Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/x9MROVO0I_4DbRC-cdgvtpUcqSo.roa
File: x9MROVO0I_4DbRC-cdgvtpUcqSo.roa (raw, json)
Hash identifier: nmMjnQZ2GqEE7VMtJSqrjcD6wbWb5UdEwkmJmCMyG7E=
Subject key identifier: C7:D3:11:39:53:B4:23:FE:03:6D:10:BE:71:D8:2F:B6:95:1C:A9:2A
Certificate issuer: /CN=e0574c2878d6b536139b895f08c9c6db18e12a9b
Certificate serial: 01986503DE91F787573BC49BE36E56ADFEA2
Authority key identifier: E0:57:4C:28:78:D6:B5:36:13:9B:89:5F:08:C9:C6:DB:18:E1:2A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FdMKHjWtTYTm4lfCMnG2xjhKps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/x9MROVO0I_4DbRC-cdgvtpUcqSo.roa
Signing time: Fri 01 Aug 2025 09:43:28 +0000
ROA not before: Fri 01 Aug 2025 09:43:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21500
IP address blocks: 62.106.68.0/24 maxlen: 24
81.17.129.0/24 maxlen: 24
81.17.130.0/24 maxlen: 24
81.17.130.194/32 maxlen: 32
81.17.130.198/32 maxlen: 32
81.17.133.0/24 maxlen: 24
81.17.134.0/24 maxlen: 24
81.17.135.0/24 maxlen: 24
81.17.136.0/24 maxlen: 24
81.17.140.0/24 maxlen: 24
81.17.142.0/24 maxlen: 24
85.90.200.0/22 maxlen: 22
92.118.136.0/22 maxlen: 22
92.118.224.0/24 maxlen: 24
92.118.225.0/24 maxlen: 24
92.118.226.0/24 maxlen: 24
195.69.184.0/22 maxlen: 24
195.69.184.0/24 maxlen: 24
195.69.185.0/24 maxlen: 24
195.69.186.0/24 maxlen: 24
195.234.220.0/22 maxlen: 22
2a06:6200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/4FdMKHjWtTYTm4lfCMnG2xjhKps.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/4FdMKHjWtTYTm4lfCMnG2xjhKps.mft
rsync://rpki.ripe.net/repository/DEFAULT/4FdMKHjWtTYTm4lfCMnG2xjhKps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:65:03:de:91:f7:87:57:3b:c4:9b:e3:6e:56:ad:fe:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0574c2878d6b536139b895f08c9c6db18e12a9b
Validity
Not Before: Aug 1 09:43:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7d3113953b423fe036d10be71d82fb6951ca92a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e5:a7:a9:e1:ac:ee:c1:3f:8a:27:25:9e:26:
0e:cd:4c:dd:30:3c:76:4d:9f:7c:c1:0d:83:c7:5b:
c9:88:67:fb:56:5f:1c:35:b3:28:35:69:eb:08:9a:
f5:cc:d9:31:bb:e6:d9:bf:ad:43:d1:50:bd:7d:69:
44:ca:19:16:1c:b0:a8:77:4e:87:d3:cc:e2:7d:50:
d3:90:4a:75:c1:85:61:9d:51:eb:f0:d9:82:38:82:
cb:fa:7c:9e:4b:bb:1c:10:6d:5a:67:03:88:e7:de:
63:c1:d6:87:d5:9f:06:20:e4:1d:74:0c:5f:cb:8f:
1b:6d:d0:cd:4e:cb:aa:a1:43:21:1e:a2:84:46:32:
2f:bf:63:ee:3e:8b:49:21:09:f4:db:72:a6:4b:09:
21:d2:66:e1:8e:ec:d2:65:87:3d:d1:fd:c9:cf:69:
4d:99:4c:9d:95:6a:2a:af:0b:ee:01:4c:cc:45:58:
3c:f3:4e:97:4a:48:37:d4:65:5a:c4:d5:a8:d8:ba:
00:d8:e9:45:92:7e:a6:7d:ef:c0:c6:31:df:b8:f0:
15:6f:0a:52:8b:e9:61:d0:e9:fd:0b:f2:75:56:90:
63:93:e5:33:14:1a:72:18:ba:7e:71:44:09:ad:46:
74:5d:9d:f2:27:20:32:8e:93:f2:80:a8:d6:cd:be:
32:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D3:11:39:53:B4:23:FE:03:6D:10:BE:71:D8:2F:B6:95:1C:A9:2A
X509v3 Authority Key Identifier:
