Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/034971-b4da-4ba4-8d6e-d3c8a48f7a32/1/mygXRxPx2D1UXJyXM04ODWybylU.roa
File: mygXRxPx2D1UXJyXM04ODWybylU.roa (raw, json)
Hash identifier: H0IWRuq52mUhkCTHvw9eNNClwcqWk5xJXDx9B164fD0=
Subject key identifier: 9B:28:17:47:13:F1:D8:3D:54:5C:9C:97:33:4E:0E:0D:6C:9B:CA:55
Certificate issuer: /CN=77a53d2e97704dbea831a6440072904ee91a71b0
Certificate serial: 0199B916C2820CAE466040167213C947876A
Authority key identifier: 77:A5:3D:2E:97:70:4D:BE:A8:31:A6:44:00:72:90:4E:E9:1A:71:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d6U9LpdwTb6oMaZEAHKQTukacbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/034971-b4da-4ba4-8d6e-d3c8a48f7a32/1/mygXRxPx2D1UXJyXM04ODWybylU.roa
Signing time: Mon 06 Oct 2025 10:35:00 +0000
ROA not before: Mon 06 Oct 2025 10:35:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42510
IP address blocks: 176.103.64.0/21 maxlen: 21
176.103.64.0/22 maxlen: 22
176.103.64.0/23 maxlen: 23
176.103.66.0/23 maxlen: 23
176.103.68.0/22 maxlen: 22
176.103.68.0/23 maxlen: 23
176.103.70.0/23 maxlen: 23
193.200.68.0/23 maxlen: 23
193.200.68.0/24 maxlen: 24
193.200.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/034971-b4da-4ba4-8d6e-d3c8a48f7a32/1/d6U9LpdwTb6oMaZEAHKQTukacbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/034971-b4da-4ba4-8d6e-d3c8a48f7a32/1/d6U9LpdwTb6oMaZEAHKQTukacbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/d6U9LpdwTb6oMaZEAHKQTukacbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b9:16:c2:82:0c:ae:46:60:40:16:72:13:c9:47:87:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77a53d2e97704dbea831a6440072904ee91a71b0
Validity
Not Before: Oct 6 10:35:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b28174713f1d83d545c9c97334e0e0d6c9bca55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:98:91:36:77:9e:36:0e:50:a3:37:57:d2:18:
bd:74:23:b5:52:af:63:c1:94:14:33:16:32:ae:2d:
5d:19:b5:71:10:d3:57:a0:04:04:04:7f:07:b5:ed:
85:46:97:30:1b:c1:8a:fd:2b:f9:38:16:92:13:a4:
c9:e6:35:c7:38:72:66:26:e5:2c:22:02:df:26:02:
c5:c1:ae:9d:25:6d:fc:6b:6b:ab:0d:10:46:9f:12:
6f:20:3c:f4:ec:90:24:e7:00:de:bd:f9:c3:38:66:
b2:e4:74:28:47:ff:3d:8e:ec:ce:a2:39:2c:7d:1f:
7a:7c:9c:6a:63:35:9e:ac:5d:f9:ee:d9:9d:ec:f1:
a6:8f:ce:b1:f6:f5:bf:68:b3:40:da:24:b4:2b:fb:
87:dc:05:57:ef:8f:02:6d:4e:dd:4f:9b:b0:80:51:
c4:de:01:f6:55:f0:d2:f9:b2:7a:3b:16:80:99:42:
6b:28:f8:e3:ab:2b:2b:a6:37:cf:1c:6f:47:fe:04:
0c:48:15:fa:79:7f:66:a2:ad:3f:0f:4a:41:f3:2f:
3b:1d:b6:ce:4c:34:76:da:dd:da:29:3c:44:6b:fc:
2b:71:67:ff:39:da:0a:c5:e8:a2:a9:30:93:f0:1f:
39:e4:4f:05:ba:84:0a:fe:02:69:a2:13:bb:36:f5:
33:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:28:17:47:13:F1:D8:3D:54:5C:9C:97:33:4E:0E:0D:6C:9B:CA:55
X509v3 Authority Key Identifier:
