Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/MNlQF5nG0eeT7QS_s8UJC2BbGl4.roa
File: MNlQF5nG0eeT7QS_s8UJC2BbGl4.roa (raw, json)
Hash identifier: msf9qspTIOl4MPPSDjXBam+bCbkt7kvUjAGSdIfDP0c=
Subject key identifier: 30:D9:50:17:99:C6:D1:E7:93:ED:04:BF:B3:C5:09:0B:60:5B:1A:5E
Certificate issuer: /CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Certificate serial: 019932F7BF76FB0BFF722C1C98B87B8D5097
Authority key identifier: 16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/MNlQF5nG0eeT7QS_s8UJC2BbGl4.roa
Signing time: Wed 10 Sep 2025 09:32:01 +0000
ROA not before: Wed 10 Sep 2025 09:32:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203576
IP address blocks: 5.180.184.0/24 maxlen: 24
5.180.185.0/24 maxlen: 24
5.180.186.0/24 maxlen: 24
5.180.187.0/24 maxlen: 24
83.150.212.0/24 maxlen: 24
83.150.213.0/24 maxlen: 24
83.150.214.0/24 maxlen: 24
83.150.215.0/24 maxlen: 24
89.252.188.0/24 maxlen: 32
89.252.189.0/24 maxlen: 32
89.252.190.0/24 maxlen: 32
89.252.191.0/24 maxlen: 32
185.126.216.0/24 maxlen: 32
185.126.217.0/24 maxlen: 32
185.126.218.0/24 maxlen: 32
185.126.219.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.mft
rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:32:f7:bf:76:fb:0b:ff:72:2c:1c:98:b8:7b:8d:50:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Validity
Not Before: Sep 10 09:32:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30d9501799c6d1e793ed04bfb3c5090b605b1a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4f:13:33:b2:e6:13:74:be:ce:81:54:38:db:
de:60:b7:89:77:ec:b1:4b:46:86:2c:3f:0c:f0:e1:
c4:47:77:62:26:e7:81:e8:61:f8:fc:e6:79:ae:fa:
51:cf:0e:cf:80:66:30:5d:e4:ca:49:27:cf:35:7e:
e5:af:cc:ec:9d:ba:b9:5b:c8:8e:6a:82:4c:23:bc:
05:42:87:d2:a6:20:cb:aa:af:30:46:d8:48:9e:32:
3c:b7:8e:06:d5:1d:4a:f8:1a:43:9e:e8:c6:a6:60:
b6:98:91:91:3a:00:18:63:e1:f2:d7:43:ed:7f:8a:
43:b4:65:f2:b6:55:fe:03:c9:a9:eb:e3:36:a8:84:
0a:c8:e8:7d:58:9e:13:96:67:aa:40:c7:89:4d:79:
97:d1:9f:cd:51:64:49:25:3c:f7:bf:8f:d4:b7:f5:
f5:c5:35:6c:c6:cd:62:66:a2:66:fd:4d:96:e1:71:
ec:5d:58:3c:46:13:bc:bf:1c:c5:eb:95:ce:00:2c:
43:47:fa:5f:8f:75:2d:01:4c:5a:ae:a5:5f:c5:18:
bd:d1:d6:b3:80:ac:84:e6:9a:ac:3e:7d:f4:61:5e:
fd:80:68:86:ad:3f:07:17:fd:0a:63:ff:72:e8:ec:
75:fb:88:e5:69:a7:91:dd:bd:8d:1e:75:f3:72:95:
55:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D9:50:17:99:C6:D1:E7:93:ED:04:BF:B3:C5:09:0B:60:5B:1A:5E
X509v3 Authority Key Identifier:
keyid:16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/MNlQF5nG0eeT7QS_s8UJC2BbGl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.184.0/22
