Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/mq67U8AOrv7b74cfkdBYBaypO5A.roa
File: mq67U8AOrv7b74cfkdBYBaypO5A.roa (raw, json)
Hash identifier: QY68SLY4zF8tJakUE4WpAwOGlOvHrGkBCR0Es/TMl1s=
Subject key identifier: 9A:AE:BB:53:C0:0E:AE:FE:DB:EF:87:1F:91:D0:58:05:AC:A9:3B:90
Certificate issuer: /CN=3026806a6b8dac68c2a32b65849229524fc33da7
Certificate serial: 0198819BAC527FB6882E06A35D532CC8AC95
Authority key identifier: 30:26:80:6A:6B:8D:AC:68:C2:A3:2B:65:84:92:29:52:4F:C3:3D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCaAamuNrGjCoytlhJIpUk_DPac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/mq67U8AOrv7b74cfkdBYBaypO5A.roa
Signing time: Wed 06 Aug 2025 22:58:39 +0000
ROA not before: Wed 06 Aug 2025 22:58:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47536
IP address blocks: 193.105.29.0/24 maxlen: 24
2001:678:964::/48 maxlen: 48
2a12:79c0:100::/48 maxlen: 48
2a12:79c0:200::/48 maxlen: 48
2a12:79c0:300::/48 maxlen: 48
2a12:79c0:400::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/MCaAamuNrGjCoytlhJIpUk_DPac.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/MCaAamuNrGjCoytlhJIpUk_DPac.mft
rsync://rpki.ripe.net/repository/DEFAULT/MCaAamuNrGjCoytlhJIpUk_DPac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:81:9b:ac:52:7f:b6:88:2e:06:a3:5d:53:2c:c8:ac:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3026806a6b8dac68c2a32b65849229524fc33da7
Validity
Not Before: Aug 6 22:58:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9aaebb53c00eaefedbef871f91d05805aca93b90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9e:ca:46:68:21:8e:b6:19:ee:b1:74:94:58:
21:42:0a:d3:50:ce:e8:72:2e:54:d9:88:bc:34:5d:
9d:77:42:94:16:85:f2:82:50:a0:cf:1b:3b:a8:53:
da:fe:e8:7e:3f:b7:32:a4:15:41:5b:85:0e:8a:a7:
f5:79:49:20:3c:d7:62:c4:a2:22:e2:ae:11:38:db:
fa:af:e0:74:18:05:0c:e8:62:38:29:90:b7:c7:ef:
e0:71:0b:48:df:f3:fc:05:93:0b:c3:ad:92:45:fa:
cf:34:cb:dd:6a:33:d5:e3:bb:7e:a4:50:0f:4b:5d:
d4:7f:4f:72:5c:d7:0a:f1:e2:9c:32:49:ce:24:6c:
c6:ef:95:e6:25:b4:3e:ef:60:e8:56:cd:4d:7c:80:
dc:c1:5c:30:35:38:75:ec:1e:ca:4b:21:c3:95:5f:
8c:90:7d:a3:5e:1d:f0:c5:08:32:18:32:88:53:08:
16:7d:6d:1a:8a:54:c4:59:18:fc:97:08:c8:fc:d8:
d2:80:63:3b:ef:6a:e4:09:6f:ff:50:7f:5e:23:61:
62:cb:89:7a:0d:76:68:ef:4d:80:43:d3:35:b8:2a:
ee:43:68:6d:35:c9:01:4e:ea:f9:88:e6:e1:5f:82:
24:fa:c5:50:fd:82:9e:87:64:eb:64:a2:43:70:c2:
bc:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:AE:BB:53:C0:0E:AE:FE:DB:EF:87:1F:91:D0:58:05:AC:A9:3B:90
X509v3 Authority Key Identifier:
keyid:30:26:80:6A:6B:8D:AC:68:C2:A3:2B:65:84:92:29:52:4F:C3:3D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCaAamuNrGjCoytlhJIpUk_DPac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/mq67U8AOrv7b74cfkdBYBaypO5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9dca0e-a41b-4972-bbb5-08e2b1017927/1/MCaAamuNrGjCoytlhJIpUk_DPac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.29.0/24
