Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Mg8DfV8_DXrPv3KqkbNYUp0l0tM.roa
File: Mg8DfV8_DXrPv3KqkbNYUp0l0tM.roa (raw, json)
Hash identifier: bc63jnsWB8rXpmaLfBdrnPsJc2KKfycExaCBRhU5vnM=
Subject key identifier: 32:0F:03:7D:5F:3F:0D:7A:CF:BF:72:AA:91:B3:58:52:9D:25:D2:D3
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 01980885464F5D505C9165EE84E7404CE881
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Mg8DfV8_DXrPv3KqkbNYUp0l0tM.roa
Signing time: Mon 14 Jul 2025 10:40:08 +0000
ROA not before: Mon 14 Jul 2025 10:40:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21396
IP address blocks: 93.113.110.0/23 maxlen: 23
93.114.86.0/23 maxlen: 23
93.114.184.0/23 maxlen: 23
93.114.234.0/23 maxlen: 23
176.56.56.0/21 maxlen: 21
185.17.180.0/22 maxlen: 22
185.65.40.0/22 maxlen: 22
185.164.196.0/22 maxlen: 22
185.181.252.0/24 maxlen: 24
188.212.34.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 04:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:08:85:46:4f:5d:50:5c:91:65:ee:84:e7:40:4c:e8:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jul 14 10:40:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=320f037d5f3f0d7acfbf72aa91b358529d25d2d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:01:57:92:dc:26:e8:1a:85:64:88:fb:bc:1d:
3c:44:9f:44:8c:80:6f:9b:d0:23:c0:57:c3:f5:6c:
66:b3:8d:a8:48:68:3e:54:88:44:87:34:ea:6b:fa:
cb:c7:aa:e3:19:ac:34:90:27:83:31:7f:a8:02:e3:
10:c1:02:bd:4b:00:32:67:86:da:af:02:46:5d:14:
a9:50:0f:0d:66:54:d8:93:1c:02:08:66:e8:a1:ba:
65:b5:a4:e0:db:47:fa:5d:25:19:0a:dd:0d:39:62:
d4:b9:15:1f:5a:9c:7b:93:ae:c9:cc:f0:1e:01:1c:
3e:26:91:01:81:14:12:cd:98:54:f2:0a:6d:13:7d:
c2:7f:4f:d2:1c:02:12:48:7c:e5:ea:48:a0:fe:73:
27:fb:42:68:e1:7b:04:d5:5e:b5:84:f3:ea:70:3e:
0a:7e:97:9b:94:88:f0:ab:85:59:0a:90:53:0c:ab:
a2:f4:72:c0:65:5b:0f:fe:f9:81:73:ab:38:0b:d1:
e9:94:10:3d:c1:22:aa:d1:0e:75:ba:8e:71:07:33:
39:c1:09:38:56:92:8f:54:51:d0:eb:71:d2:78:8e:
4d:20:17:93:27:7a:84:eb:e2:51:a0:ae:31:8e:29:
c1:5b:00:6b:b8:88:48:5a:ca:af:3d:59:35:8a:ee:
9d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0F:03:7D:5F:3F:0D:7A:CF:BF:72:AA:91:B3:58:52:9D:25:D2:D3
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Mg8DfV8_DXrPv3KqkbNYUp0l0tM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.113.110.0/23
93.114.86.0/23
93.114.184.0/23
93.114.234.0/23
176.56.56.0/21
185.17.180.0/22
185.65.40.0/22
185.164.196.0/22
185.181.252.0/24
188.212.34.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:fe:aa:ad:e4:2c:07:44:49:75:04:24:14:a7:07:33:e2:d8:
35:cd:dc:54:4d:2c:8c:35:0c:77:44:b0:e8:6b:73:54:24:04:
b6:c1:d9:30:e7:f7:70:81:ee:4e:ec:23:3d:6e:fc:45:20:4b:
78:bf:0f:e0:f5:95:c9:6b:0e:21:1a:9a:cb:4d:e0:b9:d5:01:
30:d1:3f:76:6e:6f:68:84:aa:07:70:fc:d6:ca:55:be:36:2a:
b5:6f:50:1f:06:9a:d2:bc:5a:ee:5b:d3:b1:6a:23:59:f7:c7:
77:22:77:c2:76:50:88:b8:39:62:ef:62:e6:48:0a:8f:5b:cf:
22:4c:2e:81:b8:2e:e5:23:3b:d9:16:aa:8b:da:42:5a:35:f1:
de:21:02:c8:d5:55:c3:81:f6:48:3c:35:7a:b1:e5:3f:54:e8:
57:93:66:f8:5d:f6:0b:84:21:96:47:fc:ac:27:e5:c9:b5:0c:
d5:ed:82:94:1a:24:f6:61:29:87:f6:d0:7a:ff:8e:08:c3:dd:
5f:37:1b:21:9c:87:f4:d5:69:40:3f:8d:49:0b:e5:b8:e8:f8:
71:72:3f:58:b1:19:a8:bf:be:89:ea:7f:b5:6d:aa:f2:8e:84:
5a:b8:9d:48:0b:11:25:a1:cb:dd:cb:95:db:6b:7e:5c:f8:5d:
d3:c1:bb:71
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZgIhUZPXVBckWXuhOdATOiBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwNzE0MTA0MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjBmMDM3ZDVmM2YwZDdhY2ZiZjcyYWE5MWIzNTg1MjlkMjVkMmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQFXktwm6BqFZIj7vB08RJ9EjIBv
m9AjwFfD9Wxms42oSGg+VIhEhzTqa/rLx6rjGaw0kCeDMX+oAuMQwQK9SwAyZ4ba
rwJGXRSpUA8NZlTYkxwCCGboobpltaTg20f6XSUZCt0NOWLUuRUfWpx7k67JzPAe
ARw+JpEBgRQSzZhU8gptE33Cf0/SHAISSHzl6kig/nMn+0Jo4XsE1V61hPPqcD4K
fpeblIjwq4VZCpBTDKui9HLAZVsP/vmBc6s4C9HplBA9wSKq0Q51uo5xBzM5wQk4
VpKPVFHQ63HSeI5NIBeTJ3qE6+JRoK4xjinBWwBruIhIWsqvPVk1iu6doQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDIPA31fPw16z79yqpGzWFKdJdLTMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvTWc4RGZWOF9EWHJQdjNLcWtiTllVcDBsMHRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBXXFuAwQB
XXJWAwQBXXK4AwQBXXLqAwQDsDg4AwQCuRG0AwQCuUEoAwQCuaTEAwQAubX8AwQB
vNQiMA0GCSqGSIb3DQEBCwUAA4IBAQCc/qqt5CwHREl1BCQUpwcz4tg1zdxUTSyM
NQx3RLDoa3NUJAS2wdkw5/dwge5O7CM9bvxFIEt4vw/g9ZXJaw4hGprLTeC51QEw
0T92bm9ohKoHcPzWylW+Niq1b1AfBprSvFruW9OxaiNZ98d3InfCdlCIuDli72Lm
SAqPW88iTC6BuC7lIzvZFqqL2kJaNfHeIQLI1VXDgfZIPDV6seU/VOhXk2b4XfYL
hCGWR/ysJ+XJtQzV7YKUGiT2YSmH9tB6/44Iw91fNxshnIf01WlAP41JC+W46Phx
cj9YsRmov76J6n+1baryjoRauJ1ICxElocvdy5Xba35c+F3Twbtx
-----END CERTIFICATE-----
Generated at Sun Jul 27 12:26:27 2025 by rpki-client