Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/mgzZWE8_Hw_PIW0ZbYRuuQsbSX0.roa
File: mgzZWE8_Hw_PIW0ZbYRuuQsbSX0.roa (raw, json)
Hash identifier: MCs3NRxPiODedYYpEdTTan7+/abAfIZlVT+W94Q8InU=
Subject key identifier: 9A:0C:D9:58:4F:3F:1F:0F:CF:21:6D:19:6D:84:6E:B9:0B:1B:49:7D
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 0199E81DED94B66E178D7F31E7F7A85F28A3
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/mgzZWE8_Hw_PIW0ZbYRuuQsbSX0.roa
Signing time: Wed 15 Oct 2025 13:44:59 +0000
ROA not before: Wed 15 Oct 2025 13:44:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207569
IP address blocks: 46.243.1.0/24 maxlen: 24
46.243.4.0/24 maxlen: 24
46.243.6.0/24 maxlen: 24
89.44.86.0/24 maxlen: 24
95.81.79.0/24 maxlen: 24
95.81.113.0/24 maxlen: 24
95.81.126.0/24 maxlen: 24
95.81.127.0/24 maxlen: 24
103.85.114.0/24 maxlen: 24
103.85.115.0/24 maxlen: 24
2a0c:5d06:2002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 16:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e8:1d:ed:94:b6:6e:17:8d:7f:31:e7:f7:a8:5f:28:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Oct 15 13:44:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a0cd9584f3f1f0fcf216d196d846eb90b1b497d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6c:e3:86:6e:cd:8e:98:6e:ba:82:0e:71:9a:
11:73:71:30:03:43:92:46:22:03:18:10:b5:7b:ff:
a6:9e:b1:fc:6b:e9:80:61:2f:2b:f6:05:af:71:56:
99:da:07:fd:8a:97:2d:d8:cb:21:59:30:a3:50:2b:
b2:0f:2e:c1:17:c5:53:a6:88:1a:0d:b5:b6:e9:af:
87:3c:ef:db:ac:bc:ee:29:df:c2:46:2c:91:66:b5:
cd:3a:b7:d8:8f:4b:dd:e1:e4:81:0a:5a:c2:9d:96:
2c:f7:fa:d5:c3:3b:8a:4d:d3:56:b6:1d:04:70:7e:
b1:2a:8f:50:b1:48:00:f5:7d:e1:38:da:ab:85:0d:
51:c7:8d:ff:c5:8d:9f:ce:c8:ca:2e:84:3a:54:74:
52:d3:25:6b:53:6a:81:df:f3:5c:f6:41:be:44:31:
c5:29:b8:cc:57:35:40:e7:8a:2a:6a:18:fc:ad:5f:
a0:85:2f:69:bd:c6:4e:b2:b6:9a:de:6f:e1:80:ef:
fb:2d:cd:5f:b5:b1:a8:87:1a:d4:96:64:2a:cf:b0:
ed:a0:0f:85:e5:6d:a3:82:8d:85:7e:c9:d6:90:23:
37:38:de:45:44:15:b2:44:cd:a9:86:70:5c:a4:d7:
84:a8:e2:4c:f9:a1:ce:cf:8e:47:c7:18:a7:eb:9a:
61:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:0C:D9:58:4F:3F:1F:0F:CF:21:6D:19:6D:84:6E:B9:0B:1B:49:7D
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/mgzZWE8_Hw_PIW0ZbYRuuQsbSX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.1.0/24
46.243.4.0/24
46.243.6.0/24
