Route Origin Authorization
$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS917.roa
File: AS917.roa (raw, json)
Hash identifier: 0u4064f+IPFOyBN+oWNj543rJRVZwCO/IvbIIA4f81s=
Subject key identifier: 5F:12:4E:49:1B:40:D4:9A:36:CC:DC:A5:8C:44:AB:8E:45:90:AD:14
Certificate issuer: /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial: 67B9F0C2F11EB05DB8952F625F77EE1683A65F47
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access: rsync://rsync.rp.ki/repo/misakaio/2/AS917.roa
Signing time: Wed 22 Oct 2025 21:31:20 +0000
ROA not before: Wed 22 Oct 2025 21:26:20 +0000
ROA not after: Wed 21 Oct 2026 21:31:20 +0000
asID: 917
IP address blocks: 45.11.104.0/22 maxlen: 24
45.131.68.0/22 maxlen: 24
45.142.246.0/24 maxlen: 24
45.142.247.0/24 maxlen: 24
45.150.242.0/23 maxlen: 24
185.189.72.0/24 maxlen: 24
185.234.213.0/24 maxlen: 24
194.45.101.0/24 maxlen: 24
194.156.162.0/23 maxlen: 24
2a0b:4341::/32 maxlen: 48
2a0b:4342::/32 maxlen: 48
2a0d:5641:2100::/44 maxlen: 48
2a0e:6901::/32 maxlen: 48
2a0e:6902::/32 maxlen: 48
2a11:6e01::/32 maxlen: 48
2a12:8d00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 Oct 2025 02:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:b9:f0:c2:f1:1e:b0:5d:b8:95:2f:62:5f:77:ee:16:83:a6:5f:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
Validity
Not Before: Oct 22 21:26:20 2025 GMT
Not After : Oct 21 21:31:20 2026 GMT
Subject: CN=5F124E491B40D49A36CCDCA58C44AB8E4590AD14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e0:95:4e:77:73:61:44:7e:d2:3d:3b:72:a9:
4f:22:fb:4c:80:f5:3e:6d:38:39:16:e8:a1:e0:bf:
72:d5:9e:fb:79:d4:be:b3:b3:e6:04:83:7e:8b:a1:
cb:87:d1:f3:7a:82:78:5c:ab:14:8c:3e:bc:32:ac:
4d:ce:b2:af:5e:87:50:60:06:2f:2d:b4:f2:8d:e9:
18:7b:b6:67:bd:bd:59:ac:1b:09:6f:f5:ea:aa:d2:
94:b9:5a:a8:73:3e:69:fa:d0:16:b0:51:96:f7:e7:
45:78:56:70:7d:22:b4:81:2d:d3:00:ea:ce:e9:df:
34:58:5a:85:4c:c5:5d:52:2d:51:cf:a4:16:a9:b2:
70:d7:07:5f:f7:bc:49:49:63:fe:a8:e7:ba:a2:5b:
24:74:f4:30:1f:26:77:05:ec:46:e4:a5:87:14:bb:
82:96:d4:d4:74:a8:9c:60:05:8b:c4:07:da:61:11:
2d:2e:ed:0a:2b:f7:9c:96:6d:53:b3:e4:61:b3:32:
5f:b1:c1:0f:74:dd:79:d3:75:11:4d:ab:6d:42:82:
a1:2a:8c:6e:52:60:16:eb:4e:d4:07:0f:52:8a:0c:
f7:1e:ce:11:ab:91:c4:eb:32:a5:60:9e:62:c8:4a:
34:63:6c:c8:dd:28:5d:85:a8:f5:d0:c1:c1:e9:96:
f9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:12:4E:49:1B:40:D4:9A:36:CC:DC:A5:8C:44:AB:8E:45:90:AD:14
X509v3 Authority Key Identifier:
keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS917.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.104.0/22
45.131.68.0/22
45.142.246.0/23
45.150.242.0/23
185.189.72.0/24
