Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/7MZR3mjsAfILO-kcvcAwJd6d2Ao.roa
File: 7MZR3mjsAfILO-kcvcAwJd6d2Ao.roa (raw, json)
Hash identifier: 34KPCBnRe8nkhxBNb/c94bJh+NIbMikAhxDsnW5Rhtk=
Subject key identifier: EC:C6:51:DE:68:EC:01:F2:0B:3B:E9:1C:BD:C0:30:25:DE:9D:D8:0A
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 019850F6243C239FDAF4732DB10064301836
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/7MZR3mjsAfILO-kcvcAwJd6d2Ao.roa
Signing time: Mon 28 Jul 2025 12:16:05 +0000
ROA not before: Mon 28 Jul 2025 12:16:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 5.144.182.0/24 maxlen: 24
5.178.106.0/24 maxlen: 24
5.178.110.0/24 maxlen: 24
185.5.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:f6:24:3c:23:9f:da:f4:73:2d:b1:00:64:30:18:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Jul 28 12:16:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecc651de68ec01f20b3be91cbdc03025de9dd80a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6a:18:4c:26:04:6b:58:8a:36:55:08:1c:5c:
82:44:3f:01:bd:cb:73:61:f5:a0:9e:ed:48:45:43:
78:4b:77:23:cd:30:9d:b1:29:4b:d2:23:dc:94:ad:
02:da:84:d4:04:0b:e9:b6:4d:5e:b4:3b:44:07:e0:
f8:29:db:5b:44:37:2d:51:6c:93:b7:0e:bf:94:e8:
ec:ef:34:a7:9a:47:56:7e:4e:16:e9:33:d2:6a:d3:
ae:4b:55:28:a7:e9:ed:1d:a8:15:08:85:52:91:62:
aa:53:e3:d2:92:44:a0:38:f4:5e:3b:76:92:ed:50:
df:f9:a3:fa:74:5e:05:08:6d:da:f5:8a:88:2d:c9:
5c:b5:64:b1:74:88:a2:92:07:15:f3:16:fe:57:2c:
f1:78:fe:d3:f9:4f:85:e6:cb:61:1d:7c:74:fa:7d:
8f:48:a3:bc:c7:8a:93:48:87:2c:db:91:ac:36:d0:
0c:7a:88:0b:1f:91:3b:50:6c:47:2c:09:dd:9b:c3:
42:af:1b:4e:dd:b9:ea:2c:c8:a0:03:9d:36:2d:45:
4a:e8:5d:21:d8:7b:3e:3b:54:99:5a:94:c0:3f:df:
e5:6c:e9:06:45:d5:08:52:e7:98:b2:2d:87:c1:11:
4c:6d:a9:b3:a2:9d:a4:1a:95:a1:e8:14:7b:50:7b:
e6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:C6:51:DE:68:EC:01:F2:0B:3B:E9:1C:BD:C0:30:25:DE:9D:D8:0A
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/7MZR3mjsAfILO-kcvcAwJd6d2Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.182.0/24
5.178.106.0/24
5.178.110.0/24
185.5.39.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:04:63:2c:cc:31:c7:1a:67:9d:e9:6b:a1:a0:ad:f2:a4:85:
99:dd:ba:d7:10:20:38:6e:e2:ea:12:29:cc:85:84:24:ed:39:
35:a3:e7:f2:8a:6d:97:95:88:54:6e:31:7a:23:6a:b7:db:2a:
a7:b5:21:a8:f7:a7:8a:00:3f:ed:74:d0:4f:06:36:de:55:d8:
9f:0b:59:a1:38:0e:75:d7:2c:8d:fd:d3:99:4d:7d:90:e0:84:
52:47:50:be:c7:60:21:83:06:12:ab:5d:b0:3e:ec:ef:fd:b8:
45:75:23:23:60:fa:06:54:f0:33:6c:f1:8c:9e:53:56:68:80:
33:3c:6a:60:70:59:02:d4:69:2d:23:e0:8b:0e:03:56:dc:68:
29:ec:34:de:5b:4b:d6:0d:76:95:5c:aa:24:db:cd:7d:50:e4:
b3:49:3f:e5:f9:8a:1e:cd:a4:f5:36:fa:e4:4e:42:c6:29:f3:
ec:d3:4a:91:a2:b6:50:2a:21:21:a9:82:c2:0b:65:1a:ab:d2:
29:65:d8:88:9f:37:19:d3:99:33:3b:d4:89:c9:cd:e4:0e:65:
69:a4:b7:9d:9a:ee:72:a4:63:c3:0d:44:dd:02:ed:1e:8e:93:
82:6f:68:32:90:31:99:2f:d0:e7:ff:7b:bf:90:25:ed:bd:4b:
e5:f0:91:81
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZhQ9iQ8I5/a9HMtsQBkMBg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwNzI4MTIxNjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2M2NTFkZTY4ZWMwMWYyMGIzYmU5MWNiZGMwMzAyNWRlOWRkODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomoYTCYEa1iKNlUIHFyCRD8Bvctz
YfWgnu1IRUN4S3cjzTCdsSlL0iPclK0C2oTUBAvptk1etDtEB+D4KdtbRDctUWyT
tw6/lOjs7zSnmkdWfk4W6TPSatOuS1Uop+ntHagVCIVSkWKqU+PSkkSgOPReO3aS
7VDf+aP6dF4FCG3a9YqILclctWSxdIiikgcV8xb+VyzxeP7T+U+F5sthHXx0+n2P
SKO8x4qTSIcs25GsNtAMeogLH5E7UGxHLAndm8NCrxtO3bnqLMigA502LUVK6F0h
2Hs+O1SZWpTAP9/lbOkGRdUIUueYsi2HwRFMbamzop2kGpWh6BR7UHvmdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOzGUd5o7AHyCzvpHL3AMCXendgKMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvN01aUjNtanNBZklMTy1rY3ZjQXdKZDZkMkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABZC2AwQA
BbJqAwQABbJuAwQAuQUnMA0GCSqGSIb3DQEBCwUAA4IBAQAPBGMszDHHGmed6Wuh
oK3ypIWZ3brXECA4buLqEinMhYQk7Tk1o+fyim2XlYhUbjF6I2q32yqntSGo96eK
AD/tdNBPBjbeVdifC1mhOA511yyN/dOZTX2Q4IRSR1C+x2AhgwYSq12wPuzv/bhF
dSMjYPoGVPAzbPGMnlNWaIAzPGpgcFkC1GktI+CLDgNW3Ggp7DTeW0vWDXaVXKok
2819UOSzST/l+YoezaT1NvrkTkLGKfPs00qRorZQKiEhqYLCC2Uaq9IpZdiInzcZ
05kzO9SJyc3kDmVppLedmu5ypGPDDUTdAu0ejpOCb2gykDGZL9Dn/3u/kCXtvUvl
8JGB
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:46:00 2025 by rpki-client