keyid:77:A5:3D:2E:97:70:4D:BE:A8:31:A6:44:00:72:90:4E:E9:1A:71:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6U9LpdwTb6oMaZEAHKQTukacbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/034971-b4da-4ba4-8d6e-d3c8a48f7a32/1/mygXRxPx2D1UXJyXM04ODWybylU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/034971-b4da-4ba4-8d6e-d3c8a48f7a32/1/d6U9LpdwTb6oMaZEAHKQTukacbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.103.64.0/21
193.200.68.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:d8:de:e9:e8:f3:21:f1:f5:c8:01:f1:76:c3:68:6c:e2:40:
75:d6:0b:7c:da:4a:1c:07:c6:96:5b:c3:a8:18:a4:ab:0c:94:
5f:e7:fb:13:01:8e:78:a9:cc:5d:3c:0f:fa:ab:cf:42:e1:7f:
83:c7:2d:d7:b0:b2:2c:66:53:59:9f:1d:5c:16:77:f3:5f:ad:
cb:6e:fb:ef:d2:6f:68:a3:1d:ac:40:70:ad:4a:56:eb:4c:b4:
8b:ed:21:8e:09:6a:f7:89:2e:4c:8d:45:ea:e5:5c:f2:b6:21:
11:5e:a0:e2:26:b4:4b:5e:5b:ad:55:bd:29:28:e0:c0:0d:71:
b7:4a:7b:5e:c7:70:ce:c9:3c:42:69:41:e2:3c:11:48:7a:84:
cc:f7:2a:9b:47:3b:da:21:c4:28:6d:e1:da:86:ae:b5:56:cd:
9f:35:0f:60:7f:2b:72:3d:4c:ea:ae:60:1f:b6:7e:5a:41:74:
4f:78:3d:e9:a3:13:ad:6c:d4:f1:5d:a1:be:05:a9:d9:30:88:
f7:09:e5:13:da:a9:8a:71:65:b5:bf:69:c2:1b:6c:ce:f8:eb:
c5:94:44:91:1f:ef:eb:5c:81:2a:4d:b3:17:fa:e9:2f:fc:bf:
3f:04:79:11:24:a2:71:17:d9:79:5f:28:05:89:24:90:78:22:
aa:ef:15:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZm5FsKCDK5GYEAWchPJR4dqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YTUzZDJlOTc3MDRkYmVhODMxYTY0NDAwNzI5MDRlZTkx
YTcxYjAwHhcNMjUxMDA2MTAzNTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjI4MTc0NzEzZjFkODNkNTQ1YzljOTczMzRlMGUwZDZjOWJjYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5iRNneeNg5QozdX0hi9dCO1Uq9j
wZQUMxYyri1dGbVxENNXoAQEBH8Hte2FRpcwG8GK/Sv5OBaSE6TJ5jXHOHJmJuUs
IgLfJgLFwa6dJW38a2urDRBGnxJvIDz07JAk5wDevfnDOGay5HQoR/89juzOojks
fR96fJxqYzWerF357tmd7PGmj86x9vW/aLNA2iS0K/uH3AVX748CbU7dT5uwgFHE
3gH2VfDS+bJ6OxaAmUJrKPjjqysrpjfPHG9H/gQMSBX6eX9moq0/D0pB8y87HbbO
TDR22t3aKTxEa/wrcWf/OdoKxeiiqTCT8B855E8FuoQK/gJpohO7NvUz3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJsoF0cT8dg9VFyclzNODg1sm8pVMB8GA1UdIwQY
MBaAFHelPS6XcE2+qDGmRABykE7pGnGwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDZVOUxwZHdUYjZvTWFaRUFIS1FUdWthY2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8wMzQ5NzEtYjRkYS00YmE0LThkNmUt
ZDNjOGE0OGY3YTMyLzEvbXlnWFJ4UHgyRDFVWEp5WE0wNE9EV3lieWxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8wMzQ5NzEtYjRkYS00YmE0LThkNmUtZDNjOGE0OGY3YTMy
LzEvZDZVOUxwZHdUYjZvTWFaRUFIS1FUdWthY2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsGdAAwQB
wchEMA0GCSqGSIb3DQEBCwUAA4IBAQCn2N7p6PMh8fXIAfF2w2hs4kB11gt82koc
B8aWW8OoGKSrDJRf5/sTAY54qcxdPA/6q89C4X+Dxy3XsLIsZlNZnx1cFnfzX63L
bvvv0m9oox2sQHCtSlbrTLSL7SGOCWr3iS5MjUXq5VzytiERXqDiJrRLXlutVb0p
KODADXG3Sntex3DOyTxCaUHiPBFIeoTM9yqbRzvaIcQobeHahq61Vs2fNQ9gfyty
PUzqrmAftn5aQXRPeD3poxOtbNTxXaG+BanZMIj3CeUT2qmKcWW1v2nCG2zO+OvF
lESRH+/rXIEqTbMX+ukv/L8/BHkRJKJxF9l5XygFiSSQeCKq7xW6
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:16:16 2025 by rpki-client