Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/b844f6-9d18-4843-8aa2-eb6ee5356613/1/mS84In4S2GtxRNAcGIAkAfe8QQ0.roa
File: mS84In4S2GtxRNAcGIAkAfe8QQ0.roa (raw, json)
Hash identifier: hsZtK2/ugBC0ghQCXcfOgaUjDKhDrffwOoLgS5vdrnE=
Subject key identifier: 99:2F:38:22:7E:12:D8:6B:71:44:D0:1C:18:80:24:01:F7:BC:41:0D
Certificate issuer: /CN=6c03d22478ec86b8544dfb98addeac226f8f07e0
Certificate serial: 0199F1C059D4999187BEBACDCD49FA44CC4E
Authority key identifier: 6C:03:D2:24:78:EC:86:B8:54:4D:FB:98:AD:DE:AC:22:6F:8F:07:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAPSJHjshrhUTfuYrd6sIm-PB-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/b844f6-9d18-4843-8aa2-eb6ee5356613/1/mS84In4S2GtxRNAcGIAkAfe8QQ0.roa
Signing time: Fri 17 Oct 2025 10:38:58 +0000
ROA not before: Fri 17 Oct 2025 10:38:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58209
IP address blocks: 194.117.92.0/24 maxlen: 24
217.18.81.0/24 maxlen: 24
2a0e:5e40::/31 maxlen: 31
2a0e:5e42::/31 maxlen: 31
2a0e:5e47::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/b844f6-9d18-4843-8aa2-eb6ee5356613/1/bAPSJHjshrhUTfuYrd6sIm-PB-A.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/b844f6-9d18-4843-8aa2-eb6ee5356613/1/bAPSJHjshrhUTfuYrd6sIm-PB-A.mft
rsync://rpki.ripe.net/repository/DEFAULT/bAPSJHjshrhUTfuYrd6sIm-PB-A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f1:c0:59:d4:99:91:87:be:ba:cd:cd:49:fa:44:cc:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c03d22478ec86b8544dfb98addeac226f8f07e0
Validity
Not Before: Oct 17 10:38:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=992f38227e12d86b7144d01c18802401f7bc410d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:80:64:e2:39:ae:9a:28:f9:0a:79:6d:cc:0b:
38:60:42:cc:51:b8:a9:11:b2:66:8b:2c:4f:54:ef:
52:09:5d:98:38:b7:a9:dd:4a:a5:ce:99:a9:89:8f:
b2:d3:c5:ed:b0:0e:96:82:05:3e:32:82:45:f5:ae:
30:8e:c1:d0:4c:59:1a:dd:59:36:d9:0d:65:87:97:
df:48:6e:41:3f:f2:41:64:9f:eb:75:97:92:09:4d:
21:52:97:7b:68:1c:00:4e:06:fd:32:1f:27:cd:61:
b5:cf:74:ee:db:80:58:c6:0a:2a:67:b9:3c:c0:7e:
50:23:3e:ae:25:3b:03:e0:17:fa:14:cd:65:0c:d6:
20:9b:18:8a:3d:b2:b1:11:d7:6e:d8:7c:67:d8:3f:
87:24:e2:da:32:c8:45:14:71:ed:6a:42:82:ab:0e:
2b:f0:70:47:8b:69:39:77:90:5b:eb:b1:dc:6f:80:
d3:a0:df:73:62:6a:03:12:26:fd:3e:1c:80:51:cf:
64:7f:42:cd:c9:82:b4:09:77:62:db:b9:b6:eb:ea:
13:3f:17:99:cd:c7:df:08:6f:88:23:f3:9a:56:e7:
8a:79:4d:0b:66:e2:a8:5e:99:da:99:96:6a:b9:68:
a1:5b:c7:b9:15:58:08:d2:68:a3:46:c2:27:f2:8f:
b4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2F:38:22:7E:12:D8:6B:71:44:D0:1C:18:80:24:01:F7:BC:41:0D
X509v3 Authority Key Identifier:
keyid:6C:03:D2:24:78:EC:86:B8:54:4D:FB:98:AD:DE:AC:22:6F:8F:07:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAPSJHjshrhUTfuYrd6sIm-PB-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/b844f6-9d18-4843-8aa2-eb6ee5356613/1/mS84In4S2GtxRNAcGIAkAfe8QQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/b844f6-9d18-4843-8aa2-eb6ee5356613/1/bAPSJHjshrhUTfuYrd6sIm-PB-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.117.92.0/24
