Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/mcZ_wFiKJ5ceIsgC2BUu4MFFKQo.roa
File: mcZ_wFiKJ5ceIsgC2BUu4MFFKQo.roa (raw, json)
Hash identifier: T2KHfDIrrN3cj+Vf6WCXsB4RoiQ2FgY7quTVSGHtuCI=
Subject key identifier: 99:C6:7F:C0:58:8A:27:97:1E:22:C8:02:D8:15:2E:E0:C1:45:29:0A
Certificate issuer: /CN=b135377901a7871d3bff7a70277a2f4e2fc0e277
Certificate serial: 019A27253C9C7441D7A0965B872D2476F72D
Authority key identifier: B1:35:37:79:01:A7:87:1D:3B:FF:7A:70:27:7A:2F:4E:2F:C0:E2:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/mcZ_wFiKJ5ceIsgC2BUu4MFFKQo.roa
Signing time: Mon 27 Oct 2025 19:29:03 +0000
ROA not before: Mon 27 Oct 2025 19:29:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28715
IP address blocks: 185.104.120.0/24 maxlen: 24
185.104.121.0/24 maxlen: 24
185.104.122.0/24 maxlen: 24
2a06:3000::/29 maxlen: 29
2a06:3000::/36 maxlen: 36
2a06:3000::/48 maxlen: 48
2a06:3000:1::/48 maxlen: 48
2a06:3000:2::/48 maxlen: 48
2a06:3000:3::/48 maxlen: 48
2a06:3000:4::/48 maxlen: 48
2a06:3000:5::/48 maxlen: 48
2a06:3000:6::/48 maxlen: 48
2a06:3000:1000::/36 maxlen: 36
2a06:3000:2000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/sTU3eQGnhx07_3pwJ3ovTi_A4nc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/sTU3eQGnhx07_3pwJ3ovTi_A4nc.mft
rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 10:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:27:25:3c:9c:74:41:d7:a0:96:5b:87:2d:24:76:f7:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b135377901a7871d3bff7a70277a2f4e2fc0e277
Validity
Not Before: Oct 27 19:29:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99c67fc0588a27971e22c802d8152ee0c145290a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3c:91:ec:6a:c4:64:1e:5d:f3:5d:21:34:97:
94:c6:80:d0:c0:fc:d6:25:a8:d3:9c:3f:66:21:3c:
68:8a:af:f1:79:55:97:3e:16:c4:73:5d:7e:54:39:
76:61:27:a5:b6:4d:83:0d:1e:a8:56:91:f5:b6:68:
fb:2f:f7:51:fc:55:2b:db:09:2b:59:88:e9:8e:49:
18:74:96:55:a1:ad:4c:bb:38:ff:0c:1c:60:6b:4b:
30:7a:40:77:7c:85:91:49:96:18:05:6e:f2:9d:fb:
2f:38:04:d2:42:0a:bc:d8:7c:53:80:0e:91:9f:23:
9b:55:73:56:5b:f7:56:05:eb:b5:7d:d3:2b:23:05:
cf:8c:dc:eb:f4:d5:ae:e6:85:97:ab:f2:b2:2a:5e:
1e:2a:da:b7:a8:eb:c2:2d:a9:1f:e9:c1:8a:a9:a2:
7e:fc:37:df:5f:3f:72:cb:51:3a:88:77:2f:0c:f8:
9c:ec:db:20:29:25:7c:ae:11:72:d4:65:ba:aa:aa:
e9:44:e9:7c:43:79:a5:e8:e5:fe:02:6a:47:35:ea:
78:b3:ca:7b:04:36:a4:c5:c1:d2:32:8b:56:06:31:
d4:90:62:7a:92:5e:90:28:14:9e:5c:b9:80:11:a7:
3e:77:4a:e8:de:d2:56:80:d6:c5:98:8c:e8:01:58:
af:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C6:7F:C0:58:8A:27:97:1E:22:C8:02:D8:15:2E:E0:C1:45:29:0A
X509v3 Authority Key Identifier:
