Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/_3RU2BqHBLt7OyJ8QG6pcsfDEzA.roa
File: _3RU2BqHBLt7OyJ8QG6pcsfDEzA.roa (raw, json)
Hash identifier: dWgH51NgNKqNoAbc9ev87uC45o43ZTLgGAHz+HffFSs=
Subject key identifier: FF:74:54:D8:1A:87:04:BB:7B:3B:22:7C:40:6E:A9:72:C7:C3:13:30
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0198A24A743B4ABB69499634E4D40166304D
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/_3RU2BqHBLt7OyJ8QG6pcsfDEzA.roa
Signing time: Wed 13 Aug 2025 07:17:25 +0000
ROA not before: Wed 13 Aug 2025 07:17:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42910
IP address blocks: 31.210.46.0/24 maxlen: 24
31.210.50.0/24 maxlen: 24
31.210.51.0/24 maxlen: 24
31.210.54.0/24 maxlen: 24
77.92.148.0/24 maxlen: 24
188.132.170.0/24 maxlen: 24
188.132.171.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.203.0/24 maxlen: 24
188.132.227.0/24 maxlen: 24
212.68.36.0/24 maxlen: 24
212.68.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 22:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:4a:74:3b:4a:bb:69:49:96:34:e4:d4:01:66:30:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Aug 13 07:17:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff7454d81a8704bb7b3b227c406ea972c7c31330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:32:53:da:33:d9:b4:09:75:1e:b1:56:63:f7:
61:ed:98:d3:f4:c8:43:33:f4:f5:4b:31:3b:f4:15:
77:d6:bb:50:6a:64:52:5e:20:c6:ce:14:6f:d2:0e:
2d:f9:f4:08:01:f8:ba:45:c2:eb:dc:68:e8:6a:d1:
f1:75:0c:07:f7:61:9e:63:34:a1:14:f3:d7:f0:e1:
37:b8:d8:74:a9:d8:49:0c:a1:d1:d5:69:93:4e:f1:
76:0d:44:a4:47:3a:04:ca:fd:31:dd:47:1b:28:1e:
ba:95:ab:92:d4:0a:fb:ad:af:f2:26:74:58:dd:fc:
a3:60:43:c3:18:31:b5:6d:31:eb:06:b4:07:3d:d5:
84:2b:02:8f:83:33:f5:70:90:35:03:bc:5c:16:1f:
35:82:2b:90:ca:47:f8:55:8b:8d:67:2b:cc:ab:78:
a4:ca:32:d0:b1:bd:99:be:0b:eb:08:e7:93:6f:21:
34:09:00:99:0c:bf:0c:a4:1f:f3:a0:e0:5d:81:bb:
c1:64:d3:18:ce:e7:64:ea:c5:e8:99:5d:d2:ca:5a:
d8:08:8e:5e:f1:d5:8d:8e:76:ba:b4:bf:0d:32:05:
6b:17:52:56:57:c4:90:66:c8:3e:3b:ec:86:34:51:
12:a0:9f:59:19:d5:eb:b1:34:77:29:36:b8:80:fb:
89:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:74:54:D8:1A:87:04:BB:7B:3B:22:7C:40:6E:A9:72:C7:C3:13:30
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/_3RU2BqHBLt7OyJ8QG6pcsfDEzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.46.0/24
31.210.50.0/23
31.210.54.0/24
77.92.148.0/24
188.132.170.0/23
188.132.191.0/24
188.132.203.0/24
188.132.227.0/24
212.68.36.0/24
212.68.49.0/24
Signature Algorithm: sha256WithRSAEncryption
00:9b:b9:f7:0d:60:b8:83:b5:f0:5a:b5:90:e6:f0:a9:3b:2f:
2d:63:06:77:1f:4e:ce:53:3c:f4:e0:e4:97:f7:ca:77:e2:48:
1e:37:06:ab:81:67:e2:00:fb:6d:2e:98:60:10:d6:7d:f1:60:
41:d3:56:e3:d9:18:8e:50:c0:93:28:d0:0e:79:11:c6:58:21:
ee:27:31:3c:0a:71:86:33:cd:aa:05:df:c8:71:f8:0a:f1:f7:
36:fa:93:50:00:f9:f3:94:21:ef:ec:a8:99:e7:cc:8e:55:15:
e9:6b:93:cf:31:c2:a7:56:5e:e5:76:3f:ce:01:53:e4:b4:0e:
29:c4:02:6f:f4:9b:00:95:c7:a5:b4:9b:b6:ee:2a:e4:44:75:
a2:f9:41:97:17:d7:7d:69:b9:cd:bf:f0:5d:1b:cc:aa:2b:6c:
1b:07:7b:2b:08:13:ce:2c:1d:65:b2:a4:4a:cb:93:8b:38:49:
7e:fe:24:80:be:5e:99:a4:28:5e:5e:7b:ba:1f:13:54:e4:b0:
16:c6:fe:02:48:55:53:e5:a2:12:14:d0:65:21:65:80:28:68:
9b:8c:cb:95:2e:c0:d1:f3:4a:1e:61:8a:53:0c:25:27:87:9e:
f6:ba:47:ea:94:87:4d:36:78:e2:f2:1a:5b:d3:cc:b9:69:9b:
92:bf:f1:37
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZiiSnQ7SrtpSZY05NQBZjBNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwODEzMDcxNzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjc0NTRkODFhODcwNGJiN2IzYjIyN2M0MDZlYTk3MmM3YzMxMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzJT2jPZtAl1HrFWY/dh7ZjT9MhD
M/T1SzE79BV31rtQamRSXiDGzhRv0g4t+fQIAfi6RcLr3GjoatHxdQwH92GeYzSh
FPPX8OE3uNh0qdhJDKHR1WmTTvF2DUSkRzoEyv0x3UcbKB66lauS1Ar7ra/yJnRY
3fyjYEPDGDG1bTHrBrQHPdWEKwKPgzP1cJA1A7xcFh81giuQykf4VYuNZyvMq3ik
yjLQsb2ZvgvrCOeTbyE0CQCZDL8MpB/zoOBdgbvBZNMYzudk6sXomV3SylrYCI5e
8dWNjna6tL8NMgVrF1JWV8SQZsg+O+yGNFESoJ9ZGdXrsTR3KTa4gPuJhQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFP90VNgahwS7ezsifEBuqXLHwxMwMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvXzNSVTJCcUhCTHQ3T3lKOFFHNnBjc2ZERXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAH9IuAwQB
H9IyAwQAH9I2AwQATVyUAwQBvISqAwQAvIS/AwQAvITLAwQAvITjAwQA1EQkAwQA
1EQxMA0GCSqGSIb3DQEBCwUAA4IBAQAAm7n3DWC4g7XwWrWQ5vCpOy8tYwZ3H07O
Uzz04OSX98p34kgeNwargWfiAPttLphgENZ98WBB01bj2RiOUMCTKNAOeRHGWCHu
JzE8CnGGM82qBd/IcfgK8fc2+pNQAPnzlCHv7KiZ58yOVRXpa5PPMcKnVl7ldj/O
AVPktA4pxAJv9JsAlceltJu27irkRHWi+UGXF9d9abnNv/BdG8yqK2wbB3srCBPO
LB1lsqRKy5OLOEl+/iSAvl6ZpCheXnu6HxNU5LAWxv4CSFVT5aISFNBlIWWAKGib
jMuVLsDR80oeYYpTDCUnh572ukfqlIdNNnji8hpb08y5aZuSv/E3
-----END CERTIFICATE-----
Generated at Sun Aug 24 06:04:16 2025 by rpki-client