Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/MUOaLZ3d_QsQnysUJySXLMsZzOU.roa
File: MUOaLZ3d_QsQnysUJySXLMsZzOU.roa (raw, json)
Hash identifier: 1qoGyuyStZqxcmt0N9pUTOJmPuRj96okDTjQXgbS+Y4=
Subject key identifier: 31:43:9A:2D:9D:DD:FD:0B:10:9F:2B:14:27:24:97:2C:CB:19:CC:E5
Certificate issuer: /CN=51f4b0b0469eb0d071994cd8238f34bef00c6fbe
Certificate serial: 01997FAA7EB114C070F18DAF0C60D0A06FE9
Authority key identifier: 51:F4:B0:B0:46:9E:B0:D0:71:99:4C:D8:23:8F:34:BE:F0:0C:6F:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UfSwsEaesNBxmUzYI480vvAMb74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/MUOaLZ3d_QsQnysUJySXLMsZzOU.roa
Signing time: Thu 25 Sep 2025 06:58:23 +0000
ROA not before: Thu 25 Sep 2025 06:58:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200999
IP address blocks: 5.102.40.0/22 maxlen: 24
5.102.42.0/24 maxlen: 24
45.92.240.0/22 maxlen: 24
45.92.241.0/24 maxlen: 24
45.92.242.0/23 maxlen: 24
45.130.28.0/22 maxlen: 24
46.60.16.0/21 maxlen: 24
64.225.128.0/20 maxlen: 24
64.225.128.0/21 maxlen: 24
64.225.136.0/21 maxlen: 24
74.63.0.0/21 maxlen: 24
74.63.8.0/21 maxlen: 24
91.212.135.0/24 maxlen: 24
91.212.141.0/24 maxlen: 24
91.212.142.0/24 maxlen: 24
91.212.149.0/24 maxlen: 24
91.233.150.0/24 maxlen: 24
91.234.53.0/24 maxlen: 24
124.197.32.0/20 maxlen: 24
124.197.33.0/24 maxlen: 24
124.197.34.0/24 maxlen: 24
124.197.40.0/21 maxlen: 24
185.48.232.0/22 maxlen: 24
185.52.192.0/22 maxlen: 24
185.178.84.0/22 maxlen: 24
185.254.220.0/22 maxlen: 24
193.142.27.0/24 maxlen: 24
193.142.52.0/24 maxlen: 24
193.142.54.0/24 maxlen: 24
194.146.52.0/23 maxlen: 24
194.146.60.0/24 maxlen: 24
194.146.61.0/24 maxlen: 24
194.152.58.0/23 maxlen: 24
2a01:9aa0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.mft
rsync://rpki.ripe.net/repository/DEFAULT/UfSwsEaesNBxmUzYI480vvAMb74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7f:aa:7e:b1:14:c0:70:f1:8d:af:0c:60:d0:a0:6f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51f4b0b0469eb0d071994cd8238f34bef00c6fbe
Validity
Not Before: Sep 25 06:58:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31439a2d9dddfd0b109f2b142724972ccb19cce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:50:d0:5f:0a:26:58:7d:25:4e:7d:4d:04:b7:
ec:42:b6:04:f1:2e:ae:e3:c5:c9:2d:d4:18:92:fc:
d1:e5:ab:c9:24:c6:24:96:f6:c5:06:e9:a3:d9:39:
ff:ee:cd:f5:41:0e:3b:fb:71:07:fe:f1:5b:ec:b5:
33:79:dd:ab:19:bf:9a:e9:d7:af:18:53:00:98:f5:
43:67:12:43:16:61:75:df:3b:06:d6:2f:f8:85:de:
e7:4b:a0:71:84:e2:e2:c8:d7:7b:0b:b3:50:06:a5:
fe:fd:c6:e1:24:9c:d7:25:ef:8c:de:a2:7d:e3:6a:
d7:c3:35:a8:b9:ba:e1:4f:5a:88:55:20:b8:e2:d3:
d9:cf:7b:46:df:e5:ee:1e:8d:be:32:37:47:5b:16:
03:71:8d:f4:63:3a:ef:82:e5:b8:f0:70:ee:2b:a2:
72:1d:a6:e1:df:6b:0c:a9:b6:fa:12:5e:0f:0d:99:
fe:96:28:37:61:3d:6f:6e:d2:2c:ae:76:74:f9:70:
2b:c1:28:48:cd:85:5a:75:0c:92:8e:62:e9:fd:30:
2c:3a:2b:ba:5c:d5:90:d5:22:92:1b:4c:2f:d5:04:
ff:db:8c:2c:17:c0:e5:96:fc:c2:b4:0a:92:4c:94:
76:cf:0d:f5:1f:24:7d:41:15:c0:f6:28:85:a9:28:
cb:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:43:9A:2D:9D:DD:FD:0B:10:9F:2B:14:27:24:97:2C:CB:19:CC:E5
X509v3 Authority Key Identifier:
