Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/MgNMWN7Yw9Z5BpjpjFC_KtRELu4.roa
File: MgNMWN7Yw9Z5BpjpjFC_KtRELu4.roa (raw, json)
Hash identifier: 0B4NBJkDd7UDr+PszHSOnakYY6gmosr5v1xaIvPy5Zo=
Subject key identifier: 32:03:4C:58:DE:D8:C3:D6:79:06:98:E9:8C:50:BF:2A:D4:44:2E:EE
Certificate issuer: /CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Certificate serial: 0198C1FDFD0D6750CAEDFF056993AAFE5B52
Authority key identifier: 48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/MgNMWN7Yw9Z5BpjpjFC_KtRELu4.roa
Signing time: Tue 19 Aug 2025 11:01:44 +0000
ROA not before: Tue 19 Aug 2025 11:01:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57811
IP address blocks: 185.73.211.0/24 maxlen: 24
188.64.80.0/23 maxlen: 23
188.64.82.0/24 maxlen: 24
188.64.83.0/24 maxlen: 24
188.64.84.0/24 maxlen: 24
188.64.85.0/24 maxlen: 24
188.64.86.0/24 maxlen: 24
188.64.87.0/24 maxlen: 24
2a00:8dc0::/32 maxlen: 48
2a00:8dc0::/40 maxlen: 40
2a00:8dc0:1000::/40 maxlen: 40
2a00:8dc0:1100::/40 maxlen: 40
2a00:8dc0:1200::/40 maxlen: 40
2a00:8dc0:1300::/40 maxlen: 40
2a00:8dc0:1400::/40 maxlen: 40
2a00:8dc0:1500::/40 maxlen: 40
2a00:8dc0:1600::/40 maxlen: 40
2a00:8dc0:1700::/40 maxlen: 40
2a00:8dc0:aa00::/48 maxlen: 48
2a00:8dc0:b000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/SOBqNRpRibzcRIQJSNv7QKv1i-U.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/SOBqNRpRibzcRIQJSNv7QKv1i-U.mft
rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c1:fd:fd:0d:67:50:ca:ed:ff:05:69:93:aa:fe:5b:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Validity
Not Before: Aug 19 11:01:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32034c58ded8c3d6790698e98c50bf2ad4442eee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5d:bd:d1:f4:30:99:5b:60:43:6d:b7:36:62:
e8:1c:5c:72:43:23:66:8d:f1:e1:5a:74:b5:07:1d:
d6:cf:b9:7e:ea:a5:de:44:96:16:8e:ed:82:e0:ec:
d3:87:9e:37:ee:2c:1a:c3:58:e1:9e:f5:ce:70:fd:
82:ac:68:3a:d8:f9:1e:f3:64:81:63:e5:de:a8:16:
3c:27:9f:9b:04:d5:d7:fa:82:5e:44:42:b7:3b:84:
a1:03:2f:ec:9c:24:c5:0d:41:8a:96:4a:9b:60:6e:
75:a1:3e:bf:b3:1c:34:6b:2c:df:c0:8b:2c:1b:e0:
84:1d:29:63:ff:15:cb:51:9b:08:d3:84:6e:27:52:
d3:f7:13:ad:95:89:2b:19:62:d1:c5:0f:f9:f6:39:
c7:f8:62:2e:94:47:ba:72:8c:4e:5e:4b:67:47:a4:
61:55:29:51:24:03:b9:5a:b5:bf:b2:5b:8a:0e:16:
ff:f1:69:31:33:de:37:5a:88:f4:e0:03:4d:95:fb:
76:47:41:5d:1c:be:da:ec:8b:21:70:9c:e9:98:bf:
1d:cc:43:e1:5c:0d:cb:74:0a:99:ff:5b:69:f1:79:
d9:b5:e1:8d:0e:cc:15:c6:1b:f0:5e:42:97:b5:cc:
d2:e9:90:fb:42:ee:d7:35:7e:62:74:b0:e7:ce:01:
5b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:03:4C:58:DE:D8:C3:D6:79:06:98:E9:8C:50:BF:2A:D4:44:2E:EE
X509v3 Authority Key Identifier:
