Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/c_-rMl7HFVaHx3u8k-mg-7MnS34.roa
File: c_-rMl7HFVaHx3u8k-mg-7MnS34.roa (raw, json)
Hash identifier: AGapCrdXwoHdePxIoXjlgd8fqP8GcovBdv+jOw51rkE=
Subject key identifier: 73:FF:AB:32:5E:C7:15:56:87:C7:7B:BC:93:E9:A0:FB:B3:27:4B:7E
Certificate issuer: /CN=9a5e76f929d21b586f42e30f7d9b00399b3dcbf0
Certificate serial: 0197A853E6AEEBE54685D16AD4A628126DC0
Authority key identifier: 9A:5E:76:F9:29:D2:1B:58:6F:42:E3:0F:7D:9B:00:39:9B:3D:CB:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ml52-SnSG1hvQuMPfZsAOZs9y_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/c_-rMl7HFVaHx3u8k-mg-7MnS34.roa
Signing time: Wed 25 Jun 2025 18:22:40 +0000
ROA not before: Wed 25 Jun 2025 18:22:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 86.54.20.0/24 maxlen: 24
86.54.228.0/24 maxlen: 24
86.54.235.0/24 maxlen: 24
86.54.249.0/24 maxlen: 24
194.54.181.0/24 maxlen: 24
194.54.182.0/24 maxlen: 24
194.54.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/ml52-SnSG1hvQuMPfZsAOZs9y_A.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/ml52-SnSG1hvQuMPfZsAOZs9y_A.mft
rsync://rpki.ripe.net/repository/DEFAULT/ml52-SnSG1hvQuMPfZsAOZs9y_A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a8:53:e6:ae:eb:e5:46:85:d1:6a:d4:a6:28:12:6d:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a5e76f929d21b586f42e30f7d9b00399b3dcbf0
Validity
Not Before: Jun 25 18:22:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73ffab325ec7155687c77bbc93e9a0fbb3274b7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:50:06:ae:79:b7:95:44:e8:ea:23:76:cf:1f:
b6:57:95:cf:f9:96:0c:85:db:9e:7e:95:6c:d3:b7:
f1:3e:03:bc:fa:e9:4c:c1:d6:4a:cf:07:44:3a:03:
ef:93:08:b0:db:40:cc:60:50:d4:f3:a2:e3:33:bf:
82:17:c8:1f:12:56:cb:ee:4d:c8:37:24:e6:57:fc:
f0:ab:73:c1:19:2d:fe:08:67:b5:38:bf:db:ef:b1:
a6:ab:e8:ae:69:b2:b8:58:ae:6c:d0:69:ab:4f:bf:
cf:5a:c9:3c:c2:86:98:50:27:d8:8e:3b:04:31:8a:
eb:0b:4a:68:19:7a:90:58:be:6d:2c:c3:8b:03:a0:
dc:fb:01:3b:35:bc:41:82:ad:a5:5c:41:82:e4:47:
83:a0:74:3d:e7:f8:16:8c:49:07:cd:12:30:c1:0b:
57:e4:ec:b7:36:ab:37:3a:d1:f9:5f:2f:cb:1f:14:
65:b2:96:cb:b9:07:d7:ea:20:f1:bf:62:d1:28:de:
de:05:1a:11:0b:e6:84:21:7c:c2:0c:c8:d8:e1:a6:
42:ac:38:a1:a4:f3:b5:4f:46:22:da:82:fc:ad:11:
3e:2f:13:e9:f5:6e:4b:98:e1:a9:fb:7f:3e:79:f4:
f8:0e:c4:8f:9c:5f:42:b9:fa:1e:75:6d:86:39:ca:
1e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:FF:AB:32:5E:C7:15:56:87:C7:7B:BC:93:E9:A0:FB:B3:27:4B:7E
X509v3 Authority Key Identifier:
keyid:9A:5E:76:F9:29:D2:1B:58:6F:42:E3:0F:7D:9B:00:39:9B:3D:CB:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ml52-SnSG1hvQuMPfZsAOZs9y_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/c_-rMl7HFVaHx3u8k-mg-7MnS34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/767d6d-36c8-403b-81b0-b4aaa23fdaa9/1/ml52-SnSG1hvQuMPfZsAOZs9y_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.54.20.0/24
