Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/MtUNZWuEtv_AgAvU3cIWhKTi-Gg.roa
File: MtUNZWuEtv_AgAvU3cIWhKTi-Gg.roa (raw, json)
Hash identifier: ySbSia2jLKcCoCeLqt1N9qsuOZJeTIf7i11M9Z0B4Zw=
Subject key identifier: 32:D5:0D:65:6B:84:B6:FF:C0:80:0B:D4:DD:C2:16:84:A4:E2:F8:68
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 01993CF5F315DB5ADF5287A3A4A8D4DD67AF
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/MtUNZWuEtv_AgAvU3cIWhKTi-Gg.roa
Signing time: Fri 12 Sep 2025 08:06:15 +0000
ROA not before: Fri 12 Sep 2025 08:06:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34984
IP address blocks: 31.169.80.0/24 maxlen: 24
31.169.83.0/24 maxlen: 24
31.169.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.mft
rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:3c:f5:f3:15:db:5a:df:52:87:a3:a4:a8:d4:dd:67:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Sep 12 08:06:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32d50d656b84b6ffc0800bd4ddc21684a4e2f868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a5:ba:9c:57:f8:36:94:76:a3:9a:f3:f5:e4:
77:55:12:d3:23:85:49:7a:e2:78:ba:9b:73:6b:0a:
5d:e5:6f:8a:e5:c4:bb:01:55:0d:97:57:1d:1e:03:
9c:d4:d9:39:8a:8e:8d:2e:72:a7:e0:ba:06:63:b8:
89:36:45:5a:b5:a3:e2:ab:b0:23:63:54:6b:a3:e9:
a4:ad:ec:0e:da:53:b8:8d:41:40:38:0c:36:d2:02:
98:98:94:b2:45:86:c1:16:44:e1:5f:65:b8:be:e4:
85:eb:6c:c4:c0:6e:2c:84:b9:56:1d:52:3b:0b:5b:
b6:10:29:08:b1:44:5e:39:c6:d2:53:4e:71:78:c8:
59:fd:7f:ef:6b:ba:e0:b5:5b:b4:8a:20:e3:ac:25:
ef:15:71:fc:19:38:77:e6:e6:38:f9:cb:a4:5e:2c:
b5:4a:6c:8d:6a:f2:5d:91:e1:23:6f:29:d7:33:a7:
19:5c:4d:27:a5:2c:32:30:f2:e2:16:29:f7:ca:93:
e7:9c:28:a1:64:34:d5:88:af:e7:fc:f9:c3:86:27:
d2:a4:b5:7e:1d:49:37:2e:f3:ef:01:a9:d4:7c:41:
8e:07:15:6d:bb:94:11:e5:59:b5:f8:be:fa:c8:13:
09:4e:12:68:84:67:86:4f:13:ba:fb:e9:86:73:93:
49:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D5:0D:65:6B:84:B6:FF:C0:80:0B:D4:DD:C2:16:84:A4:E2:F8:68
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/MtUNZWuEtv_AgAvU3cIWhKTi-Gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.80.0/24
31.169.83.0/24
31.169.86.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:dc:18:fd:a2:c2:93:51:ac:08:b4:c8:7e:d1:94:1e:3d:75:
18:ed:d9:bc:1c:a1:b3:85:fe:20:47:0e:f1:b3:24:c9:04:a7:
77:3b:bc:12:e0:2f:3a:2c:41:57:fd:d4:e0:92:38:b2:bb:c9:
7c:58:a3:17:c5:7f:84:a5:d9:2c:c0:2c:ae:08:81:df:85:c8:
62:de:28:22:38:c1:30:dd:14:50:ae:bd:55:d8:6a:b7:b2:c4:
d7:23:d8:32:16:b4:b7:41:ab:a4:a1:e0:af:d6:0b:f3:71:90:
bb:46:1d:2b:9c:67:5f:7c:66:3b:62:8d:37:94:29:30:d7:8f:
d9:9e:65:11:37:58:99:5c:9e:88:47:26:3e:b4:8a:a9:a5:91:
e4:b5:8f:ab:d1:d9:43:dc:15:c8:43:58:75:56:0d:1c:82:57:
75:69:8e:47:54:ce:5a:ba:b2:72:2f:cc:cb:cd:ca:f6:23:c1:
a5:2a:92:fb:39:3a:bb:d4:cc:f5:69:3c:ca:85:9a:1e:fb:41:
77:85:b0:66:3a:0a:28:22:b8:bb:18:5a:40:38:39:cf:5b:b3:
c8:d7:26:da:aa:ae:39:cc:31:5e:00:2f:87:c9:1e:22:ec:5d:
a0:a0:e8:45:22:d2:1d:18:c1:50:42:1b:24:68:94:72:58:64:
3a:66:a7:b4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZk89fMV21rfUoejpKjU3WevMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjUwOTEyMDgwNjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmQ1MGQ2NTZiODRiNmZmYzA4MDBiZDRkZGMyMTY4NGE0ZTJmODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKW6nFf4NpR2o5rz9eR3VRLTI4VJ
euJ4uptzawpd5W+K5cS7AVUNl1cdHgOc1Nk5io6NLnKn4LoGY7iJNkVataPiq7Aj
Y1Rro+mkrewO2lO4jUFAOAw20gKYmJSyRYbBFkThX2W4vuSF62zEwG4shLlWHVI7
C1u2ECkIsUReOcbSU05xeMhZ/X/va7rgtVu0iiDjrCXvFXH8GTh35uY4+cukXiy1
SmyNavJdkeEjbynXM6cZXE0npSwyMPLiFin3ypPnnCihZDTViK/n/PnDhifSpLV+
HUk3LvPvAanUfEGOBxVtu5QR5Vm1+L76yBMJThJohGeGTxO6++mGc5NJkwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDLVDWVrhLb/wIAL1N3CFoSk4vhoMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvTXRVTlpXdUV0dl9BZ0F2VTNjSVdoS1RpLUdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH6lQAwQA
H6lTAwQAH6lWMA0GCSqGSIb3DQEBCwUAA4IBAQC43Bj9osKTUawItMh+0ZQePXUY
7dm8HKGzhf4gRw7xsyTJBKd3O7wS4C86LEFX/dTgkjiyu8l8WKMXxX+EpdkswCyu
CIHfhchi3igiOMEw3RRQrr1V2Gq3ssTXI9gyFrS3QaukoeCv1gvzcZC7Rh0rnGdf
fGY7Yo03lCkw14/ZnmURN1iZXJ6IRyY+tIqppZHktY+r0dlD3BXIQ1h1Vg0cgld1
aY5HVM5aurJyL8zLzcr2I8GlKpL7OTq71Mz1aTzKhZoe+0F3hbBmOgooIri7GFpA
ODnPW7PI1ybaqq45zDFeAC+HyR4i7F2goOhFItIdGMFQQhskaJRyWGQ6Zqe0
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:57 2025 by rpki-client