Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/BYoQ4s4czJjuocvOI1HvR-aMr7M.roa
File: BYoQ4s4czJjuocvOI1HvR-aMr7M.roa (raw, json)
Hash identifier: SsHvMaoCQsPiDzDLVhuMvxC3d30G/g1TK2SaE3ke6Rw=
Subject key identifier: 05:8A:10:E2:CE:1C:CC:98:EE:A1:CB:CE:23:51:EF:47:E6:8C:AF:B3
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 0199E7A428A6D6130962F10958A0F035FD24
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/BYoQ4s4czJjuocvOI1HvR-aMr7M.roa
Signing time: Wed 15 Oct 2025 11:31:59 +0000
ROA not before: Wed 15 Oct 2025 11:31:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213191
IP address blocks: 31.40.134.0/24 maxlen: 24
31.40.139.0/24 maxlen: 24
31.40.156.0/24 maxlen: 24
31.40.168.0/22 maxlen: 22
31.40.174.0/23 maxlen: 23
31.40.176.0/23 maxlen: 23
31.40.180.0/22 maxlen: 22
31.40.184.0/22 maxlen: 22
91.214.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 23:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e7:a4:28:a6:d6:13:09:62:f1:09:58:a0:f0:35:fd:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Oct 15 11:31:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=058a10e2ce1ccc98eea1cbce2351ef47e68cafb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6a:c9:51:a2:1e:04:fc:e7:b3:80:93:f6:0d:
ca:47:1d:00:47:9d:43:79:7a:9f:ac:80:b6:33:45:
86:bd:ac:b6:ce:2c:d0:3e:37:21:1b:2a:3a:bd:3b:
97:5b:14:53:32:c7:b7:d4:03:8a:81:55:05:c1:98:
76:44:1c:d2:b5:c5:71:be:28:6a:91:a9:ab:5a:10:
0c:6e:d9:07:6a:71:79:d9:ec:62:b5:07:b7:22:7d:
05:f6:c2:1c:9c:3f:d0:f2:69:68:6c:21:83:28:c1:
2b:ee:6d:98:c3:b0:ab:70:9f:02:0f:9d:e1:0b:46:
df:c0:d7:f2:5e:c2:e2:0e:0e:1d:b5:b1:af:5b:e0:
e3:0a:00:2b:1e:0c:fa:b3:cc:07:53:ad:0a:1d:df:
a6:d8:41:82:39:c4:37:6f:8a:f8:b7:35:04:b3:b3:
b7:db:cd:74:60:4f:de:19:b2:f7:fe:d8:8f:73:20:
9f:a4:cd:73:44:7f:9a:e1:9f:61:27:fe:b7:13:5a:
55:73:b1:e6:db:a9:4f:03:73:af:dc:0c:3a:08:8f:
a5:67:a0:4b:59:80:1c:d9:33:3a:80:f9:20:c2:7e:
b4:35:e5:66:fd:de:00:52:5b:60:5a:44:25:e3:c1:
c0:be:ee:c6:78:64:75:51:57:69:10:62:a7:cd:ac:
04:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:8A:10:E2:CE:1C:CC:98:EE:A1:CB:CE:23:51:EF:47:E6:8C:AF:B3
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/BYoQ4s4czJjuocvOI1HvR-aMr7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.134.0/24
31.40.139.0/24
31.40.156.0/24
31.40.168.0/22
31.40.174.0-31.40.177.255
31.40.180.0-31.40.187.255
91.214.80.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:b4:26:9c:cc:89:3f:3b:43:03:8d:62:44:31:e1:4d:52:e7:
69:e9:ea:dd:5b:84:7e:99:ab:c4:7a:46:dc:af:23:db:69:39:
ce:da:4b:6d:45:bd:ec:6d:53:41:87:c0:48:f5:18:20:07:aa:
2c:a0:d2:05:3d:32:2c:f1:67:66:41:e2:f9:54:cb:23:17:6b:
6b:8f:74:c9:3c:9d:5a:0a:ca:f4:99:6e:6b:88:c8:bd:25:ae:
aa:d7:dc:ec:c6:12:ed:cc:1f:82:fb:0d:83:4a:6e:68:4f:ff:
94:e1:03:34:98:bf:ec:1f:74:21:b0:84:8d:bb:1a:a0:b9:f3:
26:1d:02:03:f2:93:c3:0b:29:3c:ef:09:c5:96:19:13:0d:2c:
e6:c5:82:8b:30:4f:93:f5:1c:84:b1:43:0d:61:ac:b5:67:f4:
81:53:c7:08:53:b8:12:39:e0:39:e5:ec:ab:aa:8e:b9:05:54:
c0:e4:cc:b6:1c:ee:ea:33:ad:c2:3d:2f:fb:ff:6f:65:ae:c3:
04:37:85:2f:1c:41:5f:ed:a2:b1:62:f7:a5:c2:5f:a1:33:c2:
bd:a4:23:cb:80:b6:5d:e3:e1:5c:82:8a:f0:13:3e:81:5f:f3:
fa:90:38:91:23:02:7d:fc:fb:ff:63:22:a6:12:db:78:03:8e:
95:fe:3d:0b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZnnpCim1hMJYvEJWKDwNf0kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjUxMDE1MTEzMTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNThhMTBlMmNlMWNjYzk4ZWVhMWNiY2UyMzUxZWY0N2U2OGNhZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGrJUaIeBPzns4CT9g3KRx0AR51D
eXqfrIC2M0WGvay2zizQPjchGyo6vTuXWxRTMse31AOKgVUFwZh2RBzStcVxvihq
kamrWhAMbtkHanF52exitQe3In0F9sIcnD/Q8mlobCGDKMEr7m2Yw7CrcJ8CD53h
C0bfwNfyXsLiDg4dtbGvW+DjCgArHgz6s8wHU60KHd+m2EGCOcQ3b4r4tzUEs7O3
2810YE/eGbL3/tiPcyCfpM1zRH+a4Z9hJ/63E1pVc7Hm26lPA3Ov3Aw6CI+lZ6BL
WYAc2TM6gPkgwn60NeVm/d4AUltgWkQl48HAvu7GeGR1UVdpEGKnzawEGwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFAWKEOLOHMyY7qHLziNR70fmjK+zMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvQllvUTRzNGN6Smp1b2N2T0kxSHZSLWFNcjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAHyiGAwQA
HyiLAwQAHyicAwQCHyioMAwDBAEfKK4DBAEfKLAwDAMEAh8otAMEAh8ouAMEAFvW
UDANBgkqhkiG9w0BAQsFAAOCAQEADbQmnMyJPztDA41iRDHhTVLnaenq3VuEfpmr
xHpG3K8j22k5ztpLbUW97G1TQYfASPUYIAeqLKDSBT0yLPFnZkHi+VTLIxdra490
yTydWgrK9Jlua4jIvSWuqtfc7MYS7cwfgvsNg0puaE//lOEDNJi/7B90IbCEjbsa
oLnzJh0CA/KTwwspPO8JxZYZEw0s5sWCizBPk/UchLFDDWGstWf0gVPHCFO4Ejng
OeXsq6qOuQVUwOTMthzu6jOtwj0v+/9vZa7DBDeFLxxBX+2isWL3pcJfoTPCvaQj
y4C2XePhXIKK8BM+gV/z+pA4kSMCffz7/2MiphLbeAOOlf49Cw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:27:52 2025 by rpki-client