Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/ZzBjFOS9Vdl0E5bjD5OoRuzsJjs.roa
File: ZzBjFOS9Vdl0E5bjD5OoRuzsJjs.roa (raw, json)
Hash identifier: XF8xBjeAjbDQL+AUGOEgGuSnUlL1AZtXH7z09j4lxpg=
Subject key identifier: 67:30:63:14:E4:BD:55:D9:74:13:96:E3:0F:93:A8:46:EC:EC:26:3B
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 0198A7E5FE4C73A1D5E3E1CCBC7164DEEA4E
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/ZzBjFOS9Vdl0E5bjD5OoRuzsJjs.roa
Signing time: Thu 14 Aug 2025 09:25:24 +0000
ROA not before: Thu 14 Aug 2025 09:25:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9121
IP address blocks: 31.169.64.0/24 maxlen: 24
31.169.65.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.67.0/24 maxlen: 24
31.169.69.0/24 maxlen: 24
31.169.70.0/24 maxlen: 24
31.169.71.0/24 maxlen: 24
31.169.72.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.78.0/24 maxlen: 24
31.169.79.0/24 maxlen: 24
31.169.81.0/24 maxlen: 24
31.169.82.0/24 maxlen: 24
31.169.84.0/24 maxlen: 24
31.169.85.0/24 maxlen: 24
31.169.87.0/24 maxlen: 24
31.169.88.0/24 maxlen: 24
31.169.92.0/24 maxlen: 24
31.169.93.0/24 maxlen: 24
31.169.94.0/24 maxlen: 24
31.169.95.0/24 maxlen: 24
185.33.63.0/24 maxlen: 24
2a00:5740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.mft
rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a7:e5:fe:4c:73:a1:d5:e3:e1:cc:bc:71:64:de:ea:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Aug 14 09:25:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67306314e4bd55d9741396e30f93a846ecec263b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ca:b4:29:41:69:78:75:46:2d:70:eb:c1:fd:
57:f0:c5:ee:79:3b:49:cb:0f:e9:b7:49:0b:40:94:
ba:04:ab:c2:43:9a:b6:24:eb:6d:7a:ec:fb:7c:67:
fa:ca:51:9d:6b:e0:1d:da:a0:31:44:31:91:f1:d2:
0a:8b:f2:76:d1:98:99:75:32:6f:1c:b3:ae:70:40:
8e:47:dc:74:90:8e:1c:aa:f6:3a:41:77:f7:75:48:
ec:20:f2:1e:ff:cd:c8:ac:38:1d:0e:c0:5b:db:7a:
fd:74:91:04:1b:66:46:42:b0:f2:74:b3:7f:77:7c:
a2:eb:51:60:09:5f:d2:07:49:19:23:79:47:f7:e4:
b0:b5:48:6c:c6:8f:33:86:03:cb:0d:8f:2d:f4:ae:
20:61:9e:93:75:b8:ae:c8:c3:bc:ae:12:75:89:71:
b7:61:61:99:2b:db:72:b8:82:a4:18:23:8e:f5:bf:
8e:f7:38:cf:63:10:64:48:4b:3d:0e:ad:4e:e7:dd:
01:a6:2e:68:5e:5f:ec:ef:a2:5f:84:d0:32:5a:4a:
b9:44:78:eb:af:9d:e0:8a:d9:0f:26:79:f1:58:be:
54:ec:4f:2f:93:fe:d1:7e:9e:20:b4:64:c9:12:5d:
f8:09:05:e1:60:ed:89:be:a3:87:87:80:14:b9:5a:
30:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:30:63:14:E4:BD:55:D9:74:13:96:E3:0F:93:A8:46:EC:EC:26:3B
