Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/rAzaD8-4SFX5j-t_AZkG74hcrGo.roa
File: rAzaD8-4SFX5j-t_AZkG74hcrGo.roa (raw, json)
Hash identifier: gUBb80vQa9xzG40VeB1TgYoV9OYlxwRJMp3/2FmSfMI=
Subject key identifier: AC:0C:DA:0F:CF:B8:48:55:F9:8F:EB:7F:01:99:06:EF:88:5C:AC:6A
Certificate issuer: /CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Certificate serial: 01994D8C2B0DEE53CA5E41A5040DCA2DC42A
Authority key identifier: 31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/rAzaD8-4SFX5j-t_AZkG74hcrGo.roa
Signing time: Mon 15 Sep 2025 13:24:15 +0000
ROA not before: Mon 15 Sep 2025 13:24:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199422
IP address blocks: 77.95.64.0/22 maxlen: 22
77.95.64.0/23 maxlen: 23
77.95.66.0/23 maxlen: 23
185.92.20.0/24 maxlen: 24
2a03:9180::/32 maxlen: 32
2a03:9180::/33 maxlen: 33
2a03:9180:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 10:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4d:8c:2b:0d:ee:53:ca:5e:41:a5:04:0d:ca:2d:c4:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Validity
Not Before: Sep 15 13:24:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac0cda0fcfb84855f98feb7f019906ef885cac6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:11:ab:e3:18:5a:0b:5d:cc:a8:8a:46:c9:8b:
55:d4:e7:72:c4:78:63:60:9f:bc:33:9d:1d:b1:12:
e8:50:4b:9d:01:0c:db:d0:fa:c8:90:0f:ea:26:03:
43:32:c6:39:05:03:67:51:c2:ce:11:4b:75:b9:4e:
79:a5:89:12:f6:a4:cf:ad:94:ee:39:19:0a:01:a2:
9b:d6:b0:55:01:48:a2:12:23:ef:31:d4:e0:b3:0f:
ab:5b:f7:8e:91:f3:1d:23:bb:d0:a2:47:35:83:ce:
b7:34:86:62:cf:dd:a1:61:44:6e:85:ca:e8:52:7e:
8e:f4:50:5a:7a:bb:42:b7:c2:06:62:2e:19:b6:af:
61:c7:2b:46:f8:f8:18:a0:84:3f:59:2e:fc:40:b6:
51:86:48:8d:d7:cf:36:32:f2:4c:64:62:a9:79:2e:
94:e8:b3:8d:1a:61:ca:cb:1e:c7:12:c5:d1:86:2d:
0b:32:5d:00:f4:c8:5a:a5:0a:b3:f0:e9:94:69:36:
99:f4:55:a9:67:43:ee:19:61:8d:47:e7:ff:fa:b6:
e6:2f:0a:e2:d9:71:a2:d0:12:c1:b9:f7:4a:90:80:
63:b0:29:da:6f:86:6a:ff:ff:b4:14:41:86:dd:c2:
9e:43:80:68:a0:82:e5:df:02:e7:82:b0:87:d6:e1:
47:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:0C:DA:0F:CF:B8:48:55:F9:8F:EB:7F:01:99:06:EF:88:5C:AC:6A
X509v3 Authority Key Identifier:
keyid:31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/rAzaD8-4SFX5j-t_AZkG74hcrGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.64.0/22
185.92.20.0/24
IPv6:
2a03:9180::/32
