
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/3f85da-311f-45b4-a747-56560b26a0db/1/Mt4ySnJ9tLnzzQYq2U6tfp3Q3JA.roa
File: Mt4ySnJ9tLnzzQYq2U6tfp3Q3JA.roa (raw, json)
Hash identifier: Czeue2iwQkgf4dbWmDFWclQeOMsHJV7V0inLeSwakN8=
Subject key identifier: 32:DE:32:4A:72:7D:B4:B9:F3:CD:06:2A:D9:4E:AD:7E:9D:D0:DC:90
Certificate issuer: /CN=5446df07ff3cb26dfcf4eeb8761fb016caf7f9ee
Certificate serial: 019865404AA1EEC81DB22AF6577B7E3D9D6F
Authority key identifier: 54:46:DF:07:FF:3C:B2:6D:FC:F4:EE:B8:76:1F:B0:16:CA:F7:F9:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VEbfB_88sm389O64dh-wFsr3-e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/3f85da-311f-45b4-a747-56560b26a0db/1/Mt4ySnJ9tLnzzQYq2U6tfp3Q3JA.roa
Signing time: Fri 01 Aug 2025 10:49:28 +0000
ROA not before: Fri 01 Aug 2025 10:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205277
IP address blocks: 185.223.124.0/22 maxlen: 22
185.223.124.0/23 maxlen: 23
185.223.124.0/24 maxlen: 24
185.223.125.0/24 maxlen: 24
185.223.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/3f85da-311f-45b4-a747-56560b26a0db/1/VEbfB_88sm389O64dh-wFsr3-e4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/3f85da-311f-45b4-a747-56560b26a0db/1/VEbfB_88sm389O64dh-wFsr3-e4.mft
rsync://rpki.ripe.net/repository/DEFAULT/VEbfB_88sm389O64dh-wFsr3-e4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 14:26:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:65:40:4a:a1:ee:c8:1d:b2:2a:f6:57:7b:7e:3d:9d:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5446df07ff3cb26dfcf4eeb8761fb016caf7f9ee
Validity
Not Before: Aug 1 10:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32de324a727db4b9f3cd062ad94ead7e9dd0dc90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:32:cb:84:71:0b:6a:e7:a9:bd:ab:29:9e:63:
67:ec:0b:46:d2:0a:86:7d:f3:c0:57:66:14:e9:1f:
23:67:21:3f:02:b9:d5:2a:c3:03:ed:a8:d8:1c:91:
09:0c:3b:c7:9b:5d:4d:44:9c:7e:8b:89:be:e0:ee:
ca:56:c1:bd:ee:3d:ae:8f:ee:31:1b:55:55:96:40:
7d:b9:46:8a:f8:ab:f3:f5:b8:c9:4c:2a:5f:0f:ac:
59:32:ca:13:bb:d0:19:f1:56:97:d3:f3:f8:c6:fc:
36:b7:40:ba:ad:3a:5c:98:52:73:a3:17:ae:06:d1:
52:30:b8:7d:fe:fc:6f:1c:9a:ac:9a:0d:20:dc:3c:
77:7d:fc:66:a9:de:16:85:60:c7:6c:06:24:84:ad:
9d:e7:04:6b:1f:76:48:53:a7:c6:7f:72:82:2d:2f:
a0:5a:99:a0:8a:f7:ca:fd:98:5c:99:44:c4:ac:c5:
e9:55:ff:4a:fb:a8:4d:f5:50:ea:2c:77:03:ff:b0:
21:39:ac:fc:d0:64:83:86:d7:3b:97:46:5d:84:14:
72:97:06:2e:da:db:37:5e:9e:bd:d7:b3:ab:99:62:
c8:19:00:0a:f4:03:d7:f8:48:e6:7a:53:9d:db:20:
32:3c:f4:22:2b:91:ed:d2:c3:2a:96:e9:44:b8:25:
fb:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DE:32:4A:72:7D:B4:B9:F3:CD:06:2A:D9:4E:AD:7E:9D:D0:DC:90
X509v3 Authority Key Identifier:
