Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/mnqy6-9I7syV5NnsLpWi3fpLOC8.roa
File: mnqy6-9I7syV5NnsLpWi3fpLOC8.roa (raw, json)
Hash identifier: D7NIMHiclQcbihcQ+Xv2aL1MIBNF7eOXt+OvwoXOrNc=
Subject key identifier: 9A:7A:B2:EB:EF:48:EE:CC:95:E4:D9:EC:2E:95:A2:DD:FA:4B:38:2F
Certificate issuer: /CN=222c4585bd88fb27cadf29ee5bb95d6575fcef83
Certificate serial: 0198C0F3DD77BFE43E52C279AED4448E25C6
Authority key identifier: 22:2C:45:85:BD:88:FB:27:CA:DF:29:EE:5B:B9:5D:65:75:FC:EF:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/mnqy6-9I7syV5NnsLpWi3fpLOC8.roa
Signing time: Tue 19 Aug 2025 06:11:04 +0000
ROA not before: Tue 19 Aug 2025 06:11:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6206
IP address blocks: 89.43.112.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.mft
rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c0:f3:dd:77:bf:e4:3e:52:c2:79:ae:d4:44:8e:25:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=222c4585bd88fb27cadf29ee5bb95d6575fcef83
Validity
Not Before: Aug 19 06:11:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a7ab2ebef48eecc95e4d9ec2e95a2ddfa4b382f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d9:bf:b6:a9:ee:1d:6a:e9:13:d7:d4:12:2f:
5b:6c:f7:bb:fc:2d:e5:3e:de:0b:08:5f:7e:74:55:
99:86:e8:86:8e:3c:e8:5c:07:3a:46:46:96:57:ac:
9c:f9:04:20:82:d7:ee:b2:0d:2f:06:f4:04:26:89:
0a:eb:59:93:ee:46:e1:a7:e7:5b:d8:cd:22:55:6d:
f1:0a:a3:10:3b:a1:df:f4:80:38:62:c2:a1:cc:ae:
68:84:7c:3f:12:72:98:a0:00:a6:74:6d:bd:3c:5d:
9d:ad:22:63:c2:0d:9a:c7:01:22:2f:1a:ef:fd:90:
2b:0c:8d:a2:f8:dd:d7:11:5f:9e:29:48:96:14:04:
16:4c:18:e6:ef:78:ae:b2:ef:c8:f7:a3:45:74:21:
2e:01:ba:ba:51:a0:d9:66:8c:ff:63:78:e5:56:20:
01:42:cd:16:26:fa:4c:7e:ed:73:00:1f:1c:fb:72:
b1:0f:35:05:e6:15:74:81:1d:8c:49:05:18:eb:b2:
61:25:20:b1:e6:4e:41:7c:70:79:1f:6b:35:4c:7f:
03:81:a1:58:cc:dd:3e:ef:4a:0b:14:3e:69:c8:54:
7e:18:61:74:8b:37:60:1a:8b:21:9a:42:56:09:3f:
92:ac:e3:54:d8:a6:41:06:c2:d9:8c:40:aa:77:9d:
98:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:7A:B2:EB:EF:48:EE:CC:95:E4:D9:EC:2E:95:A2:DD:FA:4B:38:2F
X509v3 Authority Key Identifier:
keyid:22:2C:45:85:BD:88:FB:27:CA:DF:29:EE:5B:B9:5D:65:75:FC:EF:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/mnqy6-9I7syV5NnsLpWi3fpLOC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.112.0/22
Signature Algorithm: sha256WithRSAEncryption
79:d4:ee:91:66:63:ff:69:fd:18:00:a1:f5:64:61:16:a9:36:
