Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/mirfhsEMgxLkBpGjM6LCFu61DPk.roa
File: mirfhsEMgxLkBpGjM6LCFu61DPk.roa (raw, json)
Hash identifier: ZMcyVx2Yzz5Qf2mtLctC18EZ7tAmZupFEziUjtP/C98=
Subject key identifier: 9A:2A:DF:86:C1:0C:83:12:E4:06:91:A3:33:A2:C2:16:EE:B5:0C:F9
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 019A0679E5C8440CDC63341C96FFBD2132B1
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/mirfhsEMgxLkBpGjM6LCFu61DPk.roa
Signing time: Tue 21 Oct 2025 11:14:03 +0000
ROA not before: Tue 21 Oct 2025 11:14:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395793
IP address blocks: 88.148.35.0/24 maxlen: 24
88.148.45.0/24 maxlen: 24
88.148.95.0/24 maxlen: 24
88.148.117.0/24 maxlen: 24
94.76.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:06:79:e5:c8:44:0c:dc:63:34:1c:96:ff:bd:21:32:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Oct 21 11:14:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a2adf86c10c8312e40691a333a2c216eeb50cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:53:dc:a3:6f:93:c2:72:3d:a6:ad:93:39:4e:
c7:50:bf:6f:bd:00:b4:c8:fe:ab:a9:db:99:60:35:
29:7e:0c:f9:39:40:f5:1f:8e:82:a1:de:b3:14:7f:
c7:94:cf:66:99:cb:08:00:c6:2a:77:20:26:b4:5c:
fa:f6:26:c4:a3:64:43:bb:2c:ce:91:8a:30:d6:71:
2a:93:6d:8e:81:48:11:da:14:8a:f4:17:0b:97:39:
1b:57:d2:af:17:4f:81:c3:57:2e:dd:6d:58:4a:b4:
aa:83:ea:f5:1e:c2:4f:3b:a2:e1:c2:a8:ef:e7:ca:
23:f0:48:b1:35:bf:b2:6c:20:b4:f2:b8:3b:d4:7f:
b6:b1:00:b1:47:e3:6c:1f:5b:bc:4a:01:fb:c0:3f:
72:2e:05:cc:83:7e:d3:96:a4:cd:8d:b4:a1:2a:76:
dc:bc:6b:0b:94:07:50:e6:e9:a2:8d:1c:4b:3e:3c:
82:85:8a:af:02:52:99:14:7a:75:ca:d9:23:49:c5:
05:30:7e:d0:08:83:26:c4:d3:1e:87:9c:18:b8:70:
f4:69:92:80:40:5b:8a:79:1b:b0:62:71:0f:c7:4b:
2d:f3:39:83:dd:3a:c6:c8:76:6a:d3:6d:7b:23:f1:
7d:a3:b7:b2:07:94:17:70:fd:c5:a6:d8:a9:50:f5:
bb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2A:DF:86:C1:0C:83:12:E4:06:91:A3:33:A2:C2:16:EE:B5:0C:F9
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/mirfhsEMgxLkBpGjM6LCFu61DPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.148.35.0/24
88.148.45.0/24
88.148.95.0/24
88.148.117.0/24
94.76.158.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:86:20:11:db:48:b3:e6:d4:d6:d4:5a:54:92:2a:51:ba:e0:
aa:18:d4:88:38:ad:6c:86:80:3d:a8:70:31:9d:e4:43:df:90:
49:d5:27:ef:80:41:f0:70:ee:02:06:46:9e:db:a9:47:83:8f:
3a:3c:18:64:13:66:f0:12:68:cb:9d:a3:04:97:f7:c0:53:a2:
7e:bd:d2:b6:00:31:8d:99:ee:c9:42:63:e7:52:19:6f:c8:e4:
36:f6:82:f8:f2:5a:cb:6f:58:3b:00:71:d3:81:4c:24:05:c8:
f1:2f:a2:7f:c1:12:f1:31:ae:ea:15:eb:ab:23:ca:c7:d8:5b:
67:0e:06:0b:af:e5:86:38:10:9f:1b:fd:10:a9:0b:1e:1d:3a:
cf:de:ac:b9:a0:64:61:31:7b:f0:8e:c9:54:58:80:d4:67:a9:
e2:67:56:cd:c5:d1:98:1a:dd:55:94:c9:6c:1e:c0:70:00:68:
d9:6f:a0:4d:27:5c:74:85:43:db:0d:b4:8f:7e:45:ca:34:38:
01:3c:72:c9:6d:4c:f8:44:ae:56:71:bb:7f:66:20:dc:a1:9c:
fb:16:3d:e5:c0:70:ec:2b:e3:2e:db:ba:ad:50:c7:c4:95:d3:
77:2d:55:d4:bd:c0:4a:3c:84:25:de:03:43:21:7d:77:6a:57:
64:ba:ec:7d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZoGeeXIRAzcYzQclv+9ITKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUxMDIxMTExNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTJhZGY4NmMxMGM4MzEyZTQwNjkxYTMzM2EyYzIxNmVlYjUwY2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFPco2+TwnI9pq2TOU7HUL9vvQC0
yP6rqduZYDUpfgz5OUD1H46Cod6zFH/HlM9mmcsIAMYqdyAmtFz69ibEo2RDuyzO
kYow1nEqk22OgUgR2hSK9BcLlzkbV9KvF0+Bw1cu3W1YSrSqg+r1HsJPO6Lhwqjv
58oj8EixNb+ybCC08rg71H+2sQCxR+NsH1u8SgH7wD9yLgXMg37TlqTNjbShKnbc
vGsLlAdQ5umijRxLPjyChYqvAlKZFHp1ytkjScUFMH7QCIMmxNMeh5wYuHD0aZKA
QFuKeRuwYnEPx0st8zmD3TrGyHZq0217I/F9o7eyB5QXcP3FptipUPW7zwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJoq34bBDIMS5AaRozOiwhbutQz5MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvbWlyZmhzRU1neExrQnBHak02TENGdTYxRFBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWJQjAwQA
WJQtAwQAWJRfAwQAWJR1AwQAXkyeMA0GCSqGSIb3DQEBCwUAA4IBAQB+hiAR20iz
5tTW1FpUkipRuuCqGNSIOK1shoA9qHAxneRD35BJ1SfvgEHwcO4CBkae26lHg486
PBhkE2bwEmjLnaMEl/fAU6J+vdK2ADGNme7JQmPnUhlvyOQ29oL48lrLb1g7AHHT
gUwkBcjxL6J/wRLxMa7qFeurI8rH2FtnDgYLr+WGOBCfG/0QqQseHTrP3qy5oGRh
MXvwjslUWIDUZ6niZ1bNxdGYGt1VlMlsHsBwAGjZb6BNJ1x0hUPbDbSPfkXKNDgB
PHLJbUz4RK5Wcbt/ZiDcoZz7Fj3lwHDsK+Mu27qtUMfEldN3LVXUvcBKPIQl3gND
IX13aldkuux9
-----END CERTIFICATE-----
Generated at Tue Oct 28 06:27:32 2025 by rpki-client