Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/Au5N1BIeKXe-z7QHSQZe_zM8f7I.roa
File: Au5N1BIeKXe-z7QHSQZe_zM8f7I.roa (raw, json)
Hash identifier: 6DwA81wGaSCf3eN1Ke/HY6YBMt0qhJfpBCN/zfaPgcc=
Subject key identifier: 02:EE:4D:D4:12:1E:29:77:BE:CF:B4:07:49:06:5E:FF:33:3C:7F:B2
Certificate issuer: /CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Certificate serial: 019781C8EB900B01FCCC59D8692B8428EA6F
Authority key identifier: F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/Au5N1BIeKXe-z7QHSQZe_zM8f7I.roa
Signing time: Wed 18 Jun 2025 06:45:17 +0000
ROA not before: Wed 18 Jun 2025 06:45:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42926
IP address blocks: 31.210.64.0/18 maxlen: 24
46.45.128.0/18 maxlen: 24
46.45.185.0/24 maxlen: 24
46.45.186.0/24 maxlen: 24
46.45.187.0/24 maxlen: 24
46.45.188.0/24 maxlen: 24
77.75.32.0/21 maxlen: 24
79.98.128.0/21 maxlen: 24
94.101.80.0/20 maxlen: 24
94.101.90.0/24 maxlen: 24
176.53.0.0/17 maxlen: 24
176.53.74.0/24 maxlen: 24
176.53.96.0/24 maxlen: 24
176.53.112.0/24 maxlen: 24
178.211.32.0/19 maxlen: 24
178.211.61.0/24 maxlen: 24
185.25.100.0/24 maxlen: 24
185.25.101.0/24 maxlen: 24
185.25.102.0/24 maxlen: 24
185.25.103.0/24 maxlen: 24
185.157.40.0/22 maxlen: 24
185.184.208.0/22 maxlen: 24
213.128.64.0/19 maxlen: 24
213.128.93.0/24 maxlen: 24
213.128.94.0/24 maxlen: 24
213.128.95.0/24 maxlen: 24
2a00:56a0::/32 maxlen: 48
2a01:790::/32 maxlen: 48
2a0b:5f40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 03:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:81:c8:eb:90:0b:01:fc:cc:59:d8:69:2b:84:28:ea:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Validity
Not Before: Jun 18 06:45:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02ee4dd4121e2977becfb40749065eff333c7fb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:de:0b:93:3c:6c:80:ff:4f:6e:27:37:5b:65:
56:14:bb:fd:1a:9e:2a:41:40:e8:38:ec:73:e8:76:
60:37:55:5d:56:41:18:e8:4e:fe:61:f9:36:0d:e8:
6b:45:cf:e2:48:d7:f6:3b:24:c4:aa:27:8c:11:6c:
5f:f4:57:0b:04:20:35:7e:b9:79:03:cc:91:45:83:
10:2e:0b:48:fa:f3:85:53:73:60:77:47:d0:b7:ad:
3b:87:7e:fd:88:ab:ac:df:18:ee:31:f5:69:33:b4:
ce:81:70:e6:d8:37:c7:d4:54:3b:6c:36:e7:37:f6:
31:ed:43:e3:a1:1e:42:1e:f0:cc:0a:a0:c5:2c:58:
4e:71:75:18:3a:34:9b:18:e0:71:b0:ad:a1:2d:45:
8a:a8:a1:6b:ed:73:bc:1a:ab:54:a8:e3:d3:b1:ee:
3a:e4:6a:58:46:c9:af:dd:8d:b4:41:12:d6:a8:05:
b5:3f:31:24:e7:e3:85:28:cc:96:13:ca:7a:56:ce:
b4:7f:da:e7:83:c5:e9:48:f9:99:72:6a:61:5f:5b:
64:9b:b4:18:ed:95:a0:75:e2:98:b5:09:47:b1:8a:
a7:e9:1e:52:05:09:dc:91:9e:1b:a3:b6:f4:d4:b8:
ac:81:20:8b:85:7b:d9:4b:ec:66:44:32:33:88:3b:
a4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:EE:4D:D4:12:1E:29:77:BE:CF:B4:07:49:06:5E:FF:33:3C:7F:B2
X509v3 Authority Key Identifier:
