Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mJfyrmEjb3DG71ymZA5-l-jDpcg.roa
File: mJfyrmEjb3DG71ymZA5-l-jDpcg.roa (raw, json)
Hash identifier: Dn2G/Xb6l/Pv7RMD2oA+wvBpFexsKHJScGmbkOC6hjI=
Subject key identifier: 98:97:F2:AE:61:23:6F:70:C6:EF:5C:A6:64:0E:7E:97:E8:C3:A5:C8
Certificate issuer: /CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Certificate serial: 0197876B9215934B3CDBAD1661B1A4799D38
Authority key identifier: 9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mJfyrmEjb3DG71ymZA5-l-jDpcg.roa
Signing time: Thu 19 Jun 2025 09:01:03 +0000
ROA not before: Thu 19 Jun 2025 09:01:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35237
IP address blocks: 84.252.144.0/23 maxlen: 24
84.252.144.0/24 maxlen: 24
84.252.145.0/24 maxlen: 24
84.252.146.0/24 maxlen: 24
84.252.147.0/24 maxlen: 24
84.252.149.0/24 maxlen: 24
84.252.150.0/24 maxlen: 24
84.252.151.0/24 maxlen: 24
84.252.152.0/24 maxlen: 24
91.217.194.0/24 maxlen: 24
185.157.96.0/23 maxlen: 23
185.157.96.0/24 maxlen: 24
185.157.97.0/24 maxlen: 24
185.157.99.0/24 maxlen: 24
194.54.14.0/24 maxlen: 24
194.54.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mlJqc86Pn2LBShGi6pE-wnPVjEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mlJqc86Pn2LBShGi6pE-wnPVjEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 07:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:87:6b:92:15:93:4b:3c:db:ad:16:61:b1:a4:79:9d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Validity
Not Before: Jun 19 09:01:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9897f2ae61236f70c6ef5ca6640e7e97e8c3a5c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:9d:31:d6:a0:eb:92:bb:f3:0e:6a:ea:f6:8a:
46:92:fd:43:83:eb:d5:13:2c:f6:5c:70:ee:67:25:
29:ab:13:e0:fd:85:d8:68:0d:0c:41:62:c8:be:bb:
67:b6:e8:a3:60:55:81:ad:c1:f6:9f:ab:8b:d5:0b:
1a:2b:a4:65:10:2c:ba:05:f6:1c:f8:39:29:73:fc:
6f:4b:c9:a7:a7:59:7b:6c:db:f9:ff:de:7e:6f:f0:
4e:8d:11:bb:49:fd:c2:73:46:6d:07:82:ec:dc:52:
c7:5a:4e:15:75:9a:f4:76:4f:4b:31:e9:ea:c3:00:
35:72:e6:a8:24:42:ec:c6:00:67:e7:62:27:69:f0:
b5:08:f3:1f:c3:79:7a:34:3a:d5:ba:37:5e:d3:cb:
45:8a:ec:2e:aa:8b:04:bf:4d:54:ed:cd:ab:d8:4d:
d1:61:9a:8c:ca:c0:68:e0:1a:83:d4:61:9d:58:b9:
0e:ea:d2:df:1a:3f:66:3c:59:ed:5a:e5:c9:68:0d:
03:f8:09:49:8b:23:f1:59:be:0f:f4:62:65:f3:38:
49:27:0a:46:bd:8c:14:15:dd:c9:4b:85:26:6f:fe:
e0:df:29:85:e6:6d:7b:35:29:41:5b:75:bd:0e:f2:
33:82:cf:2f:57:63:57:d3:d7:b2:df:3e:87:c7:ea:
c2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:97:F2:AE:61:23:6F:70:C6:EF:5C:A6:64:0E:7E:97:E8:C3:A5:C8
X509v3 Authority Key Identifier:
keyid:9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mJfyrmEjb3DG71ymZA5-l-jDpcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mlJqc86Pn2LBShGi6pE-wnPVjEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.144.0/22
