Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/d13f84-16ce-4d51-a618-c2a5d9d70313/1/mmN32mNsq6CY-gUtYsm7TMdzzD0.roa
File: mmN32mNsq6CY-gUtYsm7TMdzzD0.roa (raw, json)
Hash identifier: H4OADNjQr8Zl5dZsnvZU+5uN1GfozSdChxvNI1Amd/k=
Subject key identifier: 9A:63:77:DA:63:6C:AB:A0:98:FA:05:2D:62:C9:BB:4C:C7:73:CC:3D
Certificate issuer: /CN=7e5ac81bbccf852f22ac8ed52d2e92db31d8d606
Certificate serial: 0199EDA812430B117B075F701FA0A583D685
Authority key identifier: 7E:5A:C8:1B:BC:CF:85:2F:22:AC:8E:D5:2D:2E:92:DB:31:D8:D6:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/flrIG7zPhS8irI7VLS6S2zHY1gY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/d13f84-16ce-4d51-a618-c2a5d9d70313/1/mmN32mNsq6CY-gUtYsm7TMdzzD0.roa
Signing time: Thu 16 Oct 2025 15:33:58 +0000
ROA not before: Thu 16 Oct 2025 15:33:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209897
IP address blocks: 193.149.240.0/22 maxlen: 24
193.149.244.0/23 maxlen: 24
193.149.248.0/21 maxlen: 24
193.149.253.0/24 maxlen: 24
193.149.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/d13f84-16ce-4d51-a618-c2a5d9d70313/1/flrIG7zPhS8irI7VLS6S2zHY1gY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/d13f84-16ce-4d51-a618-c2a5d9d70313/1/flrIG7zPhS8irI7VLS6S2zHY1gY.mft
rsync://rpki.ripe.net/repository/DEFAULT/flrIG7zPhS8irI7VLS6S2zHY1gY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ed:a8:12:43:0b:11:7b:07:5f:70:1f:a0:a5:83:d6:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e5ac81bbccf852f22ac8ed52d2e92db31d8d606
Validity
Not Before: Oct 16 15:33:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a6377da636caba098fa052d62c9bb4cc773cc3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c7:39:57:bf:23:91:81:0a:89:cf:ca:43:3c:
45:ab:35:58:6f:e5:90:ad:3b:a6:6f:d9:0b:a5:de:
d7:b6:a7:dd:b0:0e:b0:4d:a0:27:d8:02:b4:95:1e:
57:33:7d:97:0f:e6:0c:58:51:9e:2a:90:15:36:ca:
b5:21:1f:67:64:1e:d0:e9:36:9c:d3:60:e8:2d:b6:
f7:e6:f7:9c:15:24:76:f4:e7:9e:57:a5:1c:a4:61:
aa:e6:92:32:cc:57:00:20:e7:f4:04:da:11:f1:cd:
b5:d5:ce:1c:fb:a4:e0:f0:c9:df:54:f8:39:45:57:
5b:bb:99:21:bb:a4:fb:76:d7:44:30:39:81:b3:98:
35:e0:e5:e2:e5:e2:7e:d1:7b:a0:ba:f6:f3:58:31:
28:cb:cf:73:e1:55:a7:f6:27:0f:e9:de:9d:f2:e1:
fe:50:0e:75:15:04:99:96:a3:1d:bc:91:87:33:89:
35:99:ba:a4:d3:95:d6:3b:b6:e1:53:ab:1b:f6:3b:
4b:22:0f:d1:98:fe:ae:21:e7:fe:09:22:7c:a2:bd:
d7:69:a6:8a:22:97:96:11:46:2b:dc:f7:10:b2:99:
46:cd:0e:44:f7:fc:88:dd:62:3a:4f:d6:c3:aa:ff:
d8:47:4a:98:6b:b9:7d:60:d3:4c:e8:35:53:88:ae:
a7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:63:77:DA:63:6C:AB:A0:98:FA:05:2D:62:C9:BB:4C:C7:73:CC:3D
X509v3 Authority Key Identifier:
