Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/fc419a-5c21-4d2f-9b80-bde028ad5930/1/sPxjsNKAZYfgxPi8TQlY-mZZcT4.roa
File: sPxjsNKAZYfgxPi8TQlY-mZZcT4.roa (raw, json)
Hash identifier: EWGb5uGqI3pCu9DA248NQJ9YLr39oAfQHZAN5stmGVA=
Subject key identifier: B0:FC:63:B0:D2:80:65:87:E0:C4:F8:BC:4D:09:58:FA:66:59:71:3E
Certificate issuer: /CN=3447a30428254c9970fcfbdffef06b0d6b490f0e
Certificate serial: 0198CF276C8F568ECFA0FE5EFF6B5CE1105F
Authority key identifier: 34:47:A3:04:28:25:4C:99:70:FC:FB:DF:FE:F0:6B:0D:6B:49:0F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NEejBCglTJlw_Pvf_vBrDWtJDw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/fc419a-5c21-4d2f-9b80-bde028ad5930/1/sPxjsNKAZYfgxPi8TQlY-mZZcT4.roa
Signing time: Fri 22 Aug 2025 00:22:04 +0000
ROA not before: Fri 22 Aug 2025 00:22:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54014
IP address blocks: 31.132.36.0/22 maxlen: 24
193.30.32.0/22 maxlen: 24
2a0c:8540::/43 maxlen: 48
2a0c:8541::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/fc419a-5c21-4d2f-9b80-bde028ad5930/1/NEejBCglTJlw_Pvf_vBrDWtJDw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/fc419a-5c21-4d2f-9b80-bde028ad5930/1/NEejBCglTJlw_Pvf_vBrDWtJDw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/NEejBCglTJlw_Pvf_vBrDWtJDw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cf:27:6c:8f:56:8e:cf:a0:fe:5e:ff:6b:5c:e1:10:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3447a30428254c9970fcfbdffef06b0d6b490f0e
Validity
Not Before: Aug 22 00:22:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0fc63b0d2806587e0c4f8bc4d0958fa6659713e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:18:44:fd:9a:98:d8:a8:bc:dc:82:a1:3c:65:
4e:b1:c7:b7:3b:a9:01:ed:88:15:c8:f0:d0:c1:b9:
b0:e9:cc:4a:0e:2c:9e:c3:c7:04:57:d3:63:b6:50:
49:f7:29:31:fe:1d:b7:a2:13:66:f3:cb:e8:68:b1:
9f:50:34:83:55:78:3a:ee:5b:d2:37:71:38:bb:2e:
ba:0b:ea:4e:a8:c6:54:2f:d1:be:5e:4b:f7:b0:fd:
f5:eb:6a:19:ab:39:a1:de:fb:ac:ed:7a:e3:43:7f:
35:76:c9:60:cb:5b:93:20:b1:74:d6:84:52:96:a8:
4e:ee:cf:41:e3:ba:f6:ff:3d:07:90:bb:74:48:90:
2b:3f:02:ae:fb:74:12:34:d4:5a:88:e1:6e:98:6b:
cf:8f:e1:ed:c4:d8:3a:01:d6:b8:09:d4:a3:ee:15:
f0:ff:ba:71:c7:60:66:83:5c:78:9d:bb:75:31:58:
6a:64:a0:9f:b2:16:f2:30:d0:2b:2d:3d:05:51:92:
dc:27:eb:e0:fd:76:96:4d:8b:37:6f:5c:9d:d8:5f:
24:7f:d1:26:a5:fe:85:1e:34:ed:ee:61:45:9b:d8:
23:39:5f:ef:b7:17:84:3e:74:05:fb:2d:05:6a:9e:
c5:98:c0:57:9b:59:00:48:d9:2f:ca:4c:c5:58:67:
84:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:FC:63:B0:D2:80:65:87:E0:C4:F8:BC:4D:09:58:FA:66:59:71:3E
X509v3 Authority Key Identifier:
keyid:34:47:A3:04:28:25:4C:99:70:FC:FB:DF:FE:F0:6B:0D:6B:49:0F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NEejBCglTJlw_Pvf_vBrDWtJDw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/fc419a-5c21-4d2f-9b80-bde028ad5930/1/sPxjsNKAZYfgxPi8TQlY-mZZcT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/fc419a-5c21-4d2f-9b80-bde028ad5930/1/NEejBCglTJlw_Pvf_vBrDWtJDw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.36.0/22