keyid:54:46:DF:07:FF:3C:B2:6D:FC:F4:EE:B8:76:1F:B0:16:CA:F7:F9:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VEbfB_88sm389O64dh-wFsr3-e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3f85da-311f-45b4-a747-56560b26a0db/1/Mt4ySnJ9tLnzzQYq2U6tfp3Q3JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3f85da-311f-45b4-a747-56560b26a0db/1/VEbfB_88sm389O64dh-wFsr3-e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.124.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:43:db:24:78:2e:c5:d1:28:c2:07:71:71:77:0b:37:8d:94:
a0:e0:fa:8a:6a:a7:c3:4c:2d:a9:cc:56:8d:3e:93:1e:f0:20:
94:50:d6:ba:d6:49:8c:d7:72:16:da:ea:01:cf:22:67:c2:9f:
f8:37:b6:aa:a1:01:b2:38:e9:98:0b:53:2b:74:6f:b7:48:5d:
83:83:81:45:e1:36:a6:8e:82:13:1b:c0:39:f8:94:b0:91:fc:
d5:27:ce:cb:6a:cd:92:f0:3e:2d:db:e9:72:34:6b:66:cc:68:
f8:9a:9d:6f:8a:99:fd:e6:fe:aa:6f:52:19:d2:ff:38:a6:1e:
b6:bf:eb:67:10:d0:d3:92:58:bc:17:1e:6c:41:6d:b8:63:f0:
e2:a7:a1:45:1d:d4:09:22:85:f1:82:07:8d:c0:e3:be:75:df:
3f:e0:d4:84:d5:00:59:c3:a9:8e:b3:d9:41:07:30:6b:87:0a:
46:19:9c:c1:a9:84:ea:bd:07:41:12:9d:02:92:ba:b0:b3:7d:
1d:47:44:76:5f:a1:c8:5b:68:c8:09:82:55:18:f5:a7:8e:60:
c0:e4:f7:82:eb:a8:d0:83:b1:1f:7f:8e:f6:c6:0e:26:b3:3f:
c7:dc:51:17:96:d2:e5:ac:0b:fc:e3:09:66:b6:f6:af:ba:13:
a1:86:ba:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZhlQEqh7sgdsir2V3t+PZ1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NDZkZjA3ZmYzY2IyNmRmY2Y0ZWViODc2MWZiMDE2Y2Fm
N2Y5ZWUwHhcNMjUwODAxMTA0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmRlMzI0YTcyN2RiNGI5ZjNjZDA2MmFkOTRlYWQ3ZTlkZDBkYzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDLLhHELauepvaspnmNn7AtG0gqG
ffPAV2YU6R8jZyE/ArnVKsMD7ajYHJEJDDvHm11NRJx+i4m+4O7KVsG97j2uj+4x
G1VVlkB9uUaK+Kvz9bjJTCpfD6xZMsoTu9AZ8VaX0/P4xvw2t0C6rTpcmFJzoxeu
BtFSMLh9/vxvHJqsmg0g3Dx3ffxmqd4WhWDHbAYkhK2d5wRrH3ZIU6fGf3KCLS+g
WpmgivfK/ZhcmUTErMXpVf9K+6hN9VDqLHcD/7AhOaz80GSDhtc7l0ZdhBRylwYu
2ts3Xp6917OrmWLIGQAK9APX+EjmelOd2yAyPPQiK5Ht0sMqlulEuCX7gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDLeMkpyfbS5880GKtlOrX6d0NyQMB8GA1UdIwQY
MBaAFFRG3wf/PLJt/PTuuHYfsBbK9/nuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkViZkJfODhzbTM4OU82NGRoLXdGc3IzLWU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zZjg1ZGEtMzExZi00NWI0LWE3NDct
NTY1NjBiMjZhMGRiLzEvTXQ0eVNuSjl0TG56elFZcTJVNnRmcDNRM0pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zZjg1ZGEtMzExZi00NWI0LWE3NDctNTY1NjBiMjZhMGRi
LzEvVkViZkJfODhzbTM4OU82NGRoLXdGc3IzLWU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud98MA0G
CSqGSIb3DQEBCwUAA4IBAQBaQ9skeC7F0SjCB3Fxdws3jZSg4PqKaqfDTC2pzFaN
PpMe8CCUUNa61kmM13IW2uoBzyJnwp/4N7aqoQGyOOmYC1MrdG+3SF2Dg4FF4Tam
joITG8A5+JSwkfzVJ87Las2S8D4t2+lyNGtmzGj4mp1vipn95v6qb1IZ0v84ph62
v+tnENDTkli8Fx5sQW24Y/Dip6FFHdQJIoXxggeNwOO+dd8/4NSE1QBZw6mOs9lB
BzBrhwpGGZzBqYTqvQdBEp0Ckrqws30dR0R2X6HIW2jICYJVGPWnjmDA5PeC66jQ
g7Eff472xg4msz/H3FEXltLlrAv84wlmtvavuhOhhrrp
-----END CERTIFICATE-----
Generated at Wed Aug 6 19:37:42 2025 by rpki-client