keyid:7E:5A:C8:1B:BC:CF:85:2F:22:AC:8E:D5:2D:2E:92:DB:31:D8:D6:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/flrIG7zPhS8irI7VLS6S2zHY1gY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d13f84-16ce-4d51-a618-c2a5d9d70313/1/mmN32mNsq6CY-gUtYsm7TMdzzD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/d13f84-16ce-4d51-a618-c2a5d9d70313/1/flrIG7zPhS8irI7VLS6S2zHY1gY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.149.240.0-193.149.245.255
193.149.248.0/21
Signature Algorithm: sha256WithRSAEncryption
27:27:ea:b5:05:2d:98:e8:6c:5f:48:82:a9:16:35:37:76:39:
2b:c8:40:61:c1:1c:b2:29:16:0f:5f:f2:7d:b6:7f:ef:b1:e1:
a0:cd:48:63:72:cc:05:d6:ea:a7:38:92:d3:46:d4:a2:90:9b:
34:03:86:94:8a:34:4f:aa:36:62:00:3a:73:fd:1f:da:d7:aa:
15:97:a1:3e:e6:31:c9:77:ed:2d:e0:67:4e:f2:b8:86:48:45:
c7:66:af:74:2f:55:b6:71:2c:71:5a:82:c7:bd:a6:25:6a:50:
eb:94:f0:31:cf:7e:37:50:f0:15:d6:ea:f7:43:50:fd:4a:46:
24:01:f5:f9:e2:31:3a:5d:c5:c1:56:d4:1f:15:ab:47:54:f7:
16:f4:df:7f:d4:68:45:f0:af:0a:59:ac:19:e2:44:f2:11:24:
85:38:22:e1:89:cc:09:72:cd:c6:50:28:b7:75:c3:25:97:2b:
b5:18:3c:c3:4d:cc:b5:69:2b:e1:e1:5c:cf:d6:5b:78:62:e8:
47:b9:18:2d:2a:0d:be:38:39:86:9a:9e:c1:81:73:2c:43:45:
a6:c0:00:04:f7:a7:fc:85:db:ed:01:d8:98:51:68:36:fc:44:
ac:f3:79:e0:ce:d6:97:c6:ef:2d:ef:34:f0:0f:c0:67:22:5b:
c5:00:09:7e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZntqBJDCxF7B19wH6Clg9aFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlNWFjODFiYmNjZjg1MmYyMmFjOGVkNTJkMmU5MmRiMzFk
OGQ2MDYwHhcNMjUxMDE2MTUzMzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTYzNzdkYTYzNmNhYmEwOThmYTA1MmQ2MmM5YmI0Y2M3NzNjYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsc5V78jkYEKic/KQzxFqzVYb+WQ
rTumb9kLpd7XtqfdsA6wTaAn2AK0lR5XM32XD+YMWFGeKpAVNsq1IR9nZB7Q6Tac
02DoLbb35vecFSR29OeeV6UcpGGq5pIyzFcAIOf0BNoR8c211c4c+6Tg8MnfVPg5
RVdbu5khu6T7dtdEMDmBs5g14OXi5eJ+0XuguvbzWDEoy89z4VWn9icP6d6d8uH+
UA51FQSZlqMdvJGHM4k1mbqk05XWO7bhU6sb9jtLIg/RmP6uIef+CSJ8or3XaaaK
IpeWEUYr3PcQsplGzQ5E9/yI3WI6T9bDqv/YR0qYa7l9YNNM6DVTiK6n9wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJpjd9pjbKugmPoFLWLJu0zHc8w9MB8GA1UdIwQY
MBaAFH5ayBu8z4UvIqyO1S0uktsx2NYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmxySUc3elBoUzhpckk3VkxTNlMyekhZMWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9kMTNmODQtMTZjZS00ZDUxLWE2MTgt
YzJhNWQ5ZDcwMzEzLzEvbW1OMzJtTnNxNkNZLWdVdFlzbTdUTWR6ekQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9kMTNmODQtMTZjZS00ZDUxLWE2MTgtYzJhNWQ5ZDcwMzEz
LzEvZmxySUc3elBoUzhpckk3VkxTNlMyekhZMWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBATBlfAD
BAHBlfQDBAPBlfgwDQYJKoZIhvcNAQELBQADggEBACcn6rUFLZjobF9IgqkWNTd2
OSvIQGHBHLIpFg9f8n22f++x4aDNSGNyzAXW6qc4ktNG1KKQmzQDhpSKNE+qNmIA
OnP9H9rXqhWXoT7mMcl37S3gZ07yuIZIRcdmr3QvVbZxLHFagse9piVqUOuU8DHP
fjdQ8BXW6vdDUP1KRiQB9fniMTpdxcFW1B8Vq0dU9xb033/UaEXwrwpZrBniRPIR
JIU4IuGJzAlyzcZQKLd1wyWXK7UYPMNNzLVpK+HhXM/WW3hi6Ee5GC0qDb44OYaa
nsGBcyxDRabAAAT3p/yF2+0B2JhRaDb8RKzzeeDO1pfG7y3vNPAPwGciW8UACX4=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:29 2025 by rpki-client