Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/mrkzf8NOBUjCiGIne7cJGpZl-08.roa
File: mrkzf8NOBUjCiGIne7cJGpZl-08.roa (raw, json)
Hash identifier: 7Goo3rPnhSEL0y2P6dnW5GPI0bAMfoQIZfd8LilGat4=
Subject key identifier: 9A:B9:33:7F:C3:4E:05:48:C2:88:62:27:7B:B7:09:1A:96:65:FB:4F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0199856A579A150FE2719C99C8AF4A4FEE71
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/mrkzf8NOBUjCiGIne7cJGpZl-08.roa
Signing time: Fri 26 Sep 2025 09:46:03 +0000
ROA not before: Fri 26 Sep 2025 09:46:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50716
IP address blocks: 93.171.72.0/22 maxlen: 24
93.171.104.0/21 maxlen: 24
146.158.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:85:6a:57:9a:15:0f:e2:71:9c:99:c8:af:4a:4f:ee:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Sep 26 09:46:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ab9337fc34e0548c28862277bb7091a9665fb4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:7a:6d:fb:01:10:da:77:02:66:ee:53:90:87:
be:3d:45:de:5e:1b:08:96:43:9a:6e:ec:77:b0:9c:
f1:49:22:91:a8:77:58:56:f8:1c:02:dd:2c:49:37:
06:ec:64:76:0a:4e:23:1f:02:10:5c:53:8c:47:08:
e8:34:20:43:66:d0:18:08:fa:00:f7:1d:12:bd:67:
e1:d0:3e:7d:9a:d5:65:60:bb:69:b1:70:13:33:9c:
82:89:56:2e:6d:66:6b:d9:bb:b9:53:4d:d0:46:e8:
32:73:3a:a8:6f:c1:37:49:39:b3:ea:53:4d:1e:00:
60:b4:17:30:11:f0:04:46:53:f9:e0:26:30:77:a5:
29:54:41:ec:6e:3d:3d:94:96:e9:9a:d5:d2:db:ed:
7f:a0:87:ed:7c:f2:93:ed:27:a2:cd:a4:43:49:13:
6d:7e:3d:17:fc:d9:f1:bd:e7:3c:15:4e:d5:98:b3:
cb:39:5b:55:23:31:54:2e:6c:dd:d2:41:19:d0:3b:
0e:de:6b:18:48:70:32:84:59:6e:36:9f:df:32:50:
fe:a8:35:8a:1a:12:5c:88:6d:4a:0d:de:83:17:41:
5b:32:54:65:97:ce:03:b7:c9:d2:d1:f5:a6:1f:4b:
82:41:a1:34:c9:40:fd:a5:e2:53:4b:9e:9c:ed:9b:
11:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B9:33:7F:C3:4E:05:48:C2:88:62:27:7B:B7:09:1A:96:65:FB:4F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/mrkzf8NOBUjCiGIne7cJGpZl-08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.72.0/22
93.171.104.0/21
146.158.80.0/21
Signature Algorithm: sha256WithRSAEncryption
60:28:af:83:d2:81:6a:7a:f2:d6:b6:19:56:c4:dc:22:7f:bd:
f0:be:6e:de:ec:5c:80:fe:d5:e8:a0:7d:a9:17:c0:f9:e7:82:
0d:a9:cc:67:e2:62:19:99:dd:c9:db:f3:ca:79:e4:e1:30:04:
7c:9a:a2:8c:a6:48:82:8b:57:c1:32:9d:2b:a8:b5:93:f7:cf:
88:a5:9f:5b:12:e3:c7:52:94:e1:dc:a2:84:d8:3a:a1:96:7a:
34:93:0a:bb:d1:43:24:3f:23:19:51:fe:08:f6:76:2c:f1:7c:
49:7b:df:7d:fb:4f:a2:ae:de:73:f0:5d:3f:cb:0d:bb:1a:b3:
f9:1f:22:ea:8a:fd:f1:d0:f3:52:42:fd:01:a5:43:a1:02:7f:
a6:54:ca:97:53:32:78:e3:32:2d:39:a4:64:a2:ae:4a:7b:04:
9a:b7:16:f0:a2:8f:cb:9c:33:49:5f:09:ab:6a:dc:40:d2:b8:
d4:bd:3d:6f:1f:d1:4c:73:32:3d:ab:d1:fc:e0:f1:55:39:2c:
c2:01:fe:f0:69:bb:ff:07:f4:91:f0:72:f3:ee:c5:37:db:7e:
8d:eb:ce:84:d4:0d:14:bd:8c:65:ae:ee:c7:48:c6:50:09:aa:
3d:37:58:e4:f4:00:0f:e5:1e:cf:76:c3:2b:af:ed:80:3b:ee:
ca:fe:18:c5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZmFaleaFQ/icZyZyK9KT+5xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwOTI2MDk0NjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWI5MzM3ZmMzNGUwNTQ4YzI4ODYyMjc3YmI3MDkxYTk2NjVmYjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4npt+wEQ2ncCZu5TkIe+PUXeXhsI
lkOabux3sJzxSSKRqHdYVvgcAt0sSTcG7GR2Ck4jHwIQXFOMRwjoNCBDZtAYCPoA
9x0SvWfh0D59mtVlYLtpsXATM5yCiVYubWZr2bu5U03QRugyczqob8E3STmz6lNN
HgBgtBcwEfAERlP54CYwd6UpVEHsbj09lJbpmtXS2+1/oIftfPKT7SeizaRDSRNt
fj0X/Nnxvec8FU7VmLPLOVtVIzFULmzd0kEZ0DsO3msYSHAyhFluNp/fMlD+qDWK
GhJciG1KDd6DF0FbMlRll84Dt8nS0fWmH0uCQaE0yUD9peJTS56c7ZsRowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJq5M3/DTgVIwohiJ3u3CRqWZftPMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvbXJremY4Tk9CVWpDaUdJbmU3Y0pHcFpsLTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXatIAwQD
XatoAwQDkp5QMA0GCSqGSIb3DQEBCwUAA4IBAQBgKK+D0oFqevLWthlWxNwif73w
vm7e7FyA/tXooH2pF8D554INqcxn4mIZmd3J2/PKeeThMAR8mqKMpkiCi1fBMp0r
qLWT98+IpZ9bEuPHUpTh3KKE2Dqhlno0kwq70UMkPyMZUf4I9nYs8XxJe999+0+i
rt5z8F0/yw27GrP5HyLqiv3x0PNSQv0BpUOhAn+mVMqXUzJ44zItOaRkoq5KewSa
txbwoo/LnDNJXwmratxA0rjUvT1vH9FMczI9q9H84PFVOSzCAf7wabv/B/SR8HLz
7sU3236N686E1A0UvYxlru7HSMZQCao9N1jk9AAP5R7PdsMrr+2AO+7K/hjF
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:01 2025 by rpki-client