Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/MpUBZneqVecXcQlX3BSOAck4dLY.roa
File: MpUBZneqVecXcQlX3BSOAck4dLY.roa (raw, json)
Hash identifier: ENeJkPrdxxjivDiJnHpO/+CgDbk8hQrCxtDjeE3d5+0=
Subject key identifier: 32:95:01:66:77:AA:55:E7:17:71:09:57:DC:14:8E:01:C9:38:74:B6
Certificate issuer: /CN=bdd244214d76468d3fb72abad1892ef23dede978
Certificate serial: 0197AC2876F7E2029EC6AEED033585195908
Authority key identifier: BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/MpUBZneqVecXcQlX3BSOAck4dLY.roa
Signing time: Thu 26 Jun 2025 12:13:42 +0000
ROA not before: Thu 26 Jun 2025 12:13:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6730
IP address blocks: 31.10.128.0/17 maxlen: 17
31.10.128.0/18 maxlen: 18
31.10.192.0/18 maxlen: 18
46.126.0.0/15 maxlen: 15
46.126.0.0/16 maxlen: 16
46.127.0.0/16 maxlen: 16
46.140.0.0/16 maxlen: 16
46.140.0.0/17 maxlen: 17
46.140.128.0/17 maxlen: 17
62.2.0.0/16 maxlen: 16
62.2.0.0/17 maxlen: 17
62.2.128.0/17 maxlen: 17
77.56.0.0/14 maxlen: 14
77.56.0.0/15 maxlen: 15
77.58.0.0/15 maxlen: 15
80.218.0.0/15 maxlen: 15
80.218.0.0/16 maxlen: 16
80.219.0.0/16 maxlen: 16
81.7.224.0/19 maxlen: 19
81.7.224.0/20 maxlen: 20
81.7.240.0/20 maxlen: 20
84.20.32.0/20 maxlen: 20
84.20.32.0/21 maxlen: 21
84.20.40.0/21 maxlen: 21
84.20.48.0/21 maxlen: 21
84.20.48.0/22 maxlen: 22
84.20.52.0/22 maxlen: 22
84.72.0.0/14 maxlen: 14
84.72.0.0/15 maxlen: 15
84.74.0.0/15 maxlen: 15
178.82.0.0/15 maxlen: 15
178.82.0.0/16 maxlen: 16
178.83.0.0/16 maxlen: 16
194.29.0.0/19 maxlen: 19
194.29.0.0/20 maxlen: 20
194.29.16.0/20 maxlen: 20
195.202.192.0/18 maxlen: 18
195.202.192.0/19 maxlen: 19
195.202.224.0/19 maxlen: 19
212.47.160.0/19 maxlen: 19
212.47.160.0/20 maxlen: 20
212.47.176.0/20 maxlen: 20
213.193.64.0/18 maxlen: 18
213.193.64.0/19 maxlen: 19
213.193.96.0/19 maxlen: 19
217.162.0.0/16 maxlen: 16
217.162.0.0/17 maxlen: 17
217.162.128.0/17 maxlen: 17
217.168.32.0/19 maxlen: 19
217.168.32.0/20 maxlen: 20
217.168.48.0/20 maxlen: 20
2a00:e2c0::/32 maxlen: 32
2a00:e2c0::/33 maxlen: 33
2a00:e2c0:8000::/33 maxlen: 33
2a02:aa00::/27 maxlen: 27
2a02:aa00::/28 maxlen: 28
2a02:aa10::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ac:28:76:f7:e2:02:9e:c6:ae:ed:03:35:85:19:59:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdd244214d76468d3fb72abad1892ef23dede978
Validity
Not Before: Jun 26 12:13:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3295016677aa55e717710957dc148e01c93874b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2d:61:bb:20:30:99:cc:1c:90:f0:81:cb:53:
c0:21:50:ac:5f:e4:6b:c2:84:17:00:9c:e6:ab:11:
9f:bb:e8:0a:65:46:af:01:66:cf:35:b1:92:67:c1:
ca:b6:7d:62:f6:64:c5:05:e4:dd:6a:e1:d6:d7:c4:
73:4f:fd:45:1a:04:04:8a:26:08:ec:11:93:bb:11:
e4:c3:4b:d6:8a:e8:cd:75:33:68:08:1d:7e:87:4c:
80:a5:a5:8b:25:43:72:14:01:57:6c:21:fb:04:a7:
b9:2d:ed:c0:03:47:b1:71:ef:02:15:26:26:12:06:
61:41:61:54:da:bf:e6:7a:11:1e:e3:09:1a:27:31:
c0:36:18:4a:75:c5:80:59:54:c5:1c:bc:40:ff:78:
d4:09:a9:a8:93:b8:4b:71:3a:a0:f3:bd:7c:57:83:
e0:0f:d7:98:26:b6:5b:9a:ab:ec:27:96:fe:d8:aa:
84:46:ea:f9:33:73:5e:5e:95:04:61:fa:bc:68:bd:
0a:d3:5b:85:c4:12:b4:ce:b4:5e:c4:ed:86:48:41:
1f:25:64:11:25:fc:a8:25:bf:5c:bb:5d:01:ea:f7:
