Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mPS-ZUqcaRBgWkCORE1WZfFX0Pc.roa
File: mPS-ZUqcaRBgWkCORE1WZfFX0Pc.roa (raw, json)
Hash identifier: JpbaxjbnqGlllKpm/ETYk+N8aFUeOYWxxgC561eZU1k=
Subject key identifier: 98:F4:BE:65:4A:9C:69:10:60:5A:40:8E:44:4D:56:65:F1:57:D0:F7
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01973D11FB1D8F8CA48689101367FF2486CA
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mPS-ZUqcaRBgWkCORE1WZfFX0Pc.roa
Signing time: Wed 04 Jun 2025 22:31:17 +0000
ROA not before: Wed 04 Jun 2025 22:31:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20326
IP address blocks: 5.175.203.0/24 maxlen: 24
89.106.74.0/24 maxlen: 24
89.106.75.0/24 maxlen: 24
89.106.76.0/24 maxlen: 24
89.106.77.0/24 maxlen: 24
89.144.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 12:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3d:11:fb:1d:8f:8c:a4:86:89:10:13:67:ff:24:86:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 4 22:31:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98f4be654a9c6910605a408e444d5665f157d0f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b2:e9:86:b8:4b:ff:3f:e8:7c:3f:38:ac:4f:
e9:28:4d:1e:e4:8c:c6:48:0f:9c:e8:ab:f6:27:19:
52:b4:f9:c5:fa:10:61:17:eb:5a:66:2b:97:49:12:
66:c6:bf:87:3e:35:7c:62:d4:75:a0:37:81:96:84:
86:a1:94:dd:99:35:18:08:eb:c4:6f:3f:f3:ea:a1:
fe:be:76:cc:20:51:b4:55:95:2a:e2:3c:df:e0:24:
7b:51:ca:b4:c4:79:23:1d:01:93:b9:36:72:e4:89:
37:26:8d:d4:ec:92:c6:4c:aa:5d:9a:35:14:66:dd:
2a:5a:aa:e3:41:b1:31:ca:56:6c:3d:ac:81:0d:46:
e3:2c:14:71:29:16:2e:1b:79:a9:46:d4:85:27:2a:
13:2d:d7:ef:3a:22:c1:08:1c:ad:24:2a:96:80:55:
b1:61:cb:b8:ed:ba:36:34:41:53:fe:01:5a:c5:27:
7b:80:d4:f4:0d:22:e6:cb:f7:2a:16:62:ec:19:4e:
2e:87:ac:aa:42:bc:d3:63:be:0d:a6:34:bd:69:b9:
2e:3c:26:7a:f3:12:a3:2d:8a:25:ac:79:6c:ec:0f:
92:a2:80:4c:56:cc:8f:93:29:9b:b0:e8:f0:4c:51:
0e:16:1c:4d:39:59:d5:0a:de:9c:1b:dc:43:6c:6e:
04:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F4:BE:65:4A:9C:69:10:60:5A:40:8E:44:4D:56:65:F1:57:D0:F7
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/mPS-ZUqcaRBgWkCORE1WZfFX0Pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.203.0/24
89.106.74.0-89.106.77.255
89.144.47.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:a0:bd:70:5b:bc:fe:42:4b:99:fb:d5:3c:4c:22:05:78:ba:
0e:c4:23:08:3f:86:d6:a2:1b:98:a8:cc:91:82:d7:c4:0a:48:
21:03:c3:90:1d:96:b4:18:c9:8d:3e:6a:78:15:e0:39:5f:11:
a1:7a:72:b6:54:dc:b0:8c:21:52:40:c5:f7:75:16:35:12:b3:
e7:a1:ec:d4:b2:a1:dc:18:da:d6:96:2a:a8:b6:eb:0c:31:1f:
54:54:d6:02:5a:3d:4a:f7:f5:b5:48:2e:21:f6:60:e5:38:42:
8b:dd:ad:45:1b:aa:56:ac:16:de:9b:89:dc:3c:c2:1b:94:0d:
1c:9c:73:45:57:07:0a:e5:e3:ba:cd:a1:88:4c:2c:8e:d6:34:
f3:84:3a:4e:d3:54:4d:61:19:04:93:e9:e0:fb:84:19:ee:6b:
75:bd:09:66:1a:04:59:ff:5e:f8:91:2a:35:9d:48:df:c7:5f:
10:7a:8c:9c:6c:ec:e0:48:9c:38:f4:42:e3:d1:2e:ec:02:0a:
a3:aa:c0:bc:7d:9c:b8:f4:4b:3c:cc:fe:12:6f:55:48:09:05:
f3:0a:ac:dc:f6:78:46:7c:f6:97:7a:cb:7c:51:3b:b8:d2:5e:
1f:4a:f2:27:d8:b7:7a:29:eb:a6:5e:4f:25:94:e1:44:ce:30:
38:3a:5a:83
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZc9Efsdj4ykhokQE2f/JIbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjA0MjIzMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGY0YmU2NTRhOWM2OTEwNjA1YTQwOGU0NDRkNTY2NWYxNTdkMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bLphrhL/z/ofD84rE/pKE0e5IzG
SA+c6Kv2JxlStPnF+hBhF+taZiuXSRJmxr+HPjV8YtR1oDeBloSGoZTdmTUYCOvE
bz/z6qH+vnbMIFG0VZUq4jzf4CR7Ucq0xHkjHQGTuTZy5Ik3Jo3U7JLGTKpdmjUU
Zt0qWqrjQbExylZsPayBDUbjLBRxKRYuG3mpRtSFJyoTLdfvOiLBCBytJCqWgFWx
Ycu47bo2NEFT/gFaxSd7gNT0DSLmy/cqFmLsGU4uh6yqQrzTY74NpjS9abkuPCZ6
8xKjLYolrHls7A+SooBMVsyPkymbsOjwTFEOFhxNOVnVCt6cG9xDbG4E3wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJj0vmVKnGkQYFpAjkRNVmXxV9D3MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvbVBTLVpVcWNhUkJnV2tDT1JFMVdaZkZYMFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQABa/LMAwD
BAFZakoDBAFZakwDBABZkC8wDQYJKoZIhvcNAQELBQADggEBAIygvXBbvP5CS5n7
1TxMIgV4ug7EIwg/htaiG5iozJGC18QKSCEDw5AdlrQYyY0+angV4DlfEaF6crZU
3LCMIVJAxfd1FjUSs+eh7NSyodwY2taWKqi26wwxH1RU1gJaPUr39bVILiH2YOU4
QovdrUUbqlasFt6bidw8whuUDRycc0VXBwrl47rNoYhMLI7WNPOEOk7TVE1hGQST
6eD7hBnua3W9CWYaBFn/XviRKjWdSN/HXxB6jJxs7OBInDj0QuPRLuwCCqOqwLx9
nLj0SzzM/hJvVUgJBfMKrNz2eEZ89pd6y3xRO7jSXh9K8ifYt3op66ZeTyWU4UTO
MDg6WoM=
-----END CERTIFICATE-----
Generated at Sun Jun 15 16:40:00 2025 by rpki-client