Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/78ebcb-dca8-42d6-af82-3ad6e5dc07d7/1/ManRoikqCH8KwvOz44LDMrdwCFo.roa
File: ManRoikqCH8KwvOz44LDMrdwCFo.roa (raw, json)
Hash identifier: qAyJuAPjcARXxe4I2UO3Ge3c4j/b7yjJiIwvOV306Hc=
Subject key identifier: 31:A9:D1:A2:29:2A:08:7F:0A:C2:F3:B3:E3:82:C3:32:B7:70:08:5A
Certificate issuer: /CN=23042278a7c6bc6ca56ee7afa24a2c81f3dcbefb
Certificate serial: 0198E1EA711533A19B25B23323EAF35D4399
Authority key identifier: 23:04:22:78:A7:C6:BC:6C:A5:6E:E7:AF:A2:4A:2C:81:F3:DC:BE:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IwQieKfGvGylbuevokosgfPcvvs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/78ebcb-dca8-42d6-af82-3ad6e5dc07d7/1/ManRoikqCH8KwvOz44LDMrdwCFo.roa
Signing time: Mon 25 Aug 2025 15:48:14 +0000
ROA not before: Mon 25 Aug 2025 15:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202569
IP address blocks: 185.160.124.0/24 maxlen: 24
185.160.125.0/24 maxlen: 24
185.160.126.0/23 maxlen: 23
185.160.126.0/24 maxlen: 24
185.160.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/78ebcb-dca8-42d6-af82-3ad6e5dc07d7/1/IwQieKfGvGylbuevokosgfPcvvs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/78ebcb-dca8-42d6-af82-3ad6e5dc07d7/1/IwQieKfGvGylbuevokosgfPcvvs.mft
rsync://rpki.ripe.net/repository/DEFAULT/IwQieKfGvGylbuevokosgfPcvvs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e1:ea:71:15:33:a1:9b:25:b2:33:23:ea:f3:5d:43:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23042278a7c6bc6ca56ee7afa24a2c81f3dcbefb
Validity
Not Before: Aug 25 15:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31a9d1a2292a087f0ac2f3b3e382c332b770085a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:78:ef:a0:66:a7:12:0b:c9:bf:76:67:17:ac:
1a:93:03:bb:46:5f:50:8c:2f:52:9f:7d:f4:d7:99:
7e:3b:b5:ed:4d:69:ac:c6:7e:2b:56:03:36:54:33:
d8:8f:9f:4d:7e:e8:8d:a6:95:bf:d9:d0:1f:86:3d:
df:e6:9c:4a:02:37:5b:8d:41:33:54:4f:88:ed:55:
37:2e:3b:88:c4:ec:a3:22:5b:39:b6:57:03:76:97:
0e:34:64:ea:e6:67:c7:6d:99:e2:19:b7:6c:25:a9:
8f:71:32:12:0a:a3:94:50:2c:2d:37:51:ba:12:3e:
ea:c4:70:3b:2f:9a:94:33:37:44:04:84:9a:dd:65:
3b:a9:f9:35:28:58:48:5e:a6:9a:1e:ad:21:e3:c4:
bf:5c:23:45:12:d5:bd:7b:98:6f:39:aa:7a:28:b2:
21:e6:fe:10:70:3f:3c:a0:77:2d:20:f0:01:66:71:
7f:36:e7:6e:c0:11:df:65:ec:7e:17:ed:e7:34:ef:
56:41:b4:8c:c7:4b:21:85:14:4e:a5:b9:c1:f5:26:
03:0a:60:e3:3c:27:f5:3c:18:93:20:9d:69:d2:ed:
2d:92:d3:ca:01:4f:ba:be:bb:59:a8:90:71:2c:76:
87:58:5d:c5:66:74:2a:7f:83:df:72:d4:47:d2:02:
da:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A9:D1:A2:29:2A:08:7F:0A:C2:F3:B3:E3:82:C3:32:B7:70:08:5A
X509v3 Authority Key Identifier:
