Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/0mjmbcUYcJdUwsZqfFXQurt0QGs.roa
File: 0mjmbcUYcJdUwsZqfFXQurt0QGs.roa (raw, json)
Hash identifier: vj/D2huTe28PQZ9MOq6LRDgSeNcaiaat155ny9UZvt0=
Subject key identifier: D2:68:E6:6D:C5:18:70:97:54:C2:C6:6A:7C:55:D0:BA:BB:74:40:6B
Certificate issuer: /CN=4a9c5e56aacd01ffb2825a931ed5ede41c3f92e6
Certificate serial: 019957FD811B8FB94708B7686931C72E55D4
Authority key identifier: 4A:9C:5E:56:AA:CD:01:FF:B2:82:5A:93:1E:D5:ED:E4:1C:3F:92:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/0mjmbcUYcJdUwsZqfFXQurt0QGs.roa
Signing time: Wed 17 Sep 2025 14:04:15 +0000
ROA not before: Wed 17 Sep 2025 14:04:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204511
IP address blocks: 185.197.116.0/22 maxlen: 22
185.197.116.0/24 maxlen: 24
185.197.118.0/24 maxlen: 24
2a05:3f06::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/SpxeVqrNAf-yglqTHtXt5Bw_kuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/SpxeVqrNAf-yglqTHtXt5Bw_kuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 08:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:57:fd:81:1b:8f:b9:47:08:b7:68:69:31:c7:2e:55:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a9c5e56aacd01ffb2825a931ed5ede41c3f92e6
Validity
Not Before: Sep 17 14:04:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d268e66dc518709754c2c66a7c55d0babb74406b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:21:34:6e:d5:88:6d:d6:20:65:1f:68:d0:15:
b5:e9:18:08:63:f6:f0:1a:47:55:a8:cc:3a:01:76:
f5:66:66:f1:5e:79:90:b6:c0:b9:50:f2:ea:53:c0:
01:35:1b:90:54:f7:30:f6:e3:36:1b:40:6d:1f:cb:
e6:24:4a:e5:54:04:44:64:43:3c:c4:ba:6e:8f:e7:
f6:9c:3f:32:2e:21:ef:e6:4a:56:9d:bf:ef:05:b1:
b6:22:6d:30:51:cb:8e:1b:19:2f:e5:bc:6b:a7:cd:
be:7f:cf:54:1a:da:7c:9c:08:48:91:70:aa:12:12:
99:8b:48:70:99:7a:1f:6c:6f:0c:a9:07:83:f1:02:
27:a2:a1:84:83:37:fd:4f:d7:75:c6:89:ed:ac:79:
8c:5f:83:6b:a1:f3:61:3d:f7:86:51:b9:dd:61:80:
73:aa:5e:55:49:57:b5:45:7c:21:65:e1:2f:b5:3c:
04:a6:e7:5e:95:78:03:1e:89:b5:2f:a5:e0:a6:c6:
85:4c:19:15:b9:00:c0:03:0a:23:88:66:f3:63:de:
ff:09:dc:70:b6:a3:ec:e3:0b:93:04:60:cc:b6:8f:
14:bd:91:ac:e8:99:8a:cb:eb:dd:bd:bc:84:3a:f8:
36:a7:40:6b:6f:9b:1f:9c:5d:54:34:f1:95:70:da:
94:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:68:E6:6D:C5:18:70:97:54:C2:C6:6A:7C:55:D0:BA:BB:74:40:6B
X509v3 Authority Key Identifier:
keyid:4A:9C:5E:56:AA:CD:01:FF:B2:82:5A:93:1E:D5:ED:E4:1C:3F:92:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SpxeVqrNAf-yglqTHtXt5Bw_kuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/0mjmbcUYcJdUwsZqfFXQurt0QGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c010dc-0910-4341-8b33-2e694b339933/1/SpxeVqrNAf-yglqTHtXt5Bw_kuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.116.0/22
