Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/cXrx1ROqbRYTJpBaY9JfsPVk3Ow.roa
File: cXrx1ROqbRYTJpBaY9JfsPVk3Ow.roa (raw, json)
Hash identifier: e0I94SNdLBs+vaXUAirpLtLE8FeKHQEH/NhmFQRxO+I=
Subject key identifier: 71:7A:F1:D5:13:AA:6D:16:13:26:90:5A:63:D2:5F:B0:F5:64:DC:EC
Certificate issuer: /CN=ee370985f83f41330111c350cd6b1e1eead526aa
Certificate serial: 01978D388EAD435C5DCA1CBF2C1AE3407883
Authority key identifier: EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/cXrx1ROqbRYTJpBaY9JfsPVk3Ow.roa
Signing time: Fri 20 Jun 2025 12:03:03 +0000
ROA not before: Fri 20 Jun 2025 12:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6205
IP address blocks: 31.7.32.0/24 maxlen: 24
31.7.33.0/24 maxlen: 24
31.7.34.0/24 maxlen: 24
31.7.35.0/24 maxlen: 24
31.7.36.0/24 maxlen: 24
31.7.37.0/24 maxlen: 24
31.7.38.0/24 maxlen: 24
31.7.39.0/24 maxlen: 24
185.140.124.0/24 maxlen: 24
185.140.125.0/24 maxlen: 24
185.140.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8d:38:8e:ad:43:5c:5d:ca:1c:bf:2c:1a:e3:40:78:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee370985f83f41330111c350cd6b1e1eead526aa
Validity
Not Before: Jun 20 12:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=717af1d513aa6d161326905a63d25fb0f564dcec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:dc:c7:42:30:e4:34:a6:d7:48:5c:fe:b4:ad:
70:d8:98:03:b8:8a:d7:5d:a4:00:11:be:b7:23:64:
cb:b8:9b:f8:98:86:35:e6:d1:ac:e4:87:04:12:74:
bb:b0:36:06:ad:6b:31:0e:26:67:67:c8:0b:a4:63:
7f:01:d6:4c:e2:0c:f3:09:2b:22:82:c0:46:7f:25:
1e:6e:e4:06:d7:05:16:e8:89:99:19:bd:4c:65:6e:
3d:83:13:34:f3:d1:30:d8:5e:df:8f:19:20:cf:7b:
ac:03:c7:c6:d8:96:5d:82:37:f2:9c:c3:4a:91:5f:
da:be:e7:7f:10:94:dd:7e:ac:bf:3f:77:78:f3:54:
9b:36:20:a0:e4:12:3a:73:5b:f3:ed:92:6b:d0:1d:
fc:a1:7c:93:b3:41:c1:c4:c2:c9:6f:c7:1b:74:d0:
e1:0f:d1:6d:3a:11:4f:8f:41:2c:eb:2c:96:f6:57:
81:4a:ff:77:94:fa:33:6c:17:bf:9a:d1:96:52:02:
45:28:70:c1:f5:5c:d4:ce:c6:f9:26:94:d4:2b:1d:
46:b1:b2:b5:f7:c2:20:1e:3d:52:9a:0d:55:6b:2a:
cb:e9:b1:c7:d1:5b:e0:84:1c:69:b7:36:d1:bb:b3:
34:0c:b6:e7:aa:5d:c7:83:26:3d:b3:34:09:3b:ff:
cd:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:7A:F1:D5:13:AA:6D:16:13:26:90:5A:63:D2:5F:B0:F5:64:DC:EC
X509v3 Authority Key Identifier:
keyid:EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/cXrx1ROqbRYTJpBaY9JfsPVk3Ow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.32.0/21
185.140.124.0/23
