
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/IMkMxuP_HIe-8yHaxaZmmkfgrkU.roa
File: IMkMxuP_HIe-8yHaxaZmmkfgrkU.roa (raw, json)
Hash identifier: VP/3gFLV/p+/OXdm2saWsfz+k4M/NDwKldgBYB4HtdM=
Subject key identifier: 20:C9:0C:C6:E3:FF:1C:87:BE:F3:21:DA:C5:A6:66:9A:47:E0:AE:45
Certificate issuer: /CN=050e3b7dfbd59910fe527cc7e29af64d53806c91
Certificate serial: 01995BEAC1691BFBE08D008C12142DFD0C7A
Authority key identifier: 05:0E:3B:7D:FB:D5:99:10:FE:52:7C:C7:E2:9A:F6:4D:53:80:6C:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQ47ffvVmRD-UnzH4pr2TVOAbJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/IMkMxuP_HIe-8yHaxaZmmkfgrkU.roa
Signing time: Thu 18 Sep 2025 08:22:15 +0000
ROA not before: Thu 18 Sep 2025 08:22:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41899
IP address blocks: 212.37.64.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/BQ47ffvVmRD-UnzH4pr2TVOAbJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/BQ47ffvVmRD-UnzH4pr2TVOAbJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/BQ47ffvVmRD-UnzH4pr2TVOAbJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5b:ea:c1:69:1b:fb:e0:8d:00:8c:12:14:2d:fd:0c:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=050e3b7dfbd59910fe527cc7e29af64d53806c91
Validity
Not Before: Sep 18 08:22:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20c90cc6e3ff1c87bef321dac5a6669a47e0ae45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:dd:a6:17:ff:8e:2f:e0:ee:8a:72:59:e6:94:
7f:ad:0e:07:c9:c3:2d:86:2d:74:28:25:f4:fc:c7:
3e:b4:d2:fb:a7:c2:26:0b:b0:15:93:05:c7:d2:a9:
67:a0:87:78:58:a4:40:da:1e:d2:76:60:5f:71:75:
8e:7a:91:2e:06:1a:33:2a:af:e4:06:00:78:59:02:
e9:86:c4:a3:b0:8a:8b:e2:04:45:0a:38:49:54:50:
db:68:f0:b1:a2:bf:d7:47:2b:0c:3f:ea:5f:7f:18:
46:85:f0:bc:e1:63:db:b8:14:3d:76:5e:a8:b1:5d:
1c:1f:1e:6d:75:02:a6:05:9a:09:80:f3:02:f3:95:
ed:29:eb:1f:6b:3d:90:3d:d6:76:17:bd:11:91:4f:
24:46:fa:4c:12:2c:b8:57:a9:e0:85:44:f2:72:2f:
8a:ff:cb:7a:c4:19:9c:5b:18:14:6d:32:87:11:85:
83:df:11:8c:3e:aa:f2:8e:83:61:09:66:55:3c:e1:
0c:e0:ce:78:b8:52:8f:b5:93:3f:c6:5b:1a:af:a2:
2e:a5:19:c9:38:ab:9f:0c:68:7b:6b:83:2f:ae:78:
5c:85:32:5c:31:7d:9b:78:d7:d1:bc:f5:a9:b7:fc:
96:14:76:c6:ea:b9:ac:49:4f:9c:5b:3b:77:19:14:
1c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C9:0C:C6:E3:FF:1C:87:BE:F3:21:DA:C5:A6:66:9A:47:E0:AE:45
X509v3 Authority Key Identifier:
keyid:05:0E:3B:7D:FB:D5:99:10:FE:52:7C:C7:E2:9A:F6:4D:53:80:6C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQ47ffvVmRD-UnzH4pr2TVOAbJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/IMkMxuP_HIe-8yHaxaZmmkfgrkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/BQ47ffvVmRD-UnzH4pr2TVOAbJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.37.64.0/23
