Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mKGOkm5u0T9IdH0S04-7xgUuAno.roa
File: mKGOkm5u0T9IdH0S04-7xgUuAno.roa (raw, json)
Hash identifier: We4iFFujIIuPiWeh69F9/uOh2Wx/iRl5rE6U5/MBWsA=
Subject key identifier: 98:A1:8E:92:6E:6E:D1:3F:48:74:7D:12:D3:8F:BB:C6:05:2E:02:7A
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 019735578797333ADE9B063C46E0DA9AE7FA
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mKGOkm5u0T9IdH0S04-7xgUuAno.roa
Signing time: Tue 03 Jun 2025 10:30:18 +0000
ROA not before: Tue 03 Jun 2025 10:30:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215826
IP address blocks: 185.100.157.0/24 maxlen: 24
185.102.115.0/24 maxlen: 24
185.177.239.0/24 maxlen: 24
193.221.200.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 19:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:57:87:97:33:3a:de:9b:06:3c:46:e0:da:9a:e7:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jun 3 10:30:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98a18e926e6ed13f48747d12d38fbbc6052e027a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cd:50:4f:28:1a:65:b4:e9:d9:8d:d5:0c:ff:
23:b9:fa:bd:d1:66:8a:b1:1f:11:2e:3e:6a:6a:0a:
72:d9:f6:b4:3c:0a:ae:37:59:18:02:b7:70:d8:1c:
b2:d6:3b:88:a8:76:5e:01:da:55:46:d8:f1:8a:78:
3d:f3:e5:6f:e3:65:1f:d3:eb:fb:31:f4:f0:6c:5b:
bf:5b:66:7a:55:4c:11:c0:2d:0a:55:b4:be:b0:35:
63:8c:5c:cf:3e:a9:f1:f9:e6:00:b3:60:06:fd:a6:
20:3e:b1:20:77:60:9c:e9:fb:f2:5d:0d:39:03:0b:
3d:de:6f:73:56:ed:22:6e:73:3f:a1:6d:0c:af:99:
40:b6:2b:62:17:3c:f9:e9:e1:d5:3b:02:10:4e:b3:
fe:7b:01:44:b3:61:68:db:31:d1:8a:69:b9:05:2b:
8c:9c:72:5c:05:43:78:46:d5:20:b0:e4:39:a3:de:
13:ba:f6:2f:b6:70:f5:c9:7f:80:eb:3d:c9:bf:87:
d0:f9:76:b7:10:13:96:a3:b1:23:d0:8c:37:5b:d2:
b3:be:ad:c5:5f:84:df:4d:c2:75:6b:a2:e7:c5:85:
15:87:10:3d:57:2e:e6:8e:26:36:da:0e:84:b2:57:
38:f7:bd:d8:18:8d:b1:69:5b:a5:d6:cf:f5:6a:1f:
8a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A1:8E:92:6E:6E:D1:3F:48:74:7D:12:D3:8F:BB:C6:05:2E:02:7A
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mKGOkm5u0T9IdH0S04-7xgUuAno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.157.0/24
185.102.115.0/24
185.177.239.0/24
193.221.200.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:fa:c5:d6:34:92:b9:91:b7:10:40:9a:ab:75:73:3f:76:3d:
cc:59:a0:77:22:f7:c0:b4:4f:d9:5f:5b:ff:d2:2b:d4:a5:4e:
a3:6e:cc:6f:cf:14:28:19:9d:55:e3:21:2e:d5:a2:89:60:3e:
ff:23:5e:c3:b1:c3:1e:39:ce:f0:b6:dd:23:15:6c:b2:7b:04:
9b:ba:d1:cb:95:60:f8:e6:d7:aa:df:6c:a1:9a:e8:c9:e4:87:
8e:1e:2e:ea:60:77:f8:8c:8e:79:a1:fc:65:eb:79:a4:3b:f9:
6f:11:c6:bf:03:17:00:cb:c3:b4:88:e5:3f:77:ab:6c:17:ba:
77:54:8d:67:20:c5:21:94:52:e0:8c:3d:37:b4:fb:9d:a8:7e:
cb:ca:f0:e9:4b:8d:82:43:44:94:51:a6:4a:f3:db:9a:a2:cb:
f7:9a:9a:a0:70:43:18:df:74:ee:9e:21:2d:29:c6:a4:75:28:
f6:47:4a:70:14:ed:80:18:08:b5:26:6e:65:d5:5a:56:6e:67:
29:f8:6a:c9:04:2c:ee:e9:2a:bd:75:e6:ce:38:34:de:c9:ea:
7b:e6:ca:b4:2b:f1:2c:25:68:fc:1e:2a:e8:71:03:2d:f4:4e:
40:7f:63:cc:b3:db:81:25:61:40:53:6b:26:73:94:14:3c:1c:
cf:b6:ce:5b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZc1V4eXMzremwY8RuDamuf6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwNjAzMTAzMDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGExOGU5MjZlNmVkMTNmNDg3NDdkMTJkMzhmYmJjNjA1MmUwMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqc1QTygaZbTp2Y3VDP8jufq90WaK
sR8RLj5qagpy2fa0PAquN1kYArdw2Byy1juIqHZeAdpVRtjxing98+Vv42Uf0+v7
MfTwbFu/W2Z6VUwRwC0KVbS+sDVjjFzPPqnx+eYAs2AG/aYgPrEgd2Cc6fvyXQ05
Aws93m9zVu0ibnM/oW0Mr5lAtitiFzz56eHVOwIQTrP+ewFEs2Fo2zHRimm5BSuM
nHJcBUN4RtUgsOQ5o94TuvYvtnD1yX+A6z3Jv4fQ+Xa3EBOWo7Ej0Iw3W9Kzvq3F
X4TfTcJ1a6LnxYUVhxA9Vy7mjiY22g6Eslc4973YGI2xaVul1s/1ah+KawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJihjpJubtE/SHR9EtOPu8YFLgJ6MB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvbUtHT2ttNXUwVDlJZEgwUzA0LTd4Z1V1QW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuWSdAwQA
uWZzAwQAubHvAwQBwd3IMA0GCSqGSIb3DQEBCwUAA4IBAQCp+sXWNJK5kbcQQJqr
dXM/dj3MWaB3IvfAtE/ZX1v/0ivUpU6jbsxvzxQoGZ1V4yEu1aKJYD7/I17DscMe
Oc7wtt0jFWyyewSbutHLlWD45teq32yhmujJ5IeOHi7qYHf4jI55ofxl63mkO/lv
Eca/AxcAy8O0iOU/d6tsF7p3VI1nIMUhlFLgjD03tPudqH7LyvDpS42CQ0SUUaZK
89uaosv3mpqgcEMY33TuniEtKcakdSj2R0pwFO2AGAi1Jm5l1VpWbmcp+GrJBCzu
6Sq9debOODTeyep75sq0K/EsJWj8HirocQMt9E5Af2PMs9uBJWFAU2smc5QUPBzP
ts5b
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:08:35 2025 by rpki-client