Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/HdluTxXl-pWaHGWyDsEkzMIGqPk.roa
File: HdluTxXl-pWaHGWyDsEkzMIGqPk.roa (raw, json)
Hash identifier: 3QRrZkPi7nW4Xst1si6pXGHNP7cktniynmG+cW94wv4=
Subject key identifier: 1D:D9:6E:4F:15:E5:FA:95:9A:1C:65:B2:0E:C1:24:CC:C2:06:A8:F9
Certificate issuer: /CN=6dfc1438ee0815a9bf8b73f9a7ced094f21ac79e
Certificate serial: 019CE24FF99CAA307D74EA2613121DC46935
Authority key identifier: 6D:FC:14:38:EE:08:15:A9:BF:8B:73:F9:A7:CE:D0:94:F2:1A:C7:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/HdluTxXl-pWaHGWyDsEkzMIGqPk.roa
Signing time: Thu 12 Mar 2026 13:50:17 +0000
ROA not before: Thu 12 Mar 2026 13:50:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43256
IP address blocks: 31.209.128.0/24 maxlen: 24
31.209.129.0/24 maxlen: 24
31.209.130.0/24 maxlen: 24
31.209.131.0/24 maxlen: 24
31.209.132.0/24 maxlen: 24
31.209.133.0/24 maxlen: 24
31.209.134.0/24 maxlen: 24
31.209.135.0/24 maxlen: 24
217.171.88.0/24 maxlen: 24
217.171.89.0/24 maxlen: 24
217.171.90.0/24 maxlen: 24
217.171.91.0/24 maxlen: 24
217.171.92.0/24 maxlen: 24
217.171.93.0/24 maxlen: 24
217.171.94.0/24 maxlen: 24
217.171.95.0/24 maxlen: 24
2a03:31c0::/40 maxlen: 40
2a03:31c0:100::/40 maxlen: 40
2a03:31c0:200::/40 maxlen: 40
2a03:31c0:300::/40 maxlen: 40
2a03:31c0:400::/40 maxlen: 40
2a03:31c0:500::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bfwUOO4IFam_i3P5p87QlPIax54.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bfwUOO4IFam_i3P5p87QlPIax54.mft
rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e2:4f:f9:9c:aa:30:7d:74:ea:26:13:12:1d:c4:69:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dfc1438ee0815a9bf8b73f9a7ced094f21ac79e
Validity
Not Before: Mar 12 13:50:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1dd96e4f15e5fa959a1c65b20ec124ccc206a8f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:38:59:7f:b3:6a:1c:0c:17:70:d2:a6:99:fe:
82:5a:2e:02:2b:da:0b:e8:ab:d7:35:c8:cc:51:fa:
41:3f:25:b8:b4:f8:8b:2e:35:44:4a:6e:38:1d:b5:
42:99:8b:c3:aa:ed:c6:f9:a8:6c:6a:c2:3a:9b:fd:
8e:78:21:11:41:e7:42:3c:8a:c3:0d:e6:60:83:6b:
68:da:8c:f4:dc:54:c6:37:6c:60:5f:94:1c:ed:3b:
d4:f6:5c:b1:24:17:8f:64:4b:96:a7:7a:15:a6:a6:
d4:cf:82:dd:1f:62:73:9f:d7:b4:c8:67:e2:0b:c1:
8e:0f:c0:6a:47:5e:ad:80:f3:f7:10:bb:6f:8f:58:
22:b0:fd:04:26:2a:19:af:44:57:34:7d:db:f0:ce:
df:c9:6f:c6:ff:47:3f:75:c3:11:00:db:1b:59:a6:
2d:b6:cc:ae:75:18:82:9f:27:04:8d:07:1d:79:84:
03:f4:f4:ad:4b:1c:2d:07:5f:e2:d8:97:b6:78:60:
62:52:98:1d:a8:40:57:0c:96:3c:69:93:8e:6a:65:
21:0b:b6:f9:f1:eb:2c:95:96:1b:d5:f0:5e:24:54:
df:e4:76:63:d8:74:32:b9:dd:3e:bc:63:a3:74:4d:
e6:f5:bb:da:fc:b2:e3:81:9c:a1:4d:79:98:59:aa:
de:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D9:6E:4F:15:E5:FA:95:9A:1C:65:B2:0E:C1:24:CC:C2:06:A8:F9
X509v3 Authority Key Identifier:
keyid:6D:FC:14:38:EE:08:15:A9:BF:8B:73:F9:A7:CE:D0:94:F2:1A:C7:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfwUOO4IFam_i3P5p87QlPIax54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/HdluTxXl-pWaHGWyDsEkzMIGqPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/2f98cb-6d94-48a1-8dba-d646767c5f13/1/bfwUOO4IFam_i3P5p87QlPIax54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.128.0/21
217.171.88.0/21
IPv6:
2a03:31c0::-2a03:31c0:5ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
83:13:8a:23:c9:2e:06:d7:56:33:34:5f:d8:d5:f3:e4:ab:a8:
46:98:23:62:89:c4:62:06:17:cc:d5:cb:c1:68:10:a0:50:6c:
69:f8:12:50:d6:26:ee:2b:68:c5:4d:c7:e9:54:1a:53:29:7c:
f4:50:b1:b6:44:25:c4:90:46:a3:bf:e4:31:ce:3c:ac:63:d9:
b8:f9:30:1d:45:f4:6c:ed:44:10:4d:bd:29:1c:14:4c:4a:32:
3d:62:33:95:56:3f:f6:5c:78:bb:b0:d4:19:1c:ee:04:e2:ee:
1d:54:d0:f9:08:c5:bc:cf:9c:1c:2b:a2:14:6e:94:a6:52:eb:
c8:2a:ad:16:f0:37:85:85:eb:5b:74:d0:07:f9:36:46:8d:9b:
90:9c:5b:09:db:ef:00:e7:e7:a6:0c:73:37:32:6d:f2:86:b3:
b5:8c:a9:3b:ea:7f:1e:ab:f8:87:d2:fe:9d:64:f1:02:4c:93:
66:00:13:38:3f:24:af:e4:f5:89:46:ae:a7:6e:d7:c3:81:fa:
b7:42:c2:4c:49:97:6b:ce:4f:a2:6b:f4:d7:a2:4b:21:35:a0:
35:34:ab:6e:b6:93:7a:49:0a:d8:d3:d7:01:14:3e:7c:75:7a:
2f:ea:b6:8c:10:ae:e1:ed:e6:9d:da:67:1e:73:0d:59:42:84:
46:ef:39:b7
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZziT/mcqjB9dOomExIdxGk1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZmMxNDM4ZWUwODE1YTliZjhiNzNmOWE3Y2VkMDk0ZjIx
YWM3OWUwHhcNMjYwMzEyMTM1MDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGQ5NmU0ZjE1ZTVmYTk1OWExYzY1YjIwZWMxMjRjY2MyMDZhOGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7zhZf7NqHAwXcNKmmf6CWi4CK9oL
6KvXNcjMUfpBPyW4tPiLLjVESm44HbVCmYvDqu3G+ahsasI6m/2OeCERQedCPIrD
DeZgg2to2oz03FTGN2xgX5Qc7TvU9lyxJBePZEuWp3oVpqbUz4LdH2Jzn9e0yGfi
C8GOD8BqR16tgPP3ELtvj1gisP0EJioZr0RXNH3b8M7fyW/G/0c/dcMRANsbWaYt
tsyudRiCnycEjQcdeYQD9PStSxwtB1/i2Je2eGBiUpgdqEBXDJY8aZOOamUhC7b5
8esslZYb1fBeJFTf5HZj2HQyud0+vGOjdE3m9bva/LLjgZyhTXmYWarehQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFB3Zbk8V5fqVmhxlsg7BJMzCBqj5MB8GA1UdIwQY
MBaAFG38FDjuCBWpv4tz+afO0JTyGseeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmZ3VU9PNElGYW1faTNQNXA4N1FsUElheDU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8yZjk4Y2ItNmQ5NC00OGExLThkYmEt
ZDY0Njc2N2M1ZjEzLzEvSGRsdVR4WGwtcFdhSEdXeURzRWt6TUlHcVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8yZjk4Y2ItNmQ5NC00OGExLThkYmEtZDY0Njc2N2M1ZjEz
LzEvYmZ3VU9PNElGYW1faTNQNXA4N1FsUElheDU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQDH9GAAwQD
2atYMBcEAgACMBEwDwMFBioDMcADBgEqAzHABDANBgkqhkiG9w0BAQsFAAOCAQEA
gxOKI8kuBtdWMzRf2NXz5KuoRpgjYonEYgYXzNXLwWgQoFBsafgSUNYm7itoxU3H
6VQaUyl89FCxtkQlxJBGo7/kMc48rGPZuPkwHUX0bO1EEE29KRwUTEoyPWIzlVY/
9lx4u7DUGRzuBOLuHVTQ+QjFvM+cHCuiFG6UplLryCqtFvA3hYXrW3TQB/k2Ro2b
kJxbCdvvAOfnpgxzNzJt8oaztYypO+p/Hqv4h9L+nWTxAkyTZgATOD8kr+T1iUau
p27Xw4H6t0LCTEmXa85Pomv016JLITWgNTSrbraTekkK2NPXARQ+fHV6L+q2jBCu
4e3mndpnHnMNWUKERu85tw==
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:01:42 2026 by rpki-client