Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/mRcDAfLk--RjSdum6Sle14W9KMI.roa
File: mRcDAfLk--RjSdum6Sle14W9KMI.roa (raw, json)
Hash identifier: +oylJRFok0vgvm2f/OFoKqJHp1EBjgBkd+nRlcKjql0=
Subject key identifier: 99:17:03:01:F2:E4:FB:E4:63:49:DB:A6:E9:29:5E:D7:85:BD:28:C2
Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Certificate serial: 019A373FDBE9CA93021C7A6C7D2A1CF6C2CD
Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/mRcDAfLk--RjSdum6Sle14W9KMI.roa
Signing time: Thu 30 Oct 2025 22:32:03 +0000
ROA not before: Thu 30 Oct 2025 22:32:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52041
IP address blocks: 82.215.64.0/24 maxlen: 24
86.54.213.0/24 maxlen: 24
185.248.134.0/24 maxlen: 24
185.248.134.0/26 maxlen: 26
185.248.134.64/26 maxlen: 26
185.248.134.128/26 maxlen: 26
185.248.134.192/26 maxlen: 26
194.46.57.0/24 maxlen: 24
2a12:bec0:d0::/44 maxlen: 48
2a12:bec0:6a0::/44 maxlen: 44
2a12:bec0:e40::/44 maxlen: 44
2a12:bec0:7000::/48 maxlen: 48
2a12:bec0:7001::/48 maxlen: 48
2a12:bec0:7002::/48 maxlen: 48
2a12:bec0:7003::/48 maxlen: 48
2a12:bec0:7004::/48 maxlen: 48
2a12:bec0:7006::/48 maxlen: 48
2a12:bec0:7007::/48 maxlen: 48
2a12:bec0:7008::/48 maxlen: 48
2a12:bec0:b00b::/48 maxlen: 48
2a12:bec1::/32 maxlen: 48
2a12:bec1:2::/48 maxlen: 48
2a12:bec1:b00b::/48 maxlen: 48
2a12:bec2::/32 maxlen: 32
2a12:bec2::/48 maxlen: 48
2a12:bec2:b00b::/48 maxlen: 48
2a12:bec3:b00b::/48 maxlen: 48
2a12:bec4:20::/44 maxlen: 48
2a12:bec4:100::/44 maxlen: 44
2a12:bec4:1120::/44 maxlen: 44
2a12:bec4:1430::/44 maxlen: 44
2a12:bec4:1490::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:37:3f:db:e9:ca:93:02:1c:7a:6c:7d:2a:1c:f6:c2:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f
Validity
Not Before: Oct 30 22:32:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99170301f2e4fbe46349dba6e9295ed785bd28c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1d:a2:ed:60:89:44:43:fe:9f:7f:2c:a2:d0:
05:f2:7c:3a:90:c6:5b:9c:09:4d:f7:3f:7e:b9:8b:
bc:75:3b:87:2e:63:67:66:9c:92:05:cc:e8:07:d0:
b3:86:1b:b1:5b:a5:71:7f:a9:b2:c1:5f:ab:98:19:
e5:86:d2:96:93:cf:31:4c:1a:8d:f7:07:68:69:fe:
b0:59:8a:6a:68:37:ea:7f:ac:80:db:d0:fe:80:9d:
19:77:dd:9e:a7:5c:12:b2:65:ec:44:fa:6f:72:e2:
69:b4:e3:b7:13:e9:70:04:a7:ad:d4:29:d3:c8:5e:
38:fa:41:40:c3:ef:ff:83:69:24:e8:54:9e:af:e9:
90:30:fc:81:8b:9b:68:41:db:c7:9b:1a:e3:bc:42:
11:0e:cf:f1:5e:9b:52:dc:37:b4:3f:9f:44:11:9e:
04:f8:3f:7a:0d:f6:7d:c4:3c:0e:03:6d:f2:df:4a:
d1:64:0c:f4:8a:3d:74:34:4e:84:37:a6:01:b8:cf:
18:de:a2:75:02:43:d7:d2:ed:74:01:fe:1e:0b:2a:
65:1f:4b:57:28:0f:81:48:ac:5c:0d:fe:38:13:bd:
74:4d:15:c8:5b:4f:00:60:6e:b6:6b:de:7c:4e:d1:
f2:7f:15:a7:c7:45:24:f2:4e:50:cf:73:82:22:fe:
7b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:17:03:01:F2:E4:FB:E4:63:49:DB:A6:E9:29:5E:D7:85:BD:28:C2
X509v3 Authority Key Identifier:
keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/mRcDAfLk--RjSdum6Sle14W9KMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.215.64.0/24