keyid:51:F4:B0:B0:46:9E:B0:D0:71:99:4C:D8:23:8F:34:BE:F0:0C:6F:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UfSwsEaesNBxmUzYI480vvAMb74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/MUOaLZ3d_QsQnysUJySXLMsZzOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/d3ab28-7f47-41f3-b231-78844e101133/1/UfSwsEaesNBxmUzYI480vvAMb74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.40.0/22
45.92.240.0/22
45.130.28.0/22
46.60.16.0/21
64.225.128.0/20
74.63.0.0/20
91.212.135.0/24
91.212.141.0-91.212.142.255
91.212.149.0/24
91.233.150.0/24
91.234.53.0/24
124.197.32.0/20
185.48.232.0/22
185.52.192.0/22
185.178.84.0/22
185.254.220.0/22
193.142.27.0/24
193.142.52.0/24
193.142.54.0/24
194.146.52.0/23
194.146.60.0/23
194.152.58.0/23
IPv6:
2a01:9aa0::/32
Signature Algorithm: sha256WithRSAEncryption
81:a2:25:de:38:b4:8d:35:12:4d:23:7f:11:13:3a:03:94:88:
18:7b:86:79:9f:cb:6b:9b:52:6e:0d:87:2f:c0:07:6a:03:bb:
74:0a:07:92:03:79:c9:fd:26:4c:a1:6f:22:1b:0a:1e:4f:30:
51:0e:d3:da:d5:3b:13:4c:57:a6:f4:a3:f7:83:76:77:c1:07:
49:90:ac:e2:d4:d9:7e:cd:66:82:f5:da:ad:e5:37:11:60:f7:
ae:df:96:87:01:ce:d0:0b:97:21:80:07:21:c2:cf:cb:58:b4:
40:ed:c1:57:65:04:02:a9:ce:a3:36:d4:01:3e:4a:ba:3c:28:
95:67:55:5b:b2:31:e1:da:5d:0c:b0:a0:f0:67:69:a3:3b:1f:
74:d2:cf:e7:84:08:f6:fd:98:ac:6f:47:68:0b:6e:db:a0:c0:
b8:03:55:87:08:f2:23:a1:91:2d:d8:3b:77:6a:82:15:7a:18:
10:a5:9b:c8:12:14:b5:96:a5:5e:f0:2a:ec:1b:cb:5c:ba:7e:
13:a1:c4:2d:1e:f8:78:50:e1:a6:02:ea:86:ed:ac:f9:1e:45:
7b:ef:3f:a3:e2:b5:87:16:ce:f8:1d:46:cb:ec:89:af:4e:98:
69:cf:85:35:90:c4:05:9e:48:7e:bb:ef:c9:8b:60:48:89:4d:
99:ca:7a:5d
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZl/qn6xFMBw8Y2vDGDQoG/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZjRiMGIwNDY5ZWIwZDA3MTk5NGNkODIzOGYzNGJlZjAw
YzZmYmUwHhcNMjUwOTI1MDY1ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTQzOWEyZDlkZGRmZDBiMTA5ZjJiMTQyNzI0OTcyY2NiMTljY2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFDQXwomWH0lTn1NBLfsQrYE8S6u
48XJLdQYkvzR5avJJMYklvbFBumj2Tn/7s31QQ47+3EH/vFb7LUzed2rGb+a6dev
GFMAmPVDZxJDFmF13zsG1i/4hd7nS6BxhOLiyNd7C7NQBqX+/cbhJJzXJe+M3qJ9
42rXwzWoubrhT1qIVSC44tPZz3tG3+XuHo2+MjdHWxYDcY30YzrvguW48HDuK6Jy
Habh32sMqbb6El4PDZn+lig3YT1vbtIsrnZ0+XArwShIzYVadQySjmLp/TAsOiu6
XNWQ1SKSG0wv1QT/24wsF8DllvzCtAqSTJR2zw31HyR9QRXA9iiFqSjLwwIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFDFDmi2d3f0LEJ8rFCcklyzLGczlMB8GA1UdIwQY
MBaAFFH0sLBGnrDQcZlM2COPNL7wDG++MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWZTd3NFYWVzTkJ4bVV6WUk0ODB2dkFNYjc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9kM2FiMjgtN2Y0Ny00MWYzLWIyMzEt
Nzg4NDRlMTAxMTMzLzEvTVVPYUxaM2RfUXNRbnlzVUp5U1hMTXNaek9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9kM2FiMjgtN2Y0Ny00MWYzLWIyMzEtNzg4NDRlMTAxMTMz
LzEvVWZTd3NFYWVzTkJ4bVV6WUk0ODB2dkFNYjc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkwQCAAEwgYwDBAIF
ZigDBAItXPADBAItghwDBAMuPBADBARA4YADBARKPwADBABb1IcwDAMEAFvUjQME
AFvUjgMEAFvUlQMEAFvplgMEAFvqNQMEBHzFIAMEArkw6AMEArk0wAMEArmyVAME
Arn+3AMEAMGOGwMEAMGONAMEAMGONgMEAcKSNAMEAcKSPAMEAcKYOjANBAIAAjAH
AwUAKgGaoDANBgkqhkiG9w0BAQsFAAOCAQEAgaIl3ji0jTUSTSN/ERM6A5SIGHuG
eZ/La5tSbg2HL8AHagO7dAoHkgN5yf0mTKFvIhsKHk8wUQ7T2tU7E0xXpvSj94N2
d8EHSZCs4tTZfs1mgvXareU3EWD3rt+WhwHO0AuXIYAHIcLPy1i0QO3BV2UEAqnO
ozbUAT5KujwolWdVW7Ix4dpdDLCg8GdpozsfdNLP54QI9v2YrG9HaAtu26DAuANV
hwjyI6GRLdg7d2qCFXoYEKWbyBIUtZalXvAq7BvLXLp+E6HELR74eFDhpgLqhu2s
+R5Fe+8/o+K1hxbO+B1Gy+yJr06Yac+FNZDEBZ5IfrvvyYtgSIlNmcp6XQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:14 2025 by rpki-client