keyid:E0:57:4C:28:78:D6:B5:36:13:9B:89:5F:08:C9:C6:DB:18:E1:2A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FdMKHjWtTYTm4lfCMnG2xjhKps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/x9MROVO0I_4DbRC-cdgvtpUcqSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/28d600-a869-4ab1-9b2e-446019966a19/1/4FdMKHjWtTYTm4lfCMnG2xjhKps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.68.0/24
81.17.129.0-81.17.130.255
81.17.133.0-81.17.136.255
81.17.140.0/24
81.17.142.0/24
85.90.200.0/22
92.118.136.0/22
92.118.224.0-92.118.226.255
195.69.184.0/22
195.234.220.0/22
IPv6:
2a06:6200::/29
Signature Algorithm: sha256WithRSAEncryption
19:7b:c7:6c:a6:64:42:9d:81:15:54:6e:ef:b5:ea:ac:f2:bb:
23:8c:24:f8:2d:c6:50:35:f2:be:11:8b:40:13:b3:a1:a1:bd:
79:53:38:1b:29:46:d2:61:06:af:01:18:a6:0a:a7:54:58:97:
20:76:cd:13:64:45:46:a7:bd:3c:52:59:89:ec:aa:85:e1:43:
19:ae:4b:14:f1:9d:72:3d:db:8b:ab:8e:40:5a:1c:1b:f9:33:
ef:ee:5a:9e:74:a9:3f:85:b7:e7:bc:df:18:8c:ad:23:4e:ac:
7f:18:55:58:6f:4f:22:cf:16:5b:71:6c:2a:d7:c2:13:77:33:
52:9d:c2:fb:a7:38:14:d4:3b:43:18:c1:f7:a7:1a:ee:2c:3d:
52:da:e0:9f:50:90:4d:ce:d2:0d:c2:41:c1:14:4b:a7:7e:12:
f9:6d:ae:3c:a4:03:a8:de:38:fd:3a:56:b4:3d:0c:63:33:92:
71:19:b4:38:cf:05:75:6d:79:61:76:4d:24:f3:24:4f:1f:1d:
e0:ec:b5:5c:15:ee:5a:8d:a7:7e:b2:93:c7:af:87:bd:64:b5:
06:85:9f:af:57:86:5e:a7:14:6d:cc:36:f5:76:bc:d4:0a:d0:
5d:cb:6e:5a:47:ad:b4:9f:f3:47:5f:e5:70:0e:ea:ab:3c:12:
98:39:bf:5e
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZhlA96R94dXO8Sb425Wrf6iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTc0YzI4NzhkNmI1MzYxMzliODk1ZjA4YzljNmRiMThl
MTJhOWIwHhcNMjUwODAxMDk0MzI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2QzMTEzOTUzYjQyM2ZlMDM2ZDEwYmU3MWQ4MmZiNjk1MWNhOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeWnqeGs7sE/iiclniYOzUzdMDx2
TZ98wQ2Dx1vJiGf7Vl8cNbMoNWnrCJr1zNkxu+bZv61D0VC9fWlEyhkWHLCod06H
08zifVDTkEp1wYVhnVHr8NmCOILL+nyeS7scEG1aZwOI595jwdaH1Z8GIOQddAxf
y48bbdDNTsuqoUMhHqKERjIvv2PuPotJIQn023KmSwkh0mbhjuzSZYc90f3Jz2lN
mUydlWoqrwvuAUzMRVg8806XSkg31GVaxNWo2LoA2OlFkn6mfe/AxjHfuPAVbwpS
i+lh0On9C/J1VpBjk+UzFBpyGLp+cUQJrUZ0XZ3yJyAyjpPygKjWzb4y6QIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFMfTETlTtCP+A20QvnHYL7aVHKkqMB8GA1UdIwQY
MBaAFOBXTCh41rU2E5uJXwjJxtsY4SqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZkTUtIald0VFlUbTRsZkNNbkcyeGpoS3BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yOGQ2MDAtYTg2OS00YWIxLTliMmUt
NDQ2MDE5OTY2YTE5LzEveDlNUk9WTzBJXzREYlJDLWNkZ3Z0cFVjcVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yOGQ2MDAtYTg2OS00YWIxLTliMmUtNDQ2MDE5OTY2YTE5
LzEvNEZkTUtIald0VFlUbTRsZkNNbkcyeGpoS3BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQAPmpEMAwD
BABREYEDBABREYIwDAMEAFERhQMEAFERiAMEAFERjAMEAFERjgMEAlVayAMEAlx2
iDAMAwQFXHbgAwQAXHbiAwQCw0W4AwQCw+rcMA0EAgACMAcDBQMqBmIAMA0GCSqG
SIb3DQEBCwUAA4IBAQAZe8dspmRCnYEVVG7vteqs8rsjjCT4LcZQNfK+EYtAE7Oh
ob15UzgbKUbSYQavARimCqdUWJcgds0TZEVGp708UlmJ7KqF4UMZrksU8Z1yPduL
q45AWhwb+TPv7lqedKk/hbfnvN8YjK0jTqx/GFVYb08izxZbcWwq18ITdzNSncL7
pzgU1DtDGMH3pxruLD1S2uCfUJBNztINwkHBFEunfhL5ba48pAOo3jj9Ola0PQxj
M5JxGbQ4zwV1bXlhdk0k8yRPHx3g7LVcFe5ajad+spPHr4e9ZLUGhZ+vV4ZepxRt
zDb1drzUCtBdy25aR620n/NHX+VwDuqrPBKYOb9e
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:18:45 2025 by rpki-client