86.54.213.0/24
185.248.134.0/24
194.46.57.0/24
IPv6:
2a12:bec0:d0::/44
2a12:bec0:6a0::/44
2a12:bec0:e40::/44
2a12:bec0:7000::-2a12:bec0:7004:ffff:ffff:ffff:ffff:ffff
2a12:bec0:7006::-2a12:bec0:7008:ffff:ffff:ffff:ffff:ffff
2a12:bec0:b00b::/48
2a12:bec1::-2a12:bec2:ffff:ffff:ffff:ffff:ffff:ffff
2a12:bec3:b00b::/48
2a12:bec4:20::/44
2a12:bec4:100::/44
2a12:bec4:1120::/44
2a12:bec4:1430::/44
2a12:bec4:1490::/44
Signature Algorithm: sha256WithRSAEncryption
07:ac:31:6b:88:21:57:d4:e3:50:3e:2b:bb:3b:dd:b1:6d:4d:
54:af:d4:c6:75:a7:a9:08:d8:72:24:86:e1:cc:5d:6c:29:ca:
68:b7:53:91:dd:dc:53:cc:25:3b:c2:5e:27:3e:fb:2b:e8:c4:
be:82:b1:bb:0e:87:4d:d7:4e:ec:6c:f6:0d:5a:c2:d8:7e:dc:
7c:22:69:12:0f:8d:ac:dc:4b:ec:f7:a5:da:06:2b:78:75:4d:
87:58:51:7b:dd:8d:68:e9:9c:04:65:d3:08:67:d4:2f:c7:91:
0b:05:5b:57:e3:9f:6e:e4:07:8c:ed:88:e7:76:f3:8b:38:07:
3b:e1:b6:e3:ba:b5:78:49:2b:e8:2d:9d:94:2f:f4:65:38:86:
84:a2:36:0a:d4:7e:3c:6e:a5:2d:4a:f0:3b:bd:4b:e8:5e:55:
14:28:a9:88:c4:f1:42:5c:9f:8c:50:9c:66:7a:96:8c:4b:91:
44:c1:4d:8c:af:c4:72:45:36:d3:cb:9a:2b:c2:db:6d:6f:89:
70:24:ab:0f:7a:ed:4f:54:38:4a:78:e9:69:81:79:03:b0:3f:
bf:3b:c1:b7:35:5c:bf:9e:58:71:2d:ee:84:be:5d:e4:2d:35:
e8:5a:a9:1e:60:37:19:71:74:8f:a2:10:bf:22:09:ce:77:4d:
59:ca:0b:60
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZo3P9vpypMCHHpsfSoc9sLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj
M2Q2NmYwHhcNMjUxMDMwMjIzMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTE3MDMwMWYyZTRmYmU0NjM0OWRiYTZlOTI5NWVkNzg1YmQyOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB2i7WCJREP+n38sotAF8nw6kMZb
nAlN9z9+uYu8dTuHLmNnZpySBczoB9CzhhuxW6Vxf6mywV+rmBnlhtKWk88xTBqN
9wdoaf6wWYpqaDfqf6yA29D+gJ0Zd92ep1wSsmXsRPpvcuJptOO3E+lwBKet1CnT
yF44+kFAw+//g2kk6FSer+mQMPyBi5toQdvHmxrjvEIRDs/xXptS3De0P59EEZ4E
+D96DfZ9xDwOA23y30rRZAz0ij10NE6EN6YBuM8Y3qJ1AkPX0u10Af4eCyplH0tX
KA+BSKxcDf44E710TRXIW08AYG62a958TtHyfxWnx0Uk8k5Qz3OCIv57dwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFJkXAwHy5PvkY0nbpukpXteFvSjCMB8GA1UdIwQY
MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt
NTUzNjljZjUwN2VlLzEvbVJjREFmTGstLVJqU2R1bTZTbGUxNFc5S01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl
LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzAeBAIAATAYAwQAUtdA
AwQAVjbVAwQAufiGAwQAwi45MIGYBAIAAjCBkQMHBCoSvsAA0AMHBCoSvsAGoAMH
BCoSvsAOQDARAwYEKhK+wHADBwAqEr7AcAQwEgMHASoSvsBwBgMHACoSvsBwCAMH
ACoSvsCwCzAOAwUAKhK+wQMFACoSvsIDBwAqEr7DsAsDBwQqEr7EACADBwQqEr7E
AQADBwQqEr7EESADBwQqEr7EFDADBwQqEr7EFJAwDQYJKoZIhvcNAQELBQADggEB
AAesMWuIIVfU41A+K7s73bFtTVSv1MZ1p6kI2HIkhuHMXWwpymi3U5Hd3FPMJTvC
Xic++yvoxL6CsbsOh03XTuxs9g1awth+3HwiaRIPjazcS+z3pdoGK3h1TYdYUXvd
jWjpnARl0whn1C/HkQsFW1fjn27kB4ztiOd284s4BzvhtuO6tXhJK+gtnZQv9GU4
hoSiNgrUfjxupS1K8Du9S+heVRQoqYjE8UJcn4xQnGZ6loxLkUTBTYyvxHJFNtPL
mivC221viXAkqw967U9UOEp46WmBeQOwP787wbc1XL+eWHEt7oS+XeQtNehaqR5g
NxlxdI+iEL8iCc53TVnKC2A=
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:07:36 2025 by rpki-client