Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/MsdUQCagTDHd8Si78BPDmp_WpZ8.roa
File: MsdUQCagTDHd8Si78BPDmp_WpZ8.roa (raw, json)
Hash identifier: k0m/eSaWjhvcNX6cbMLf7bH/cSi8h0RiGTdFIrsyBkg=
Subject key identifier: 32:C7:54:40:26:A0:4C:31:DD:F1:28:BB:F0:13:C3:9A:9F:D6:A5:9F
Certificate issuer: /CN=44a3b43f647e1e7714cd130764cbbc4814e7a148
Certificate serial: 019A502FD4711447F283C0C4985C7FF3DA04
Authority key identifier: 44:A3:B4:3F:64:7E:1E:77:14:CD:13:07:64:CB:BC:48:14:E7:A1:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKO0P2R-HncUzRMHZMu8SBTnoUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/MsdUQCagTDHd8Si78BPDmp_WpZ8.roa
Signing time: Tue 04 Nov 2025 18:45:03 +0000
ROA not before: Tue 04 Nov 2025 18:45:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14127
IP address blocks: 89.106.176.0/22 maxlen: 24
89.106.180.0/23 maxlen: 23
89.106.182.0/23 maxlen: 23
185.45.0.0/23 maxlen: 24
185.45.2.0/23 maxlen: 24
185.233.228.0/24 maxlen: 24
185.233.229.0/24 maxlen: 24
185.233.230.0/24 maxlen: 24
185.233.231.0/24 maxlen: 24
193.246.192.0/24 maxlen: 24
193.246.193.0/24 maxlen: 24
193.246.194.0/24 maxlen: 24
193.246.195.0/24 maxlen: 24
193.246.196.0/24 maxlen: 24
193.246.197.0/24 maxlen: 24
193.246.198.0/24 maxlen: 24
193.246.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RKO0P2R-HncUzRMHZMu8SBTnoUg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RKO0P2R-HncUzRMHZMu8SBTnoUg.mft
rsync://rpki.ripe.net/repository/DEFAULT/RKO0P2R-HncUzRMHZMu8SBTnoUg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:2f:d4:71:14:47:f2:83:c0:c4:98:5c:7f:f3:da:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a3b43f647e1e7714cd130764cbbc4814e7a148
Validity
Not Before: Nov 4 18:45:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32c7544026a04c31ddf128bbf013c39a9fd6a59f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a1:70:c9:34:13:73:fb:99:00:e2:ad:ac:38:
d4:26:b4:ba:ab:95:63:79:90:6b:f0:ac:9e:83:7a:
ff:61:2a:48:8a:bf:f2:d5:4b:94:16:6e:7c:50:70:
09:a2:93:40:64:f1:03:4b:7a:1e:fe:88:db:6d:27:
24:fc:37:a7:79:d5:99:5d:0b:24:a7:a1:0e:0a:31:
55:8f:cb:82:29:d5:69:7e:6d:d1:46:40:b5:4b:70:
10:d6:02:e0:79:ba:8f:0a:1d:9f:11:fa:63:e2:e2:
8f:1b:4f:57:ab:fd:67:0f:77:13:01:7d:d4:d2:4e:
54:f9:a6:06:05:5f:b8:4f:57:f1:c2:81:6c:6e:7f:
96:93:cb:12:bc:ea:1f:89:31:df:0e:f4:0f:ef:ea:
11:3a:49:f0:e0:42:07:37:b2:a7:92:af:a4:af:30:
54:1e:8f:ba:6a:40:32:ab:ed:78:86:3e:b1:8e:50:
db:da:86:a5:56:27:f7:ee:72:f8:5b:4f:76:a3:9e:
ad:93:92:8e:85:0f:ae:12:10:0a:7a:c0:d1:74:18:
93:f8:54:36:cc:c8:24:65:22:59:24:26:1e:cc:34:
43:20:f5:ff:1f:68:cd:84:6a:1e:05:1d:f8:66:41:
97:0e:16:49:e0:07:e1:9b:d7:38:29:df:0c:b3:01:
3a:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C7:54:40:26:A0:4C:31:DD:F1:28:BB:F0:13:C3:9A:9F:D6:A5:9F
X509v3 Authority Key Identifier:
keyid:44:A3:B4:3F:64:7E:1E:77:14:CD:13:07:64:CB:BC:48:14:E7:A1:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKO0P2R-HncUzRMHZMu8SBTnoUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/MsdUQCagTDHd8Si78BPDmp_WpZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e1cee6-dcff-4373-bd88-a3c539f0b6d2/1/RKO0P2R-HncUzRMHZMu8SBTnoUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.176.0/21
185.45.0.0/22
185.233.228.0/22
193.246.192.0/21
Signature Algorithm: sha256WithRSAEncryption
80:ff:41:54:b2:b8:57:96:40:db:55:95:7f:fb:6f:d6:70:9c:
74:ce:84:2f:be:2b:1f:5a:aa:62:09:2a:4a:5d:be:8c:8e:ce:
c7:0c:f3:f2:bb:2a:61:b0:f7:3f:1f:0e:c6:47:e2:e5:42:b7:
1a:0d:e3:41:ed:34:a3:39:1d:96:f7:9e:90:c6:be:cd:9f:99:
bc:5e:99:27:c7:32:2a:bd:d9:1b:1b:1e:ca:35:04:2f:0d:81:
42:1b:1a:4f:c7:f8:9b:a8:a2:1a:4a:5e:71:34:af:15:a3:a2:
5e:7d:9c:23:05:d9:f7:04:d6:90:b9:ab:1b:b2:cd:8e:36:0c:
7f:70:96:75:fa:4b:f2:15:ae:62:6e:b7:74:0e:6d:3c:e6:24:
74:dd:3c:0f:e9:f2:b3:d0:46:1b:4a:bc:a5:b9:1f:ce:46:68:
84:b3:5f:d4:51:b6:05:20:3e:f6:02:60:b4:1c:b7:64:cc:6a:
cf:bf:d0:de:63:ca:24:2a:f5:64:cf:0d:71:cc:a3:da:0c:33:
54:40:30:31:6f:61:52:3b:ac:be:ca:95:26:97:7a:e8:93:18:
b2:00:f0:68:e5:21:fa:a4:de:40:bc:20:23:0d:5d:3c:43:14:
24:f6:36:e3:d6:28:12:77:dd:f4:e7:9b:43:cf:6a:5c:bf:73:
ce:45:97:01
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZpQL9RxFEfyg8DEmFx/89oEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0YTNiNDNmNjQ3ZTFlNzcxNGNkMTMwNzY0Y2JiYzQ4MTRl
N2ExNDgwHhcNMjUxMTA0MTg0NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmM3NTQ0MDI2YTA0YzMxZGRmMTI4YmJmMDEzYzM5YTlmZDZhNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKFwyTQTc/uZAOKtrDjUJrS6q5Vj
eZBr8Kyeg3r/YSpIir/y1UuUFm58UHAJopNAZPEDS3oe/ojbbSck/DenedWZXQsk
p6EOCjFVj8uCKdVpfm3RRkC1S3AQ1gLgebqPCh2fEfpj4uKPG09Xq/1nD3cTAX3U
0k5U+aYGBV+4T1fxwoFsbn+Wk8sSvOofiTHfDvQP7+oROknw4EIHN7Knkq+krzBU
Ho+6akAyq+14hj6xjlDb2oalVif37nL4W092o56tk5KOhQ+uEhAKesDRdBiT+FQ2
zMgkZSJZJCYezDRDIPX/H2jNhGoeBR34ZkGXDhZJ4Afhm9c4Kd8MswE6twIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDLHVEAmoEwx3fEou/ATw5qf1qWfMB8GA1UdIwQY
MBaAFESjtD9kfh53FM0TB2TLvEgU56FIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUktPMFAyUi1IbmNVelJNSFpNdThTQlRub1VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lMWNlZTYtZGNmZi00MzczLWJkODgt
YTNjNTM5ZjBiNmQyLzEvTXNkVVFDYWdUREhkOFNpNzhCUERtcF9XcFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lMWNlZTYtZGNmZi00MzczLWJkODgtYTNjNTM5ZjBiNmQy
LzEvUktPMFAyUi1IbmNVelJNSFpNdThTQlRub1VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDWWqwAwQC
uS0AAwQCuenkAwQDwfbAMA0GCSqGSIb3DQEBCwUAA4IBAQCA/0FUsrhXlkDbVZV/
+2/WcJx0zoQvvisfWqpiCSpKXb6Mjs7HDPPyuyphsPc/Hw7GR+LlQrcaDeNB7TSj
OR2W956Qxr7Nn5m8XpknxzIqvdkbGx7KNQQvDYFCGxpPx/ibqKIaSl5xNK8Vo6Je
fZwjBdn3BNaQuasbss2ONgx/cJZ1+kvyFa5ibrd0Dm085iR03TwP6fKz0EYbSryl
uR/ORmiEs1/UUbYFID72AmC0HLdkzGrPv9DeY8okKvVkzw1xzKPaDDNUQDAxb2FS
O6y+ypUml3rokxiyAPBo5SH6pN5AvCAjDV08QxQk9jbj1igSd93055tDz2pcv3PO
RZcB
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:12:24 2025 by rpki-client