keyid:B1:35:37:79:01:A7:87:1D:3B:FF:7A:70:27:7A:2F:4E:2F:C0:E2:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sTU3eQGnhx07_3pwJ3ovTi_A4nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/mcZ_wFiKJ5ceIsgC2BUu4MFFKQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/465c40-6718-4ea9-91e5-912047153e01/1/sTU3eQGnhx07_3pwJ3ovTi_A4nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.120.0-185.104.122.255
IPv6:
2a06:3000::/29
Signature Algorithm: sha256WithRSAEncryption
9d:b0:af:33:fb:76:4f:ad:18:a7:46:04:1e:28:23:ab:c6:7e:
e8:de:e2:0e:f2:60:71:dd:6c:ef:0a:4c:a1:a6:1f:8a:d2:71:
34:61:fb:56:44:42:04:6d:86:4d:9c:2a:ad:38:2a:22:a3:3b:
db:ff:df:34:07:e1:bb:09:34:fc:1a:b7:d9:79:ee:9f:c0:3a:
30:88:5e:d0:64:b5:07:5f:26:4a:de:1e:f3:18:91:7f:c2:7e:
8d:20:11:85:38:62:dc:54:61:f2:08:07:19:a5:6f:f0:11:ef:
6a:75:43:35:91:76:84:3d:f0:e2:50:49:35:3c:4b:96:1d:e9:
6c:d1:16:06:08:5a:98:fd:f5:1e:38:f6:8c:e3:36:f8:66:b5:
ac:c5:19:15:85:2b:cc:e2:44:b4:55:92:8e:7b:f7:6f:9c:3e:
83:03:85:33:9b:af:88:2f:d9:18:66:e5:14:2b:cb:78:48:f6:
22:ff:eb:e7:65:6a:7d:40:ef:7d:69:03:ae:61:0b:5b:fe:0f:
2c:dd:02:18:e2:11:bc:8d:ed:8d:99:84:75:06:7b:1d:85:06:
78:33:f5:f8:73:65:0e:a1:94:36:01:09:69:e4:91:0d:0d:86:
00:71:5f:d4:a1:48:f6:bc:a9:44:0a:9b:7c:a0:6a:47:30:8f:
a2:52:77:74
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZonJTycdEHXoJZbhy0kdvctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMzUzNzc5MDFhNzg3MWQzYmZmN2E3MDI3N2EyZjRlMmZj
MGUyNzcwHhcNMjUxMDI3MTkyOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWM2N2ZjMDU4OGEyNzk3MWUyMmM4MDJkODE1MmVlMGMxNDUyOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjyR7GrEZB5d810hNJeUxoDQwPzW
JajTnD9mITxoiq/xeVWXPhbEc11+VDl2YSeltk2DDR6oVpH1tmj7L/dR/FUr2wkr
WYjpjkkYdJZVoa1Muzj/DBxga0swekB3fIWRSZYYBW7ynfsvOATSQgq82HxTgA6R
nyObVXNWW/dWBeu1fdMrIwXPjNzr9NWu5oWXq/KyKl4eKtq3qOvCLakf6cGKqaJ+
/DffXz9yy1E6iHcvDPic7NsgKSV8rhFy1GW6qqrpROl8Q3ml6OX+AmpHNep4s8p7
BDakxcHSMotWBjHUkGJ6kl6QKBSeXLmAEac+d0ro3tJWgNbFmIzoAViv3wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJnGf8BYiieXHiLIAtgVLuDBRSkKMB8GA1UdIwQY
MBaAFLE1N3kBp4cdO/96cCd6L04vwOJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1RVM2VRR25oeDA3XzNwd0ozb3ZUaV9BNG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi80NjVjNDAtNjcxOC00ZWE5LTkxZTUt
OTEyMDQ3MTUzZTAxLzEvbWNaX3dGaUtKNWNlSXNnQzJCVXU0TUZGS1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi80NjVjNDAtNjcxOC00ZWE5LTkxZTUtOTEyMDQ3MTUzZTAx
LzEvc1RVM2VRR25oeDA3XzNwd0ozb3ZUaV9BNG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAO5aHgD
BAC5aHowDQQCAAIwBwMFAyoGMAAwDQYJKoZIhvcNAQELBQADggEBAJ2wrzP7dk+t
GKdGBB4oI6vGfuje4g7yYHHdbO8KTKGmH4rScTRh+1ZEQgRthk2cKq04KiKjO9v/
3zQH4bsJNPwat9l57p/AOjCIXtBktQdfJkreHvMYkX/Cfo0gEYU4YtxUYfIIBxml
b/AR72p1QzWRdoQ98OJQSTU8S5Yd6WzRFgYIWpj99R449ozjNvhmtazFGRWFK8zi
RLRVko5792+cPoMDhTObr4gv2Rhm5RQry3hI9iL/6+dlan1A731pA65hC1v+Dyzd
AhjiEbyN7Y2ZhHUGex2FBngz9fhzZQ6hlDYBCWnkkQ0NhgBxX9ShSPa8qUQKm3yg
akcwj6JSd3Q=
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:58:53 2025 by rpki-client