keyid:F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/Au5N1BIeKXe-z7QHSQZe_zM8f7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.64.0/18
46.45.128.0/18
77.75.32.0/21
79.98.128.0/21
94.101.80.0/20
176.53.0.0/17
178.211.32.0/19
185.25.100.0/22
185.157.40.0/22
185.184.208.0/22
213.128.64.0/19
IPv6:
2a00:56a0::/32
2a01:790::/32
2a0b:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
4b:c7:ca:11:33:f0:c1:3d:c8:24:15:35:a5:3f:bd:9c:c4:a9:
b1:4d:d7:7b:dc:c9:d5:83:e4:64:1b:3c:d0:07:e2:dc:dd:9c:
3d:95:0a:9c:c1:68:f5:4f:00:2c:86:80:0a:9f:9c:48:71:47:
ad:43:16:6e:1d:ec:c4:ae:41:b5:fe:56:1e:b4:1c:00:83:49:
b1:f8:22:b0:d5:2c:9d:7c:3b:03:15:3c:83:c4:d5:61:93:43:
bf:1d:cd:40:1f:25:0c:a0:ba:a9:3d:7c:b1:ed:dd:e5:ca:a8:
9b:5c:61:e5:ee:03:f5:85:49:61:59:9e:46:2b:d5:66:94:b4:
ae:91:c8:69:39:66:7b:2b:7b:25:3f:df:e4:b5:dc:13:91:70:
d6:11:7a:a0:2f:b2:b2:49:9c:c6:f4:20:be:11:be:01:21:cb:
6e:0d:40:f6:d2:03:84:77:9f:f6:09:37:6b:fb:09:ca:2e:da:
3f:f9:a5:eb:b9:b8:96:66:9a:85:bd:79:26:ac:80:b9:da:b3:
bc:1b:e0:66:30:f6:9e:d6:73:07:59:a6:69:c0:1c:5f:4d:82:
7a:79:04:11:d3:89:8f:78:76:59:01:90:32:b0:e1:4d:42:93:
b9:1e:e9:33:f0:6e:4f:8f:ba:06:5a:cb:22:89:f0:c4:dc:c2:
f6:8f:01:7d
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZeByOuQCwH8zFnYaSuEKOpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzFiYmYxZDNkM2MwZWZlMzZkZTExMDM5MmJlMGM3YWM0
NDdhODQwHhcNMjUwNjE4MDY0NTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmVlNGRkNDEyMWUyOTc3YmVjZmI0MDc0OTA2NWVmZjMzM2M3ZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn94LkzxsgP9Pbic3W2VWFLv9Gp4q
QUDoOOxz6HZgN1VdVkEY6E7+Yfk2DehrRc/iSNf2OyTEqieMEWxf9FcLBCA1frl5
A8yRRYMQLgtI+vOFU3Ngd0fQt607h379iKus3xjuMfVpM7TOgXDm2DfH1FQ7bDbn
N/Yx7UPjoR5CHvDMCqDFLFhOcXUYOjSbGOBxsK2hLUWKqKFr7XO8GqtUqOPTse46
5GpYRsmv3Y20QRLWqAW1PzEk5+OFKMyWE8p6Vs60f9rng8XpSPmZcmphX1tkm7QY
7ZWgdeKYtQlHsYqn6R5SBQnckZ4bo7b01LisgSCLhXvZS+xmRDIziDukbQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFALuTdQSHil3vs+0B0kGXv8zPH+yMB8GA1UdIwQY
MBaAFPVxu/HT08Dv423hEDkr4MesRHqEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYt
YTk2NTdlYjFmOGQ3LzEvQXU1TjFCSWVLWGUtejdRSFNRWmVfek04ZjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYtYTk2NTdlYjFmOGQ3
LzEvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBIBAIAATBCAwQGH9JAAwQG
Li2AAwQDTUsgAwQDT2KAAwQEXmVQAwQHsDUAAwQFstMgAwQCuRlkAwQCuZ0oAwQC
ubjQAwQF1YBAMBsEAgACMBUDBQAqAFagAwUAKgEHkAMFAyoLX0AwDQYJKoZIhvcN
AQELBQADggEBAEvHyhEz8ME9yCQVNaU/vZzEqbFN13vcydWD5GQbPNAH4tzdnD2V
CpzBaPVPACyGgAqfnEhxR61DFm4d7MSuQbX+Vh60HACDSbH4IrDVLJ18OwMVPIPE
1WGTQ78dzUAfJQyguqk9fLHt3eXKqJtcYeXuA/WFSWFZnkYr1WaUtK6RyGk5Znsr
eyU/3+S13BORcNYReqAvsrJJnMb0IL4RvgEhy24NQPbSA4R3n/YJN2v7Ccou2j/5
peu5uJZmmoW9eSasgLnas7wb4GYw9p7WcwdZpmnAHF9Ngnp5BBHTiY94dlkBkDKw
4U1Ck7ke6TPwbk+PugZayyKJ8MTcwvaPAX0=
-----END CERTIFICATE-----
Generated at Sun Jun 29 10:25:54 2025 by rpki-client