Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/mNd-QPrt9oszAh3U8KZHdf_j18g.roa
File: mNd-QPrt9oszAh3U8KZHdf_j18g.roa (raw, json)
Hash identifier: 20ycN2JcFX9bIn7zpteJmgzlDEk47i2nftsr8SH469o=
Subject key identifier: 98:D7:7E:40:FA:ED:F6:8B:33:02:1D:D4:F0:A6:47:75:FF:E3:D7:C8
Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Certificate serial: 0198EC45A6130ADF91382F405D5279D810B7
Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/mNd-QPrt9oszAh3U8KZHdf_j18g.roa
Signing time: Wed 27 Aug 2025 16:04:04 +0000
ROA not before: Wed 27 Aug 2025 16:04:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47638
IP address blocks: 91.235.56.0/22 maxlen: 24
149.255.168.0/21 maxlen: 24
185.46.200.0/22 maxlen: 24
185.66.204.0/22 maxlen: 24
185.66.205.0/24 maxlen: 24
185.66.206.0/24 maxlen: 24
185.149.208.0/24 maxlen: 24
185.149.209.0/24 maxlen: 24
185.149.210.0/23 maxlen: 24
185.152.8.0/22 maxlen: 24
185.161.132.0/22 maxlen: 24
185.213.92.0/22 maxlen: 24
192.175.40.0/22 maxlen: 24
194.0.116.0/22 maxlen: 24
2a04:1840::/29 maxlen: 48
2a0b:8640::/29 maxlen: 48
2a0f:cd40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.mft
rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ec:45:a6:13:0a:df:91:38:2f:40:5d:52:79:d8:10:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Validity
Not Before: Aug 27 16:04:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98d77e40faedf68b33021dd4f0a64775ffe3d7c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:01:f2:3a:ad:1a:ef:5a:98:ea:db:5e:0d:5b:
16:6d:1a:1d:0c:65:b6:62:7c:9e:d6:95:89:6d:20:
1e:3a:9a:62:fd:46:00:13:13:78:54:bf:3a:2d:6c:
63:c6:e6:9b:d9:d4:84:f7:1e:fd:03:d9:60:2a:df:
a5:99:69:8b:6b:5a:78:f7:f0:41:e6:f3:04:90:ca:
6f:ed:65:33:ff:7d:bd:29:1c:e8:90:71:49:26:24:
70:7a:37:2c:98:7c:c2:e9:12:53:f8:c3:03:ea:52:
8c:38:7f:61:9e:74:2d:78:a7:61:37:38:f0:c4:38:
65:08:f1:02:b0:d9:7f:a1:cf:1a:c5:a0:7e:66:a6:
68:4b:f6:c7:8e:58:fd:e5:16:b1:23:17:01:67:05:
77:08:cc:61:aa:0d:25:22:13:31:8f:3c:b2:83:e6:
50:52:3b:01:ec:e4:e9:88:8f:ad:8e:6a:9b:28:8c:
80:fd:07:25:e9:b8:12:c7:24:e8:ed:f3:fc:d8:ae:
29:bb:d1:1c:08:c0:53:57:ec:61:4f:cb:3a:c9:82:
2a:57:69:66:73:43:79:12:f7:5f:b7:c3:49:cb:ce:
41:d8:72:11:90:df:fd:ef:13:72:db:e5:91:47:56:
69:65:0c:98:c2:4e:cb:d3:84:13:9d:3b:ec:a5:ee:
9b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D7:7E:40:FA:ED:F6:8B:33:02:1D:D4:F0:A6:47:75:FF:E3:D7:C8
X509v3 Authority Key Identifier:
keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/mNd-QPrt9oszAh3U8KZHdf_j18g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.56.0/22
149.255.168.0/21
