Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/MjYi-LSjoIJQHulT2C8hiHI7HD8.roa
File: MjYi-LSjoIJQHulT2C8hiHI7HD8.roa (raw, json)
Hash identifier: dC5UZCibXUg9xVnIxopZdKZtoheRYoCMgnJyaeHGfKM=
Subject key identifier: 32:36:22:F8:B4:A3:A0:82:50:1E:E9:53:D8:2F:21:88:72:3B:1C:3F
Certificate issuer: /CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Certificate serial: 0198F077286DF6000A18FC40B7B2EED718CF
Authority key identifier: 49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/MjYi-LSjoIJQHulT2C8hiHI7HD8.roa
Signing time: Thu 28 Aug 2025 11:36:37 +0000
ROA not before: Thu 28 Aug 2025 11:36:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213887
IP address blocks: 178.17.48.0/24 maxlen: 24
178.17.49.0/24 maxlen: 24
178.17.50.0/24 maxlen: 24
178.17.51.0/24 maxlen: 24
178.17.52.0/24 maxlen: 24
178.17.60.0/24 maxlen: 24
178.17.61.0/24 maxlen: 24
178.17.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 22:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f0:77:28:6d:f6:00:0a:18:fc:40:b7:b2:ee:d7:18:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Validity
Not Before: Aug 28 11:36:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=323622f8b4a3a082501ee953d82f2188723b1c3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4d:29:4b:da:eb:8b:92:8d:c2:ba:ab:ae:78:
7b:34:2b:31:4c:f9:3f:0b:fa:28:83:b7:8c:ea:12:
e0:73:8e:a0:07:00:3e:21:64:c0:1d:6f:62:54:5a:
c3:03:cd:23:61:13:e1:df:e8:db:1f:03:aa:a8:4e:
b8:d2:cd:1a:c3:d8:73:f7:53:19:ee:74:f8:04:76:
2b:56:4e:c2:3a:93:5b:6a:52:90:eb:a6:fb:0c:b8:
5a:de:dd:06:31:30:04:12:61:86:d2:c2:37:20:13:
4b:82:59:a7:df:9b:05:15:b8:f3:f9:47:ba:de:37:
f7:eb:2e:34:64:d3:fc:fb:39:7f:78:6c:a2:09:06:
46:8c:cf:54:02:be:93:49:c3:7b:91:9b:1f:45:70:
a3:69:80:04:32:96:90:57:c7:64:6a:0a:d4:6b:ea:
5d:73:9c:cb:4f:8c:19:ba:b0:2c:72:d1:67:0a:e1:
1c:a9:f2:03:f7:14:75:98:c0:29:2d:14:40:ef:7c:
fc:61:30:f2:ad:75:f1:64:5d:71:29:65:76:c8:72:
a7:9d:10:59:b7:af:f9:73:e5:1f:ca:c6:1c:6b:ed:
25:a7:cf:e6:ea:be:5c:f0:71:d2:a0:a8:fb:48:a8:
c8:64:e3:26:f4:10:e2:c8:95:6e:c5:25:5f:f5:fb:
4f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:36:22:F8:B4:A3:A0:82:50:1E:E9:53:D8:2F:21:88:72:3B:1C:3F
X509v3 Authority Key Identifier:
keyid:49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/MjYi-LSjoIJQHulT2C8hiHI7HD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.17.48.0-178.17.52.255
178.17.60.0-178.17.62.255
