: 24
45.89.54.0/24 maxlen: 24
45.89.55.0/24 maxlen: 24
45.93.10.0/24 maxlen: 24
45.93.11.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.159.249.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.251.0/24 maxlen: 24
92.118.88.0/22 maxlen: 24
92.119.200.0/22 maxlen: 24
93.185.166.0/24 maxlen: 24
141.98.168.0/24 maxlen: 24
141.98.169.0/24 maxlen: 24
141.98.170.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.205.0/24 maxlen: 24
185.231.206.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
188.119.121.0/24 maxlen: 24
188.119.122.0/24 maxlen: 24
188.119.123.0/24 maxlen: 24
188.119.124.0/24 maxlen: 24
188.119.125.0/24 maxlen: 24
193.43.146.0/24 maxlen: 24
193.43.147.0/24 maxlen: 24
193.46.56.0/24 maxlen: 24
193.46.57.0/24 maxlen: 24
193.57.136.0/24 maxlen: 24
193.57.137.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
193.57.139.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
194.4.50.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.116.172.0/24 maxlen: 24
194.116.173.0/24 maxlen: 24
194.116.190.0/24 maxlen: 24
194.116.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:78:72:b5:8d:58:16:6b:4c:ed:38:95:18:15:d6:13:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jun 16 11:14:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32767550f695086547b0d956afa83c13a1c0b2a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4e:ce:56:81:dc:56:b2:7b:40:af:e8:50:78:
81:44:7d:05:84:65:5d:86:21:43:c9:6e:d9:20:64:
cb:26:d0:8d:cc:25:5c:ca:4d:ad:7e:6b:47:3a:a7:
08:08:91:26:97:1c:c8:33:4d:b0:19:fb:53:03:8e:
51:cf:03:1f:22:96:47:56:43:46:5f:7b:65:07:1b:
72:d9:77:e3:74:c6:08:0d:a0:0c:6b:97:b7:64:bd:
76:cc:9e:e1:93:09:ac:3f:51:c6:34:0a:47:23:07:
03:6f:2b:72:b3:67:ae:ac:1b:6f:87:88:5d:ce:cc:
42:e0:3f:96:b3:d5:5c:5d:da:d5:97:5e:66:02:d1:
a3:04:dc:24:c4:58:94:2f:3d:89:8b:7f:0e:a0:5c:
05:a8:c6:81:0b:ec:ed:67:3a:5e:92:b7:5e:f8:61:
0d:77:97:df:59:b1:b9:3f:ee:aa:be:97:dc:23:e1:
e5:bc:09:44:64:4e:df:c9:07:df:69:68:8a:ae:e7:
33:71:3a:48:19:8c:0a:7c:9f:8f:60:0c:f3:45:31:
b1:71:fd:6b:69:fa:33:9c:39:8f:05:cd:4f:03:85:
53:00:07:cb:85:81:d0:aa:fa:71:8f:dc:8d:ab:f4:
34:65:44:bb:9c:fa:8b:8b:b3:af:6d:14:d8:f7:5b:
b6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:76:75:50:F6:95:08:65:47:B0:D9:56:AF:A8:3C:13:A1:C0:B2:A9
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/MnZ1UPaVCGVHsNlWr6g8E6HAsqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.36.0/22
45.8.144.0/22
45.67.34.0/23
45.84.0.0/24
45.87.152.0/22
45.89.52.0/22
45.93.10.0/23
45.159.248.0/22
92.118.88.0/22
