Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/MTNbEGHI_510rwEoTRnSG29c-PE.roa
File: MTNbEGHI_510rwEoTRnSG29c-PE.roa (raw, json)
Hash identifier: dvNXn6U9/yVQhbBh3bCgj/TcAgEmcHda89g7msBMgyA=
Subject key identifier: 31:33:5B:10:61:C8:FF:9D:74:AF:01:28:4D:19:D2:1B:6F:5C:F8:F1
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0197EDEE5543F1212927B7C7169B82678283
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/MTNbEGHI_510rwEoTRnSG29c-PE.roa
Signing time: Wed 09 Jul 2025 06:45:08 +0000
ROA not before: Wed 09 Jul 2025 06:45:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 87.229.12.0/24 maxlen: 24
87.229.35.0/24 maxlen: 24
87.229.48.0/24 maxlen: 24
87.229.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ed:ee:55:43:f1:21:29:27:b7:c7:16:9b:82:67:82:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jul 9 06:45:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31335b1061c8ff9d74af01284d19d21b6f5cf8f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fd:db:b7:d1:f6:a2:85:d5:6f:de:c5:4e:65:
a6:aa:41:54:3f:62:1a:46:e7:83:5b:fc:7d:fb:8f:
d9:99:fd:0d:7a:6c:75:49:e0:e0:08:4f:f0:4e:2c:
82:e5:aa:ad:74:db:f3:21:96:05:ff:b5:40:61:05:
93:1b:4a:e9:2d:80:27:bb:31:2b:68:4b:de:07:98:
f4:3e:58:67:94:d3:73:d1:6f:5d:7a:41:ae:36:eb:
67:96:dc:68:04:14:4f:0d:5a:5b:b7:32:ad:ff:2a:
14:cd:3c:15:e7:20:db:24:6a:4d:53:4d:5c:78:8f:
fd:79:40:6d:14:05:f9:d4:d9:ec:8d:11:6a:05:04:
21:c6:ac:05:71:4b:b0:ee:38:12:15:0d:cf:2e:82:
26:9b:ff:0b:ec:c3:ed:8c:8f:3d:36:90:48:00:6c:
5b:c3:8c:d6:3a:a8:01:c8:da:d9:00:28:ff:c0:49:
59:94:9f:ad:cb:28:0d:6d:a4:2d:d5:23:2b:b8:20:
83:08:56:2c:75:26:d5:51:91:80:13:6f:5a:80:43:
4b:d2:77:32:ae:c1:9e:b2:a5:83:85:44:99:66:86:
bc:15:d7:c3:57:f4:c1:5d:13:a2:e7:5c:f1:ff:19:
ef:ee:a4:5a:a5:9f:31:88:ca:75:71:b3:b4:be:3c:
1c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:33:5B:10:61:C8:FF:9D:74:AF:01:28:4D:19:D2:1B:6F:5C:F8:F1
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/MTNbEGHI_510rwEoTRnSG29c-PE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.12.0/24
87.229.35.0/24
87.229.48.0/24
87.229.50.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:d0:da:dc:71:6d:12:61:b3:95:c5:73:94:63:a2:74:23:73:
00:d4:f6:d7:90:dc:6e:7c:08:89:01:7f:6b:a2:15:b8:0a:e7:
d8:79:a8:16:bc:e8:60:ee:11:bc:e1:93:2d:cb:c3:7d:c3:bc:
c0:11:ec:5f:6a:69:e9:a6:16:56:3d:5d:bb:0e:8e:02:71:65:
46:7d:52:74:5e:99:25:e9:f8:c7:85:71:63:f0:e5:eb:9c:7b:
01:52:19:21:c4:ff:71:e1:e2:ae:e7:4e:91:26:f8:69:59:ca:
df:34:48:14:b9:f1:e2:ba:59:e8:5b:36:2c:ab:b9:aa:d7:36:
19:42:61:e0:d7:7d:f0:11:97:99:39:fc:b1:72:b0:cd:08:fa:
6d:7a:02:0a:10:ea:f2:08:eb:92:74:58:25:d7:49:95:6d:5f:
12:08:f6:d9:a3:fe:e8:9d:09:de:3d:e8:e0:f0:45:bd:9f:c9:
c8:d3:d9:fa:65:db:58:43:43:94:bf:b6:c3:d4:f9:7d:21:ce:
7a:3b:8f:bb:07:06:5d:72:f8:bc:10:74:9d:7a:1f:21:32:ad:
8e:2d:63:3e:5d:f4:33:ed:8d:b1:2c:23:58:57:92:b0:27:98:
9b:ac:55:7c:aa:56:ac:74:0d:78:c9:3e:eb:d7:0a:87:ec:37:
f2:20:66:37
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZft7lVD8SEpJ7fHFpuCZ4KDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNzA5MDY0NTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTMzNWIxMDYxYzhmZjlkNzRhZjAxMjg0ZDE5ZDIxYjZmNWNmOGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAof3bt9H2ooXVb97FTmWmqkFUP2Ia
RueDW/x9+4/Zmf0Nemx1SeDgCE/wTiyC5aqtdNvzIZYF/7VAYQWTG0rpLYAnuzEr
aEveB5j0PlhnlNNz0W9dekGuNutnltxoBBRPDVpbtzKt/yoUzTwV5yDbJGpNU01c
eI/9eUBtFAX51NnsjRFqBQQhxqwFcUuw7jgSFQ3PLoImm/8L7MPtjI89NpBIAGxb
w4zWOqgByNrZACj/wElZlJ+tyygNbaQt1SMruCCDCFYsdSbVUZGAE29agENL0ncy
rsGesqWDhUSZZoa8FdfDV/TBXROi51zx/xnv7qRapZ8xiMp1cbO0vjwcqwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDEzWxBhyP+ddK8BKE0Z0htvXPjxMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvTVROYkVHSElfNTEwcndFb1RSblNHMjljLVBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV+UMAwQA
V+UjAwQAV+UwAwQAV+UyMA0GCSqGSIb3DQEBCwUAA4IBAQAc0NrccW0SYbOVxXOU
Y6J0I3MA1PbXkNxufAiJAX9rohW4CufYeagWvOhg7hG84ZMty8N9w7zAEexfamnp
phZWPV27Do4CcWVGfVJ0Xpkl6fjHhXFj8OXrnHsBUhkhxP9x4eKu506RJvhpWcrf
NEgUufHiulnoWzYsq7mq1zYZQmHg133wEZeZOfyxcrDNCPptegIKEOryCOuSdFgl
10mVbV8SCPbZo/7onQnePejg8EW9n8nI09n6ZdtYQ0OUv7bD1Pl9Ic56O4+7BwZd
cvi8EHSdeh8hMq2OLWM+XfQz7Y2xLCNYV5KwJ5ibrFV8qlasdA14yT7r1wqH7Dfy
IGY3
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:31:56 2025 by rpki-client