Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/61f7dc-00f2-4d31-a757-0716dec731ab/1/MRY6fM9QiSsubyguz4kspQmishA.roa
File: MRY6fM9QiSsubyguz4kspQmishA.roa (raw, json)
Hash identifier: /78lcK4sMBWDJAqkZAAF4XGGhpfWKl2tLUozc3wFeS8=
Subject key identifier: 31:16:3A:7C:CF:50:89:2B:2E:6F:28:2E:CF:89:2C:A5:09:A2:B2:10
Certificate issuer: /CN=2b819515f399eb42c8031f3bea4a98c8e289e1ed
Certificate serial: 0197EA144E521046BABCE066A000D8EB5704
Authority key identifier: 2B:81:95:15:F3:99:EB:42:C8:03:1F:3B:EA:4A:98:C8:E2:89:E1:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K4GVFfOZ60LIAx876kqYyOKJ4e0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/61f7dc-00f2-4d31-a757-0716dec731ab/1/MRY6fM9QiSsubyguz4kspQmishA.roa
Signing time: Tue 08 Jul 2025 12:48:08 +0000
ROA not before: Tue 08 Jul 2025 12:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47588
IP address blocks: 94.100.48.0/24 maxlen: 24
94.100.49.0/24 maxlen: 24
94.100.50.0/24 maxlen: 24
94.100.51.0/24 maxlen: 24
94.100.52.0/24 maxlen: 24
94.100.53.0/24 maxlen: 24
94.100.54.0/24 maxlen: 24
94.100.55.0/24 maxlen: 24
94.100.56.0/24 maxlen: 24
94.100.57.0/24 maxlen: 24
94.100.58.0/24 maxlen: 24
94.100.59.0/24 maxlen: 24
94.100.60.0/24 maxlen: 24
94.100.62.0/24 maxlen: 24
94.100.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/61f7dc-00f2-4d31-a757-0716dec731ab/1/K4GVFfOZ60LIAx876kqYyOKJ4e0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/61f7dc-00f2-4d31-a757-0716dec731ab/1/K4GVFfOZ60LIAx876kqYyOKJ4e0.mft
rsync://rpki.ripe.net/repository/DEFAULT/K4GVFfOZ60LIAx876kqYyOKJ4e0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 21:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ea:14:4e:52:10:46:ba:bc:e0:66:a0:00:d8:eb:57:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b819515f399eb42c8031f3bea4a98c8e289e1ed
Validity
Not Before: Jul 8 12:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31163a7ccf50892b2e6f282ecf892ca509a2b210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:84:8e:8f:6c:66:9c:08:0f:0c:53:3b:1e:a5:
83:04:a3:f1:20:11:54:5a:d8:46:71:53:7c:22:6c:
c3:66:35:10:75:9d:b8:7f:7d:86:5e:f0:46:a4:51:
df:88:4d:fc:0d:95:39:e3:64:dd:ad:2f:c8:cc:af:
da:5d:b2:24:24:cc:47:12:6d:c1:c8:eb:c5:a5:36:
3d:78:d6:e8:11:e4:db:96:ee:96:08:42:8d:7e:ad:
25:10:b9:c7:2b:79:2c:02:6e:22:89:0c:a1:57:50:
01:cc:f8:dc:ae:35:71:82:cf:90:3e:7a:3c:d6:5f:
7f:ee:97:8d:b9:74:cb:7b:b3:06:3c:36:43:db:85:
7b:e2:21:b4:f5:3b:d0:be:65:da:b6:46:3e:df:5e:
52:3c:20:7e:3c:ee:3f:f8:65:8a:6a:00:fb:b8:f9:
49:20:c6:39:91:e6:da:35:12:6d:13:0f:c7:87:30:
10:23:21:5c:0e:cd:d0:df:3c:ed:4e:4b:4a:57:ef:
19:62:bf:e6:14:1e:05:c0:e8:a6:20:4a:99:d7:c0:
b5:24:ca:7e:01:c0:2e:a6:81:a1:e2:c0:fb:80:09:
d0:97:05:98:52:cd:49:80:8d:a0:7e:2e:06:e9:20:
e8:3a:6a:79:c1:a2:1a:b9:e6:57:b7:78:ed:aa:69:
b8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:16:3A:7C:CF:50:89:2B:2E:6F:28:2E:CF:89:2C:A5:09:A2:B2:10
X509v3 Authority Key Identifier:
