Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/mthvTy4E1EiDk73f3uwFyAG7KJQ.roa
File: mthvTy4E1EiDk73f3uwFyAG7KJQ.roa (raw, json)
Hash identifier: YixVgctcvu1THgjSuBQJDrR+WqI/9yv3o3HH6A442co=
Subject key identifier: 9A:D8:6F:4F:2E:04:D4:48:83:93:BD:DF:DE:EC:05:C8:01:BB:28:94
Certificate issuer: /CN=12e28039646dcc32eceb58428f97cc994b998577
Certificate serial: 019A2B9E8FF341BD27E1A3A226E1D37EECD3
Authority key identifier: 12:E2:80:39:64:6D:CC:32:EC:EB:58:42:8F:97:CC:99:4B:99:85:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EuKAOWRtzDLs61hCj5fMmUuZhXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/mthvTy4E1EiDk73f3uwFyAG7KJQ.roa
Signing time: Tue 28 Oct 2025 16:20:03 +0000
ROA not before: Tue 28 Oct 2025 16:20:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8881
IP address blocks: 217.117.97.0/24 maxlen: 24
217.117.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/EuKAOWRtzDLs61hCj5fMmUuZhXc.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/EuKAOWRtzDLs61hCj5fMmUuZhXc.mft
rsync://rpki.ripe.net/repository/DEFAULT/EuKAOWRtzDLs61hCj5fMmUuZhXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Oct 2025 13:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2b:9e:8f:f3:41:bd:27:e1:a3:a2:26:e1:d3:7e:ec:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12e28039646dcc32eceb58428f97cc994b998577
Validity
Not Before: Oct 28 16:20:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ad86f4f2e04d4488393bddfdeec05c801bb2894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:67:a0:39:dc:95:24:4b:23:27:0a:cd:b1:32:
4d:c5:af:db:17:0a:96:fa:0a:df:23:8d:18:f8:f7:
92:20:bd:01:f2:42:e7:ca:bd:ff:67:fd:a4:f3:43:
a5:e7:d5:64:24:d8:76:c1:47:99:36:db:a2:87:d8:
a6:f7:bb:94:f5:01:eb:c5:65:85:e0:c2:21:06:6d:
ca:4a:53:8c:ac:14:46:4a:1a:68:cb:38:24:52:4c:
73:5c:9e:06:31:ee:72:69:33:d9:7f:ac:ce:70:ac:
a8:51:8b:44:ee:f5:7b:51:78:ee:b6:08:dc:cf:1a:
e3:76:1e:a5:c6:3b:da:2c:c3:a5:4e:68:95:bd:69:
83:d8:8e:82:f3:8b:d5:aa:cf:76:ff:42:70:29:13:
55:df:88:24:f9:53:60:12:af:f1:37:db:94:58:f9:
58:43:e5:55:b2:5c:7d:3f:83:ba:8d:b0:1a:23:36:
8b:0d:30:b5:a3:26:fb:60:59:a2:73:03:15:60:cf:
69:4e:1d:d3:25:49:0f:48:b1:98:9b:0f:46:83:32:
df:4d:23:8d:7c:77:95:ba:57:eb:24:48:93:06:dc:
a1:0d:58:bc:a0:3a:dc:33:5c:8d:a3:43:47:7a:17:
a1:79:19:35:0f:08:89:15:95:e5:46:28:5b:2f:bc:
19:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D8:6F:4F:2E:04:D4:48:83:93:BD:DF:DE:EC:05:C8:01:BB:28:94
X509v3 Authority Key Identifier:
keyid:12:E2:80:39:64:6D:CC:32:EC:EB:58:42:8F:97:CC:99:4B:99:85:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EuKAOWRtzDLs61hCj5fMmUuZhXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/mthvTy4E1EiDk73f3uwFyAG7KJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/EuKAOWRtzDLs61hCj5fMmUuZhXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.117.97.0-217.117.98.255