86.54.228.0/24
86.54.235.0/24
86.54.249.0/24
194.54.181.0-194.54.183.255
Signature Algorithm: sha256WithRSAEncryption
96:4b:98:2e:c5:f2:4c:54:72:ae:3b:48:09:ee:e7:e6:5a:8f:
ce:36:3f:6a:f8:65:cf:a0:24:a4:91:15:fc:65:33:39:a4:3b:
89:72:df:f3:68:fa:a9:23:58:0a:b4:d9:42:35:75:89:f0:15:
e6:e4:f8:a9:09:74:5a:cf:cd:a4:aa:02:dd:85:40:5a:ef:35:
4f:01:5a:f0:cb:49:bb:b1:78:44:ee:6c:c7:b4:13:57:18:1c:
99:9b:b5:aa:7f:33:ff:ba:96:10:71:43:ca:4b:b6:b4:46:d5:
d6:3e:25:7e:fe:1a:e9:15:9f:c4:50:38:e6:69:32:bf:18:95:
c3:62:cb:ea:d7:e0:5b:7c:87:4f:81:6c:a1:dc:17:22:ec:64:
b3:25:38:de:c1:fe:3e:d0:43:29:1a:ea:db:b5:02:9c:55:e2:
38:aa:53:10:29:e9:f6:ec:8f:86:e5:fd:95:56:48:3c:20:43:
c2:f9:ee:80:7d:fb:98:a8:bd:fd:1c:06:e4:d9:ab:4a:0a:a4:
04:62:52:43:55:80:dd:fb:4f:e1:41:a6:cf:d5:c4:6f:2b:86:
87:d6:3b:97:1a:df:12:69:bc:78:9b:91:f5:87:60:90:50:60:
97:92:ce:ea:3a:f9:1c:ff:b8:9b:80:5a:47:2a:fd:d3:9f:70:
52:32:a3:b9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZeoU+au6+VGhdFq1KYoEm3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNWU3NmY5MjlkMjFiNTg2ZjQyZTMwZjdkOWIwMDM5OWIz
ZGNiZjAwHhcNMjUwNjI1MTgyMjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2ZmYWIzMjVlYzcxNTU2ODdjNzdiYmM5M2U5YTBmYmIzMjc0YjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7VAGrnm3lUTo6iN2zx+2V5XP+ZYM
hduefpVs07fxPgO8+ulMwdZKzwdEOgPvkwiw20DMYFDU86LjM7+CF8gfElbL7k3I
NyTmV/zwq3PBGS3+CGe1OL/b77Gmq+iuabK4WK5s0GmrT7/PWsk8woaYUCfYjjsE
MYrrC0poGXqQWL5tLMOLA6Dc+wE7NbxBgq2lXEGC5EeDoHQ95/gWjEkHzRIwwQtX
5Oy3Nqs3OtH5Xy/LHxRlspbLuQfX6iDxv2LRKN7eBRoRC+aEIXzCDMjY4aZCrDih
pPO1T0Yi2oL8rRE+LxPp9W5LmOGp+38+efT4DsSPnF9CufoedW2GOcoetwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHP/qzJexxVWh8d7vJPpoPuzJ0t+MB8GA1UdIwQY
MBaAFJpedvkp0htYb0LjD32bADmbPcvwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWw1Mi1TblNHMWh2UXVNUGZac0FPWnM5eV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS83NjdkNmQtMzZjOC00MDNiLTgxYjAt
YjRhYWEyM2ZkYWE5LzEvY18tck1sN0hGVmFIeDN1OGstbWctN01uUzM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS83NjdkNmQtMzZjOC00MDNiLTgxYjAtYjRhYWEyM2ZkYWE5
LzEvbWw1Mi1TblNHMWh2UXVNUGZac0FPWnM5eV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVjYUAwQA
VjbkAwQAVjbrAwQAVjb5MAwDBADCNrUDBAPCNrAwDQYJKoZIhvcNAQELBQADggEB
AJZLmC7F8kxUcq47SAnu5+Zaj842P2r4Zc+gJKSRFfxlMzmkO4ly3/No+qkjWAq0
2UI1dYnwFebk+KkJdFrPzaSqAt2FQFrvNU8BWvDLSbuxeETubMe0E1cYHJmbtap/
M/+6lhBxQ8pLtrRG1dY+JX7+GukVn8RQOOZpMr8YlcNiy+rX4Ft8h0+BbKHcFyLs
ZLMlON7B/j7QQyka6tu1ApxV4jiqUxAp6fbsj4bl/ZVWSDwgQ8L57oB9+5iovf0c
BuTZq0oKpARiUkNVgN37T+FBps/VxG8rhofWO5ca3xJpvHibkfWHYJBQYJeSzuo6
+Rz/uJuAWkcq/dOfcFIyo7k=
-----END CERTIFICATE-----
Generated at Tue Jul 1 08:05:57 2025 by rpki-client