
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/IhgmMXkohjSQGNi-FluDnNiX1yE.roa
File: IhgmMXkohjSQGNi-FluDnNiX1yE.roa (raw, json)
Hash identifier: enXCL1nnyoZP3p3QFY4PWbAm+jf1sDR/et981D6sBLY=
Subject key identifier: 22:18:26:31:79:28:86:34:90:18:D8:BE:16:5B:83:9C:D8:97:D7:21
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01987459A6E089B4371074CEF537A82E5566
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/IhgmMXkohjSQGNi-FluDnNiX1yE.roa
Signing time: Mon 04 Aug 2025 09:11:29 +0000
ROA not before: Mon 04 Aug 2025 09:11:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44208
IP address blocks: 31.170.48.0/20 maxlen: 24
94.74.128.0/18 maxlen: 24
94.74.136.0/24 maxlen: 24
94.74.165.0/24 maxlen: 24
94.74.166.0/23 maxlen: 23
94.74.168.0/23 maxlen: 24
94.74.190.0/24 maxlen: 24
176.46.153.0/24 maxlen: 24
176.46.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 18:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:59:a6:e0:89:b4:37:10:74:ce:f5:37:a8:2e:55:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Aug 4 09:11:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22182631792886349018d8be165b839cd897d721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:91:dd:ea:6f:23:c5:5e:7e:a0:82:14:31:b0:
b0:54:d4:47:0a:b8:6e:ec:09:ba:2b:db:d5:c3:13:
68:ea:f0:6e:2e:c5:c9:28:6c:c7:83:86:62:aa:ba:
2d:5f:5a:20:c6:39:5b:63:e0:d7:e5:a9:f6:d8:89:
53:94:41:fe:e5:ca:3c:3c:09:5f:11:2f:4b:df:6f:
2e:27:50:57:cd:b1:8f:2c:f4:8c:b4:71:30:96:2a:
b0:86:fc:c1:9a:19:c3:34:1e:ef:e0:dd:2a:0e:08:
da:a7:7a:55:84:28:bc:8f:4d:22:87:56:a4:cd:b8:
60:38:f4:2e:8f:15:ad:87:59:db:ef:6a:86:f4:79:
54:bb:55:92:31:16:b2:90:4c:ea:0e:96:4e:19:78:
6c:8c:c6:8a:92:db:d3:f3:99:7d:8f:a3:ba:f3:31:
9e:37:6f:4c:b3:52:50:c2:98:ba:7c:6d:22:9c:03:
d7:0f:bf:94:54:9e:af:99:c4:8b:82:19:ac:87:19:
08:b8:83:33:74:73:5d:2f:19:37:90:51:f9:05:6b:
6f:38:2e:92:3c:f8:e1:da:e5:aa:22:30:a1:48:8c:
83:8c:9d:ae:cb:05:3d:53:51:d4:da:da:a6:22:ee:
32:96:60:00:2a:f1:57:c7:a3:a1:25:5f:7e:60:a1:
ed:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:18:26:31:79:28:86:34:90:18:D8:BE:16:5B:83:9C:D8:97:D7:21
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/IhgmMXkohjSQGNi-FluDnNiX1yE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.48.0/20
94.74.128.0/18
176.46.153.0-176.46.154.255
Signature Algorithm: sha256WithRSAEncryption
05:2b:c6:f8:e7:db:ea:ca:52:c6:66:3f:6e:5b:77:73:ba:b6:
ae:fc:0d:1c:f8:8f:ad:e3:6f:fc:79:b1:39:51:75:e7:13:9a:
1a:9d:93:03:6d:b5:98:fe:88:61:0b:66:db:4c:64:f3:5c:de:
60:e5:72:cf:5f:63:cc:82:8c:b9:e9:3c:fc:c7:b6:82:ea:55:
f9:be:5a:02:ec:59:b5:54:6b:7b:e8:67:ce:07:e4:b1:70:fa:
76:1e:cf:38:3c:c1:86:67:f9:62:4e:63:59:1b:01:83:1f:1d:
a7:85:e0:51:e6:c2:90:ee:db:63:c5:61:25:cb:8c:47:69:81:
61:86:71:a9:a5:ff:37:ab:fb:b7:7c:1b:6a:64:45:9c:5a:74:
7a:5c:99:b2:5d:ed:af:8e:1a:17:f9:75:8c:c6:37:59:df:55:
c6:f3:97:e0:d6:51:28:a1:42:12:50:b7:c2:b0:a9:b5:77:8a:
f5:87:35:c5:0b:05:40:12:0b:98:e4:2e:dc:af:3c:59:6e:ec:
d9:10:db:96:40:5b:1c:eb:89:55:e1:29:93:04:4f:52:4b:9c:
65:da:53:a1:e7:04:28:5a:dd:c6:5c:78:90:1b:98:f3:33:b2:
29:59:dd:d8:fb:3d:9b:eb:b2:f6:2a:bd:fa:3d:2a:74:27:1b:
e1:56:0c:52
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZh0WabgibQ3EHTO9TeoLlVmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwODA0MDkxMTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjE4MjYzMTc5Mjg4NjM0OTAxOGQ4YmUxNjViODM5Y2Q4OTdkNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZHd6m8jxV5+oIIUMbCwVNRHCrhu
7Am6K9vVwxNo6vBuLsXJKGzHg4ZiqrotX1ogxjlbY+DX5an22IlTlEH+5co8PAlf
ES9L328uJ1BXzbGPLPSMtHEwliqwhvzBmhnDNB7v4N0qDgjap3pVhCi8j00ih1ak
zbhgOPQujxWth1nb72qG9HlUu1WSMRaykEzqDpZOGXhsjMaKktvT85l9j6O68zGe
N29Ms1JQwpi6fG0inAPXD7+UVJ6vmcSLghmshxkIuIMzdHNdLxk3kFH5BWtvOC6S
PPjh2uWqIjChSIyDjJ2uywU9U1HU2tqmIu4ylmAAKvFXx6OhJV9+YKHt3QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCIYJjF5KIY0kBjYvhZbg5zYl9chMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvSWhnbU1Ya29oalNRR05pLUZsdURuTmlYMXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEH6owAwQG
XkqAMAwDBACwLpkDBACwLpowDQYJKoZIhvcNAQELBQADggEBAAUrxvjn2+rKUsZm
P25bd3O6tq78DRz4j63jb/x5sTlRdecTmhqdkwNttZj+iGELZttMZPNc3mDlcs9f
Y8yCjLnpPPzHtoLqVfm+WgLsWbVUa3voZ84H5LFw+nYezzg8wYZn+WJOY1kbAYMf
HaeF4FHmwpDu22PFYSXLjEdpgWGGcaml/zer+7d8G2pkRZxadHpcmbJd7a+OGhf5
dYzGN1nfVcbzl+DWUSihQhJQt8KwqbV3ivWHNcULBUASC5jkLtyvPFlu7NkQ25ZA
WxzriVXhKZMET1JLnGXaU6HnBCha3cZceJAbmPMzsilZ3dj7PZvrsvYqvfo9KnQn
G+FWDFI=
-----END CERTIFICATE-----
Generated at Sun Aug 10 04:24:47 2025 by rpki-client