Signature Algorithm: sha256WithRSAEncryption
5d:18:7a:a1:16:b0:fe:4e:e4:50:4a:0d:e7:e5:79:40:7d:c4:
ea:0a:3f:46:47:5e:8e:8d:26:58:1a:ae:8d:74:14:93:cc:f7:
88:1f:8a:e0:79:e5:cb:06:09:35:3c:18:ab:01:03:e0:b4:5a:
49:6c:62:68:64:58:37:b7:82:3e:dc:2b:2f:01:48:a7:31:cb:
93:a8:e9:be:c2:47:76:3e:99:81:39:75:c8:9d:2a:37:b8:9b:
a0:53:a4:ce:53:44:94:f8:80:34:a7:ef:d6:64:8f:3d:ab:56:
fd:18:94:b8:33:88:1b:d6:34:2b:2b:9c:bf:26:90:b8:0f:e8:
66:4e:b5:57:c4:fe:39:45:2f:be:a1:2f:a2:d7:6a:c7:8d:59:
6a:f9:34:a6:96:51:4e:f8:a6:0c:e2:cf:88:46:4a:21:60:2d:
de:4f:ba:45:0d:14:ed:d2:ff:e2:2e:72:4d:bb:31:25:28:85:
06:93:fa:ff:fa:e9:72:d9:e4:39:61:53:0a:e3:2d:ec:c4:8b:
2c:ca:7b:b3:83:a2:a5:f9:03:85:db:48:0d:07:8f:c7:79:c6:
9a:b2:bd:45:ed:e8:1b:0e:0c:0a:c9:59:31:5b:01:6a:36:9e:
c5:f9:e1:09:7d:32:b8:4a:ea:c2:42:fe:5a:bd:96:62:a5:69:
64:31:e6:39
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZorno/zQb0n4aOiJuHTfuzTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZTI4MDM5NjQ2ZGNjMzJlY2ViNTg0MjhmOTdjYzk5NGI5
OTg1NzcwHhcNMjUxMDI4MTYyMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQ4NmY0ZjJlMDRkNDQ4ODM5M2JkZGZkZWVjMDVjODAxYmIyODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2egOdyVJEsjJwrNsTJNxa/bFwqW
+grfI40Y+PeSIL0B8kLnyr3/Z/2k80Ol59VkJNh2wUeZNtuih9im97uU9QHrxWWF
4MIhBm3KSlOMrBRGShpoyzgkUkxzXJ4GMe5yaTPZf6zOcKyoUYtE7vV7UXjutgjc
zxrjdh6lxjvaLMOlTmiVvWmD2I6C84vVqs92/0JwKRNV34gk+VNgEq/xN9uUWPlY
Q+VVslx9P4O6jbAaIzaLDTC1oyb7YFmicwMVYM9pTh3TJUkPSLGYmw9GgzLfTSON
fHeVulfrJEiTBtyhDVi8oDrcM1yNo0NHeheheRk1DwiJFZXlRihbL7wZXQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJrYb08uBNRIg5O9397sBcgBuyiUMB8GA1UdIwQY
MBaAFBLigDlkbcwy7OtYQo+XzJlLmYV3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXVLQU9XUnR6RExzNjFoQ2o1Zk1tVXVaaFhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC80YWIxZTAtNmQ3ZC00NGZkLThkMjAt
MzZkOTFkYmNmYzQxLzEvbXRodlR5NEUxRWlEazczZjN1d0Z5QUc3S0pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC80YWIxZTAtNmQ3ZC00NGZkLThkMjAtMzZkOTFkYmNmYzQx
LzEvRXVLQU9XUnR6RExzNjFoQ2o1Zk1tVXVaaFhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADZdWED
BADZdWIwDQYJKoZIhvcNAQELBQADggEBAF0YeqEWsP5O5FBKDefleUB9xOoKP0ZH
Xo6NJlgaro10FJPM94gfiuB55csGCTU8GKsBA+C0WklsYmhkWDe3gj7cKy8BSKcx
y5Oo6b7CR3Y+mYE5dcidKje4m6BTpM5TRJT4gDSn79Zkjz2rVv0YlLgziBvWNCsr
nL8mkLgP6GZOtVfE/jlFL76hL6LXaseNWWr5NKaWUU74pgziz4hGSiFgLd5PukUN
FO3S/+Iuck27MSUohQaT+v/66XLZ5DlhUwrjLezEiyzKe7ODoqX5A4XbSA0Hj8d5
xpqyvUXt6BsODArJWTFbAWo2nsX54Ql9MrhK6sJC/lq9lmKlaWQx5jk=
-----END CERTIFICATE-----
Generated at Thu Oct 30 17:43:46 2025 by rpki-client