Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/ExCqXkZMIEqh47hRnTFtapCNdEM.roa
File: ExCqXkZMIEqh47hRnTFtapCNdEM.roa (raw, json)
Hash identifier: xMw5uLZluGw2QE+/l6Z1ab/lUKiKsa14EvUKvmjDtQY=
Subject key identifier: 13:10:AA:5E:46:4C:20:4A:A1:E3:B8:51:9D:31:6D:6A:90:8D:74:43
Certificate issuer: /CN=3718b734349bf327d9453b96501e44b192e55142
Certificate serial: 0196A619CB0692FFD8C0D75951566EE0F46A
Authority key identifier: 37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/ExCqXkZMIEqh47hRnTFtapCNdEM.roa
Signing time: Tue 06 May 2025 14:57:10 +0000
ROA not before: Tue 06 May 2025 14:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.14.37.0/24 maxlen: 24
31.14.38.0/23 maxlen: 23
45.132.27.0/24 maxlen: 24
185.155.53.0/24 maxlen: 24
185.155.54.0/23 maxlen: 24
185.155.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 08:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a6:19:cb:06:92:ff:d8:c0:d7:59:51:56:6e:e0:f4:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3718b734349bf327d9453b96501e44b192e55142
Validity
Not Before: May 6 14:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1310aa5e464c204aa1e3b8519d316d6a908d7443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1e:2c:ff:fa:f4:85:4a:bf:2f:c3:eb:dc:72:
38:bd:5f:f8:8a:71:4d:cb:e8:af:11:35:2d:80:93:
94:0e:20:ef:8c:63:fa:88:06:0c:dd:3a:1a:09:8f:
12:fd:ef:93:a9:ec:a2:91:8c:6c:4a:4c:06:b2:4b:
f8:b2:24:70:e0:fb:09:0f:76:c7:5c:19:1f:eb:fc:
39:f8:38:df:1b:a2:23:51:50:30:fc:88:05:c3:91:
b8:69:ae:5e:56:89:e6:b1:f7:ad:f2:ba:8f:68:29:
28:55:1c:31:59:32:76:df:a3:71:dd:2e:b8:aa:f5:
10:dc:28:54:4d:5b:61:b3:3a:04:1c:47:f8:44:d0:
b3:e3:51:75:78:63:48:d3:99:6e:90:48:2e:fe:de:
dc:09:71:0d:cb:24:d2:70:21:a4:0f:22:dc:2c:f3:
1f:6c:7f:11:12:23:6f:9b:ad:4d:f2:b4:37:7e:92:
a2:9d:9a:8c:97:de:22:23:21:04:68:ea:94:1b:e6:
37:ea:a6:bb:34:8e:13:6a:61:1b:da:95:a0:d6:ab:
02:f3:ed:70:30:98:15:6b:4b:d3:80:c7:15:b6:97:
7c:06:cb:fb:0b:ea:17:c5:66:95:63:3d:b2:31:14:
9a:02:bf:ca:59:b3:ba:43:7c:06:c5:a3:f1:7d:a7:
c7:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:10:AA:5E:46:4C:20:4A:A1:E3:B8:51:9D:31:6D:6A:90:8D:74:43
X509v3 Authority Key Identifier:
keyid:37:18:B7:34:34:9B:F3:27:D9:45:3B:96:50:1E:44:B1:92:E5:51:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/ExCqXkZMIEqh47hRnTFtapCNdEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7bf8a8-e49c-406e-8eb7-c823cc8f3837/1/Nxi3NDSb8yfZRTuWUB5EsZLlUUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.37.0-31.14.39.255
45.132.27.0/24
