Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/McrPxtZ4iO15y_FX1Gn0nEEhCRI.roa
File: McrPxtZ4iO15y_FX1Gn0nEEhCRI.roa (raw, json)
Hash identifier: Di4q+SxrGvFBIxKBjSQx7OeEmS+PC0BTc6BdjCyUk3M=
Subject key identifier: 31:CA:CF:C6:D6:78:88:ED:79:CB:F1:57:D4:69:F4:9C:41:21:09:12
Certificate issuer: /CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Certificate serial: 019951FB6BBEF4427CEFA5F194A3DA5D4D34
Authority key identifier: B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/McrPxtZ4iO15y_FX1Gn0nEEhCRI.roa
Signing time: Tue 16 Sep 2025 10:04:15 +0000
ROA not before: Tue 16 Sep 2025 10:04:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41421
IP address blocks: 31.214.137.0/24 maxlen: 24
31.214.138.0/24 maxlen: 24
31.214.140.0/24 maxlen: 24
31.214.145.0/24 maxlen: 24
37.157.200.0/21 maxlen: 21
86.106.22.0/24 maxlen: 24
89.35.60.0/23 maxlen: 23
89.250.192.0/20 maxlen: 20
91.132.112.0/23 maxlen: 23
93.115.39.0/24 maxlen: 24
103.248.24.0/24 maxlen: 24
159.253.240.0/21 maxlen: 21
185.53.132.0/22 maxlen: 24
185.104.155.0/24 maxlen: 24
185.128.156.0/22 maxlen: 22
185.170.65.0/24 maxlen: 24
185.194.212.0/22 maxlen: 24
188.65.40.0/21 maxlen: 21
193.91.4.0/24 maxlen: 24
193.91.12.0/23 maxlen: 23
194.5.180.0/24 maxlen: 24
2a01:b8e0::/32 maxlen: 32
2a02:4c80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.mft
rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:51:fb:6b:be:f4:42:7c:ef:a5:f1:94:a3:da:5d:4d:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Validity
Not Before: Sep 16 10:04:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31cacfc6d67888ed79cbf157d469f49c41210912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6b:a6:c1:f7:b3:ef:b7:7f:7f:4f:fe:c9:f7:
d1:9e:25:c1:6a:98:4c:03:d9:78:6b:d0:16:64:bb:
65:90:ba:d1:16:d4:dc:5c:7c:de:9f:fe:de:d3:2a:
a4:b1:ba:da:0b:f3:78:c7:c6:16:da:6a:e3:82:1d:
77:91:48:14:19:56:c6:d5:ba:1c:05:08:19:13:34:
93:0e:23:72:dd:41:18:6c:af:6d:fa:4d:60:8b:fe:
e3:bd:4d:4c:f2:2e:46:e1:20:d9:09:a6:32:7d:a8:
6f:7a:9d:f8:44:62:42:b6:2c:03:81:b1:e4:1b:e2:
23:5e:69:67:1e:4b:30:d8:f8:58:a7:ef:ae:df:2b:
4d:8e:d2:ea:8e:2e:83:68:16:f1:13:f4:de:75:32:
ab:de:72:32:cc:f9:41:90:10:60:e3:d0:61:31:48:
61:06:c4:7e:1e:bd:dd:e7:6f:a4:ef:40:47:92:d0:
54:59:e1:25:15:14:ad:f7:58:dd:73:ad:db:ee:5d:
ee:b2:a2:26:ac:45:5d:34:16:f0:b7:34:67:95:33:
b6:34:bf:0a:43:cc:43:45:19:82:89:5c:62:8d:31:
81:cc:d8:ed:c9:11:8a:4e:7c:7d:9d:11:1a:3f:d3:
1f:82:fe:2a:67:22:a0:06:ab:51:57:d1:2e:ac:83:
ec:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:CA:CF:C6:D6:78:88:ED:79:CB:F1:57:D4:69:F4:9C:41:21:09:12
X509v3 Authority Key Identifier:
keyid:B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/McrPxtZ4iO15y_FX1Gn0nEEhCRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.137.0-31.214.138.255
31.214.140.0/24
31.214.145.0/24
37.157.200.0/21
86.106.22.0/24