83.150.212.0/22
89.252.188.0/22
185.126.216.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:f5:8b:e0:21:9b:21:01:44:ee:98:06:a6:80:f8:8c:ca:04:
fd:11:bf:96:72:35:d5:e2:c8:7c:25:11:78:05:57:3f:fc:fa:
6a:30:b5:5e:56:5d:53:f3:dc:c3:f2:22:c3:30:6a:c3:a6:1f:
89:0d:a0:19:a1:6c:37:d5:94:73:58:92:58:7d:3d:b6:57:00:
f7:7f:85:84:38:a9:99:52:9b:4d:16:6a:e3:0c:b5:1e:f6:69:
9d:d0:3e:f6:31:9a:1a:0c:94:12:10:50:10:5a:6d:d2:bd:71:
80:0a:cd:79:b1:b0:28:40:08:5b:94:5d:8c:10:b0:62:8d:85:
da:78:b0:4b:b9:aa:36:13:20:9c:9c:07:7d:eb:78:4c:96:b3:
4f:6a:0f:52:d6:32:9f:0a:b8:83:bd:38:5b:6f:1d:b9:97:83:
4d:4a:de:d0:83:52:5e:6d:69:ce:f8:67:61:74:37:4b:e2:4c:
43:61:a6:97:ac:e8:de:e5:29:44:4f:b2:1d:50:0d:d4:5a:41:
ae:99:83:02:27:51:fc:e2:b8:28:1e:67:71:6c:bf:0e:33:aa:
51:fd:af:4b:e2:c1:89:f3:ef:fa:d0:e8:4f:0c:ad:af:86:bc:
3d:29:52:87:88:7c:ad:53:5e:ff:43:bc:b9:43:7a:4d:b4:b3:
d4:6f:cc:fd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZky9792+wv/ciwcmLh7jVCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2ODYwMGRmYWM5ZDNkMWE3NWU2NjMwZDY5NzEwMmYyZjIx
MzJjNDgwHhcNMjUwOTEwMDkzMjAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQ5NTAxNzk5YzZkMWU3OTNlZDA0YmZiM2M1MDkwYjYwNWIxYTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnE8TM7LmE3S+zoFUONveYLeJd+yx
S0aGLD8M8OHER3diJueB6GH4/OZ5rvpRzw7PgGYwXeTKSSfPNX7lr8zsnbq5W8iO
aoJMI7wFQofSpiDLqq8wRthInjI8t44G1R1K+BpDnujGpmC2mJGROgAYY+Hy10Pt
f4pDtGXytlX+A8mp6+M2qIQKyOh9WJ4TlmeqQMeJTXmX0Z/NUWRJJTz3v4/Ut/X1
xTVsxs1iZqJm/U2W4XHsXVg8RhO8vxzF65XOACxDR/pfj3UtAUxarqVfxRi90daz
gKyE5pqsPn30YV79gGiGrT8HF/0KY/9y6Ox1+4jlaaeR3b2NHnXzcpVVpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDDZUBeZxtHnk+0Ev7PFCQtgWxpeMB8GA1UdIwQY
MBaAFBaGAN+snT0adeZjDWlxAvLyEyxIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEt
MThkYmU2NTA0YmI0LzEvTU5sUUY1bkcwZWVUN1FTX3M4VUpDMkJiR2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9hZjM1YzMtN2Y4MS00ODI5LThkYmEtMThkYmU2NTA0YmI0
LzEvRm9ZQTM2eWRQUnAxNW1NTmFYRUM4dklUTEVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBbS4AwQC
U5bUAwQCWfy8AwQCuX7YMA0GCSqGSIb3DQEBCwUAA4IBAQBq9YvgIZshAUTumAam
gPiMygT9Eb+WcjXV4sh8JRF4BVc//PpqMLVeVl1T89zD8iLDMGrDph+JDaAZoWw3
1ZRzWJJYfT22VwD3f4WEOKmZUptNFmrjDLUe9mmd0D72MZoaDJQSEFAQWm3SvXGA
Cs15sbAoQAhblF2MELBijYXaeLBLuao2EyCcnAd963hMlrNPag9S1jKfCriDvThb
bx25l4NNSt7Qg1JebWnO+GdhdDdL4kxDYaaXrOje5SlET7IdUA3UWkGumYMCJ1H8
4rgoHmdxbL8OM6pR/a9L4sGJ8+/60OhPDK2vhrw9KVKHiHytU17/Q7y5Q3pNtLPU
b8z9
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:25:15 2025 by rpki-client