89.44.86.0/24
95.81.79.0/24
95.81.113.0/24
95.81.126.0/23
103.85.114.0/23
IPv6:
2a0c:5d06:2002::/48
Signature Algorithm: sha256WithRSAEncryption
56:0f:7a:0d:47:90:fb:87:d3:5f:53:e3:7c:3f:25:d9:0a:e5:
b0:3c:06:92:d9:41:ef:d1:4f:5b:fc:91:22:72:4c:00:d6:6b:
55:0d:8a:5a:4c:db:e1:94:0f:9b:23:62:a0:a2:f7:9d:14:0c:
3b:5c:86:0c:11:0d:97:69:e4:93:12:36:0e:d6:9d:85:b9:8d:
94:00:65:b6:1b:ee:13:8d:ee:1b:e0:08:f7:27:ea:35:d3:a3:
d7:23:34:dd:60:f5:6e:ef:6e:8c:10:24:6f:4b:e3:b5:13:c2:
11:2c:3e:49:07:2e:c2:37:7b:b8:e7:41:43:dc:4b:26:5d:61:
15:8e:eb:fe:40:c8:9d:60:f1:24:bf:cb:95:09:88:dc:d1:0e:
4c:53:77:33:2c:85:b9:6c:e3:7a:32:e4:4a:89:24:d0:c3:f8:
28:09:ac:97:71:8a:b0:3c:eb:ab:52:20:6a:6b:ab:93:7a:08:
1b:ca:be:c7:61:59:1b:1c:68:f7:cf:32:a4:29:8f:50:91:19:
be:a2:e2:07:cf:db:4e:66:aa:3d:8f:83:49:24:54:7b:e1:d0:
51:ef:2b:81:35:9f:fb:55:c2:20:8e:07:aa:f8:f0:ee:5b:4e:
93:b0:cd:af:fa:7d:09:28:45:bb:40:68:c6:1d:45:fb:10:3b:
93:c1:fc:27
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZnoHe2Utm4XjX8x5/eoXyijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUxMDE1MTM0NDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTBjZDk1ODRmM2YxZjBmY2YyMTZkMTk2ZDg0NmViOTBiMWI0OTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmzjhm7NjphuuoIOcZoRc3EwA0OS
RiIDGBC1e/+mnrH8a+mAYS8r9gWvcVaZ2gf9ipct2MshWTCjUCuyDy7BF8VTpoga
DbW26a+HPO/brLzuKd/CRiyRZrXNOrfYj0vd4eSBClrCnZYs9/rVwzuKTdNWth0E
cH6xKo9QsUgA9X3hONqrhQ1Rx43/xY2fzsjKLoQ6VHRS0yVrU2qB3/Nc9kG+RDHF
KbjMVzVA54oqahj8rV+ghS9pvcZOsraa3m/hgO/7Lc1ftbGohxrUlmQqz7DtoA+F
5W2jgo2FfsnWkCM3ON5FRBWyRM2phnBcpNeEqOJM+aHOz45Hxxin65phSQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFJoM2VhPPx8PzyFtGW2EbrkLG0l9MB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvbWd6WldFOF9Id19QSVcwWmJZUnV1UXNiU1gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQALvMBAwQA
LvMEAwQALvMGAwQAWSxWAwQAX1FPAwQAX1FxAwQBX1F+AwQBZ1VyMA8EAgACMAkD
BwAqDF0GIAIwDQYJKoZIhvcNAQELBQADggEBAFYPeg1HkPuH019T43w/JdkK5bA8
BpLZQe/RT1v8kSJyTADWa1UNilpM2+GUD5sjYqCi950UDDtchgwRDZdp5JMSNg7W
nYW5jZQAZbYb7hON7hvgCPcn6jXTo9cjNN1g9W7vbowQJG9L47UTwhEsPkkHLsI3
e7jnQUPcSyZdYRWO6/5AyJ1g8SS/y5UJiNzRDkxTdzMshbls43oy5EqJJNDD+CgJ
rJdxirA866tSIGprq5N6CBvKvsdhWRscaPfPMqQpj1CRGb6i4gfP205mqj2Pg0kk
VHvh0FHvK4E1n/tVwiCOB6r48O5bTpOwza/6fQkoRbtAaMYdRfsQO5PB/Cc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:18 2025 by rpki-client