e5:3a:ec:ba:88:6d:08:94:e1:f7:d9:5b:88:71:07:62:12:a6:
a4:04:d3:90:96:d2:b3:a8:b8:c2:e2:c3:d7:4f:37:01:85:db:
04:52:37:33:61:c9:85:fb:d0:15:81:28:ec:14:bf:2f:42:f0:
83:4a:76:43:ab:1d:ae:51:30:15:f7:02:78:a5:b1:d4:ce:9c:
1b:6b:0a:e0:ae:e5:2a:84:7a:77:1f:d5:98:0a:13:da:76:eb:
ad:d3:a3:cb:3f:ef:40:20:87:69:fc:09:60:61:24:53:a8:8b:
62:b5:ef:41:88:33:eb:d3:25:ce:ec:7a:fa:ae:6f:c5:d9:d1:
8a:4a:fd:a0:46:da:a0:11:8a:40:af:f1:eb:63:32:a2:00:c3:
6d:6b:1a:1e:05:bf:82:ec:65:12:f0:49:be:32:f1:d7:fe:fe:
a7:65:c0:f3:1c:4f:42:d5:e5:dd:f6:37:5f:82:70:aa:fd:28:
93:42:77:aa:08:50:56:84:74:aa:2c:12:75:0c:fb:b3:be:e3:
a6:6d:63:b1:e2:2f:c8:fa:de:90:ec:38:f6:f5:95:e3:10:ea:
73:b6:27:c9:f5:55:ed:ea:86:ec:57:4e:d1:cd:94:55:1d:5f:
59:8f:3c:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjA8913v+Q+UsJ5rtREjiXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMmM0NTg1YmQ4OGZiMjdjYWRmMjllZTViYjk1ZDY1NzVm
Y2VmODMwHhcNMjUwODE5MDYxMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTdhYjJlYmVmNDhlZWNjOTVlNGQ5ZWMyZTk1YTJkZGZhNGIzODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9m/tqnuHWrpE9fUEi9bbPe7/C3l
Pt4LCF9+dFWZhuiGjjzoXAc6RkaWV6yc+QQggtfusg0vBvQEJokK61mT7kbhp+db
2M0iVW3xCqMQO6Hf9IA4YsKhzK5ohHw/EnKYoACmdG29PF2drSJjwg2axwEiLxrv
/ZArDI2i+N3XEV+eKUiWFAQWTBjm73iusu/I96NFdCEuAbq6UaDZZoz/Y3jlViAB
Qs0WJvpMfu1zAB8c+3KxDzUF5hV0gR2MSQUY67JhJSCx5k5BfHB5H2s1TH8DgaFY
zN0+70oLFD5pyFR+GGF0izdgGoshmkJWCT+SrONU2KZBBsLZjECqd52YvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJp6suvvSO7MleTZ7C6Vot36SzgvMB8GA1UdIwQY
MBaAFCIsRYW9iPsnyt8p7lu5XWV1/O+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWl4RmhiMkkteWZLM3ludVc3bGRaWFg4NzRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZWIzNjUtODAzYS00YzJmLWI3YWUt
YzY0N2E4YzFkZGZhLzEvbW5xeTYtOUk3c3lWNU5uc0xwV2kzZnBMT0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZWIzNjUtODAzYS00YzJmLWI3YWUtYzY0N2E4YzFkZGZh
LzEvSWl4RmhiMkkteWZLM3ludVc3bGRaWFg4NzRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWStwMA0G
CSqGSIb3DQEBCwUAA4IBAQB51O6RZmP/af0YAKH1ZGEWqTblOuy6iG0IlOH32VuI
cQdiEqakBNOQltKzqLjC4sPXTzcBhdsEUjczYcmF+9AVgSjsFL8vQvCDSnZDqx2u
UTAV9wJ4pbHUzpwbawrgruUqhHp3H9WYChPaduut06PLP+9AIIdp/AlgYSRTqIti
te9BiDPr0yXO7Hr6rm/F2dGKSv2gRtqgEYpAr/HrYzKiAMNtaxoeBb+C7GUS8Em+
MvHX/v6nZcDzHE9C1eXd9jdfgnCq/SiTQneqCFBWhHSqLBJ1DPuzvuOmbWOx4i/I
+t6Q7Dj29ZXjEOpztifJ9VXt6obsV07RzZRVHV9ZjzyB
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:41:29 2025 by rpki-client