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/ZzBjFOS9Vdl0E5bjD5OoRuzsJjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.64.0/22
31.169.69.0-31.169.72.255
31.169.77.0-31.169.79.255
31.169.81.0-31.169.82.255
31.169.84.0/23
31.169.87.0-31.169.88.255
31.169.92.0/22
185.33.63.0/24
IPv6:
2a00:5740::/29
Signature Algorithm: sha256WithRSAEncryption
7b:7b:73:5b:56:6e:61:c6:d5:91:63:a0:54:a4:14:03:b7:12:
ff:8d:7b:90:5e:68:5b:a7:2a:58:a0:61:51:df:13:fd:92:5d:
44:88:8a:1b:c1:e2:a2:7c:ec:1c:e6:04:c5:46:69:af:95:b2:
6c:d5:d0:19:e4:c3:71:8f:c6:42:7c:87:e9:a4:d1:38:12:2b:
b4:73:6e:0e:d9:04:46:68:7a:eb:2a:6e:2a:6a:66:77:0e:b8:
8f:7c:0d:a8:85:64:e0:16:02:8b:93:95:78:b8:43:7c:7d:74:
e1:60:fb:12:bb:76:2b:07:29:9e:fa:3c:0f:3d:16:f7:db:d4:
f3:d2:48:69:88:15:de:2c:2c:2d:10:58:3c:94:09:d1:77:79:
78:7d:ea:54:7d:0d:b6:e6:3a:6a:e9:a1:fe:77:02:70:06:39:
8e:7c:99:40:0b:20:2e:dd:b4:7b:1e:90:cb:c0:e9:85:75:9b:
ae:a6:e4:9d:69:16:69:6c:0d:79:52:37:ad:01:20:ca:7c:46:
90:41:13:39:9d:17:38:97:8e:35:35:43:25:ae:92:a2:f0:56:
ec:ff:6e:75:1b:c5:27:cb:49:28:99:30:a1:eb:09:b9:fe:12:
27:51:39:43:e7:f1:81:37:02:54:21:55:80:1b:a1:00:74:27:
b7:1e:3c:11
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZin5f5Mc6HV4+HMvHFk3upOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjUwODE0MDkyNTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzMwNjMxNGU0YmQ1NWQ5NzQxMzk2ZTMwZjkzYTg0NmVjZWMyNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsq0KUFpeHVGLXDrwf1X8MXueTtJ
yw/pt0kLQJS6BKvCQ5q2JOtteuz7fGf6ylGda+Ad2qAxRDGR8dIKi/J20ZiZdTJv
HLOucECOR9x0kI4cqvY6QXf3dUjsIPIe/83IrDgdDsBb23r9dJEEG2ZGQrDydLN/
d3yi61FgCV/SB0kZI3lH9+SwtUhsxo8zhgPLDY8t9K4gYZ6TdbiuyMO8rhJ1iXG3
YWGZK9tyuIKkGCOO9b+O9zjPYxBkSEs9Dq1O590Bpi5oXl/s76JfhNAyWkq5RHjr
r53gitkPJnnxWL5U7E8vk/7Rfp4gtGTJEl34CQXhYO2JvqOHh4AUuVowfQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFGcwYxTkvVXZdBOW4w+TqEbs7CY7MB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvWnpCakZPUzlWZGwwRTViakQ1T29SdXpzSmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBWBAIAATBQAwQCH6lAMAwD
BAAfqUUDBAAfqUgwDAMEAB+pTQMEBB+pQDAMAwQAH6lRAwQAH6lSAwQBH6lUMAwD
BAAfqVcDBAAfqVgDBAIfqVwDBAC5IT8wDQQCAAIwBwMFAyoAV0AwDQYJKoZIhvcN
AQELBQADggEBAHt7c1tWbmHG1ZFjoFSkFAO3Ev+Ne5BeaFunKligYVHfE/2SXUSI
ihvB4qJ87BzmBMVGaa+VsmzV0Bnkw3GPxkJ8h+mk0TgSK7Rzbg7ZBEZoeusqbipq
ZncOuI98DaiFZOAWAouTlXi4Q3x9dOFg+xK7disHKZ76PA89Fvfb1PPSSGmIFd4s
LC0QWDyUCdF3eXh96lR9DbbmOmrpof53AnAGOY58mUALIC7dtHsekMvA6YV1m66m
5J1pFmlsDXlSN60BIMp8RpBBEzmdFziXjjU1QyWukqLwVuz/bnUbxSfLSSiZMKHr
Cbn+EidROUPn8YE3AlQhVYAboQB0J7cePBE=
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:38:48 2025 by rpki-client