Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/Mcnbz50oO5ncmHbNfOpDBCxKW9A.roa
File: Mcnbz50oO5ncmHbNfOpDBCxKW9A.roa (raw, json)
Hash identifier: jF7z7EHQLPfdDZzR3/TKc1ZXBvjra8i/54uPqtBO5rE=
Subject key identifier: 31:C9:DB:CF:9D:28:3B:99:DC:98:76:CD:7C:EA:43:04:2C:4A:5B:D0
Certificate issuer: /CN=6977a3116ecc9d7a429f13651613e8ad149ff324
Certificate serial: 019844539513F530E29E0912FB4361B17A14
Authority key identifier: 69:77:A3:11:6E:CC:9D:7A:42:9F:13:65:16:13:E8:AD:14:9F:F3:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aXejEW7MnXpCnxNlFhPorRSf8yQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/Mcnbz50oO5ncmHbNfOpDBCxKW9A.roa
Signing time: Sat 26 Jul 2025 01:23:05 +0000
ROA not before: Sat 26 Jul 2025 01:23:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58051
IP address blocks: 45.154.196.0/24 maxlen: 24
193.105.207.0/24 maxlen: 24
2a01:fdc1::/32 maxlen: 32
2a01:fdc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/aXejEW7MnXpCnxNlFhPorRSf8yQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/aXejEW7MnXpCnxNlFhPorRSf8yQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/aXejEW7MnXpCnxNlFhPorRSf8yQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 19:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:44:53:95:13:f5:30:e2:9e:09:12:fb:43:61:b1:7a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6977a3116ecc9d7a429f13651613e8ad149ff324
Validity
Not Before: Jul 26 01:23:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31c9dbcf9d283b99dc9876cd7cea43042c4a5bd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:87:a8:6e:e4:c0:79:59:c3:62:02:93:a5:d5:
ad:e2:8c:55:df:a2:ae:f0:db:72:44:d0:b0:29:3e:
17:66:4e:c4:97:e3:ab:c4:e6:7a:ce:52:2e:9b:b7:
3a:25:4c:1b:25:2e:29:16:c5:ec:b4:a9:c8:39:59:
5a:cc:8a:71:15:50:a1:48:7a:20:c1:af:1e:08:aa:
63:b8:42:7a:d3:93:8b:d4:f6:ee:4f:23:8b:3b:c8:
da:0d:3d:2a:10:74:a7:e9:60:07:83:78:bc:a2:c1:
c4:39:b5:20:5f:9b:af:ff:43:9a:b4:e2:7b:da:af:
f6:0f:50:af:43:a1:1e:c5:66:5a:78:7e:28:ee:db:
e2:18:5d:9a:e2:f5:aa:41:3c:c3:c2:56:13:99:84:
21:fe:47:d9:ed:07:02:6c:0c:1e:41:13:d9:c9:31:
c0:59:14:61:ac:f7:9e:30:14:60:90:34:bd:0c:7e:
0a:91:21:ee:39:ce:8f:b4:03:7f:ae:f7:8b:00:7c:
d5:3e:42:0d:68:4a:e8:fd:3a:6b:d8:ac:52:b8:e4:
88:be:97:12:2c:e7:f0:5e:7c:e8:b5:6c:02:ff:fd:
d8:a2:b0:9b:c5:1b:14:b0:fe:e5:94:d1:79:57:1f:
e4:f2:af:61:39:75:34:94:da:df:cb:a5:6c:d9:4d:
a2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C9:DB:CF:9D:28:3B:99:DC:98:76:CD:7C:EA:43:04:2C:4A:5B:D0
X509v3 Authority Key Identifier:
keyid:69:77:A3:11:6E:CC:9D:7A:42:9F:13:65:16:13:E8:AD:14:9F:F3:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXejEW7MnXpCnxNlFhPorRSf8yQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/Mcnbz50oO5ncmHbNfOpDBCxKW9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/9c6691-adac-41e5-8ce9-f4b7b398c634/1/aXejEW7MnXpCnxNlFhPorRSf8yQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.196.0/24