185.234.213.0/24
194.45.101.0/24
194.156.162.0/23
IPv6:
2a0b:4341::-2a0b:4342:ffff:ffff:ffff:ffff:ffff:ffff
2a0d:5641:2100::/44
2a0e:6901::-2a0e:6902:ffff:ffff:ffff:ffff:ffff:ffff
2a11:6e01::/32
2a12:8d00::/29
Signature Algorithm: sha256WithRSAEncryption
11:1f:6f:4d:ec:57:7c:80:fb:2a:6a:d1:22:e4:a2:b0:1d:65:
2b:7e:69:54:be:89:aa:2f:55:b5:c4:da:c7:31:01:84:be:f3:
e2:fc:f3:c8:9a:e1:8b:14:28:13:15:ed:8b:12:fa:e0:d1:36:
6e:c5:9f:63:eb:59:4b:87:60:4e:88:09:ea:00:95:ec:0b:50:
87:1d:8d:0a:51:3e:76:ea:91:ec:9d:0e:cd:bc:51:90:f6:dd:
06:c8:48:9f:b5:d9:2e:82:76:89:be:1d:fa:58:99:d7:50:81:
a2:e1:73:92:cc:d7:3e:d1:63:9c:b2:36:d3:59:f6:f3:bd:58:
ea:f2:f2:07:be:fc:53:7a:b4:fe:1a:61:3f:3a:16:25:19:e9:
fc:06:13:9e:63:e5:54:d6:7c:2e:5a:80:3e:57:33:9a:c8:71:
df:63:7d:37:b0:bc:31:da:f2:3e:5d:e5:f4:cd:27:0b:24:42:
ac:65:ef:c8:54:f4:f0:a7:49:18:a2:c1:79:e2:8f:07:e7:62:
9b:19:77:98:18:5b:7f:df:de:b1:1b:22:c1:36:eb:69:ce:02:
71:ab:99:e3:8b:59:fc:ce:8d:ff:9a:fb:16:f2:1a:02:b9:2d:
89:9c:a4:5a:fc:47:8d:2f:77:fd:30:cd:f8:ab:98:3e:ee:50:
8e:c5:3b:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUZ7nwwvEesF24lS9iX3fuFoOmX0cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjIyMTI2MjBaFw0yNjEwMjEyMTMxMjBaMDMxMTAvBgNV
BAMTKDVGMTI0RTQ5MUI0MEQ0OUEzNkNDRENBNThDNDRBQjhFNDU5MEFEMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDx4JVOd3NhRH7SPTtyqU8i+0yA
9T5tODkW6KHgv3LVnvt51L6zs+YEg36LocuH0fN6gnhcqxSMPrwyrE3Osq9eh1Bg
Bi8ttPKN6Rh7tme9vVmsGwlv9eqq0pS5WqhzPmn60BawUZb350V4VnB9IrSBLdMA
6s7p3zRYWoVMxV1SLVHPpBapsnDXB1/3vElJY/6o57qiWyR09DAfJncF7EbkpYcU
u4KW1NR0qJxgBYvEB9phES0u7Qor95yWbVOz5GGzMl+xwQ903XnTdRFNq21CgqEq
jG5SYBbrTtQHD1KKDPcezhGrkcTrMqVgnmLISjRjbMjdKF2FqPXQwcHplvkDAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUXxJOSRtA1Jo2zNyljESrjkWQrRQwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEkGCCsGAQUFBwELBD0wOzA5BggrBgEFBQcwC4YtcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM5MTcucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwgYgGCCsGAQUFBwEHAQH/BHkwdzA2BAIAATAwAwQCLQtoAwQCLYNE
AwQBLY72AwQBLZbyAwQAub1IAwQAuerVAwQAwi1lAwQBwpyiMD0EAgACMDcwDgMF
ACoLQ0EDBQAqC0NCAwcEKg1WQSEAMA4DBQAqDmkBAwUAKg5pAgMFACoRbgEDBQMq
Eo0AMA0GCSqGSIb3DQEBCwUAA4IBAQARH29N7Fd8gPsqatEi5KKwHWUrfmlUvomq
L1W1xNrHMQGEvvPi/PPImuGLFCgTFe2LEvrg0TZuxZ9j61lLh2BOiAnqAJXsC1CH
HY0KUT526pHsnQ7NvFGQ9t0GyEiftdkugnaJvh36WJnXUIGi4XOSzNc+0WOcsjbT
WfbzvVjq8vIHvvxTerT+GmE/OhYlGen8BhOeY+VU1nwuWoA+VzOayHHfY303sLwx
2vI+XeX0zScLJEKsZe/IVPTwp0kYosF54o8H52KbGXeYGFt/396xGyLBNutpzgJx
q5nji1n8zo3/mvsW8hoCuS2JnKRa/EeNL3f9MM34q5g+7lCOxTuq
-----END CERTIFICATE-----
Generated at Thu Oct 23 13:06:07 2025 by rpki-client