Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/mRnAUNROaOj4JiWG5_m7XWEbDXE.roa
File: mRnAUNROaOj4JiWG5_m7XWEbDXE.roa (raw, json)
Hash identifier: gxT45iqIIvXKxNqiSUD1Q3iLzsGXFD5LFD0glRrPY0k=
Subject key identifier: 99:19:C0:50:D4:4E:68:E8:F8:26:25:86:E7:F9:BB:5D:61:1B:0D:71
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0198E1FF57C49A3EED55B42376F5C9736FF5
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/mRnAUNROaOj4JiWG5_m7XWEbDXE.roa
Signing time: Mon 25 Aug 2025 16:11:04 +0000
ROA not before: Mon 25 Aug 2025 16:11:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57844
IP address blocks: 193.233.82.0/23 maxlen: 23
193.233.140.0/22 maxlen: 22
193.233.228.0/22 maxlen: 22
193.233.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e1:ff:57:c4:9a:3e:ed:55:b4:23:76:f5:c9:73:6f:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Aug 25 16:11:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9919c050d44e68e8f8262586e7f9bb5d611b0d71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:45:a9:09:84:09:ce:90:62:d9:0d:96:3d:a0:
7a:ad:01:a1:49:32:fe:78:98:72:79:7a:74:ae:81:
62:43:78:d5:4e:17:f1:69:48:17:d3:0c:20:2e:63:
aa:27:0e:fc:28:fa:db:ad:64:6e:72:3c:94:95:15:
53:a2:ab:cc:56:8b:8d:28:c9:80:ad:12:51:18:d1:
f5:23:53:5d:a9:a2:b0:43:fc:a9:e5:53:e8:04:e5:
f5:c9:4b:16:38:77:da:d6:5f:ec:83:46:6c:32:1e:
78:aa:4e:8a:4b:72:63:91:c7:39:80:ef:23:6c:26:
e8:e5:b3:aa:da:fb:67:d2:b2:e4:92:41:2c:d8:1e:
af:a3:1f:28:b3:b3:e6:7d:eb:85:9b:8b:fa:28:50:
c1:a3:cf:54:2d:68:c9:b1:a3:fc:1c:9d:51:6f:4a:
9e:8c:cc:d2:ad:32:14:07:0b:80:25:84:ed:84:ef:
61:14:7d:01:f4:7f:35:94:aa:4e:58:9f:d3:ec:05:
b8:1f:1b:61:bf:40:e3:e6:ec:37:bc:84:9c:8d:bb:
ba:13:68:6a:7f:96:c6:8f:3e:8d:a5:e1:b9:e6:6d:
ba:29:4a:c8:28:89:bd:d9:4a:f8:5a:88:ba:37:1a:
fb:8b:06:a0:c6:dd:eb:5c:b3:93:3a:17:4e:bf:6d:
62:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:19:C0:50:D4:4E:68:E8:F8:26:25:86:E7:F9:BB:5D:61:1B:0D:71
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/mRnAUNROaOj4JiWG5_m7XWEbDXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.82.0/23
193.233.140.0/22
193.233.228.0/22
193.233.248.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:e4:36:8e:8b:19:4a:a6:7b:c2:9e:e4:75:18:0f:fe:f7:90:
08:51:3d:ff:85:ce:36:00:3d:ca:78:79:96:2a:be:82:d4:d5:
3a:a8:00:67:51:33:05:75:e1:58:d3:18:a6:84:c3:91:88:95:
f6:b9:4e:dd:5d:7d:e6:cb:3a:26:74:13:23:7c:fd:6a:0f:be:
8a:f7:43:35:1b:ce:8f:4a:b8:cd:6d:57:54:e0:88:e5:b7:f5:
fb:bd:d2:cd:f0:65:2b:e6:ba:fc:a5:f9:1b:21:c5:7f:15:6e:
84:f4:10:aa:d0:bd:68:55:69:6e:0d:0d:67:ef:66:50:be:9f:
30:e5:36:45:5d:b1:fc:9b:1e:07:29:3a:47:d0:0e:51:3a:78:
cb:b9:84:a2:d6:12:7c:fb:c2:ee:da:d7:6a:f2:10:ae:03:d4:
58:7d:02:a6:bd:df:fe:78:9e:95:b6:c5:e3:de:5f:0a:f4:25:
55:45:02:22:e1:a6:bc:ba:9d:d3:f4:10:d0:f8:9e:ac:b1:29:
20:ff:84:a9:45:ef:ff:78:f3:4e:c1:fc:a3:a8:27:75:f5:11:
a7:96:cf:9e:39:f9:11:c4:94:7f:62:58:32:79:12:21:88:7c:
09:da:5f:33:95:d3:14:61:2e:44:9c:f1:1a:d4:ee:6c:3e:fa:
7d:0c:0b:57
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZjh/1fEmj7tVbQjdvXJc2/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwODI1MTYxMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTE5YzA1MGQ0NGU2OGU4ZjgyNjI1ODZlN2Y5YmI1ZDYxMWIwZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEWpCYQJzpBi2Q2WPaB6rQGhSTL+
eJhyeXp0roFiQ3jVThfxaUgX0wwgLmOqJw78KPrbrWRucjyUlRVToqvMVouNKMmA
rRJRGNH1I1NdqaKwQ/yp5VPoBOX1yUsWOHfa1l/sg0ZsMh54qk6KS3Jjkcc5gO8j
bCbo5bOq2vtn0rLkkkEs2B6vox8os7PmfeuFm4v6KFDBo89ULWjJsaP8HJ1Rb0qe
jMzSrTIUBwuAJYTthO9hFH0B9H81lKpOWJ/T7AW4Hxthv0Dj5uw3vIScjbu6E2hq
f5bGjz6NpeG55m26KUrIKIm92Ur4Woi6Nxr7iwagxt3rXLOTOhdOv21izQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJkZwFDUTmjo+CYlhuf5u11hGw1xMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvbVJuQVVOUk9hT2o0SmlXRzVfbTdYV0ViRFhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBwelSAwQC
wemMAwQCwenkAwQCwen4MA0GCSqGSIb3DQEBCwUAA4IBAQCK5DaOixlKpnvCnuR1
GA/+95AIUT3/hc42AD3KeHmWKr6C1NU6qABnUTMFdeFY0ximhMORiJX2uU7dXX3m
yzomdBMjfP1qD76K90M1G86PSrjNbVdU4Ijlt/X7vdLN8GUr5rr8pfkbIcV/FW6E
9BCq0L1oVWluDQ1n72ZQvp8w5TZFXbH8mx4HKTpH0A5ROnjLuYSi1hJ8+8Lu2tdq
8hCuA9RYfQKmvd/+eJ6VtsXj3l8K9CVVRQIi4aa8up3T9BDQ+J6ssSkg/4SpRe//
ePNOwfyjqCd19RGnls+eOfkRxJR/YlgyeRIhiHwJ2l8zldMUYS5EnPEa1O5sPvp9
DAtX
-----END CERTIFICATE-----
Generated at Sat Sep 6 12:27:40 2025 by rpki-client