Signature Algorithm: sha256WithRSAEncryption
79:02:89:19:4b:c3:f2:96:cb:b6:c7:18:0b:85:28:b4:fc:f9:
3a:95:70:37:4d:93:e7:df:c7:4d:36:b0:b5:b2:2c:ea:34:f4:
f5:66:c0:47:63:39:be:70:09:84:ff:d5:57:47:8b:1e:70:f5:
70:e6:1b:7b:2b:20:3b:ad:cc:53:55:b1:1c:42:11:5d:25:74:
9c:d0:28:4b:14:12:04:38:f1:3c:81:27:fb:fd:58:99:e2:3d:
26:fe:bb:8d:5a:d4:d6:e5:f4:c0:da:f6:c7:86:a3:d6:51:f7:
21:e8:86:35:7c:b1:4b:2c:75:e7:7a:25:e6:55:61:71:45:b1:
d8:c6:e7:18:6a:d8:89:aa:80:c7:b5:11:9e:b0:05:10:e6:eb:
28:4e:53:c5:c5:10:ef:39:85:53:4f:cb:48:0b:fd:6f:f6:78:
10:18:21:83:9a:7c:c3:7f:d3:91:75:3c:71:98:07:cb:24:ff:
53:d2:7d:25:f3:4a:3e:a3:2f:1e:01:0a:51:d7:87:c0:31:3b:
0b:21:c4:9b:80:9d:06:4f:21:d3:97:22:ca:3b:63:28:df:36:
f6:5f:a3:07:f6:02:da:f3:83:84:72:90:77:6a:bd:2c:38:68:
c1:49:e7:b5:bc:13:80:a3:7e:b9:ee:97:d5:90:22:28:9f:f8:
69:99:be:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZlb6sFpG/vgjQCMEhQt/Qx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MGUzYjdkZmJkNTk5MTBmZTUyN2NjN2UyOWFmNjRkNTM4
MDZjOTEwHhcNMjUwOTE4MDgyMjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGM5MGNjNmUzZmYxYzg3YmVmMzIxZGFjNWE2NjY5YTQ3ZTBhZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod2mF/+OL+DuinJZ5pR/rQ4HycMt
hi10KCX0/Mc+tNL7p8ImC7AVkwXH0qlnoId4WKRA2h7SdmBfcXWOepEuBhozKq/k
BgB4WQLphsSjsIqL4gRFCjhJVFDbaPCxor/XRysMP+pffxhGhfC84WPbuBQ9dl6o
sV0cHx5tdQKmBZoJgPMC85XtKesfaz2QPdZ2F70RkU8kRvpMEiy4V6nghUTyci+K
/8t6xBmcWxgUbTKHEYWD3xGMPqryjoNhCWZVPOEM4M54uFKPtZM/xlsar6IupRnJ
OKufDGh7a4MvrnhchTJcMX2beNfRvPWpt/yWFHbG6rmsSU+cWzt3GRQcUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCDJDMbj/xyHvvMh2sWmZppH4K5FMB8GA1UdIwQY
MBaAFAUOO3371ZkQ/lJ8x+Ka9k1TgGyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlE0N2ZmdlZtUkQtVW56SDRwcjJUVk9BYkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZDk2MGMtZTIzNC00YTA1LWFiYTIt
NGE4Nzc5ZTQ3OGM2LzEvSU1rTXh1UF9ISWUtOHlIYXhhWm1ta2ZncmtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZDk2MGMtZTIzNC00YTA1LWFiYTItNGE4Nzc5ZTQ3OGM2
LzEvQlE0N2ZmdlZtUkQtVW56SDRwcjJUVk9BYkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1CVAMA0G
CSqGSIb3DQEBCwUAA4IBAQB5AokZS8Pylsu2xxgLhSi0/Pk6lXA3TZPn38dNNrC1
sizqNPT1ZsBHYzm+cAmE/9VXR4secPVw5ht7KyA7rcxTVbEcQhFdJXSc0ChLFBIE
OPE8gSf7/ViZ4j0m/ruNWtTW5fTA2vbHhqPWUfch6IY1fLFLLHXneiXmVWFxRbHY
xucYatiJqoDHtRGesAUQ5usoTlPFxRDvOYVTT8tIC/1v9ngQGCGDmnzDf9ORdTxx
mAfLJP9T0n0l80o+oy8eAQpR14fAMTsLIcSbgJ0GTyHTlyLKO2Mo3zb2X6MH9gLa
84OEcpB3ar0sOGjBSee1vBOAo3657pfVkCIon/hpmb7B
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:57 2025 by rpki-client