185.140.127.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:15:cb:b9:fc:e1:23:2f:15:19:6f:28:09:9d:06:3b:a3:a6:
c9:ba:bf:39:c9:ae:bd:6c:f0:39:33:91:80:33:a4:9c:ae:d0:
19:1c:a5:3d:da:c6:05:b1:62:03:bd:1b:89:31:a4:fb:88:a0:
18:45:c7:b9:2f:d5:75:f2:2d:e9:39:2d:6c:39:1b:3e:cb:11:
98:e7:e9:56:d5:64:51:7c:ed:10:16:23:e2:8e:d5:2b:c0:0b:
25:ff:55:f9:90:76:53:48:53:bc:da:5a:ea:47:a2:40:4c:90:
3b:57:50:b9:47:69:ce:f1:5d:e1:26:49:12:6c:62:99:f2:f7:
ba:62:7c:e6:8e:26:2e:3c:2a:32:fe:e7:a4:b8:fd:30:46:d9:
4e:5c:93:97:69:3c:c8:ae:51:38:73:79:fc:39:48:32:06:a4:
c8:d6:a1:5d:89:b1:eb:b1:27:e5:85:7e:df:3c:a5:3a:38:55:
e1:cf:df:f0:f8:47:b6:ed:e1:b6:ab:56:72:9e:7c:cc:34:50:
4c:45:ca:3f:24:0b:80:24:62:1c:d6:96:05:d5:17:26:57:ed:
b2:df:49:3f:85:c1:fe:77:97:7b:d0:c8:0d:36:6c:c5:cb:0d:
3c:ee:bb:42:82:3c:82:37:c8:28:49:e1:c6:79:2d:2c:a1:5b:
ce:3c:4b:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZeNOI6tQ1xdyhy/LBrjQHiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzcwOTg1ZjgzZjQxMzMwMTExYzM1MGNkNmIxZTFlZWFk
NTI2YWEwHhcNMjUwNjIwMTIwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTdhZjFkNTEzYWE2ZDE2MTMyNjkwNWE2M2QyNWZiMGY1NjRkY2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7dzHQjDkNKbXSFz+tK1w2JgDuIrX
XaQAEb63I2TLuJv4mIY15tGs5IcEEnS7sDYGrWsxDiZnZ8gLpGN/AdZM4gzzCSsi
gsBGfyUebuQG1wUW6ImZGb1MZW49gxM089Ew2F7fjxkgz3usA8fG2JZdgjfynMNK
kV/avud/EJTdfqy/P3d481SbNiCg5BI6c1vz7ZJr0B38oXyTs0HBxMLJb8cbdNDh
D9FtOhFPj0Es6yyW9leBSv93lPozbBe/mtGWUgJFKHDB9VzUzsb5JpTUKx1GsbK1
98IgHj1Smg1VayrL6bHH0VvghBxptzbRu7M0DLbnql3HgyY9szQJO//NdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHF68dUTqm0WEyaQWmPSX7D1ZNzsMB8GA1UdIwQY
MBaAFO43CYX4P0EzARHDUM1rHh7q1SaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAt
MzI0NDU0NmY4Y2JmLzEvY1hyeDFST3FiUllUSnBCYVk5SmZzUFZrM093LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAtMzI0NDU0NmY4Y2Jm
LzEvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDHwcgAwQB
uYx8AwQAuYx/MA0GCSqGSIb3DQEBCwUAA4IBAQBOFcu5/OEjLxUZbygJnQY7o6bJ
ur85ya69bPA5M5GAM6ScrtAZHKU92sYFsWIDvRuJMaT7iKAYRce5L9V18i3pOS1s
ORs+yxGY5+lW1WRRfO0QFiPijtUrwAsl/1X5kHZTSFO82lrqR6JATJA7V1C5R2nO
8V3hJkkSbGKZ8ve6YnzmjiYuPCoy/uekuP0wRtlOXJOXaTzIrlE4c3n8OUgyBqTI
1qFdibHrsSflhX7fPKU6OFXhz9/w+Ee27eG2q1ZynnzMNFBMRco/JAuAJGIc1pYF
1RcmV+2y30k/hcH+d5d70MgNNmzFyw087rtCgjyCN8goSeHGeS0soVvOPEuz
-----END CERTIFICATE-----
Generated at Wed Jul 2 19:51:55 2025 by rpki-client