keyid:48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/MgNMWN7Yw9Z5BpjpjFC_KtRELu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/SOBqNRpRibzcRIQJSNv7QKv1i-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.211.0/24
188.64.80.0/21
IPv6:
2a00:8dc0::/32
Signature Algorithm: sha256WithRSAEncryption
76:1a:e3:94:05:81:ab:8a:f5:d0:dd:94:12:c5:39:fa:30:78:
14:e5:48:3b:23:13:f9:01:bb:2b:a4:26:e2:0e:91:a1:de:38:
01:00:25:f9:97:b0:96:05:39:83:d8:8d:69:b0:c2:0c:91:20:
14:16:4a:b2:07:60:54:ef:99:3f:5a:6f:14:86:dc:0b:3b:50:
c1:e8:f1:e3:92:fb:1c:8f:2a:cf:4e:29:10:bd:16:77:e4:33:
63:31:4f:8c:f6:43:68:e8:e6:b5:42:e3:a1:f1:7e:5f:f2:39:
c3:54:c5:52:f8:17:f6:de:f4:1c:c4:47:ef:7d:24:fe:9f:bb:
a8:47:62:25:b5:89:c3:5c:d5:5b:1f:07:03:b2:2c:1c:44:e7:
8d:68:ab:a7:ea:f8:63:cd:be:c5:8c:d5:fe:40:44:8b:23:fa:
4c:cf:48:d4:aa:fa:5f:c5:04:4c:6f:c2:a6:44:1f:28:a1:06:
57:33:b3:2a:4b:47:d2:38:4c:ae:22:00:4e:70:1b:e4:ff:2e:
20:13:b1:88:b8:d5:4c:41:e6:ed:e0:07:10:ee:f6:2a:f4:ed:
8a:6e:8a:e6:26:75:6f:82:f6:a9:d6:a3:87:a9:c9:9c:ce:08:
d1:4e:0e:eb:d9:e4:d3:8c:0b:09:d9:2d:55:7a:78:97:cd:83:
77:fc:db:39
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZjB/f0NZ1DK7f8FaZOq/ltSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZTA2YTM1MWE1MTg5YmNkYzQ0ODQwOTQ4ZGJmYjQwYWJm
NThiZTUwHhcNMjUwODE5MTEwMTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjAzNGM1OGRlZDhjM2Q2NzkwNjk4ZTk4YzUwYmYyYWQ0NDQyZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF290fQwmVtgQ223NmLoHFxyQyNm
jfHhWnS1Bx3Wz7l+6qXeRJYWju2C4OzTh5437iwaw1jhnvXOcP2CrGg62Pke82SB
Y+XeqBY8J5+bBNXX+oJeREK3O4ShAy/snCTFDUGKlkqbYG51oT6/sxw0ayzfwIss
G+CEHSlj/xXLUZsI04RuJ1LT9xOtlYkrGWLRxQ/59jnH+GIulEe6coxOXktnR6Rh
VSlRJAO5WrW/sluKDhb/8WkxM943Woj04ANNlft2R0FdHL7a7IshcJzpmL8dzEPh
XA3LdAqZ/1tp8XnZteGNDswVxhvwXkKXtczS6ZD7Qu7XNX5idLDnzgFbswIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDIDTFje2MPWeQaY6YxQvyrURC7uMB8GA1UdIwQY
MBaAFEjgajUaUYm83ESECUjb+0Cr9YvlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU09CcU5ScFJpYnpjUklRSlNOdjdRS3YxaS1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82MDBhZWEtOWVhNS00YzY3LWE2MDIt
YWIxYTg3ZWNkZjFiLzEvTWdOTVdON1l3OVo1QnBqcGpGQ19LdFJFTHU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82MDBhZWEtOWVhNS00YzY3LWE2MDItYWIxYTg3ZWNkZjFi
LzEvU09CcU5ScFJpYnpjUklRSlNOdjdRS3YxaS1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuUnTAwQD
vEBQMA0EAgACMAcDBQAqAI3AMA0GCSqGSIb3DQEBCwUAA4IBAQB2GuOUBYGrivXQ
3ZQSxTn6MHgU5Ug7IxP5AbsrpCbiDpGh3jgBACX5l7CWBTmD2I1psMIMkSAUFkqy
B2BU75k/Wm8UhtwLO1DB6PHjkvscjyrPTikQvRZ35DNjMU+M9kNo6Oa1QuOh8X5f
8jnDVMVS+Bf23vQcxEfvfST+n7uoR2IltYnDXNVbHwcDsiwcROeNaKun6vhjzb7F
jNX+QESLI/pMz0jUqvpfxQRMb8KmRB8ooQZXM7MqS0fSOEyuIgBOcBvk/y4gE7GI
uNVMQebt4AcQ7vYq9O2KbormJnVvgvap1qOHqcmczgjRTg7r2eTTjAsJ2S1VeniX
zYN3/Ns5
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:20:48 2025 by rpki-client