Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/b5513a-ba69-48c4-95ee-56ec13269a1c/1/MhKg3zFeMWwt4nczszDXPl3rkdw.roa
File: MhKg3zFeMWwt4nczszDXPl3rkdw.roa (raw, json)
Hash identifier: xWL0qt2yK+b8YqGsFpZ+gVcRydDsCjYBfNBZRZ/XtUk=
Subject key identifier: 32:12:A0:DF:31:5E:31:6C:2D:E2:77:33:B3:30:D7:3E:5D:EB:91:DC
Certificate issuer: /CN=b754b22c5540508d9629a311ef1e83543657c4ee
Certificate serial: 019A02FC575E242417FA5E651AF56DBB1F53
Authority key identifier: B7:54:B2:2C:55:40:50:8D:96:29:A3:11:EF:1E:83:54:36:57:C4:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1SyLFVAUI2WKaMR7x6DVDZXxO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/b5513a-ba69-48c4-95ee-56ec13269a1c/1/MhKg3zFeMWwt4nczszDXPl3rkdw.roa
Signing time: Mon 20 Oct 2025 18:58:02 +0000
ROA not before: Mon 20 Oct 2025 18:58:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34762
IP address blocks: 45.157.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/b5513a-ba69-48c4-95ee-56ec13269a1c/1/t1SyLFVAUI2WKaMR7x6DVDZXxO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/b5513a-ba69-48c4-95ee-56ec13269a1c/1/t1SyLFVAUI2WKaMR7x6DVDZXxO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/t1SyLFVAUI2WKaMR7x6DVDZXxO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 18:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:fc:57:5e:24:24:17:fa:5e:65:1a:f5:6d:bb:1f:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b754b22c5540508d9629a311ef1e83543657c4ee
Validity
Not Before: Oct 20 18:58:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3212a0df315e316c2de27733b330d73e5deb91dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:74:0e:27:75:e9:77:8c:9c:d8:7c:f1:ae:d5:
d5:ae:e0:33:fd:b1:e8:dd:23:c3:40:03:96:99:05:
cd:8c:53:73:85:19:4c:9f:1a:81:d9:d5:35:01:1d:
2c:b9:b6:58:62:f4:75:4f:d3:99:b1:f4:67:a2:05:
31:9b:02:9a:c3:0b:51:73:3d:94:c8:e9:f1:43:9b:
e3:0e:df:ba:75:86:bb:d4:57:a9:b8:87:9b:a6:e4:
7b:46:a1:49:18:50:00:a9:21:aa:f2:c2:07:fd:a4:
bf:5a:7b:49:7d:bc:a4:c2:bf:99:5e:ad:e5:c6:04:
2f:7d:f0:a6:3d:e8:d9:e9:14:43:65:e6:a4:b9:82:
15:45:b2:2a:6a:48:27:ff:c2:ee:29:61:7f:0f:e3:
5e:9f:2f:24:9a:da:80:e4:2b:7d:c0:39:f1:d6:e8:
d7:58:0d:06:df:ca:3e:e2:44:6a:9a:1e:1f:0d:4f:
d3:bd:85:a9:42:2b:4e:70:bd:70:6f:b1:c6:33:86:
ec:da:40:f1:07:4c:5e:8f:ef:d2:b8:fd:c3:a8:a2:
35:a7:89:6e:db:d9:18:8c:6f:f1:9a:14:37:d7:66:
25:38:ef:9e:41:ec:95:7d:ae:80:a1:86:ff:5b:db:
88:51:34:4c:32:a9:ee:63:ec:62:0c:af:ff:7b:3b:
e2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:12:A0:DF:31:5E:31:6C:2D:E2:77:33:B3:30:D7:3E:5D:EB:91:DC
X509v3 Authority Key Identifier:
keyid:B7:54:B2:2C:55:40:50:8D:96:29:A3:11:EF:1E:83:54:36:57:C4:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1SyLFVAUI2WKaMR7x6DVDZXxO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b5513a-ba69-48c4-95ee-56ec13269a1c/1/MhKg3zFeMWwt4nczszDXPl3rkdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b5513a-ba69-48c4-95ee-56ec13269a1c/1/t1SyLFVAUI2WKaMR7x6DVDZXxO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.174.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:9c:be:27:63:55:5d:fd:d6:5c:75:e9:76:36:2c:30:c3:f8:
ae:f6:16:7e:24:3c:24:2b:aa:0a:18:4a:a3:71:5d:6f:42:e7:
0d:bb:a4:68:30:02:e7:08:fc:88:76:d1:22:94:36:dd:26:dd:
6d:3d:ca:0a:b3:8c:5c:61:00:52:7b:81:af:ec:7c:4d:ee:05:
28:0c:da:c5:37:0c:a6:fa:60:dd:0a:9a:29:8b:35:f4:3a:96:
f0:d4:40:05:44:57:8e:2b:3a:ab:1f:69:40:f3:70:a9:bf:55:
70:b6:a4:d0:36:13:6e:72:e5:b9:4d:fc:c9:40:8f:29:cf:de:
37:9f:f6:5a:af:81:d0:53:21:cd:f5:f2:26:cc:2a:67:c3:1e:
a5:8f:e7:cc:3c:84:fa:b8:27:93:9c:79:9a:3f:da:ed:af:94:
f5:ba:89:d6:d5:3c:c8:45:4a:76:5a:bd:a5:72:17:7e:77:03:
62:d8:60:93:09:c7:6a:b8:49:e0:68:73:3a:d0:20:3b:ca:49:
96:53:49:8a:dc:69:c1:a4:21:27:57:5f:cc:89:6c:61:bb:e6:
21:09:1c:0c:13:42:26:b1:3e:6b:fe:b7:26:83:e3:fb:9c:ea:
85:90:98:e8:e5:57:88:81:e0:56:5a:0a:7b:24:20:5a:ac:21:
db:7d:ab:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoC/FdeJCQX+l5lGvVtux9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NTRiMjJjNTU0MDUwOGQ5NjI5YTMxMWVmMWU4MzU0MzY1
N2M0ZWUwHhcNMjUxMDIwMTg1ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjEyYTBkZjMxNWUzMTZjMmRlMjc3MzNiMzMwZDczZTVkZWI5MWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXQOJ3Xpd4yc2HzxrtXVruAz/bHo
3SPDQAOWmQXNjFNzhRlMnxqB2dU1AR0subZYYvR1T9OZsfRnogUxmwKawwtRcz2U
yOnxQ5vjDt+6dYa71FepuIebpuR7RqFJGFAAqSGq8sIH/aS/WntJfbykwr+ZXq3l
xgQvffCmPejZ6RRDZeakuYIVRbIqakgn/8LuKWF/D+Neny8kmtqA5Ct9wDnx1ujX
WA0G38o+4kRqmh4fDU/TvYWpQitOcL1wb7HGM4bs2kDxB0xej+/SuP3DqKI1p4lu
29kYjG/xmhQ312YlOO+eQeyVfa6AoYb/W9uIUTRMMqnuY+xiDK//ezvibwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDISoN8xXjFsLeJ3M7Mw1z5d65HcMB8GA1UdIwQY
MBaAFLdUsixVQFCNlimjEe8eg1Q2V8TuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFTeUxGVkFVSTJXS2FNUjd4NkRWRFpYeE80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iNTUxM2EtYmE2OS00OGM0LTk1ZWUt
NTZlYzEzMjY5YTFjLzEvTWhLZzN6RmVNV3d0NG5jenN6RFhQbDNya2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9iNTUxM2EtYmE2OS00OGM0LTk1ZWUtNTZlYzEzMjY5YTFj
LzEvdDFTeUxGVkFVSTJXS2FNUjd4NkRWRFpYeE80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ2uMA0G
CSqGSIb3DQEBCwUAA4IBAQA7nL4nY1Vd/dZcdel2Niwww/iu9hZ+JDwkK6oKGEqj
cV1vQucNu6RoMALnCPyIdtEilDbdJt1tPcoKs4xcYQBSe4Gv7HxN7gUoDNrFNwym
+mDdCpopizX0Opbw1EAFRFeOKzqrH2lA83Cpv1VwtqTQNhNucuW5TfzJQI8pz943
n/Zar4HQUyHN9fImzCpnwx6lj+fMPIT6uCeTnHmaP9rtr5T1uonW1TzIRUp2Wr2l
chd+dwNi2GCTCcdquEngaHM60CA7ykmWU0mK3GnBpCEnV1/MiWxhu+YhCRwME0Im
sT5r/rcmg+P7nOqFkJjo5VeIgeBWWgp7JCBarCHbfauA
-----END CERTIFICATE-----
Generated at Mon Oct 27 01:27:45 2025 by rpki-client