217.18.81.0/24
IPv6:
2a0e:5e40::/30
2a0e:5e47::/32
Signature Algorithm: sha256WithRSAEncryption
10:6e:41:71:37:48:46:b6:54:9e:e1:0e:01:fc:5e:02:8b:80:
d2:86:e1:62:71:53:40:6f:66:3c:ef:e4:d9:a4:bd:20:e1:0e:
20:4d:e8:87:7d:9c:9e:5a:25:a4:42:c7:6d:50:32:3a:c6:eb:
48:c8:5e:8f:b3:98:3f:c4:e7:de:59:6d:39:59:00:c8:2e:87:
bd:63:f8:ff:33:a8:40:75:b4:a9:37:b5:97:21:91:92:3c:16:
2c:b9:4f:41:3c:46:25:ed:68:33:df:61:97:c8:0a:3a:d4:2a:
a2:68:79:11:25:aa:2e:30:d3:51:1a:30:c5:cb:75:db:f6:f9:
ab:8d:3c:e8:63:68:b5:3c:8c:b3:ff:84:74:48:0a:74:cc:74:
f3:1e:b5:84:fe:48:f3:1f:e6:16:9b:04:8a:bf:34:47:85:07:
23:07:aa:33:1f:78:17:fc:e4:f3:d4:44:9a:b7:da:1f:96:74:
eb:31:63:9d:59:55:6f:73:8b:9b:54:c6:20:b5:c2:06:9b:c0:
b3:40:55:94:eb:51:2f:50:af:b0:f3:d4:03:85:1e:c0:34:fc:
37:65:d6:ad:cd:89:a6:bd:75:75:1b:b2:bc:18:2a:6b:4c:18:
18:2a:e2:c5:32:7a:45:27:b1:9d:65:c9:2f:a6:96:af:d3:1e:
2f:7b:44:0e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZnxwFnUmZGHvrrNzUn6RMxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDNkMjI0NzhlYzg2Yjg1NDRkZmI5OGFkZGVhYzIyNmY4
ZjA3ZTAwHhcNMjUxMDE3MTAzODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJmMzgyMjdlMTJkODZiNzE0NGQwMWMxODgwMjQwMWY3YmM0MTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIBk4jmumij5CnltzAs4YELMUbip
EbJmiyxPVO9SCV2YOLep3UqlzpmpiY+y08XtsA6WggU+MoJF9a4wjsHQTFka3Vk2
2Q1lh5ffSG5BP/JBZJ/rdZeSCU0hUpd7aBwATgb9Mh8nzWG1z3Tu24BYxgoqZ7k8
wH5QIz6uJTsD4Bf6FM1lDNYgmxiKPbKxEddu2Hxn2D+HJOLaMshFFHHtakKCqw4r
8HBHi2k5d5Bb67Hcb4DToN9zYmoDEib9PhyAUc9kf0LNyYK0CXdi27m26+oTPxeZ
zcffCG+II/OaVueKeU0LZuKoXpnamZZquWihW8e5FVgI0mijRsIn8o+0jQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJkvOCJ+EthrcUTQHBiAJAH3vEENMB8GA1UdIwQY
MBaAFGwD0iR47Ia4VE37mK3erCJvjwfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFQU0pIanNocmhVVGZ1WXJkNnNJbS1QQi1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9iODQ0ZjYtOWQxOC00ODQzLThhYTIt
ZWI2ZWU1MzU2NjEzLzEvbVM4NEluNFMyR3R4Uk5BY0dJQWtBZmU4UVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9iODQ0ZjYtOWQxOC00ODQzLThhYTItZWI2ZWU1MzU2NjEz
LzEvYkFQU0pIanNocmhVVGZ1WXJkNnNJbS1QQi1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAwnVcAwQA
2RJRMBQEAgACMA4DBQIqDl5AAwUAKg5eRzANBgkqhkiG9w0BAQsFAAOCAQEAEG5B
cTdIRrZUnuEOAfxeAouA0obhYnFTQG9mPO/k2aS9IOEOIE3oh32cnlolpELHbVAy
OsbrSMhej7OYP8Tn3lltOVkAyC6HvWP4/zOoQHW0qTe1lyGRkjwWLLlPQTxGJe1o
M99hl8gKOtQqomh5ESWqLjDTURowxct12/b5q4086GNotTyMs/+EdEgKdMx08x61
hP5I8x/mFpsEir80R4UHIweqMx94F/zk89REmrfaH5Z06zFjnVlVb3OLm1TGILXC
BpvAs0BVlOtRL1CvsPPUA4UewDT8N2XWrc2Jpr11dRuyvBgqa0wYGCrixTJ6RSex
nWXJL6aWr9MeL3tEDg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:57:45 2025 by rpki-client