Signature Algorithm: sha256WithRSAEncryption
1f:c7:cf:9f:12:5e:d1:5f:3d:8c:36:db:5b:ab:41:8e:6f:0c:
6b:0c:12:cc:f3:f5:da:13:87:7a:22:64:4a:07:5a:39:cf:26:
fa:b2:52:1c:8f:43:6e:0c:47:2f:12:76:2f:38:d6:57:6c:69:
3b:e2:96:70:dc:de:0c:4c:cf:a4:d9:7a:6d:3c:a1:d8:75:fa:
76:c9:95:0e:40:30:b2:aa:1b:9d:f7:9f:54:f5:8c:88:64:8b:
aa:3e:bf:8d:6d:74:6d:9f:76:d0:c1:2a:0e:47:c3:52:19:25:
4b:48:a8:b9:c9:52:61:ad:57:9c:d0:a5:56:d4:db:68:fe:d2:
3f:15:b9:52:62:35:e2:d6:e9:13:e5:dc:49:bc:d2:53:be:04:
f2:65:18:88:d2:2f:d1:0d:de:6f:03:ad:8f:6a:8b:12:d1:32:
a7:3c:3b:7c:1a:02:61:55:d9:71:4c:a6:8b:8b:c5:ec:65:b9:
66:d8:54:f5:20:a3:b2:fb:77:74:05:62:99:39:08:6e:3c:a3:
44:9f:53:d6:dc:67:77:4a:a8:ea:dc:45:7d:93:17:74:6b:f2:
b4:62:48:e7:4f:80:e7:13:8a:a4:43:6e:24:44:8a:51:bc:f2:
eb:51:66:4c:d9:e9:69:86:5e:95:f1:f8:a9:c5:4c:8e:7b:2b:
6f:c2:77:c8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZlNjCsN7lPKXkGlBA3KLcQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMWQ2MmI3ZmQ5ZmNmYzg3ZGZlYTk4NzUxNTc2N2M4Mzhl
MjFiYjkwHhcNMjUwOTE1MTMyNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzBjZGEwZmNmYjg0ODU1Zjk4ZmViN2YwMTk5MDZlZjg4NWNhYzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthGr4xhaC13MqIpGyYtV1OdyxHhj
YJ+8M50dsRLoUEudAQzb0PrIkA/qJgNDMsY5BQNnUcLOEUt1uU55pYkS9qTPrZTu
ORkKAaKb1rBVAUiiEiPvMdTgsw+rW/eOkfMdI7vQokc1g863NIZiz92hYURuhcro
Un6O9FBaertCt8IGYi4Ztq9hxytG+PgYoIQ/WS78QLZRhkiN1882MvJMZGKpeS6U
6LONGmHKyx7HEsXRhi0LMl0A9MhapQqz8OmUaTaZ9FWpZ0PuGWGNR+f/+rbmLwri
2XGi0BLBufdKkIBjsCnab4Zq//+0FEGG3cKeQ4BooILl3wLngrCH1uFHlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKwM2g/PuEhV+Y/rfwGZBu+IXKxqMB8GA1UdIwQY
MBaAFDEdYrf9n8/Iff6ph1FXZ8g44hu5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEt
ODUwZjM0OTA2MjI5LzEvckF6YUQ4LTRTRlg1ai10X0Faa0c3NGhjckdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEtODUwZjM0OTA2MjI5
LzEvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCTV9AAwQA
uVwUMA0EAgACMAcDBQAqA5GAMA0GCSqGSIb3DQEBCwUAA4IBAQAfx8+fEl7RXz2M
Nttbq0GObwxrDBLM8/XaE4d6ImRKB1o5zyb6slIcj0NuDEcvEnYvONZXbGk74pZw
3N4MTM+k2XptPKHYdfp2yZUOQDCyqhud959U9YyIZIuqPr+NbXRtn3bQwSoOR8NS
GSVLSKi5yVJhrVec0KVW1Nto/tI/FblSYjXi1ukT5dxJvNJTvgTyZRiI0i/RDd5v
A62PaosS0TKnPDt8GgJhVdlxTKaLi8XsZblm2FT1IKOy+3d0BWKZOQhuPKNEn1PW
3Gd3Sqjq3EV9kxd0a/K0YkjnT4DnE4qkQ24kRIpRvPLrUWZM2elphl6V8fipxUyO
eytvwnfI
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:55:48 2025 by rpki-client