keyid:2B:81:95:15:F3:99:EB:42:C8:03:1F:3B:EA:4A:98:C8:E2:89:E1:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K4GVFfOZ60LIAx876kqYyOKJ4e0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/61f7dc-00f2-4d31-a757-0716dec731ab/1/MRY6fM9QiSsubyguz4kspQmishA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/61f7dc-00f2-4d31-a757-0716dec731ab/1/K4GVFfOZ60LIAx876kqYyOKJ4e0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.100.48.0-94.100.60.255
94.100.62.0/23
Signature Algorithm: sha256WithRSAEncryption
52:09:55:11:68:0d:b5:63:cd:6c:5a:a3:a9:f8:57:7a:e4:d9:
73:9d:53:5c:9f:64:b6:b9:1a:cc:0a:ab:f2:9c:72:85:28:df:
e6:55:d5:4a:45:66:23:ca:0d:01:59:f4:29:11:47:ae:48:10:
93:30:ef:e2:d4:4f:da:c3:13:ff:6c:a1:7b:62:b4:04:a4:5c:
b4:f8:86:c2:cb:fe:7f:74:f3:24:02:63:69:f6:35:0c:95:64:
56:fa:58:24:43:8d:f2:2a:48:00:94:b8:7a:7c:5e:fd:78:f9:
97:10:ae:40:db:08:d3:ae:2b:03:15:17:d6:50:e2:e5:26:fc:
f5:e1:10:0c:75:b5:3a:6b:ca:9c:fc:ed:3d:3a:b0:fc:d7:3d:
24:70:52:42:f0:d4:7c:cc:58:f6:b1:6b:d4:4b:69:f9:6a:a0:
00:40:8b:45:fc:d2:d9:17:a2:0b:7b:7a:1e:14:a7:93:56:2f:
0b:24:2c:e8:02:9a:66:e2:cb:35:1c:c3:ff:02:c7:a8:b0:51:
9a:ac:7c:5c:dc:9f:69:c3:20:8a:59:2e:a0:18:cd:9a:40:68:
c5:bb:60:1a:54:47:0d:7b:34:cf:3c:75:a7:23:89:00:b1:68:
15:4c:ca:17:a2:19:95:0c:c9:56:96:98:d8:af:2b:44:61:73:
ac:c1:36:4c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZfqFE5SEEa6vOBmoADY61cEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiODE5NTE1ZjM5OWViNDJjODAzMWYzYmVhNGE5OGM4ZTI4
OWUxZWQwHhcNMjUwNzA4MTI0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTE2M2E3Y2NmNTA4OTJiMmU2ZjI4MmVjZjg5MmNhNTA5YTJiMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YSOj2xmnAgPDFM7HqWDBKPxIBFU
WthGcVN8ImzDZjUQdZ24f32GXvBGpFHfiE38DZU542TdrS/IzK/aXbIkJMxHEm3B
yOvFpTY9eNboEeTblu6WCEKNfq0lELnHK3ksAm4iiQyhV1ABzPjcrjVxgs+QPno8
1l9/7peNuXTLe7MGPDZD24V74iG09TvQvmXatkY+315SPCB+PO4/+GWKagD7uPlJ
IMY5kebaNRJtEw/HhzAQIyFcDs3Q3zztTktKV+8ZYr/mFB4FwOimIEqZ18C1JMp+
AcAupoGh4sD7gAnQlwWYUs1JgI2gfi4G6SDoOmp5waIaueZXt3jtqmm4RwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDEWOnzPUIkrLm8oLs+JLKUJorIQMB8GA1UdIwQY
MBaAFCuBlRXzmetCyAMfO+pKmMjiieHtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzRHVkZmT1o2MExJQXg4NzZrcVl5T0tKNGUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82MWY3ZGMtMDBmMi00ZDMxLWE3NTct
MDcxNmRlYzczMWFiLzEvTVJZNmZNOVFpU3N1YnlndXo0a3NwUW1pc2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82MWY3ZGMtMDBmMi00ZDMxLWE3NTctMDcxNmRlYzczMWFi
LzEvSzRHVkZmT1o2MExJQXg4NzZrcVl5T0tKNGUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAReZDAD
BABeZDwDBAFeZD4wDQYJKoZIhvcNAQELBQADggEBAFIJVRFoDbVjzWxao6n4V3rk
2XOdU1yfZLa5GswKq/KccoUo3+ZV1UpFZiPKDQFZ9CkRR65IEJMw7+LUT9rDE/9s
oXtitASkXLT4hsLL/n908yQCY2n2NQyVZFb6WCRDjfIqSACUuHp8Xv14+ZcQrkDb
CNOuKwMVF9ZQ4uUm/PXhEAx1tTprypz87T06sPzXPSRwUkLw1HzMWPaxa9RLaflq
oABAi0X80tkXogt7eh4Up5NWLwskLOgCmmbiyzUcw/8Cx6iwUZqsfFzcn2nDIIpZ
LqAYzZpAaMW7YBpURw17NM88dacjiQCxaBVMyheiGZUMyVaWmNivK0Rhc6zBNkw=
-----END CERTIFICATE-----
Generated at Mon Jul 21 01:59:52 2025 by rpki-client