Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/LxkbdDT5B3V41nboGdYKwlRHFhE.roa
File: LxkbdDT5B3V41nboGdYKwlRHFhE.roa (raw, json)
Hash identifier: AuvDpwL2tENcmyyhzl1N2g1cvgTxe8O4rOVnyWvYkGI=
Subject key identifier: 2F:19:1B:74:34:F9:07:75:78:D6:76:E8:19:D6:0A:C2:54:47:16:11
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 019783A4FF165E42BC21E8B037E8D9345257
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/LxkbdDT5B3V41nboGdYKwlRHFhE.roa
Signing time: Wed 18 Jun 2025 15:25:17 +0000
ROA not before: Wed 18 Jun 2025 15:25:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213191
IP address blocks: 31.40.139.0/24 maxlen: 24
31.40.168.0/22 maxlen: 22
31.40.174.0/23 maxlen: 23
31.40.176.0/23 maxlen: 23
31.40.180.0/22 maxlen: 22
31.40.184.0/22 maxlen: 22
91.214.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:83:a4:ff:16:5e:42:bc:21:e8:b0:37:e8:d9:34:52:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jun 18 15:25:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f191b7434f9077578d676e819d60ac254471611
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ff:0e:ac:54:0e:1d:dd:4f:40:c7:76:22:8b:
90:17:14:fe:66:7f:25:36:59:8a:f1:41:ad:0b:fb:
ae:6a:20:70:49:1a:6a:e4:cf:02:9b:ba:7e:be:96:
61:ce:55:e3:09:80:78:d8:02:f3:14:01:a6:1f:73:
78:b7:88:ac:b0:9a:d4:a7:40:2a:91:52:1e:ae:b9:
40:c9:b3:6d:aa:ce:55:d3:94:58:fe:ef:96:ed:9b:
8e:c7:eb:f8:34:11:e1:da:90:98:10:5f:34:b2:3e:
18:2c:46:b0:e6:41:56:00:cf:41:ef:55:15:57:c6:
5c:99:82:d5:c0:c5:92:96:2c:c8:09:82:ad:22:26:
0e:29:26:64:01:3d:11:1f:26:b4:ff:1d:f7:5d:8f:
05:5f:87:4d:fd:b2:8c:a0:57:fb:a9:fb:9e:b1:82:
78:da:96:af:ee:42:e3:af:04:10:c3:af:22:89:0b:
71:b8:75:01:90:f8:20:03:71:42:d9:26:b1:3f:a1:
21:99:51:49:f0:0c:79:6f:4e:fe:db:17:53:43:ed:
0d:4d:ec:b0:1e:7c:61:59:d6:43:f6:1f:c0:50:89:
51:4c:42:b2:aa:cb:b8:a5:0a:82:f4:b5:e7:2f:49:
d5:7f:7a:dc:1e:b8:57:96:13:7e:34:09:dd:bd:68:
6f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:19:1B:74:34:F9:07:75:78:D6:76:E8:19:D6:0A:C2:54:47:16:11
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/LxkbdDT5B3V41nboGdYKwlRHFhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.139.0/24
31.40.168.0/22
31.40.174.0-31.40.177.255
31.40.180.0-31.40.187.255
91.214.80.0/24
Signature Algorithm: sha256WithRSAEncryption
51:a9:df:bb:b4:b5:19:10:df:9e:58:4c:34:71:08:63:55:2e:
04:38:6f:61:e5:39:75:0b:a6:78:9f:98:b3:00:98:58:62:7a:
28:09:87:13:a8:d3:6b:a8:e4:61:8d:72:f4:66:18:2c:23:2c:
d9:c8:9e:0d:6e:67:10:d1:b3:38:ee:10:f2:0c:4d:cb:a0:88:
d5:60:ad:f7:50:5f:91:55:51:2b:2a:0b:35:06:e6:23:df:7a:
62:de:e5:1d:35:33:e5:ae:d1:4c:05:f6:14:42:52:ca:62:bd:
eb:6c:bb:94:f8:9e:a4:4f:c0:1b:70:bd:67:f8:e6:87:2f:ad:
ad:bd:68:57:e3:e8:6d:07:0b:43:c8:c0:d2:43:41:ba:e7:02:
84:dd:b9:b8:52:2f:f7:07:43:9f:3e:bb:5b:45:00:6b:bb:af:
f8:28:ef:a7:db:78:32:c7:b7:a9:99:d3:66:80:e4:51:60:80:
b3:a2:43:7e:73:80:b0:4b:3c:07:eb:41:14:19:8f:66:c0:97:
44:8a:c9:13:61:ae:67:5d:aa:0c:27:7b:38:9c:e7:a3:2b:d1:
86:0f:d5:ea:0b:88:22:f6:a6:a9:cf:f5:02:79:2d:09:bc:a5:
51:15:2b:53:07:36:4a:bd:36:48:52:77:8c:7e:36:cf:ff:bb:
0e:e6:af:c6
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZeDpP8WXkK8IeiwN+jZNFJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjUwNjE4MTUyNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjE5MWI3NDM0ZjkwNzc1NzhkNjc2ZTgxOWQ2MGFjMjU0NDcxNjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/8OrFQOHd1PQMd2IouQFxT+Zn8l
NlmK8UGtC/uuaiBwSRpq5M8Cm7p+vpZhzlXjCYB42ALzFAGmH3N4t4issJrUp0Aq
kVIerrlAybNtqs5V05RY/u+W7ZuOx+v4NBHh2pCYEF80sj4YLEaw5kFWAM9B71UV
V8ZcmYLVwMWSlizICYKtIiYOKSZkAT0RHya0/x33XY8FX4dN/bKMoFf7qfuesYJ4
2pav7kLjrwQQw68iiQtxuHUBkPggA3FC2SaxP6EhmVFJ8Ax5b07+2xdTQ+0NTeyw
HnxhWdZD9h/AUIlRTEKyqsu4pQqC9LXnL0nVf3rcHrhXlhN+NAndvWhvtwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFC8ZG3Q0+Qd1eNZ26BnWCsJURxYRMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvTHhrYmREVDVCM1Y0MW5ib0dkWUt3bFJIRmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAHyiLAwQC
HyioMAwDBAEfKK4DBAEfKLAwDAMEAh8otAMEAh8ouAMEAFvWUDANBgkqhkiG9w0B
AQsFAAOCAQEAUanfu7S1GRDfnlhMNHEIY1UuBDhvYeU5dQumeJ+YswCYWGJ6KAmH
E6jTa6jkYY1y9GYYLCMs2cieDW5nENGzOO4Q8gxNy6CI1WCt91BfkVVRKyoLNQbm
I996Yt7lHTUz5a7RTAX2FEJSymK962y7lPiepE/AG3C9Z/jmhy+trb1oV+PobQcL
Q8jA0kNBuucChN25uFIv9wdDnz67W0UAa7uv+Cjvp9t4Mse3qZnTZoDkUWCAs6JD
fnOAsEs8B+tBFBmPZsCXRIrJE2GuZ12qDCd7OJznoyvRhg/V6guIIvamqc/1Ankt
CbylURUrUwc2Sr02SFJ3jH42z/+7Duavxg==
-----END CERTIFICATE-----
Generated at Wed Jul 2 23:18:06 2025 by rpki-client