Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/LxM7ryNxPBJ6u1K4Uke5jln6boY.roa
File: LxM7ryNxPBJ6u1K4Uke5jln6boY.roa (raw, json)
Hash identifier: qlW13U5EQDfxavUt5/nC8dAuhoLUYXPUxfBbp5TNFbs=
Subject key identifier: 2F:13:3B:AF:23:71:3C:12:7A:BB:52:B8:52:47:B9:8E:59:FA:6E:86
Certificate issuer: /CN=b732762a5e861e976de53d14786f39e3a669681b
Certificate serial: 0196875EAAD0A68ED85C503CC5A8CE4FEFBE
Authority key identifier: B7:32:76:2A:5E:86:1E:97:6D:E5:3D:14:78:6F:39:E3:A6:69:68:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/LxM7ryNxPBJ6u1K4Uke5jln6boY.roa
Signing time: Wed 30 Apr 2025 15:44:10 +0000
ROA not before: Wed 30 Apr 2025 15:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41327
IP address blocks: 31.185.96.0/24 maxlen: 24
31.185.98.0/24 maxlen: 24
31.185.100.0/22 maxlen: 24
93.94.88.0/21 maxlen: 24
185.61.168.0/22 maxlen: 24
185.157.228.0/22 maxlen: 24
2a03:b020::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 14:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:5e:aa:d0:a6:8e:d8:5c:50:3c:c5:a8:ce:4f:ef:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b732762a5e861e976de53d14786f39e3a669681b
Validity
Not Before: Apr 30 15:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f133baf23713c127abb52b85247b98e59fa6e86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:de:13:00:ae:8b:1f:4f:0f:17:43:bf:a9:95:
fd:b7:c6:10:53:8a:3b:1a:a8:eb:f2:81:15:67:e8:
8e:a9:b7:78:fc:f4:00:79:8f:c1:9c:d9:db:17:ed:
fc:d4:a7:18:3c:d5:72:71:c8:49:ae:21:88:03:c4:
9f:7b:7f:53:5d:57:f2:b7:96:b1:22:46:25:94:82:
ea:bb:ac:83:00:59:65:4a:51:30:f7:b4:42:e9:c0:
68:dc:26:d5:80:72:1f:f7:6b:aa:3e:08:1e:e5:d7:
5f:95:d0:27:24:c2:8f:1b:a4:20:41:1d:21:19:11:
09:0b:28:a5:a8:2e:b9:52:0d:7a:37:85:9e:d1:09:
e8:58:27:73:5d:56:77:67:21:4d:7d:94:df:73:1b:
4f:03:07:0d:8e:f7:bd:a8:7a:d7:c5:63:1e:d7:60:
d8:c0:32:3b:26:5b:41:93:be:3e:c2:81:71:05:a3:
f6:ca:5a:2f:9d:06:5d:49:34:c7:c0:c7:38:b8:38:
7b:4c:0b:01:7c:2f:86:4f:9e:24:e3:41:bf:f0:2a:
5a:09:2d:09:6d:85:3a:18:93:05:d2:af:a6:98:17:
ae:e2:57:b4:4f:56:86:e5:2e:dd:d4:f8:4e:82:2e:
62:6b:c7:bc:d6:65:c0:a9:ce:36:41:e7:05:78:b7:
92:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:13:3B:AF:23:71:3C:12:7A:BB:52:B8:52:47:B9:8E:59:FA:6E:86
X509v3 Authority Key Identifier:
keyid:B7:32:76:2A:5E:86:1E:97:6D:E5:3D:14:78:6F:39:E3:A6:69:68:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/LxM7ryNxPBJ6u1K4Uke5jln6boY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5ac21d-7616-4eef-85d7-63b52aa7f8da/1/tzJ2Kl6GHpdt5T0UeG8546ZpaBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.185.96.0/24
31.185.98.0/24
31.185.100.0/22
93.94.88.0/21
185.61.168.0/22