IPv6:
2001:678:964::/48
2a12:79c0:100::/48
2a12:79c0:200::/48
2a12:79c0:300::/48
2a12:79c0:400::/48
Signature Algorithm: sha256WithRSAEncryption
28:e7:a3:19:63:c1:5d:3c:ab:e5:08:9b:4e:d2:f9:e7:d7:7c:
dc:ce:32:ad:86:0a:25:fc:ce:cf:86:72:27:d0:b0:a0:d3:6f:
67:0a:6c:74:3e:b4:46:9b:0b:35:23:2d:05:6f:cc:14:65:53:
29:79:d3:73:b9:f1:1c:65:7a:2c:4d:d9:c7:eb:a3:36:64:68:
5b:72:4d:2d:65:62:52:b6:fc:ef:16:18:b3:42:8c:3f:a1:7b:
a2:03:a5:d9:e9:cc:33:c6:aa:76:e1:7c:50:93:8e:da:ee:5e:
a0:7d:b7:b2:53:a2:f2:46:4c:a8:86:95:c7:a8:f5:52:e0:23:
f6:57:71:d4:b9:a1:cb:ac:80:4b:df:ea:99:85:b4:f5:09:e7:
2f:37:85:9e:ba:7c:eb:54:c9:5c:cb:b6:bc:98:70:39:a2:5b:
cb:d1:35:5c:dd:a2:56:83:6f:0e:b4:47:00:e5:b0:19:00:4a:
9e:1b:72:03:8f:ea:fe:b2:02:8c:4f:8e:d5:e3:a2:6a:37:bd:
eb:7c:b3:d5:16:d4:96:0c:9d:d8:47:58:23:9a:98:eb:2f:a1:
c1:eb:89:dd:8d:8a:b0:fc:e3:d3:7a:10:66:e3:e3:b3:53:b1:
68:29:0f:2e:ce:9b:fe:57:c7:bb:17:fe:2d:3d:81:9f:5a:69:
b6:25:d1:f2
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZiBm6xSf7aILgajXVMsyKyVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjY4MDZhNmI4ZGFjNjhjMmEzMmI2NTg0OTIyOTUyNGZj
MzNkYTcwHhcNMjUwODA2MjI1ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWFlYmI1M2MwMGVhZWZlZGJlZjg3MWY5MWQwNTgwNWFjYTkzYjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZ7KRmghjrYZ7rF0lFghQgrTUM7o
ci5U2Yi8NF2dd0KUFoXyglCgzxs7qFPa/uh+P7cypBVBW4UOiqf1eUkgPNdixKIi
4q4RONv6r+B0GAUM6GI4KZC3x+/gcQtI3/P8BZMLw62SRfrPNMvdajPV47t+pFAP
S13Uf09yXNcK8eKcMknOJGzG75XmJbQ+72DoVs1NfIDcwVwwNTh17B7KSyHDlV+M
kH2jXh3wxQgyGDKIUwgWfW0ailTEWRj8lwjI/NjSgGM772rkCW//UH9eI2Fiy4l6
DXZo702AQ9M1uCruQ2htNckBTur5iObhX4Ik+sVQ/YKeh2TrZKJDcMK8swIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFJquu1PADq7+2++HH5HQWAWsqTuQMB8GA1UdIwQY
MBaAFDAmgGprjaxowqMrZYSSKVJPwz2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNhQWFtdU5yR2pDb3l0bGhKSXBVa19EUGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZGNhMGUtYTQxYi00OTcyLWJiYjUt
MDhlMmIxMDE3OTI3LzEvbXE2N1U4QU9ydjdiNzRjZmtkQllCYXlwTzVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZGNhMGUtYTQxYi00OTcyLWJiYjUtMDhlMmIxMDE3OTI3
LzEvTUNhQWFtdU5yR2pDb3l0bGhKSXBVa19EUGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAMBAIAATAGAwQAwWkdMDME
AgACMC0DBwAgAQZ4CWQDBwAqEnnAAQADBwAqEnnAAgADBwAqEnnAAwADBwAqEnnA
BAAwDQYJKoZIhvcNAQELBQADggEBACjnoxljwV08q+UIm07S+efXfNzOMq2GCiX8
zs+GcifQsKDTb2cKbHQ+tEabCzUjLQVvzBRlUyl503O58RxleixN2cfrozZkaFty
TS1lYlK2/O8WGLNCjD+he6IDpdnpzDPGqnbhfFCTjtruXqB9t7JTovJGTKiGlceo
9VLgI/ZXcdS5ocusgEvf6pmFtPUJ5y83hZ66fOtUyVzLtryYcDmiW8vRNVzdolaD
bw60RwDlsBkASp4bcgOP6v6yAoxPjtXjomo3vet8s9UW1JYMndhHWCOamOsvocHr
id2NirD849N6EGbj47NTsWgpDy7Om/5Xx7sX/i09gZ9aabYl0fI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:28:52 2025 by rpki-client