Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/mRH-w8I-xXz4_2vpccNzQQVtDC8.roa
File: mRH-w8I-xXz4_2vpccNzQQVtDC8.roa (raw, json)
Hash identifier: GdQOviOmjFpIPJUY9aIJqkRUzwGZx3S0H8qGgT3UKm8=
Subject key identifier: 99:11:FE:C3:C2:3E:C5:7C:F8:FF:6B:E9:71:C3:73:41:05:6D:0C:2F
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01983BD275FC46109245E16C2BB7DB87C75A
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/mRH-w8I-xXz4_2vpccNzQQVtDC8.roa
Signing time: Thu 24 Jul 2025 09:45:05 +0000
ROA not before: Thu 24 Jul 2025 09:45:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60798
IP address blocks: 62.169.133.0/24 maxlen: 24
124.198.130.0/24 maxlen: 24
155.2.213.0/24 maxlen: 24
158.173.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 12:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3b:d2:75:fc:46:10:92:45:e1:6c:2b:b7:db:87:c7:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jul 24 09:45:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9911fec3c23ec57cf8ff6be971c37341056d0c2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a7:28:58:58:87:c0:a0:1a:9a:3b:9c:0b:16:
63:9d:71:64:4c:d5:4a:54:8c:50:81:0f:eb:10:c3:
43:4c:c2:e9:cf:ab:8e:11:fe:c2:72:1d:17:75:46:
82:3c:f7:e5:20:0e:f0:4a:ac:de:01:17:48:bc:1e:
e8:26:0d:e4:e3:82:03:2c:eb:83:5a:b4:97:e3:20:
59:b6:d5:7a:0e:f5:9d:7a:32:af:bc:48:05:bd:78:
ae:74:89:e6:29:19:25:44:3e:9a:fd:ac:e8:dc:69:
82:93:25:ec:d9:a1:85:6c:83:3d:e0:55:7a:d8:f0:
ea:1f:f4:e5:00:82:54:0a:b5:57:13:dd:72:d7:c2:
7f:d7:b6:c5:af:19:33:9f:15:b1:2b:20:29:d3:a4:
82:4d:45:96:30:33:12:97:5a:90:5a:b7:bc:95:95:
22:ed:19:0f:78:5c:1d:5e:1d:7d:25:61:8c:cd:dc:
c2:12:c3:eb:8f:08:57:f6:9d:4e:64:a7:82:5a:be:
2b:47:d1:9b:2e:2a:5e:5b:3b:e8:34:bf:65:17:79:
04:55:5f:58:52:97:7f:d2:fd:01:00:b3:78:c6:75:
50:12:15:6f:3a:ea:5a:73:81:d4:cb:11:74:a4:ca:
7c:65:0e:48:c4:ca:d1:53:5b:24:dc:0a:61:23:7a:
69:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:11:FE:C3:C2:3E:C5:7C:F8:FF:6B:E9:71:C3:73:41:05:6D:0C:2F
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/mRH-w8I-xXz4_2vpccNzQQVtDC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.169.133.0/24
124.198.130.0/24
155.2.213.0/24
158.173.132.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:ba:2b:7b:1f:b1:05:20:1a:79:e2:e6:62:bb:9a:a3:7a:11:
0c:f3:1c:dc:88:7e:90:78:4b:03:0f:06:9d:e0:31:92:25:67:
71:78:46:a3:0f:a3:d8:c0:78:5f:be:bf:85:95:1d:e9:a3:b8:
18:fd:f5:20:a4:bf:31:66:34:eb:e9:a7:83:c0:46:3e:f9:4b:
2e:5d:0f:c2:2b:bd:0e:92:fa:4d:77:ad:96:53:ff:82:b3:18:
e9:03:64:50:06:23:4c:41:8a:ed:b4:da:a3:67:fa:bc:dd:7e:
ff:3c:20:ff:b1:7e:3d:6c:60:40:cf:aa:e7:a0:12:07:7c:cf:
9b:97:ca:d3:47:0e:5d:fe:6c:08:75:ce:15:b9:be:64:a7:37:
29:d3:a4:8d:fb:56:b0:a2:7f:e9:bd:44:68:b6:ea:a3:8e:60:
36:35:57:bc:f0:c0:6c:14:68:26:93:dc:00:be:22:96:45:81:
08:c4:3b:34:f1:5f:89:45:04:b2:be:1a:b4:aa:f0:82:d3:25:
0a:86:6e:af:e7:8e:09:ea:b2:7a:e6:14:8d:70:0d:2f:77:7c:
4b:c3:62:af:f6:f7:2d:f9:06:9f:aa:6c:39:86:13:96:ac:d6:
e1:cd:e5:65:7a:b9:d9:b3:e3:a3:3d:16:75:c4:54:83:8b:d0:
c6:11:cd:2e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZg70nX8RhCSReFsK7fbh8daMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNzI0MDk0NTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTExZmVjM2MyM2VjNTdjZjhmZjZiZTk3MWMzNzM0MTA1NmQwYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKcoWFiHwKAamjucCxZjnXFkTNVK
VIxQgQ/rEMNDTMLpz6uOEf7Cch0XdUaCPPflIA7wSqzeARdIvB7oJg3k44IDLOuD
WrSX4yBZttV6DvWdejKvvEgFvXiudInmKRklRD6a/azo3GmCkyXs2aGFbIM94FV6
2PDqH/TlAIJUCrVXE91y18J/17bFrxkznxWxKyAp06SCTUWWMDMSl1qQWre8lZUi
7RkPeFwdXh19JWGMzdzCEsPrjwhX9p1OZKeCWr4rR9GbLipeWzvoNL9lF3kEVV9Y
Upd/0v0BALN4xnVQEhVvOupac4HUyxF0pMp8ZQ5IxMrRU1sk3AphI3ppQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJkR/sPCPsV8+P9r6XHDc0EFbQwvMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvbVJILXc4SS14WHo0XzJ2cGNjTnpRUVZ0REM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPqmFAwQA
fMaCAwQAmwLVAwQAnq2EMA0GCSqGSIb3DQEBCwUAA4IBAQA+uit7H7EFIBp54uZi
u5qjehEM8xzciH6QeEsDDwad4DGSJWdxeEajD6PYwHhfvr+FlR3po7gY/fUgpL8x
ZjTr6aeDwEY++UsuXQ/CK70OkvpNd62WU/+CsxjpA2RQBiNMQYrttNqjZ/q83X7/
PCD/sX49bGBAz6rnoBIHfM+bl8rTRw5d/mwIdc4Vub5kpzcp06SN+1awon/pvURo
tuqjjmA2NVe88MBsFGgmk9wAviKWRYEIxDs08V+JRQSyvhq0qvCC0yUKhm6v544J
6rJ65hSNcA0vd3xLw2Kv9vct+Qafqmw5hhOWrNbhzeVlernZs+OjPRZ1xFSDi9DG
Ec0u
-----END CERTIFICATE-----
Generated at Fri Jul 25 19:39:03 2025 by rpki-client