185.155.53.0-185.155.55.255
Signature Algorithm: sha256WithRSAEncryption
a6:2b:fb:ec:28:3f:f0:40:4b:aa:a1:d9:22:a4:2e:f8:98:56:
25:de:ff:0a:b1:0e:cd:ce:8c:d8:b5:78:59:f2:c9:95:cf:e1:
a5:e6:d8:51:3e:07:68:3c:7b:2b:1a:37:c5:aa:bb:3c:58:02:
85:d2:23:b2:63:d0:cc:ed:3e:d9:48:19:c5:d8:2a:d9:d1:7d:
87:99:9a:7c:38:e8:11:d7:28:dc:de:b8:69:91:45:ea:7a:16:
81:af:d4:ea:68:0a:ce:2d:c7:4a:34:1c:5c:48:65:f4:57:ea:
80:f6:da:58:35:7d:ed:1b:7b:ec:cd:24:33:92:49:30:05:aa:
b2:73:b0:62:99:9b:ec:35:85:67:ce:73:a1:e0:a8:ed:3f:02:
94:fa:af:dd:67:d7:5e:7a:e4:2b:90:22:b0:fb:9a:c0:fd:76:
7f:ab:30:78:9d:ef:30:2b:0c:03:a1:27:da:88:49:84:e2:15:
d9:0c:11:c8:c4:c6:9f:fe:a7:4c:11:40:05:2f:96:07:74:13:
9a:dd:90:3c:89:03:0f:7b:6c:e6:b1:c5:0d:55:e5:d2:30:80:
e2:e8:84:09:92:70:1b:ce:28:b5:13:75:89:85:7a:3b:9a:2d:
6d:7e:17:cd:ff:de:e9:c3:e5:88:96:52:32:51:2e:fc:06:cc:
d5:8e:bb:bd
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZamGcsGkv/YwNdZUVZu4PRqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MThiNzM0MzQ5YmYzMjdkOTQ1M2I5NjUwMWU0NGIxOTJl
NTUxNDIwHhcNMjUwNTA2MTQ1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzEwYWE1ZTQ2NGMyMDRhYTFlM2I4NTE5ZDMxNmQ2YTkwOGQ3NDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx4s//r0hUq/L8Pr3HI4vV/4inFN
y+ivETUtgJOUDiDvjGP6iAYM3ToaCY8S/e+TqeyikYxsSkwGskv4siRw4PsJD3bH
XBkf6/w5+DjfG6IjUVAw/IgFw5G4aa5eVonmsfet8rqPaCkoVRwxWTJ236Nx3S64
qvUQ3ChUTVthszoEHEf4RNCz41F1eGNI05lukEgu/t7cCXENyyTScCGkDyLcLPMf
bH8REiNvm61N8rQ3fpKinZqMl94iIyEEaOqUG+Y36qa7NI4TamEb2pWg1qsC8+1w
MJgVa0vTgMcVtpd8Bsv7C+oXxWaVYz2yMRSaAr/KWbO6Q3wGxaPxfafHHwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBMQql5GTCBKoeO4UZ0xbWqQjXRDMB8GA1UdIwQY
MBaAFDcYtzQ0m/Mn2UU7llAeRLGS5VFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjct
YzgyM2NjOGYzODM3LzEvRXhDcVhrWk1JRXFoNDdoUm5URnRhcENOZEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YmY4YTgtZTQ5Yy00MDZlLThlYjctYzgyM2NjOGYzODM3
LzEvTnhpM05EU2I4eWZaUlR1V1VCNUVzWkxsVVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAAfDiUD
BAMfDiADBAAthBswDAMEALmbNQMEA7mbMDANBgkqhkiG9w0BAQsFAAOCAQEApiv7
7Cg/8EBLqqHZIqQu+JhWJd7/CrEOzc6M2LV4WfLJlc/hpebYUT4HaDx7Kxo3xaq7
PFgChdIjsmPQzO0+2UgZxdgq2dF9h5mafDjoEdco3N64aZFF6noWga/U6mgKzi3H
SjQcXEhl9FfqgPbaWDV97Rt77M0kM5JJMAWqsnOwYpmb7DWFZ85zoeCo7T8ClPqv
3WfXXnrkK5AisPuawP12f6sweJ3vMCsMA6En2ohJhOIV2QwRyMTGn/6nTBFABS+W
B3QTmt2QPIkDD3ts5rHFDVXl0jCA4uiECZJwG84otRN1iYV6O5otbX4Xzf/e6cPl
iJZSMlEu/AbM1Y67vQ==
-----END CERTIFICATE-----
Generated at Wed May 7 14:33:31 2025 by rpki-client