84.252.149.0-84.252.152.255
91.217.194.0/24
185.157.96.0/23
185.157.99.0/24
194.54.14.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:80:e6:4f:a7:fc:cb:fa:71:e8:89:83:96:21:09:6e:f4:f7:
4c:5b:cc:39:37:20:31:d6:06:cf:c7:ca:53:fa:57:f6:54:85:
06:a7:ba:65:b0:a0:ec:bc:2e:a1:f2:aa:a5:a1:26:73:5d:6d:
f1:e3:da:c0:ba:2b:96:46:13:d7:aa:84:23:d2:1f:5e:55:ee:
06:09:a1:e5:79:64:c0:eb:bf:d9:d3:b8:87:0f:d3:86:5e:e2:
57:a9:88:9d:c3:c1:02:90:57:70:33:b3:03:77:ac:28:aa:8c:
82:ac:df:fb:1a:e1:3f:0e:7a:09:de:7a:03:5c:eb:a1:99:c6:
e8:a9:df:bd:6d:e7:21:62:b7:cb:65:c1:08:8e:05:b4:03:11:
ba:f7:b1:c7:6e:eb:ca:c1:3b:03:9c:68:dd:a8:d4:69:19:3c:
e8:82:48:03:7b:f9:a3:14:87:c5:59:94:7c:17:dc:82:00:aa:
95:bf:8d:db:8e:95:79:b0:5e:a6:12:08:66:1d:39:c6:d6:77:
42:66:2e:f4:22:18:a6:1c:39:45:a3:66:13:28:1b:db:b0:0d:
75:ee:58:c4:99:ea:8e:30:0a:f3:1a:b1:de:84:d9:8b:c7:28:
b5:55:b2:02:11:61:dd:ba:6c:e8:f6:59:24:4d:5c:29:04:3c:
ee:03:d9:8e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZeHa5IVk0s8260WYbGkeZ04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNTI2YTczY2U4ZjlmNjJjMTRhMTFhMmVhOTEzZWMyNzNk
NThjNDYwHhcNMjUwNjE5MDkwMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODk3ZjJhZTYxMjM2ZjcwYzZlZjVjYTY2NDBlN2U5N2U4YzNhNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Z0x1qDrkrvzDmrq9opGkv1Dg+vV
Eyz2XHDuZyUpqxPg/YXYaA0MQWLIvrtntuijYFWBrcH2n6uL1QsaK6RlECy6BfYc
+Dkpc/xvS8mnp1l7bNv5/95+b/BOjRG7Sf3Cc0ZtB4Ls3FLHWk4VdZr0dk9LMenq
wwA1cuaoJELsxgBn52InafC1CPMfw3l6NDrVujde08tFiuwuqosEv01U7c2r2E3R
YZqMysBo4BqD1GGdWLkO6tLfGj9mPFntWuXJaA0D+AlJiyPxWb4P9GJl8zhJJwpG
vYwUFd3JS4Umb/7g3ymF5m17NSlBW3W9DvIzgs8vV2NX09ey3z6Hx+rC2wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJiX8q5hI29wxu9cpmQOfpfow6XIMB8GA1UdIwQY
MBaAFJpSanPOj59iwUoRouqRPsJz1YxGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWxKcWM4NlBuMkxCU2hHaTZwRS13blBWakVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi82ZmNkY2EtZDEyMS00MzkxLTljZmMt
N2QxNmI5MGRiZTcyLzEvbUpmeXJtRWpiM0RHNzF5bVpBNS1sLWpEcGNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi82ZmNkY2EtZDEyMS00MzkxLTljZmMtN2QxNmI5MGRiZTcy
LzEvbWxKcWM4NlBuMkxCU2hHaTZwRS13blBWakVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCVPyQMAwD
BABU/JUDBABU/JgDBABb2cIDBAG5nWADBAC5nWMDBAHCNg4wDQYJKoZIhvcNAQEL
BQADggEBAEyA5k+n/Mv6ceiJg5YhCW7090xbzDk3IDHWBs/HylP6V/ZUhQanumWw
oOy8LqHyqqWhJnNdbfHj2sC6K5ZGE9eqhCPSH15V7gYJoeV5ZMDrv9nTuIcP04Ze
4lepiJ3DwQKQV3AzswN3rCiqjIKs3/sa4T8OegneegNc66GZxuip371t5yFit8tl
wQiOBbQDEbr3scdu68rBOwOcaN2o1GkZPOiCSAN7+aMUh8VZlHwX3IIAqpW/jduO
lXmwXqYSCGYdOcbWd0JmLvQiGKYcOUWjZhMoG9uwDXXuWMSZ6o4wCvMasd6E2YvH
KLVVsgIRYd26bOj2WSRNXCkEPO4D2Y4=
-----END CERTIFICATE-----
Generated at Sun Jun 29 16:24:00 2025 by rpki-client