Signature Algorithm: sha256WithRSAEncryption
63:d6:66:04:c5:1d:54:90:78:8b:16:15:92:7f:95:97:95:34:
e8:04:0d:63:32:48:cc:11:dd:ca:0c:d3:88:d0:51:d1:ce:fe:
55:62:48:4e:4c:d9:a1:d9:f9:2f:6f:2c:3f:77:29:7b:a3:cd:
af:02:97:0b:a9:12:db:a8:b4:ac:3d:fa:87:ff:45:5f:7a:7f:
29:1d:46:fa:31:20:a9:df:ef:1e:6a:55:49:1e:59:fe:de:4b:
41:dd:2d:50:a4:4e:b7:db:a0:8b:5f:d7:ca:3e:4e:a4:fb:9a:
13:46:db:31:d1:ce:3b:9e:73:17:b3:03:92:10:16:2c:26:ac:
cb:b8:ad:f8:ff:9e:3f:29:ec:11:1c:f4:96:13:a9:06:4e:8e:
4e:a6:1d:d0:77:62:24:ed:ff:3b:98:dc:94:34:b8:2d:a8:38:
38:cc:e5:14:3f:18:3d:25:82:30:44:3f:50:10:2f:b2:36:cc:
89:f1:db:fe:22:4e:16:1d:aa:a6:a9:8e:d2:9f:f4:02:54:3d:
61:01:65:db:71:0e:41:12:9f:48:80:69:5d:7e:04:9d:cc:05:
04:bd:9a:0a:2a:4a:28:0d:a2:d0:5d:74:9a:d2:6f:d4:5f:66:
69:b2:61:f7:03:91:f0:73:71:ff:0e:6a:da:5b:ef:38:e7:08:
5e:65:57:fc
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZjwdyht9gAKGPxAt7Lu1xjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjE2ZjVjMTY1YjgyN2E3ZmQ3M2Q4MTA3YWViZDJmNjNj
NjNlMjQwHhcNMjUwODI4MTEzNjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjM2MjJmOGI0YTNhMDgyNTAxZWU5NTNkODJmMjE4ODcyM2IxYzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE0pS9rri5KNwrqrrnh7NCsxTPk/
C/oog7eM6hLgc46gBwA+IWTAHW9iVFrDA80jYRPh3+jbHwOqqE640s0aw9hz91MZ
7nT4BHYrVk7COpNbalKQ66b7DLha3t0GMTAEEmGG0sI3IBNLglmn35sFFbjz+Ue6
3jf36y40ZNP8+zl/eGyiCQZGjM9UAr6TScN7kZsfRXCjaYAEMpaQV8dkagrUa+pd
c5zLT4wZurAsctFnCuEcqfID9xR1mMApLRRA73z8YTDyrXXxZF1xKWV2yHKnnRBZ
t6/5c+UfysYca+0lp8/m6r5c8HHSoKj7SKjIZOMm9BDiyJVuxSVf9ftPzwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDI2Ivi0o6CCUB7pU9gvIYhyOxw/MB8GA1UdIwQY
MBaAFEkhb1wWW4J6f9c9gQeuvS9jxj4kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQt
MGRiYmMyNDllNjU3LzEvTWpZaS1MU2pvSUpRSHVsVDJDOGhpSEk3SEQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQtMGRiYmMyNDllNjU3
LzEvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBASyETAD
BACyETQwDAMEArIRPAMEALIRPjANBgkqhkiG9w0BAQsFAAOCAQEAY9ZmBMUdVJB4
ixYVkn+Vl5U06AQNYzJIzBHdygzTiNBR0c7+VWJITkzZodn5L28sP3cpe6PNrwKX
C6kS26i0rD36h/9FX3p/KR1G+jEgqd/vHmpVSR5Z/t5LQd0tUKROt9ugi1/Xyj5O
pPuaE0bbMdHOO55zF7MDkhAWLCasy7it+P+ePynsERz0lhOpBk6OTqYd0HdiJO3/
O5jclDS4Lag4OMzlFD8YPSWCMEQ/UBAvsjbMifHb/iJOFh2qpqmO0p/0AlQ9YQFl
23EOQRKfSIBpXX4EncwFBL2aCipKKA2i0F10mtJv1F9mabJh9wOR8HNx/w5q2lvv
OOcIXmVX/A==
-----END CERTIFICATE-----
Generated at Tue Sep 9 02:15:09 2025 by rpki-client