Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/97a5c9-6b28-4c61-96e1-a6d000203fb5/1/Mx4AtQnh6AIKWnmGqOF-F8HW8ss.roa
File: Mx4AtQnh6AIKWnmGqOF-F8HW8ss.roa (raw, json)
Hash identifier: EW76XU1IjMRgjQIgnPKUzjQhl2lSomN9600p/tLtfrE=
Subject key identifier: 33:1E:00:B5:09:E1:E8:02:0A:5A:79:86:A8:E1:7E:17:C1:D6:F2:CB
Certificate issuer: /CN=47bcd770f8ea3d48ecbb4c3eab895f422ffac90d
Certificate serial: 019813FCD1C2883DD95895C0F414B27E5083
Authority key identifier: 47:BC:D7:70:F8:EA:3D:48:EC:BB:4C:3E:AB:89:5F:42:2F:FA:C9:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R7zXcPjqPUjsu0w-q4lfQi_6yQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/97a5c9-6b28-4c61-96e1-a6d000203fb5/1/Mx4AtQnh6AIKWnmGqOF-F8HW8ss.roa
Signing time: Wed 16 Jul 2025 16:06:32 +0000
ROA not before: Wed 16 Jul 2025 16:06:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31438
IP address blocks: 83.137.64.0/21 maxlen: 21
212.89.192.0/19 maxlen: 21
212.89.192.0/21 maxlen: 21
2a0d:5f00::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/97a5c9-6b28-4c61-96e1-a6d000203fb5/1/R7zXcPjqPUjsu0w-q4lfQi_6yQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/97a5c9-6b28-4c61-96e1-a6d000203fb5/1/R7zXcPjqPUjsu0w-q4lfQi_6yQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/R7zXcPjqPUjsu0w-q4lfQi_6yQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 16:13:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:13:fc:d1:c2:88:3d:d9:58:95:c0:f4:14:b2:7e:50:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47bcd770f8ea3d48ecbb4c3eab895f422ffac90d
Validity
Not Before: Jul 16 16:06:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=331e00b509e1e8020a5a7986a8e17e17c1d6f2cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:57:f2:7f:28:31:72:83:45:a2:39:8a:95:a4:
03:59:e9:bc:20:58:d9:4f:cf:9c:fa:fd:17:9a:5e:
63:2e:c4:23:c5:87:29:71:69:b2:f9:da:62:8c:6f:
0d:eb:49:13:d3:da:3d:8b:be:df:de:d0:1e:2b:4e:
0b:32:5b:c6:19:14:85:46:be:67:2f:6d:0f:46:8f:
33:d1:b5:4f:f5:06:eb:2a:45:a5:99:a1:b7:65:72:
80:17:45:0a:25:31:e4:41:8c:08:5b:d6:d1:03:a8:
d4:7b:e7:da:7d:d1:fe:7a:d0:7a:38:cd:64:ae:fa:
0b:d4:26:df:e7:dc:df:43:41:72:1b:b7:4b:e9:10:
f6:19:6f:3b:51:97:69:60:4e:bf:18:43:31:2e:b4:
b1:57:7f:52:8e:52:4a:cf:bb:a2:c2:92:5e:c2:a9:
51:90:e1:6b:9f:53:08:96:e5:ff:06:f8:30:ab:77:
c1:c4:07:f2:f0:17:45:a8:22:6b:72:61:2c:f5:06:
56:18:a4:67:da:9c:2f:fc:fd:6f:3d:65:1a:8b:b9:
d0:f3:85:56:d5:bd:e2:f4:92:0c:d9:aa:69:2c:26:
21:33:17:73:60:d2:19:ee:bd:32:83:96:dc:02:a4:
24:02:8c:d3:90:2d:fc:65:28:1c:73:cf:1e:e0:52:
ea:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:1E:00:B5:09:E1:E8:02:0A:5A:79:86:A8:E1:7E:17:C1:D6:F2:CB
X509v3 Authority Key Identifier:
keyid:47:BC:D7:70:F8:EA:3D:48:EC:BB:4C:3E:AB:89:5F:42:2F:FA:C9:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R7zXcPjqPUjsu0w-q4lfQi_6yQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/97a5c9-6b28-4c61-96e1-a6d000203fb5/1/Mx4AtQnh6AIKWnmGqOF-F8HW8ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/97a5c9-6b28-4c61-96e1-a6d000203fb5/1/R7zXcPjqPUjsu0w-q4lfQi_6yQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.64.0/21
212.89.192.0/19
IPv6:
2a0d:5f00::/30
Signature Algorithm: sha256WithRSAEncryption
11:ba:98:93:b1:b0:39:d9:e4:5e:49:9a:dc:bc:ca:b4:de:42:
67:9c:e6:65:ca:7b:b4:c0:ca:8c:ad:39:24:cd:af:e3:a2:f3:
8c:77:37:fc:15:ef:86:fd:f6:5e:7a:4b:0b:b5:5c:6d:68:10:
be:8b:ee:44:ed:30:d9:64:17:9a:ea:27:28:8d:7d:1f:c3:63:
8f:31:23:12:68:9d:2c:9e:27:a1:6c:87:07:1e:86:01:bc:22:
83:2d:6f:03:40:a9:cd:46:57:ac:19:64:f9:1c:03:3d:bc:ec:
16:8c:c3:23:4f:d3:2a:69:0d:1f:bc:10:ef:dd:ed:40:27:8d:
07:3d:d8:3b:3e:15:34:29:e3:b1:8c:17:46:63:3e:10:63:4a:
58:60:12:4e:91:9a:f6:b2:de:55:6e:f8:6f:a9:8b:2a:d4:ec:
cc:ce:ec:ab:f1:3a:a9:c7:84:f3:46:f1:8a:c7:b9:be:05:f4:
f4:d0:f9:c4:85:ca:a2:c6:09:90:05:68:76:3b:6e:71:e0:0a:
37:d8:46:87:01:bd:7e:bc:c0:ee:9f:a7:ce:92:29:9f:d1:09:
e7:df:db:cb:74:ed:f8:51:7f:2a:3b:14:ba:5b:cc:ee:73:52:
5d:2c:c9:e5:65:bf:c2:38:06:83:f0:39:87:3b:b7:69:f0:f2:
aa:1d:df:64
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZgT/NHCiD3ZWJXA9BSyflCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YmNkNzcwZjhlYTNkNDhlY2JiNGMzZWFiODk1ZjQyMmZm
YWM5MGQwHhcNMjUwNzE2MTYwNjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzFlMDBiNTA5ZTFlODAyMGE1YTc5ODZhOGUxN2UxN2MxZDZmMmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVfyfygxcoNFojmKlaQDWem8IFjZ
T8+c+v0Xml5jLsQjxYcpcWmy+dpijG8N60kT09o9i77f3tAeK04LMlvGGRSFRr5n
L20PRo8z0bVP9QbrKkWlmaG3ZXKAF0UKJTHkQYwIW9bRA6jUe+fafdH+etB6OM1k
rvoL1Cbf59zfQ0FyG7dL6RD2GW87UZdpYE6/GEMxLrSxV39SjlJKz7uiwpJewqlR
kOFrn1MIluX/Bvgwq3fBxAfy8BdFqCJrcmEs9QZWGKRn2pwv/P1vPWUai7nQ84VW
1b3i9JIM2appLCYhMxdzYNIZ7r0yg5bcAqQkAozTkC38ZSgcc88e4FLqcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDMeALUJ4egCClp5hqjhfhfB1vLLMB8GA1UdIwQY
MBaAFEe813D46j1I7LtMPquJX0Iv+skNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjd6WGNQanFQVWpzdTB3LXE0bGZRaV82eVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85N2E1YzktNmIyOC00YzYxLTk2ZTEt
YTZkMDAwMjAzZmI1LzEvTXg0QXRRbmg2QUlLV25tR3FPRi1GOEhXOHNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85N2E1YzktNmIyOC00YzYxLTk2ZTEtYTZkMDAwMjAzZmI1
LzEvUjd6WGNQanFQVWpzdTB3LXE0bGZRaV82eVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDU4lAAwQF
1FnAMA0EAgACMAcDBQIqDV8AMA0GCSqGSIb3DQEBCwUAA4IBAQARupiTsbA52eRe
SZrcvMq03kJnnOZlynu0wMqMrTkkza/jovOMdzf8Fe+G/fZeeksLtVxtaBC+i+5E
7TDZZBea6icojX0fw2OPMSMSaJ0sniehbIcHHoYBvCKDLW8DQKnNRlesGWT5HAM9
vOwWjMMjT9MqaQ0fvBDv3e1AJ40HPdg7PhU0KeOxjBdGYz4QY0pYYBJOkZr2st5V
bvhvqYsq1OzMzuyr8Tqpx4TzRvGKx7m+BfT00PnEhcqixgmQBWh2O25x4Ao32EaH
Ab1+vMDun6fOkimf0Qnn39vLdO34UX8qOxS6W8zuc1JdLMnlZb/COAaD8DmHO7dp
8PKqHd9k
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:19:16 2025 by rpki-client