185.157.228.0/22
IPv6:
2a03:b020::/29
Signature Algorithm: sha256WithRSAEncryption
14:c6:c4:7e:42:a8:ce:0e:11:2f:24:3f:35:76:83:bd:da:f8:
5e:6f:fb:65:c4:a7:20:1b:ce:1f:9d:7a:b8:77:3c:ba:9d:36:
4a:fd:d2:4f:ac:79:d3:c2:e4:c2:07:f0:81:80:52:e6:eb:04:
64:2b:e9:82:b1:30:f9:be:18:00:39:01:2e:47:da:a9:9e:b4:
8a:5f:ad:9f:c5:96:c5:9b:70:fb:48:a3:09:55:dc:6a:17:1d:
46:3a:60:e1:cc:8c:e5:ea:00:9f:48:c5:36:12:cc:9b:87:a4:
db:7d:54:4b:e3:21:b6:f4:d6:13:f7:66:ea:72:b7:a8:b1:c9:
9f:d7:13:2e:3e:42:aa:10:85:03:c4:03:fb:8f:e7:54:02:56:
8d:a7:4b:c5:b7:4c:1e:7a:1e:e2:a5:1f:0c:69:de:8c:5f:49:
3b:de:72:3a:bc:42:0b:2b:ca:ee:2a:e7:d6:f7:84:e8:6e:c5:
d5:6a:9f:d8:82:a9:38:77:55:a7:03:e0:18:fd:7c:78:30:1f:
b6:ee:6d:7c:81:b0:4b:6d:90:be:84:2b:2e:1a:1b:32:3c:69:
84:f4:72:82:f1:ab:b0:86:66:99:78:e9:e0:a6:2d:9a:66:0c:
5a:a9:91:c8:12:59:14:c6:e0:77:b9:ce:e8:f5:15:18:cb:8a:
d7:95:06:61
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZaHXqrQpo7YXFA8xajOT+++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MzI3NjJhNWU4NjFlOTc2ZGU1M2QxNDc4NmYzOWUzYTY2
OTY4MWIwHhcNMjUwNDMwMTU0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjEzM2JhZjIzNzEzYzEyN2FiYjUyYjg1MjQ3Yjk4ZTU5ZmE2ZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwd4TAK6LH08PF0O/qZX9t8YQU4o7
Gqjr8oEVZ+iOqbd4/PQAeY/BnNnbF+381KcYPNVycchJriGIA8Sfe39TXVfyt5ax
IkYllILqu6yDAFllSlEw97RC6cBo3CbVgHIf92uqPgge5ddfldAnJMKPG6QgQR0h
GREJCyilqC65Ug16N4We0QnoWCdzXVZ3ZyFNfZTfcxtPAwcNjve9qHrXxWMe12DY
wDI7JltBk74+woFxBaP2ylovnQZdSTTHwMc4uDh7TAsBfC+GT54k40G/8CpaCS0J
bYU6GJMF0q+mmBeu4le0T1aG5S7d1PhOgi5ia8e81mXAqc42QecFeLeStwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFC8TO68jcTwSertSuFJHuY5Z+m6GMB8GA1UdIwQY
MBaAFLcydipehh6XbeU9FHhvOeOmaWgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHpKMktsNkdIcGR0NVQwVWVHODU0NlpwYUJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81YWMyMWQtNzYxNi00ZWVmLTg1ZDct
NjNiNTJhYTdmOGRhLzEvTHhNN3J5TnhQQko2dTFLNFVrZTVqbG42Ym9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81YWMyMWQtNzYxNi00ZWVmLTg1ZDctNjNiNTJhYTdmOGRh
LzEvdHpKMktsNkdIcGR0NVQwVWVHODU0NlpwYUJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAH7lgAwQA
H7liAwQCH7lkAwQDXV5YAwQCuT2oAwQCuZ3kMA0EAgACMAcDBQMqA7AgMA0GCSqG
SIb3DQEBCwUAA4IBAQAUxsR+QqjODhEvJD81doO92vheb/tlxKcgG84fnXq4dzy6
nTZK/dJPrHnTwuTCB/CBgFLm6wRkK+mCsTD5vhgAOQEuR9qpnrSKX62fxZbFm3D7
SKMJVdxqFx1GOmDhzIzl6gCfSMU2Esybh6TbfVRL4yG29NYT92bqcreoscmf1xMu
PkKqEIUDxAP7j+dUAlaNp0vFt0weeh7ipR8Mad6MX0k73nI6vEILK8ruKufW94To
bsXVap/Ygqk4d1WnA+AY/Xx4MB+27m18gbBLbZC+hCsuGhsyPGmE9HKC8auwhmaZ
eOngpi2aZgxaqZHIElkUxuB3uc7o9RUYy4rXlQZh
-----END CERTIFICATE-----
Generated at Thu May 15 21:24:15 2025 by rpki-client