Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/mR4Z2n-oSu5nW_s21Ev5X8B6AA0.roa
File: mR4Z2n-oSu5nW_s21Ev5X8B6AA0.roa (raw, json)
Hash identifier: Nu48O4pf7RyMZs46bJTZ1eHTnLF16hGHEGVie8zVALM=
Subject key identifier: 99:1E:19:DA:7F:A8:4A:EE:67:5B:FB:36:D4:4B:F9:5F:C0:7A:00:0D
Certificate issuer: /CN=493a2d48376330a582faf3e3032ef7b0bcca33e8
Certificate serial: 019A0C5E30C6C1CC5F7B6CAF2D96B11C8C25
Authority key identifier: 49:3A:2D:48:37:63:30:A5:82:FA:F3:E3:03:2E:F7:B0:BC:CA:33:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/mR4Z2n-oSu5nW_s21Ev5X8B6AA0.roa
Signing time: Wed 22 Oct 2025 14:41:30 +0000
ROA not before: Wed 22 Oct 2025 14:41:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31693
IP address blocks: 62.244.82.0/23 maxlen: 23
62.244.100.0/22 maxlen: 22
62.244.104.0/22 maxlen: 22
164.138.56.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0c:5e:30:c6:c1:cc:5f:7b:6c:af:2d:96:b1:1c:8c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=493a2d48376330a582faf3e3032ef7b0bcca33e8
Validity
Not Before: Oct 22 14:41:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=991e19da7fa84aee675bfb36d44bf95fc07a000d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:63:69:fe:1f:17:ba:79:81:09:45:72:2a:f3:
b0:a2:d0:81:3e:6f:8a:65:34:3d:dd:e2:36:e3:0c:
9b:04:71:ac:95:aa:72:da:31:a8:e0:9b:64:50:ab:
bf:1e:23:16:c4:ff:00:0d:45:1e:cc:90:7a:e0:9e:
9b:58:f4:8c:e4:c8:b4:a5:13:bb:7d:1e:ff:b3:ab:
7e:71:29:9c:87:f8:59:f7:d2:6c:7e:1a:f9:8b:1f:
20:87:4b:63:55:e8:49:15:ea:be:26:c3:c0:9e:73:
73:75:83:c2:56:8c:0c:29:ee:11:2a:73:e3:19:39:
8a:30:f4:92:1c:d2:8e:ac:fa:6b:33:3a:d2:8a:3b:
44:9a:2b:ba:7e:a7:9f:c0:af:9b:93:32:eb:29:20:
76:e6:cd:eb:4a:e3:c4:02:19:3e:03:82:ce:26:fa:
05:1a:b6:a8:85:b6:2f:81:2b:b1:ed:a8:36:8a:53:
df:0d:3d:5b:8d:97:24:37:fe:a5:8c:fc:46:86:f4:
ec:ae:b8:1a:f7:6c:11:57:92:31:81:72:10:1a:24:
16:c1:55:cc:e8:8f:ea:6c:31:be:40:fe:7d:06:d8:
75:32:03:cd:83:f1:88:c9:c6:ce:e1:55:5e:7e:a5:
c0:db:3a:ec:6f:78:d5:fa:c1:91:6c:a1:e9:44:64:
dd:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:1E:19:DA:7F:A8:4A:EE:67:5B:FB:36:D4:4B:F9:5F:C0:7A:00:0D
X509v3 Authority Key Identifier:
keyid:49:3A:2D:48:37:63:30:A5:82:FA:F3:E3:03:2E:F7:B0:BC:CA:33:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/mR4Z2n-oSu5nW_s21Ev5X8B6AA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.244.82.0/23
62.244.100.0-62.244.107.255
164.138.56.0/21
Signature Algorithm: sha256WithRSAEncryption
6c:8f:c9:47:2f:eb:ea:ca:fa:2f:a0:42:77:f1:e6:9d:78:71:
7a:ab:32:2b:63:21:52:71:9d:a5:9d:8d:44:20:27:79:70:63:
78:79:49:e3:5b:82:88:d8:d3:30:8d:1f:67:24:04:0c:26:55:
49:11:ff:bf:db:a2:85:52:8f:96:22:f2:41:b9:db:4c:9b:f3:
6a:50:e6:af:a4:23:58:ec:05:d8:cc:8e:6f:7c:15:58:ca:dd:
0c:2f:5b:b3:7e:78:34:ac:d0:3c:2d:42:a9:f3:64:4f:b5:69:
92:39:12:45:c6:c5:5b:f3:41:4b:37:7e:4b:67:de:19:43:7a:
95:66:00:3d:3c:2f:91:03:89:f5:bf:e6:62:ab:e2:f3:d7:15:
c4:0a:35:08:94:01:e9:2f:14:4f:2e:41:4a:88:75:b9:17:58:
d1:c4:d8:f8:02:1f:bb:86:7a:af:3e:98:f1:63:0d:07:5e:67:
5b:53:b1:4f:5f:8a:d3:48:0a:5f:47:e5:e3:e3:9d:0a:3d:32:
bd:4d:cf:3e:20:ab:52:c7:af:99:97:b9:49:54:b1:32:f5:5a:
82:47:7d:fb:88:d3:e5:0b:47:98:31:b1:be:d9:c8:81:f0:5a:
aa:57:1b:19:b0:f6:cf:aa:53:e4:a7:28:cc:3c:a3:07:28:11:
8d:7c:49:69
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZoMXjDGwcxfe2yvLZaxHIwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5M2EyZDQ4Mzc2MzMwYTU4MmZhZjNlMzAzMmVmN2IwYmNj
YTMzZTgwHhcNMjUxMDIyMTQ0MTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTFlMTlkYTdmYTg0YWVlNjc1YmZiMzZkNDRiZjk1ZmMwN2EwMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWNp/h8XunmBCUVyKvOwotCBPm+K
ZTQ93eI24wybBHGslapy2jGo4JtkUKu/HiMWxP8ADUUezJB64J6bWPSM5Mi0pRO7
fR7/s6t+cSmch/hZ99Jsfhr5ix8gh0tjVehJFeq+JsPAnnNzdYPCVowMKe4RKnPj
GTmKMPSSHNKOrPprMzrSijtEmiu6fqefwK+bkzLrKSB25s3rSuPEAhk+A4LOJvoF
GraohbYvgSux7ag2ilPfDT1bjZckN/6ljPxGhvTsrrga92wRV5IxgXIQGiQWwVXM
6I/qbDG+QP59Bth1MgPNg/GIycbO4VVefqXA2zrsb3jV+sGRbKHpRGTdPwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJkeGdp/qEruZ1v7NtRL+V/AegANMB8GA1UdIwQY
MBaAFEk6LUg3YzClgvrz4wMu97C8yjPoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RvdFNEZGpNS1dDLXZQakF5NzNzTHpLTS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9kNzY1YTQtNTRlYi00MTBkLThmM2Qt
Njg5YmE0ZDMzYzRiLzEvbVI0WjJuLW9TdTVuV19zMjFFdjVYOEI2QUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9kNzY1YTQtNTRlYi00MTBkLThmM2QtNjg5YmE0ZDMzYzRi
LzEvU1RvdFNEZGpNS1dDLXZQakF5NzNzTHpLTS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBPvRSMAwD
BAI+9GQDBAI+9GgDBAOkijgwDQYJKoZIhvcNAQELBQADggEBAGyPyUcv6+rK+i+g
Qnfx5p14cXqrMitjIVJxnaWdjUQgJ3lwY3h5SeNbgojY0zCNH2ckBAwmVUkR/7/b
ooVSj5Yi8kG520yb82pQ5q+kI1jsBdjMjm98FVjK3QwvW7N+eDSs0DwtQqnzZE+1
aZI5EkXGxVvzQUs3fktn3hlDepVmAD08L5EDifW/5mKr4vPXFcQKNQiUAekvFE8u
QUqIdbkXWNHE2PgCH7uGeq8+mPFjDQdeZ1tTsU9fitNICl9H5ePjnQo9Mr1Nzz4g
q1LHr5mXuUlUsTL1WoJHffuI0+ULR5gxsb7ZyIHwWqpXGxmw9s+qU+SnKMw8owco
EY18SWk=
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:27:07 2025 by rpki-client