193.105.207.0/24
IPv6:
2a01:fdc1::-2a01:fdc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a9:54:df:78:e6:04:7f:5a:4d:f2:06:14:79:97:47:4c:23:ad:
a8:7b:37:c6:64:14:75:f7:3f:56:5e:54:10:1f:2a:99:61:6f:
e4:a2:4e:87:a3:fe:e0:33:02:fa:c0:32:25:fb:8d:46:03:03:
4a:e3:03:1c:26:31:16:62:67:08:3f:a4:0d:e9:eb:18:af:34:
75:24:7b:aa:55:55:07:4f:68:cb:d5:90:e4:bb:c7:b8:c2:31:
1b:da:b9:4c:f4:2a:5e:72:4c:a3:43:33:d3:20:97:e9:a8:b5:
a5:b1:0d:e7:86:8f:b3:7b:a1:a9:08:be:71:c2:e4:c9:bf:75:
96:b3:d4:76:ac:b9:ef:c6:ab:2e:85:4f:ab:7c:b5:95:c6:0c:
47:5f:59:a8:fa:43:73:54:d4:02:7a:f2:9f:f6:a7:4d:81:ae:
e6:98:3a:c2:43:14:90:80:a8:a7:ac:d2:03:e7:2f:c7:6a:00:
2c:16:ca:05:8c:4c:d1:bc:00:0e:be:2d:f3:1d:cc:74:49:0b:
8b:75:ca:96:ca:c9:e2:e8:9c:9c:8a:7c:dc:e2:df:eb:fa:8c:
f2:11:43:de:e1:c5:f3:1b:27:f6:75:d4:0f:3c:43:5d:25:68:
84:71:c7:5a:f2:a9:14:46:25:61:12:7e:81:0d:40:ed:ec:e5:
ea:58:cf:77
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZhEU5UT9TDingkS+0NhsXoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzdhMzExNmVjYzlkN2E0MjlmMTM2NTE2MTNlOGFkMTQ5
ZmYzMjQwHhcNMjUwNzI2MDEyMzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWM5ZGJjZjlkMjgzYjk5ZGM5ODc2Y2Q3Y2VhNDMwNDJjNGE1YmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4eobuTAeVnDYgKTpdWt4oxV36Ku
8NtyRNCwKT4XZk7El+OrxOZ6zlIum7c6JUwbJS4pFsXstKnIOVlazIpxFVChSHog
wa8eCKpjuEJ605OL1PbuTyOLO8jaDT0qEHSn6WAHg3i8osHEObUgX5uv/0OatOJ7
2q/2D1CvQ6EexWZaeH4o7tviGF2a4vWqQTzDwlYTmYQh/kfZ7QcCbAweQRPZyTHA
WRRhrPeeMBRgkDS9DH4KkSHuOc6PtAN/rveLAHzVPkINaEro/Tpr2KxSuOSIvpcS
LOfwXnzotWwC//3YorCbxRsUsP7llNF5Vx/k8q9hOXU0lNrfy6Vs2U2i5wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDHJ28+dKDuZ3Jh2zXzqQwQsSlvQMB8GA1UdIwQY
MBaAFGl3oxFuzJ16Qp8TZRYT6K0Un/MkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhlakVXN01uWHBDbnhObEZoUG9yUlNmOHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85YzY2OTEtYWRhYy00MWU1LThjZTkt
ZjRiN2IzOThjNjM0LzEvTWNuYno1MG9PNW5jbUhiTmZPcERCQ3hLVzlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85YzY2OTEtYWRhYy00MWU1LThjZTktZjRiN2IzOThjNjM0
LzEvYVhlakVXN01uWHBDbnhObEZoUG9yUlNmOHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQALZrEAwQA
wWnPMBYEAgACMBAwDgMFACoB/cEDBQAqAf3CMA0GCSqGSIb3DQEBCwUAA4IBAQCp
VN945gR/Wk3yBhR5l0dMI62oezfGZBR19z9WXlQQHyqZYW/kok6Ho/7gMwL6wDIl
+41GAwNK4wMcJjEWYmcIP6QN6esYrzR1JHuqVVUHT2jL1ZDku8e4wjEb2rlM9Cpe
ckyjQzPTIJfpqLWlsQ3nho+ze6GpCL5xwuTJv3WWs9R2rLnvxqsuhU+rfLWVxgxH
X1mo+kNzVNQCevKf9qdNga7mmDrCQxSQgKinrNID5y/HagAsFsoFjEzRvAAOvi3z
Hcx0SQuLdcqWysni6Jycinzc4t/r+ozyEUPe4cXzGyf2ddQPPENdJWiEccda8qkU
RiVhEn6BDUDt7OXqWM93
-----END CERTIFICATE-----
Generated at Sun Jul 27 02:05:52 2025 by rpki-client