
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/MPC4WGBwWzUKQ4MIf9vheq3ljf8.roa
File: MPC4WGBwWzUKQ4MIf9vheq3ljf8.roa (raw, json)
Hash identifier: X1yT4PQqSCT8h7K1UyGvzdMze10lM3EBcX0jmIp7dhY=
Subject key identifier: 30:F0:B8:58:60:70:5B:35:0A:43:83:08:7F:DB:E1:7A:AD:E5:8D:FF
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 0199DC656DC76D4B8A6355F914A395111AF1
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/MPC4WGBwWzUKQ4MIf9vheq3ljf8.roa
Signing time: Mon 13 Oct 2025 07:07:38 +0000
ROA not before: Mon 13 Oct 2025 07:07:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20326
IP address blocks: 80.246.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:dc:65:6d:c7:6d:4b:8a:63:55:f9:14:a3:95:11:1a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Oct 13 07:07:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30f0b85860705b350a4383087fdbe17aade58dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:04:71:ab:b5:d9:03:ed:bd:d1:9c:5c:17:1e:
d2:ed:b0:69:14:82:8e:47:37:80:d0:82:ef:fc:fc:
e7:6c:62:85:18:96:3e:06:3e:9e:95:84:d4:29:89:
a0:a8:6b:0f:d5:44:1b:bc:0e:f7:63:0c:63:81:46:
44:03:26:1a:71:fe:f3:65:70:88:92:a8:44:cc:21:
37:04:3c:e3:ae:d6:77:5a:5d:45:86:9a:7f:1d:37:
77:88:37:44:4a:f1:f7:68:93:45:ac:c5:76:14:15:
50:22:71:47:e5:0b:bb:e9:d9:49:08:7e:4d:cb:95:
c3:89:4b:13:39:a3:92:7d:3e:1b:56:09:02:50:97:
fa:83:ca:4e:32:62:82:4f:f2:e6:de:69:39:5b:2f:
9d:49:cd:72:b3:6f:22:ab:b4:64:26:54:a5:59:c5:
72:8b:7b:ac:61:e0:25:d9:fa:0c:34:4e:59:19:a9:
02:61:e0:41:ee:f1:ab:25:4f:d2:fd:f6:5b:bb:96:
64:08:9c:43:04:00:0d:3d:d0:07:3c:87:92:18:82:
c8:a3:12:cd:4e:52:51:e9:82:39:fb:95:2f:e9:2d:
79:ad:e5:f6:1e:aa:04:aa:e5:d3:b4:3e:89:af:40:
37:7b:07:cd:a6:ff:30:bf:02:fb:4b:a2:78:c6:c0:
e3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F0:B8:58:60:70:5B:35:0A:43:83:08:7F:DB:E1:7A:AD:E5:8D:FF
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/MPC4WGBwWzUKQ4MIf9vheq3ljf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.246.232.0/21
Signature Algorithm: sha256WithRSAEncryption
95:95:3e:7a:60:4a:9c:a1:81:04:b8:ee:5e:5b:52:b8:95:5c:
91:dd:35:10:84:49:db:63:ec:59:6e:86:01:86:d2:7e:37:0c:
51:cc:dd:22:90:16:b7:7a:2a:aa:a3:f6:18:c2:9b:e7:61:e2:
39:37:ec:2b:c6:fa:05:af:65:a5:18:09:4b:03:a3:70:41:48:
81:20:ea:39:9d:ca:27:5a:5a:0c:ed:c1:b9:80:17:63:6b:d5:
c0:a1:8f:b1:40:ec:02:f8:cb:bd:ff:45:69:75:98:05:68:ad:
fd:97:7b:24:16:60:1b:10:bf:ec:28:78:35:6b:30:ea:75:57:
60:05:34:ae:c4:b6:99:8b:2a:7f:22:d0:01:aa:df:a3:25:d2:
09:2b:24:f8:11:a9:98:a2:12:6c:2c:01:97:58:bf:0e:30:aa:
e2:2b:05:d4:65:27:b0:98:a8:35:b5:07:9c:aa:c0:1a:c6:c3:
25:63:ee:04:72:ca:23:05:94:45:4b:68:d6:8f:28:27:88:5a:
07:21:de:af:ce:72:44:6a:a2:8d:6e:3e:75:08:15:a0:81:08:
80:d6:d5:4b:18:6e:e4:08:97:c8:97:f4:74:fa:71:76:8d:db:
3c:bd:03:e3:d7:6d:ee:a6:f5:f4:49:b5:01:82:b6:bd:16:e5:
5d:78:fc:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZncZW3HbUuKY1X5FKOVERrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjUxMDEzMDcwNzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGYwYjg1ODYwNzA1YjM1MGE0MzgzMDg3ZmRiZTE3YWFkZTU4ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwRxq7XZA+290ZxcFx7S7bBpFIKO
RzeA0ILv/PznbGKFGJY+Bj6elYTUKYmgqGsP1UQbvA73YwxjgUZEAyYacf7zZXCI
kqhEzCE3BDzjrtZ3Wl1Fhpp/HTd3iDdESvH3aJNFrMV2FBVQInFH5Qu76dlJCH5N
y5XDiUsTOaOSfT4bVgkCUJf6g8pOMmKCT/Lm3mk5Wy+dSc1ys28iq7RkJlSlWcVy
i3usYeAl2foMNE5ZGakCYeBB7vGrJU/S/fZbu5ZkCJxDBAANPdAHPIeSGILIoxLN
TlJR6YI5+5Uv6S15reX2HqoEquXTtD6Jr0A3ewfNpv8wvwL7S6J4xsDjRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDDwuFhgcFs1CkODCH/b4Xqt5Y3/MB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvTVBDNFdHQndXelVLUTRNSWY5dmhlcTNsamY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUPboMA0G
CSqGSIb3DQEBCwUAA4IBAQCVlT56YEqcoYEEuO5eW1K4lVyR3TUQhEnbY+xZboYB
htJ+NwxRzN0ikBa3eiqqo/YYwpvnYeI5N+wrxvoFr2WlGAlLA6NwQUiBIOo5ncon
WloM7cG5gBdja9XAoY+xQOwC+Mu9/0VpdZgFaK39l3skFmAbEL/sKHg1azDqdVdg
BTSuxLaZiyp/ItABqt+jJdIJKyT4EamYohJsLAGXWL8OMKriKwXUZSewmKg1tQec
qsAaxsMlY+4EcsojBZRFS2jWjygniFoHId6vznJEaqKNbj51CBWggQiA1tVLGG7k
CJfIl/R0+nF2jds8vQPj123upvX0SbUBgra9FuVdePwA
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:11:16 2025 by rpki-client