Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/MxjgQVEyLUBzSi2i-cH1sG1IdKo.roa
File: MxjgQVEyLUBzSi2i-cH1sG1IdKo.roa (raw, json)
Hash identifier: 8LNKG3dpw7agrIcT1/uNRMjFLgdNdlZRqC/P4DL6cXY=
Subject key identifier: 33:18:E0:41:51:32:2D:40:73:4A:2D:A2:F9:C1:F5:B0:6D:48:74:AA
Certificate issuer: /CN=05bfdbb6a4b1663369da407db97b021f73284a28
Certificate serial: 0197C678EBDE0A5241D7052FFC742954E16D
Authority key identifier: 05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/MxjgQVEyLUBzSi2i-cH1sG1IdKo.roa
Signing time: Tue 01 Jul 2025 14:51:42 +0000
ROA not before: Tue 01 Jul 2025 14:51:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215322
IP address blocks: 185.17.25.0/24 maxlen: 24
185.99.255.0/24 maxlen: 24
2a01:a501::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.mft
rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c6:78:eb:de:0a:52:41:d7:05:2f:fc:74:29:54:e1:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bfdbb6a4b1663369da407db97b021f73284a28
Validity
Not Before: Jul 1 14:51:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3318e04151322d40734a2da2f9c1f5b06d4874aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6d:aa:62:0e:ec:5e:4d:aa:2a:a6:a7:29:a7:
49:a8:0f:4d:11:59:29:4f:10:b7:f5:07:32:08:52:
25:43:45:f6:f5:73:0e:e7:2e:85:bb:55:3f:79:05:
f0:a5:34:8a:53:bf:6b:2f:63:e4:65:85:b4:55:63:
09:51:a6:90:70:78:73:3b:89:aa:c4:ad:40:74:3c:
23:05:d6:a8:1b:51:c7:c6:4b:d1:26:c0:82:09:c2:
f7:3d:b3:f4:8b:fe:09:83:f1:03:ee:3d:11:3b:7f:
6b:36:f3:d2:25:7c:10:4e:77:ca:84:65:9d:28:11:
41:92:60:a7:33:c5:13:82:bd:c6:1a:00:4b:7a:63:
0f:92:5f:0e:88:dc:56:8b:80:7e:af:2b:61:6c:f0:
e4:74:14:d0:da:55:aa:4b:d6:f5:03:bc:34:6b:23:
34:ec:38:6a:cc:00:d5:b0:4f:c2:5b:9b:ca:f3:61:
4c:c0:79:cd:09:39:eb:8c:5f:da:d4:1e:ff:38:aa:
e6:cb:a6:29:20:f2:32:47:eb:d1:e2:ee:e5:3f:23:
b3:d7:91:a8:48:13:cd:d2:4a:05:c7:90:35:0d:9f:
ed:21:5c:ba:65:1c:a9:db:a5:00:c8:b8:29:fe:52:
09:85:31:07:c5:23:4b:83:6a:4e:e7:bf:b8:df:10:
9f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:18:E0:41:51:32:2D:40:73:4A:2D:A2:F9:C1:F5:B0:6D:48:74:AA
X509v3 Authority Key Identifier:
keyid:05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/MxjgQVEyLUBzSi2i-cH1sG1IdKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.25.0/24
185.99.255.0/24
IPv6:
2a01:a501::/32
Signature Algorithm: sha256WithRSAEncryption
01:c0:a3:fb:b5:cd:4e:85:e1:0b:7d:59:ab:84:6b:bd:24:5a:
17:46:bb:47:c8:93:40:95:96:53:e8:2d:7d:0e:d1:5c:27:64:
14:e0:b8:b5:4e:ab:8f:fb:bc:81:f7:9d:bc:b8:20:46:32:26:
aa:7b:81:bb:8b:53:31:e6:0d:5e:75:78:92:dd:73:68:42:2f:
c2:a3:d1:c7:8a:76:93:66:77:bb:26:f8:14:9f:a0:f2:b4:41:
23:9d:72:22:e7:82:78:ad:c8:13:26:40:a8:32:d8:e4:10:0e:
72:bc:76:99:5c:06:20:b2:4b:c6:b1:15:32:58:9e:51:27:5e:
17:46:c2:a1:50:4d:fd:88:ff:3e:61:c5:85:25:f0:14:45:ab:
f2:03:65:ea:68:e1:ee:98:ee:1d:a6:a2:e4:b6:dc:09:dc:da:
52:3d:8b:de:87:2c:bb:ed:bb:f7:e8:ec:2a:cf:4b:dd:d1:a0:
6a:f6:ad:56:e7:9d:06:9f:97:a0:fd:44:21:14:b6:7b:2a:00:
74:20:b4:63:9e:ec:7a:fb:19:65:33:71:25:c2:7d:91:09:54:
c8:4a:bc:89:2a:a2:d7:00:98:27:74:c1:c1:da:ff:e7:44:37:
d6:5f:49:d1:2a:13:84:94:05:63:df:4e:8f:4a:15:6f:45:08:
54:2b:60:2f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZfGeOveClJB1wUv/HQpVOFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmZkYmI2YTRiMTY2MzM2OWRhNDA3ZGI5N2IwMjFmNzMy
ODRhMjgwHhcNMjUwNzAxMTQ1MTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzE4ZTA0MTUxMzIyZDQwNzM0YTJkYTJmOWMxZjViMDZkNDg3NGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG2qYg7sXk2qKqanKadJqA9NEVkp
TxC39QcyCFIlQ0X29XMO5y6Fu1U/eQXwpTSKU79rL2PkZYW0VWMJUaaQcHhzO4mq
xK1AdDwjBdaoG1HHxkvRJsCCCcL3PbP0i/4Jg/ED7j0RO39rNvPSJXwQTnfKhGWd
KBFBkmCnM8UTgr3GGgBLemMPkl8OiNxWi4B+rythbPDkdBTQ2lWqS9b1A7w0ayM0
7DhqzADVsE/CW5vK82FMwHnNCTnrjF/a1B7/OKrmy6YpIPIyR+vR4u7lPyOz15Go
SBPN0koFx5A1DZ/tIVy6ZRyp26UAyLgp/lIJhTEHxSNLg2pO57+43xCfyQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDMY4EFRMi1Ac0otovnB9bBtSHSqMB8GA1UdIwQY
MBaAFAW/27aksWYzadpAfbl7Ah9zKEooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMt
MDYwZGFjZmViZTBmLzEvTXhqZ1FWRXlMVUJ6U2kyaS1jSDFzRzFJZEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMtMDYwZGFjZmViZTBm
LzEvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuREZAwQA
uWP/MA0EAgACMAcDBQAqAaUBMA0GCSqGSIb3DQEBCwUAA4IBAQABwKP7tc1OheEL
fVmrhGu9JFoXRrtHyJNAlZZT6C19DtFcJ2QU4Li1TquP+7yB9528uCBGMiaqe4G7
i1Mx5g1edXiS3XNoQi/Co9HHinaTZne7JvgUn6DytEEjnXIi54J4rcgTJkCoMtjk
EA5yvHaZXAYgskvGsRUyWJ5RJ14XRsKhUE39iP8+YcWFJfAURavyA2XqaOHumO4d
pqLkttwJ3NpSPYvehyy77bv36Owqz0vd0aBq9q1W550Gn5eg/UQhFLZ7KgB0ILRj
nux6+xllM3Elwn2RCVTISryJKqLXAJgndMHB2v/nRDfWX0nRKhOElAVj306PShVv
RQhUK2Av
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:31:24 2025 by rpki-client