Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/MT1cZD4p03g2kBBwFg3jAYe14vk.roa
File: MT1cZD4p03g2kBBwFg3jAYe14vk.roa (raw, json)
Hash identifier: Ne8ncTqMGQh5ElM4J+UYTZHKhVKkKhFImCuUpAnMHYI=
Subject key identifier: 31:3D:5C:64:3E:29:D3:78:36:90:10:70:16:0D:E3:01:87:B5:E2:F9
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0199C2A4458F096145750A5165C7F5D547CA
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/MT1cZD4p03g2kBBwFg3jAYe14vk.roa
Signing time: Wed 08 Oct 2025 07:06:09 +0000
ROA not before: Wed 08 Oct 2025 07:06:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.139.6.0/23 maxlen: 24
82.115.9.0/24 maxlen: 24
159.255.32.0/22 maxlen: 22
159.255.36.0/22 maxlen: 22
188.209.156.0/22 maxlen: 24
202.133.90.0/23 maxlen: 24
212.90.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c2:a4:45:8f:09:61:45:75:0a:51:65:c7:f5:d5:47:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 8 07:06:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=313d5c643e29d37836901070160de30187b5e2f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:42:72:33:be:53:87:16:ad:6e:a1:35:c0:fc:
e1:ca:b8:f1:c8:b9:6d:54:97:69:3e:7d:e9:2c:d0:
e6:d5:03:f4:4e:ab:f6:53:dd:21:3a:7d:6c:f6:ec:
5c:5f:50:31:5f:cd:ab:9a:1f:50:60:b0:4c:67:0a:
44:a0:58:33:20:2a:94:60:f9:bf:b3:ec:09:d1:ce:
27:4d:c4:46:3f:de:f0:b9:ee:3b:b0:68:f5:8e:f9:
c7:46:7d:ae:48:e1:3d:9e:72:1b:47:9e:ae:c6:e8:
02:1b:24:b5:b1:62:00:35:0d:c4:7e:5a:36:15:4f:
d3:8e:b1:5e:e5:c8:f6:ae:e4:9d:98:80:06:07:20:
d2:6a:72:67:ac:72:21:bf:03:2c:3a:74:9f:01:a7:
33:79:bd:c4:9e:85:73:d2:bc:4b:79:41:c4:2f:b1:
88:ec:db:e4:7f:75:bb:e4:74:f5:eb:e9:d6:a4:90:
dc:b6:f7:1b:5c:b4:4a:71:77:ab:66:69:99:14:80:
e2:f1:a1:23:24:a0:80:a7:28:c4:50:99:5d:fd:17:
8f:d1:7f:dd:11:3c:c9:98:a5:cb:6c:12:d1:f9:eb:
57:85:f9:f1:a0:4e:3b:50:3f:42:92:1f:11:c5:c5:
13:4b:07:8c:97:3f:9b:ca:47:9f:98:bf:8a:33:48:
79:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:3D:5C:64:3E:29:D3:78:36:90:10:70:16:0D:E3:01:87:B5:E2:F9
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/MT1cZD4p03g2kBBwFg3jAYe14vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
82.115.9.0/24
159.255.32.0/21
188.209.156.0/22
202.133.90.0/23
212.90.100.0/22
Signature Algorithm: sha256WithRSAEncryption
30:e1:02:ef:ff:7c:bb:ca:c3:53:c8:86:93:19:e7:ee:90:54:
3c:75:60:48:66:43:47:2f:de:bf:00:a5:0d:11:9e:df:9a:ad:
e4:98:e9:fb:c5:59:54:e9:8e:dc:8f:02:67:5d:32:e4:51:c4:
93:b8:ea:fc:26:6b:a0:58:00:10:0f:1b:8f:04:bf:f8:c0:db:
4a:ce:d8:9e:31:8b:bd:30:5e:46:b0:0c:18:14:b9:f2:d6:a2:
d2:0c:a2:93:a9:92:b9:18:83:86:57:f6:d1:3d:33:ef:30:d6:
3e:54:c8:c5:32:f2:7e:83:fb:3b:8f:43:03:48:f6:8b:a5:b4:
5f:36:4f:d0:11:cf:19:1c:ae:61:d4:e1:1b:38:7b:cd:fe:ae:
b5:83:c3:a6:49:a0:cf:f5:8d:4c:0c:d3:cd:0a:78:2e:81:a2:
fb:08:c0:38:9a:00:00:f6:b8:36:05:80:4f:24:04:b4:68:f1:
7e:97:3f:db:b6:ac:73:bc:7f:94:b8:4c:17:18:13:8c:8d:1b:
05:f5:b8:79:b4:cb:e0:cc:b8:4c:ed:d2:38:33:d5:5e:ef:1d:
56:fb:02:dc:bd:78:bb:34:eb:a1:8f:10:e3:03:55:0a:86:0a:
62:20:f4:5f:2b:48:64:1d:d7:e0:55:06:c0:45:4b:a2:da:b7:
dd:77:70:80
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZnCpEWPCWFFdQpRZcf11UfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUxMDA4MDcwNjA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTNkNWM2NDNlMjlkMzc4MzY5MDEwNzAxNjBkZTMwMTg3YjVlMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0JyM75ThxatbqE1wPzhyrjxyLlt
VJdpPn3pLNDm1QP0Tqv2U90hOn1s9uxcX1AxX82rmh9QYLBMZwpEoFgzICqUYPm/
s+wJ0c4nTcRGP97wue47sGj1jvnHRn2uSOE9nnIbR56uxugCGyS1sWIANQ3Eflo2
FU/TjrFe5cj2ruSdmIAGByDSanJnrHIhvwMsOnSfAaczeb3EnoVz0rxLeUHEL7GI
7Nvkf3W75HT16+nWpJDctvcbXLRKcXerZmmZFIDi8aEjJKCApyjEUJld/ReP0X/d
ETzJmKXLbBLR+etXhfnxoE47UD9Ckh8RxcUTSweMlz+bykefmL+KM0h56QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDE9XGQ+KdN4NpAQcBYN4wGHteL5MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvTVQxY1pENHAwM2cya0JCd0ZnM2pBWWUxNHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLYsGAwQA
UnMJAwQDn/8gAwQCvNGcAwQByoVaAwQC1FpkMA0GCSqGSIb3DQEBCwUAA4IBAQAw
4QLv/3y7ysNTyIaTGefukFQ8dWBIZkNHL96/AKUNEZ7fmq3kmOn7xVlU6Y7cjwJn
XTLkUcSTuOr8JmugWAAQDxuPBL/4wNtKztieMYu9MF5GsAwYFLny1qLSDKKTqZK5
GIOGV/bRPTPvMNY+VMjFMvJ+g/s7j0MDSPaLpbRfNk/QEc8ZHK5h1OEbOHvN/q61
g8OmSaDP9Y1MDNPNCngugaL7CMA4mgAA9rg2BYBPJAS0aPF+lz/btqxzvH+UuEwX
GBOMjRsF9bh5tMvgzLhM7dI4M9Ve7x1W+wLcvXi7NOuhjxDjA1UKhgpiIPRfK0hk
HdfgVQbARUui2rfdd3CA
-----END CERTIFICATE-----
Generated at Wed Oct 8 14:01:45 2025 by rpki-client