IPv6:
2a05:3f06::/32
Signature Algorithm: sha256WithRSAEncryption
4f:08:c8:99:51:1c:e7:71:fc:03:fb:56:a9:fc:97:ab:df:09:
41:7c:1c:0f:6c:96:ea:e2:dd:1d:52:1a:81:5f:5a:bd:49:9f:
c7:80:d5:68:fb:f7:28:95:fc:8c:eb:ea:78:d7:2a:71:f1:df:
54:7c:1d:11:1d:dc:b1:a3:d3:e1:6e:30:25:93:82:e9:81:cb:
09:8b:a4:32:65:03:db:eb:f0:3d:f8:17:19:78:01:6b:cf:ef:
cf:f5:b9:1f:84:f0:d1:39:e8:0d:d8:65:d4:b3:3d:a6:7a:9c:
13:b4:f6:c0:5f:78:d8:c2:cc:a3:a1:2d:25:18:cd:0d:9c:2b:
33:9c:ae:00:2f:91:f1:db:d6:93:bc:d0:02:73:91:8b:25:23:
7b:1e:9c:f6:b2:26:36:55:60:de:31:41:16:97:66:f8:f2:9f:
6a:b2:6b:36:eb:cb:4d:6e:a5:6b:90:33:62:07:02:61:2d:6e:
01:51:a4:f0:4a:9c:d2:32:c7:6c:4a:d7:48:62:34:77:3d:d5:
c0:17:ba:b2:c0:94:d7:ca:1a:3e:c6:7f:2a:b0:64:a4:25:08:
b1:a3:c8:4a:2b:e8:8d:74:74:fb:dc:54:52:51:44:97:de:d6:
c5:b8:08:de:74:b9:e3:6d:12:5f:c4:c1:58:01:a9:64:0f:0c:
66:61:d4:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZlX/YEbj7lHCLdoaTHHLlXUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhOWM1ZTU2YWFjZDAxZmZiMjgyNWE5MzFlZDVlZGU0MWMz
ZjkyZTYwHhcNMjUwOTE3MTQwNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjY4ZTY2ZGM1MTg3MDk3NTRjMmM2NmE3YzU1ZDBiYWJiNzQ0MDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiE0btWIbdYgZR9o0BW16RgIY/bw
GkdVqMw6AXb1ZmbxXnmQtsC5UPLqU8ABNRuQVPcw9uM2G0BtH8vmJErlVAREZEM8
xLpuj+f2nD8yLiHv5kpWnb/vBbG2Im0wUcuOGxkv5bxrp82+f89UGtp8nAhIkXCq
EhKZi0hwmXofbG8MqQeD8QInoqGEgzf9T9d1xontrHmMX4NrofNhPfeGUbndYYBz
ql5VSVe1RXwhZeEvtTwEpudelXgDHom1L6XgpsaFTBkVuQDAAwojiGbzY97/Cdxw
tqPs4wuTBGDMto8UvZGs6JmKy+vdvbyEOvg2p0Brb5sfnF1UNPGVcNqULwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNJo5m3FGHCXVMLGanxV0Lq7dEBrMB8GA1UdIwQY
MBaAFEqcXlaqzQH/soJakx7V7eQcP5LmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3B4ZVZxck5BZi15Z2xxVEh0WHQ1Qndfa3VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jMDEwZGMtMDkxMC00MzQxLThiMzMt
MmU2OTRiMzM5OTMzLzEvMG1qbWJjVVljSmRVd3NacWZGWFF1cnQwUUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jMDEwZGMtMDkxMC00MzQxLThiMzMtMmU2OTRiMzM5OTMz
LzEvU3B4ZVZxck5BZi15Z2xxVEh0WHQ1Qndfa3VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucV0MA0E
AgACMAcDBQAqBT8GMA0GCSqGSIb3DQEBCwUAA4IBAQBPCMiZURzncfwD+1ap/Jer
3wlBfBwPbJbq4t0dUhqBX1q9SZ/HgNVo+/colfyM6+p41ypx8d9UfB0RHdyxo9Ph
bjAlk4LpgcsJi6QyZQPb6/A9+BcZeAFrz+/P9bkfhPDROegN2GXUsz2mepwTtPbA
X3jYwsyjoS0lGM0NnCsznK4AL5Hx29aTvNACc5GLJSN7Hpz2siY2VWDeMUEWl2b4
8p9qsms268tNbqVrkDNiBwJhLW4BUaTwSpzSMsdsStdIYjR3PdXAF7qywJTXyho+
xn8qsGSkJQixo8hKK+iNdHT73FRSUUSX3tbFuAjedLnjbRJfxMFYAalkDwxmYdQO
-----END CERTIFICATE-----
Generated at Mon Oct 27 15:01:53 2025 by rpki-client