keyid:23:04:22:78:A7:C6:BC:6C:A5:6E:E7:AF:A2:4A:2C:81:F3:DC:BE:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IwQieKfGvGylbuevokosgfPcvvs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/78ebcb-dca8-42d6-af82-3ad6e5dc07d7/1/ManRoikqCH8KwvOz44LDMrdwCFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/78ebcb-dca8-42d6-af82-3ad6e5dc07d7/1/IwQieKfGvGylbuevokosgfPcvvs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.124.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:ad:7f:f2:41:18:d9:92:db:27:55:be:31:c5:dc:f0:83:2d:
69:b7:64:f6:af:8a:d9:a6:73:f0:22:c4:04:e4:ab:69:6f:54:
aa:41:a5:00:ea:52:be:4c:6a:69:c3:b3:81:ff:5e:85:ff:d0:
92:c1:b9:53:1b:34:23:78:76:c1:34:ca:f5:5b:6f:d1:b3:35:
3a:4f:1a:09:b7:03:aa:c5:85:d0:bf:9f:ea:71:81:1b:53:c5:
6f:79:51:ea:4a:3c:1c:47:a3:ec:57:aa:94:62:ce:06:55:37:
f5:14:7c:0d:ae:4b:5a:22:85:5b:fa:19:47:47:ba:8c:db:33:
f7:31:fd:17:16:97:20:28:e8:e6:48:20:83:91:74:8a:26:62:
1d:74:31:e1:92:54:8c:3c:e9:eb:3a:b5:73:64:31:95:d3:15:
0f:ed:a5:ae:8c:29:60:a5:09:ed:21:b4:e4:44:ef:ce:75:7a:
b6:09:da:d7:84:aa:00:db:56:c9:1b:6b:c3:b7:ba:c0:49:f2:
dd:17:00:ae:2b:1c:98:12:dc:95:d6:e5:a3:24:8b:4a:91:83:
1d:65:ce:ff:fa:1a:ff:76:68:95:6d:fd:e1:91:f6:48:08:d8:
d6:9b:a0:b8:14:56:1e:b3:a9:23:07:23:42:98:7c:1e:8c:8b:
70:f8:0e:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjh6nEVM6GbJbIzI+rzXUOZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMDQyMjc4YTdjNmJjNmNhNTZlZTdhZmEyNGEyYzgxZjNk
Y2JlZmIwHhcNMjUwODI1MTU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWE5ZDFhMjI5MmEwODdmMGFjMmYzYjNlMzgyYzMzMmI3NzAwODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXjvoGanEgvJv3ZnF6wakwO7Rl9Q
jC9Sn33015l+O7XtTWmsxn4rVgM2VDPYj59NfuiNppW/2dAfhj3f5pxKAjdbjUEz
VE+I7VU3LjuIxOyjIls5tlcDdpcONGTq5mfHbZniGbdsJamPcTISCqOUUCwtN1G6
Ej7qxHA7L5qUMzdEBISa3WU7qfk1KFhIXqaaHq0h48S/XCNFEtW9e5hvOap6KLIh
5v4QcD88oHctIPABZnF/NuduwBHfZex+F+3nNO9WQbSMx0shhRROpbnB9SYDCmDj
PCf1PBiTIJ1p0u0tktPKAU+6vrtZqJBxLHaHWF3FZnQqf4PfctRH0gLaGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDGp0aIpKgh/CsLzs+OCwzK3cAhaMB8GA1UdIwQY
MBaAFCMEIninxrxspW7nr6JKLIHz3L77MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXdRaWVLZkd2R3lsYnVldm9rb3NnZlBjdnZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS83OGViY2ItZGNhOC00MmQ2LWFmODIt
M2FkNmU1ZGMwN2Q3LzEvTWFuUm9pa3FDSDhLd3ZPejQ0TERNcmR3Q0ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS83OGViY2ItZGNhOC00MmQ2LWFmODItM2FkNmU1ZGMwN2Q3
LzEvSXdRaWVLZkd2R3lsYnVldm9rb3NnZlBjdnZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaB8MA0G
CSqGSIb3DQEBCwUAA4IBAQAMrX/yQRjZktsnVb4xxdzwgy1pt2T2r4rZpnPwIsQE
5Ktpb1SqQaUA6lK+TGppw7OB/16F/9CSwblTGzQjeHbBNMr1W2/RszU6TxoJtwOq
xYXQv5/qcYEbU8VveVHqSjwcR6PsV6qUYs4GVTf1FHwNrktaIoVb+hlHR7qM2zP3
Mf0XFpcgKOjmSCCDkXSKJmIddDHhklSMPOnrOrVzZDGV0xUP7aWujClgpQntIbTk
RO/OdXq2CdrXhKoA21bJG2vDt7rASfLdFwCuKxyYEtyV1uWjJItKkYMdZc7/+hr/
dmiVbf3hkfZICNjWm6C4FFYes6kjByNCmHwejItw+A4R
-----END CERTIFICATE-----
Generated at Mon Sep 8 05:09:35 2025 by rpki-client