92.119.200.0/22
93.185.166.0/24
141.98.168.0-141.98.170.255
185.231.204.0/22
188.119.121.0-188.119.125.255
193.43.146.0/23
193.46.56.0/23
193.57.136.0/22
194.4.48.0/22
194.116.172.0/23
194.116.190.0/23
Signature Algorithm: sha256WithRSAEncryption
af:b0:33:ec:66:44:e7:fe:5e:a6:a5:91:3c:8c:ae:34:d3:98:
98:9d:4c:04:ca:2f:17:5e:ec:2c:8d:9a:93:27:c7:0c:2e:0d:
35:01:1c:83:0c:b1:26:79:26:4b:ab:d8:b8:b3:dc:ea:19:e4:
b4:87:5e:d1:5e:cc:70:cf:c1:86:4b:60:8f:6f:19:85:aa:54:
49:2a:37:29:d4:d1:e4:14:f1:35:3f:3b:be:f7:77:c5:c9:0f:
f4:ab:bd:84:2b:f6:7a:35:44:b8:45:ac:f3:9e:c7:5e:4d:e1:
7c:e2:15:29:c6:b7:34:65:99:e1:20:c2:ba:7f:c6:9f:6a:d1:
54:59:e5:dd:e8:3b:7a:75:53:fe:6a:0b:cf:51:de:49:4b:bc:
2f:30:41:7f:9f:ec:fb:1c:b3:3d:8e:a6:3d:23:09:13:d8:ac:
bc:36:8b:b1:30:d9:ff:dc:c7:ab:ea:f9:58:a6:3a:cb:9f:e0:
5c:7e:55:4a:95:20:8d:df:c9:74:c4:d4:56:53:be:16:b1:32:
d1:46:ea:49:48:6c:c3:1b:34:4e:2e:58:01:07:89:c0:58:f4:
6a:f0:cb:83:e7:81:f3:ef:e9:5a:9f:6b:bd:d1:b0:38:65:7f:
8b:32:0b:95:a1:4f:07:85:ce:69:64:27:f8:49:45:13:87:ad:
60:8f:9e:e8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZd4crWNWBZrTO04lRgV1hN0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwNjE2MTExNDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjc2NzU1MGY2OTUwODY1NDdiMGQ5NTZhZmE4M2MxM2ExYzBiMmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw07OVoHcVrJ7QK/oUHiBRH0FhGVd
hiFDyW7ZIGTLJtCNzCVcyk2tfmtHOqcICJEmlxzIM02wGftTA45RzwMfIpZHVkNG
X3tlBxty2XfjdMYIDaAMa5e3ZL12zJ7hkwmsP1HGNApHIwcDbytys2eurBtvh4hd
zsxC4D+Ws9VcXdrVl15mAtGjBNwkxFiULz2Ji38OoFwFqMaBC+ztZzpekrde+GEN
d5ffWbG5P+6qvpfcI+HlvAlEZE7fyQffaWiKruczcTpIGYwKfJ+PYAzzRTGxcf1r
afoznDmPBc1PA4VTAAfLhYHQqvpxj9yNq/Q0ZUS7nPqLi7OvbRTY91u2GQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFDJ2dVD2lQhlR7DZVq+oPBOhwLKpMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvTW5aMVVQYVZDR1ZIc05sV3I2ZzhFNkhBc3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAIF
tiQDBAItCJADBAEtQyIDBAAtVAADBAItV5gDBAItWTQDBAEtXQoDBAItn/gDBAJc
dlgDBAJcd8gDBABduaYwDAMEA41iqAMEAI1iqgMEArnnzDAMAwQAvHd5AwQBvHd8
AwQBwSuSAwQBwS44AwQCwTmIAwQCwgQwAwQBwnSsAwQBwnS+MA0GCSqGSIb3DQEB
CwUAA4IBAQCvsDPsZkTn/l6mpZE8jK4005iYnUwEyi8XXuwsjZqTJ8cMLg01ARyD
DLEmeSZLq9i4s9zqGeS0h17RXsxwz8GGS2CPbxmFqlRJKjcp1NHkFPE1Pzu+93fF
yQ/0q72EK/Z6NUS4RazznsdeTeF84hUpxrc0ZZnhIMK6f8afatFUWeXd6Dt6dVP+
agvPUd5JS7wvMEF/n+z7HLM9jqY9IwkT2Ky8NouxMNn/3Mer6vlYpjrLn+BcflVK
lSCN38l0xNRWU74WsTLRRupJSGzDGzROLlgBB4nAWPRq8MuD54Hz7+lan2u90bA4
ZX+LMguVoU8Hhc5pZCf4SUUTh61gj57o
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:51:28 2025 by rpki-client