Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/MRoUAROw4LH2qMua3FF0ivRRV1k.roa
File: MRoUAROw4LH2qMua3FF0ivRRV1k.roa (raw, json)
Hash identifier: AM1ERkg9MkmZ5+MBy7Dj4XsMG8QwYDlhJ+3I/zu6fhk=
Subject key identifier: 31:1A:14:01:13:B0:E0:B1:F6:A8:CB:9A:DC:51:74:8A:F4:51:57:59
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 019888A53461590528AA8AB4076DB67B261B
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/MRoUAROw4LH2qMua3FF0ivRRV1k.roa
Signing time: Fri 08 Aug 2025 07:46:24 +0000
ROA not before: Fri 08 Aug 2025 07:46:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 81.22.130.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
89.185.3.0/24 maxlen: 24
109.72.117.0/24 maxlen: 24
109.72.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:88:a5:34:61:59:05:28:aa:8a:b4:07:6d:b6:7b:26:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 8 07:46:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=311a140113b0e0b1f6a8cb9adc51748af4515759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:65:2e:0c:1f:2f:7d:a5:05:55:7a:0b:c5:f3:
92:f4:7b:94:47:84:2e:46:ed:5a:63:e2:44:73:d3:
55:c1:4e:8f:a4:d0:aa:cf:7c:3a:4d:06:73:bc:f5:
dc:35:36:02:14:19:a6:17:f1:4a:86:7e:d5:b7:b5:
9a:6d:ff:69:b0:ee:94:44:39:96:5d:ba:a1:34:6c:
af:d5:3b:ce:cb:46:d7:f6:93:32:80:63:58:70:ec:
9e:e7:a6:3f:5a:b9:cf:c3:31:20:2b:78:1c:44:18:
4e:af:9b:66:ca:ca:7b:f8:48:b7:10:a8:0e:00:55:
19:55:98:62:3e:ff:b8:e9:16:64:a4:68:8a:5f:a3:
e8:30:61:23:a4:c8:1e:c3:d5:1d:ed:17:e4:7f:56:
ef:9c:17:09:71:4c:72:3f:b4:0b:c4:9d:9a:10:14:
fd:60:05:95:d0:ba:17:02:28:d1:e2:f8:4b:98:c1:
66:44:7b:f2:6d:9e:ca:07:f8:6e:3c:e0:a2:07:29:
f9:72:0e:fd:38:05:ea:ce:f9:f4:ac:96:27:93:e6:
41:ad:8b:5c:ce:34:cb:28:2e:20:f4:c2:23:27:56:
f6:41:40:2f:d2:5d:7e:08:83:27:7a:6a:df:4e:d9:
b5:ff:68:b9:b3:77:e1:64:0d:9a:81:d6:95:73:f9:
68:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:1A:14:01:13:B0:E0:B1:F6:A8:CB:9A:DC:51:74:8A:F4:51:57:59
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/MRoUAROw4LH2qMua3FF0ivRRV1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.130.0/24
89.185.1.0/24
89.185.3.0/24
109.72.117.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
47:9b:92:da:3f:cf:5b:e2:8a:a7:15:62:bb:ff:e0:46:59:7e:
b3:c2:36:02:1b:78:cd:57:1c:8a:a1:72:9a:93:cd:11:49:2c:
bb:eb:e9:30:f0:be:25:ab:b9:69:b4:ec:00:68:9f:42:bf:5b:
65:19:d3:1b:f2:72:50:74:77:ad:6e:20:2d:10:59:81:7c:c6:
e7:d9:58:9d:35:eb:1d:cc:a3:cd:f7:28:e1:23:b0:ab:23:ca:
95:99:1a:fe:79:52:84:89:d9:f8:8f:92:8b:92:e7:e0:83:e7:
b1:70:ea:c3:54:4f:f9:29:b1:5a:c8:b6:a0:1d:af:49:90:15:
1f:05:14:00:44:40:a0:f0:fc:e5:3f:e5:30:b8:9f:1a:59:cd:
9a:4e:70:87:94:fc:1d:55:e8:82:36:3b:d9:91:01:3d:a2:72:
6e:45:56:b5:2b:dc:d7:cb:fb:e3:6d:77:67:7f:b6:02:6a:b2:
68:ea:3b:8e:b0:5b:be:8e:44:74:89:01:81:38:14:ec:3a:1b:
23:45:17:50:76:e9:c0:5a:c2:2e:f6:5f:c1:b8:4c:50:4b:31:
27:3d:3d:81:ea:27:9a:1a:6a:43:d1:86:f2:0d:6d:2d:67:97:
53:df:9d:43:e6:b2:43:b2:ff:2c:0a:18:68:53:24:04:83:7d:
50:db:aa:7e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZiIpTRhWQUoqoq0B222eyYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUwODA4MDc0NjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTFhMTQwMTEzYjBlMGIxZjZhOGNiOWFkYzUxNzQ4YWY0NTE1NzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2UuDB8vfaUFVXoLxfOS9HuUR4Qu
Ru1aY+JEc9NVwU6PpNCqz3w6TQZzvPXcNTYCFBmmF/FKhn7Vt7Wabf9psO6URDmW
XbqhNGyv1TvOy0bX9pMygGNYcOye56Y/WrnPwzEgK3gcRBhOr5tmysp7+Ei3EKgO
AFUZVZhiPv+46RZkpGiKX6PoMGEjpMgew9Ud7Rfkf1bvnBcJcUxyP7QLxJ2aEBT9
YAWV0LoXAijR4vhLmMFmRHvybZ7KB/huPOCiByn5cg79OAXqzvn0rJYnk+ZBrYtc
zjTLKC4g9MIjJ1b2QUAv0l1+CIMnemrfTtm1/2i5s3fhZA2agdaVc/lovQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDEaFAETsOCx9qjLmtxRdIr0UVdZMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvTVJvVUFST3c0TEgycU11YTNGRjBpdlJSVjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAURaCAwQA
WbkBAwQAWbkDAwQAbUh1AwQAbUh/MA0GCSqGSIb3DQEBCwUAA4IBAQBHm5LaP89b
4oqnFWK7/+BGWX6zwjYCG3jNVxyKoXKak80RSSy76+kw8L4lq7lptOwAaJ9Cv1tl
GdMb8nJQdHetbiAtEFmBfMbn2VidNesdzKPN9yjhI7CrI8qVmRr+eVKEidn4j5KL
kufgg+excOrDVE/5KbFayLagHa9JkBUfBRQARECg8PzlP+UwuJ8aWc2aTnCHlPwd
VeiCNjvZkQE9onJuRVa1K9zXy/vjbXdnf7YCarJo6juOsFu+jkR0iQGBOBTsOhsj
RRdQdunAWsIu9l/BuExQSzEnPT2B6ieaGmpD0YbyDW0tZ5dT351D5rJDsv8sChho
UyQEg31Q26p+
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:05:40 2025 by rpki-client