89.35.60.0/23
89.250.192.0/20
91.132.112.0/23
93.115.39.0/24
103.248.24.0/24
159.253.240.0/21
185.53.132.0/22
185.104.155.0/24
185.128.156.0/22
185.170.65.0/24
185.194.212.0/22
188.65.40.0/21
193.91.4.0/24
193.91.12.0/23
194.5.180.0/24
IPv6:
2a01:b8e0::/32
2a02:4c80::/32
Signature Algorithm: sha256WithRSAEncryption
0e:e1:04:d5:a1:d7:33:e9:c5:f3:a6:c2:4b:47:36:56:3a:d2:
c2:d2:83:ab:e2:e4:39:8c:31:79:c7:00:32:59:46:80:b3:d6:
2b:2f:0d:50:5e:5c:f0:73:a3:03:71:7e:66:08:3f:ac:b3:10:
7f:a3:bb:46:06:0c:2c:9a:3f:b3:cf:44:27:f7:48:0c:37:41:
c9:75:36:c2:96:46:b8:1a:29:cb:10:5d:1f:b9:84:f0:b4:fe:
2d:cf:ad:da:20:0e:1a:28:e2:a7:c1:e6:4e:26:37:e7:a2:21:
93:17:eb:49:eb:01:81:08:1a:17:ba:3c:36:f4:2f:20:c5:43:
9f:a2:ea:8c:76:16:c1:3d:25:a1:58:73:bc:ca:72:76:e3:0c:
2d:36:d6:05:83:73:43:4f:d6:83:0e:c6:51:aa:2a:6c:ce:95:
57:26:ee:08:5e:0b:8d:65:5a:61:d3:6b:51:58:67:b6:fc:ea:
d5:e5:29:3d:0c:f8:a9:6a:b6:23:dc:62:81:65:4d:a1:98:2a:
ed:9f:57:4c:d7:51:f8:d1:f3:83:8e:40:5e:6e:6a:2b:79:17:
d9:10:a1:0f:9b:d2:7e:bd:e8:2d:92:e8:9e:f5:49:3d:4d:16:
80:b1:e3:0a:ad:70:42:43:aa:95:f5:18:f0:10:7d:ee:89:3e:
ac:48:0b:ba
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZlR+2u+9EJ876XxlKPaXU00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDkxNjhmZGI1MmU5YjdkMWE3YTVlOGY1MThlZGZiYzJj
M2Y5YWYwHhcNMjUwOTE2MTAwNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWNhY2ZjNmQ2Nzg4OGVkNzljYmYxNTdkNDY5ZjQ5YzQxMjEwOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGumwfez77d/f0/+yffRniXBaphM
A9l4a9AWZLtlkLrRFtTcXHzen/7e0yqksbraC/N4x8YW2mrjgh13kUgUGVbG1boc
BQgZEzSTDiNy3UEYbK9t+k1gi/7jvU1M8i5G4SDZCaYyfahvep34RGJCtiwDgbHk
G+IjXmlnHksw2PhYp++u3ytNjtLqji6DaBbxE/TedTKr3nIyzPlBkBBg49BhMUhh
BsR+Hr3d52+k70BHktBUWeElFRSt91jdc63b7l3usqImrEVdNBbwtzRnlTO2NL8K
Q8xDRRmCiVxijTGBzNjtyRGKTnx9nREaP9Mfgv4qZyKgBqtRV9EurIPsDwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFDHKz8bWeIjtecvxV9Rp9JxBIQkSMB8GA1UdIwQY
MBaAFLQJFo/bUum30ael6PUY7fvCw/mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2Qt
ZmE3MThhYzlkNzU4LzEvTWNyUHh0WjRpTzE1eV9GWDFHbjBuRUVoQ1JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2QtZmE3MThhYzlkNzU4
LzEvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBhwQCAAEwgYAwDAME
AB/WiQMEAB/WigMEAB/WjAMEAB/WkQMEAyWdyAMEAFZqFgMEAVkjPAMEBFn6wAME
AVuEcAMEAF1zJwMEAGf4GAMEA5/98AMEArk1hAMEALlomwMEArmAnAMEALmqQQME
ArnC1AMEA7xBKAMEAMFbBAMEAcFbDAMEAMIFtDAUBAIAAjAOAwUAKgG44AMFACoC
TIAwDQYJKoZIhvcNAQELBQADggEBAA7hBNWh1zPpxfOmwktHNlY60sLSg6vi5DmM
MXnHADJZRoCz1isvDVBeXPBzowNxfmYIP6yzEH+ju0YGDCyaP7PPRCf3SAw3Qcl1
NsKWRrgaKcsQXR+5hPC0/i3PrdogDhoo4qfB5k4mN+eiIZMX60nrAYEIGhe6PDb0
LyDFQ5+i6ox2FsE9JaFYc7zKcnbjDC021gWDc0NP1oMOxlGqKmzOlVcm7gheC41l
WmHTa1FYZ7b86tXlKT0M+KlqtiPcYoFlTaGYKu2fV0zXUfjR84OOQF5uait5F9kQ
oQ+b0n696C2S6J71ST1NFoCx4wqtcEJDqpX1GPAQfe6JPqxIC7o=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:57:54 2025 by rpki-client