89:6b:86:a7:46:44:f9:7a:7b:b2:67:4c:fe:ca:b3:
1c:cc:54:b8:13:02:58:da:22:ad:7f:21:9d:d2:bc:
26:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:95:01:66:77:AA:55:E7:17:71:09:57:DC:14:8E:01:C9:38:74:B6
X509v3 Authority Key Identifier:
keyid:BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/MpUBZneqVecXcQlX3BSOAck4dLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.128.0/17
46.126.0.0/15
46.140.0.0/16
62.2.0.0/16
77.56.0.0/14
80.218.0.0/15
81.7.224.0/19
84.20.32.0-84.20.55.255
84.72.0.0/14
178.82.0.0/15
194.29.0.0/19
195.202.192.0/18
212.47.160.0/19
213.193.64.0/18
217.162.0.0/16
217.168.32.0/19
IPv6:
2a00:e2c0::/32
2a02:aa00::/27
Signature Algorithm: sha256WithRSAEncryption
1f:96:72:64:bc:e4:3e:c3:a6:04:26:c7:8f:62:b4:ed:c8:ac:
71:17:c7:a9:a6:e8:34:a5:dc:e0:7e:61:24:71:6d:52:fb:9a:
13:1b:8b:7a:33:26:7b:14:77:e9:d7:cc:c2:9e:68:19:99:c6:
c8:62:5a:b0:01:68:19:73:d8:52:0f:4a:a3:59:14:7e:fb:c8:
92:71:a4:b8:e2:61:f3:5b:36:df:86:ac:45:b1:f7:43:a7:da:
73:ee:0f:1b:47:9a:2a:5b:cf:46:f6:c5:c5:ec:0f:4d:12:bd:
23:3c:cd:46:9e:a0:96:07:14:b9:dc:67:48:e1:30:c2:ba:f1:
46:b6:c7:26:61:4f:d5:b7:4f:a2:be:8f:5b:00:a1:f5:4e:8c:
9e:f4:1c:fc:21:da:de:97:de:45:c8:50:cb:ac:cf:b8:af:96:
83:96:49:2e:8e:25:55:40:25:ec:01:f2:d3:63:00:47:c8:f7:
82:1e:c7:f7:1d:e3:c1:51:30:58:2a:73:70:0c:30:c5:8f:5d:
91:32:aa:32:8f:79:31:67:0a:a2:49:88:6b:82:9e:1b:8a:e3:
cc:56:bc:84:8f:39:6f:90:d2:c3:6f:18:58:de:b0:3e:e1:e5:
c5:23:31:80:c5:42:e0:08:50:a0:43:82:f5:44:1c:4a:a5:aa:
dd:c3:f9:93
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZesKHb34gKexq7tAzWFGVkIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDI0NDIxNGQ3NjQ2OGQzZmI3MmFiYWQxODkyZWYyM2Rl
ZGU5NzgwHhcNMjUwNjI2MTIxMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjk1MDE2Njc3YWE1NWU3MTc3MTA5NTdkYzE0OGUwMWM5Mzg3NGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4C1huyAwmcwckPCBy1PAIVCsX+Rr
woQXAJzmqxGfu+gKZUavAWbPNbGSZ8HKtn1i9mTFBeTdauHW18RzT/1FGgQEiiYI
7BGTuxHkw0vWiujNdTNoCB1+h0yApaWLJUNyFAFXbCH7BKe5Le3AA0exce8CFSYm
EgZhQWFU2r/mehEe4wkaJzHANhhKdcWAWVTFHLxA/3jUCamok7hLcTqg8718V4Pg
D9eYJrZbmqvsJ5b+2KqERur5M3NeXpUEYfq8aL0K01uFxBK0zrRexO2GSEEfJWQR
JfyoJb9cu10B6veJa4anRkT5enuyZ0z+yrMczFS4EwJY2iKtfyGd0rwmUQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFDKVAWZ3qlXnF3EJV9wUjgHJOHS2MB8GA1UdIwQY
MBaAFL3SRCFNdkaNP7cqutGJLvI97el4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYt
NDZhNDNlZjAyMjFiLzEvTXBVQlpuZXFWZWNYY1FsWDNCU09BY2s0ZExZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYtNDZhNDNlZjAyMjFi
LzEvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADBAcfCoAD
AwEufgMDAC6MAwMAPgIDAwJNOAMDAVDaAwQFUQfgMAwDBAVUFCADBANUFDADAwJU
SAMDAbJSAwQFwh0AAwQGw8rAAwQF1C+gAwQG1cFAAwMA2aIDBAXZqCAwFAQCAAIw
DgMFACoA4sADBQUqAqoAMA0GCSqGSIb3DQEBCwUAA4IBAQAflnJkvOQ+w6YEJseP
YrTtyKxxF8eppug0pdzgfmEkcW1S+5oTG4t6MyZ7FHfp18zCnmgZmcbIYlqwAWgZ
c9hSD0qjWRR++8iScaS44mHzWzbfhqxFsfdDp9pz7g8bR5oqW89G9sXF7A9NEr0j
PM1GnqCWBxS53GdI4TDCuvFGtscmYU/Vt0+ivo9bAKH1Toye9Bz8Idrel95FyFDL
rM+4r5aDlkkujiVVQCXsAfLTYwBHyPeCHsf3HePBUTBYKnNwDDDFj12RMqoyj3kx
ZwqiSYhrgp4biuPMVryEjzlvkNLDbxhY3rA+4eXFIzGAxULgCFCgQ4L1RBxKpard
w/mT
-----END CERTIFICATE-----
Generated at Tue Jul 1 04:03:29 2025 by rpki-client