193.30.32.0/22
IPv6:
2a0c:8540::/43
2a0c:8541::/32
Signature Algorithm: sha256WithRSAEncryption
2a:2e:3c:d4:23:13:c3:2d:76:c9:26:1c:51:bf:3c:a4:a8:07:
6e:a0:20:4f:31:8b:c6:5e:27:dd:56:47:d3:93:bf:b4:49:92:
b2:d2:9d:37:06:d5:73:af:ad:e5:06:dc:a4:12:be:9a:b7:87:
4b:ce:59:6e:90:a1:ba:0d:a7:3b:66:26:ad:59:4f:82:fd:09:
0a:f9:23:92:17:d4:90:e6:a3:15:aa:c2:d1:8e:b0:c2:58:4e:
b6:a4:a4:69:ac:ab:90:aa:6a:d0:09:de:3e:de:a7:4e:9f:e1:
2d:11:6a:9b:6a:5d:5e:4b:65:15:9b:dd:3b:36:fb:cb:4b:93:
e0:2c:11:a0:04:20:20:40:29:a7:60:15:87:99:07:3a:11:05:
a8:10:b5:ce:23:62:1d:08:8a:75:c6:2b:c6:0a:20:0d:3a:0e:
90:54:35:49:0b:0e:6c:4d:a1:d8:ed:ec:ff:4f:ab:69:28:f7:
79:b6:9e:41:9c:1e:dd:e9:6a:7f:68:3d:0a:b4:b8:99:fc:f1:
52:a8:df:66:79:c6:84:0a:ad:35:80:42:b3:f8:6d:dc:8e:b9:
42:a6:bd:36:1e:25:3a:89:3d:f2:a8:3f:64:45:d8:1c:6f:78:
04:83:e9:20:f0:af:b6:a0:0e:81:ef:61:61:dc:c8:ea:02:24:
fe:29:16:30
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZjPJ2yPVo7PoP5e/2tc4RBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NDdhMzA0MjgyNTRjOTk3MGZjZmJkZmZlZjA2YjBkNmI0
OTBmMGUwHhcNMjUwODIyMDAyMjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGZjNjNiMGQyODA2NTg3ZTBjNGY4YmM0ZDA5NThmYTY2NTk3MTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BhE/ZqY2Ki83IKhPGVOsce3O6kB
7YgVyPDQwbmw6cxKDiyew8cEV9NjtlBJ9ykx/h23ohNm88voaLGfUDSDVXg67lvS
N3E4uy66C+pOqMZUL9G+Xkv3sP3162oZqzmh3vus7XrjQ381dslgy1uTILF01oRS
lqhO7s9B47r2/z0HkLt0SJArPwKu+3QSNNRaiOFumGvPj+HtxNg6Ada4CdSj7hXw
/7pxx2Bmg1x4nbt1MVhqZKCfshbyMNArLT0FUZLcJ+vg/XaWTYs3b1yd2F8kf9Em
pf6FHjTt7mFFm9gjOV/vtxeEPnQF+y0Fap7FmMBXm1kASNkvykzFWGeEswIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLD8Y7DSgGWH4MT4vE0JWPpmWXE+MB8GA1UdIwQY
MBaAFDRHowQoJUyZcPz73/7waw1rSQ8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkVlakJDZ2xUSmx3X1B2Zl92QnJEV3RKRHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9mYzQxOWEtNWMyMS00ZDJmLTliODAt
YmRlMDI4YWQ1OTMwLzEvc1B4anNOS0FaWWZneFBpOFRRbFktbVpaY1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9mYzQxOWEtNWMyMS00ZDJmLTliODAtYmRlMDI4YWQ1OTMw
LzEvTkVlakJDZ2xUSmx3X1B2Zl92QnJEV3RKRHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCH4QkAwQC
wR4gMBYEAgACMBADBwUqDIVAAAADBQAqDIVBMA0GCSqGSIb3DQEBCwUAA4IBAQAq
LjzUIxPDLXbJJhxRvzykqAduoCBPMYvGXifdVkfTk7+0SZKy0p03BtVzr63lBtyk
Er6at4dLzllukKG6Dac7ZiatWU+C/QkK+SOSF9SQ5qMVqsLRjrDCWE62pKRprKuQ
qmrQCd4+3qdOn+EtEWqbal1eS2UVm907NvvLS5PgLBGgBCAgQCmnYBWHmQc6EQWo
ELXOI2IdCIp1xivGCiANOg6QVDVJCw5sTaHY7ez/T6tpKPd5tp5BnB7d6Wp/aD0K
tLiZ/PFSqN9mecaECq01gEKz+G3cjrlCpr02HiU6iT3yqD9kRdgcb3gEg+kg8K+2
oA6B72Fh3MjqAiT+KRYw
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:04:27 2025 by rpki-client