185.46.200.0/22
185.66.204.0/22
185.149.208.0/22
185.152.8.0/22
185.161.132.0/22
185.213.92.0/22
192.175.40.0/22
194.0.116.0/22
IPv6:
2a04:1840::/29
2a0b:8640::/29
2a0f:cd40::/29
Signature Algorithm: sha256WithRSAEncryption
08:83:3c:97:89:02:85:b7:05:f5:08:fa:4e:8c:d1:25:62:ff:
6d:13:17:23:9a:33:04:ec:1a:d3:9c:7a:2b:88:c3:55:82:92:
53:eb:92:9f:0c:2a:73:ed:05:17:74:91:70:d2:72:d5:87:1b:
ef:db:ea:c4:f9:9a:ce:92:36:08:43:00:4e:07:30:74:59:03:
42:a1:82:33:35:0d:63:0c:69:b6:0b:c7:98:07:88:28:5d:45:
f5:b5:74:76:bb:7d:43:1c:ab:11:a2:1a:78:6c:d8:08:cb:36:
75:11:97:d8:11:aa:33:d0:dd:ab:75:a5:ca:f9:10:bd:4e:36:
12:8e:dd:2b:cf:42:ce:31:a7:92:79:cf:03:e1:40:0c:5d:9b:
e2:2f:a1:9d:24:5f:35:00:15:42:89:6a:a6:53:eb:1b:cf:d5:
af:b7:9f:2e:35:af:53:3d:5b:3a:4f:a7:60:55:c4:8d:6f:9d:
50:ea:55:e6:a7:72:cb:93:d7:6e:3b:81:1f:0e:ed:35:9e:a6:
35:21:1e:8e:b1:92:ed:50:1d:1c:a5:43:37:ae:8c:99:33:4f:
91:eb:ca:8d:fd:85:ad:bf:43:2a:14:0c:94:08:88:c0:7c:be:
fb:c8:2a:97:a1:7a:88:3e:fb:ae:b5:44:b8:fd:1d:fb:6b:ab:
ec:5b:8d:d3
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZjsRaYTCt+ROC9AXVJ52BC3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj
NTQ1NWYwHhcNMjUwODI3MTYwNDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQ3N2U0MGZhZWRmNjhiMzMwMjFkZDRmMGE2NDc3NWZmZTNkN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgHyOq0a71qY6tteDVsWbRodDGW2
Ynye1pWJbSAeOppi/UYAExN4VL86LWxjxuab2dSE9x79A9lgKt+lmWmLa1p49/BB
5vMEkMpv7WUz/329KRzokHFJJiRwejcsmHzC6RJT+MMD6lKMOH9hnnQteKdhNzjw
xDhlCPECsNl/oc8axaB+ZqZoS/bHjlj95RaxIxcBZwV3CMxhqg0lIhMxjzyyg+ZQ
UjsB7OTpiI+tjmqbKIyA/Qcl6bgSxyTo7fP82K4pu9EcCMBTV+xhT8s6yYIqV2lm
c0N5Evdft8NJy85B2HIRkN/97xNy2+WRR1ZpZQyYwk7L04QTnTvspe6bIwIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFJjXfkD67faLMwId1PCmR3X/49fIMB8GA1UdIwQY
MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt
NjIwOThkMWVjMWU2LzEvbU5kLVFQcnQ5b3N6QWgzVThLWkhkZl9qMThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2
LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBCBAIAATA8AwQCW+s4AwQD
lf+oAwQCuS7IAwQCuULMAwQCuZXQAwQCuZgIAwQCuaGEAwQCudVcAwQCwK8oAwQC
wgB0MBsEAgACMBUDBQMqBBhAAwUDKguGQAMFAyoPzUAwDQYJKoZIhvcNAQELBQAD
ggEBAAiDPJeJAoW3BfUI+k6M0SVi/20TFyOaMwTsGtOceiuIw1WCklPrkp8MKnPt
BRd0kXDSctWHG+/b6sT5ms6SNghDAE4HMHRZA0KhgjM1DWMMabYLx5gHiChdRfW1
dHa7fUMcqxGiGnhs2AjLNnURl9gRqjPQ3at1pcr5EL1ONhKO3SvPQs4xp5J5zwPh
QAxdm+IvoZ0kXzUAFUKJaqZT6xvP1a+3ny41r1M9WzpPp2BVxI1vnVDqVeancsuT
1247gR8O7TWepjUhHo6xku1QHRylQzeujJkzT5Hryo39ha2/QyoUDJQIiMB8vvvI
Kpeheog++661RLj9Hftrq+xbjdM=
-----END CERTIFICATE-----
Generated at Wed Oct 8 17:19:31 2025 by rpki-client