Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/exu2V3MDMWUgQoAAO324t6RZezE.roa
File: exu2V3MDMWUgQoAAO324t6RZezE.roa (raw, json)
Hash identifier: vzXnLaEVU/+BdpdjEE/HgCx55xSHkRHFXGxKZLhvrto=
Subject key identifier: 7B:1B:B6:57:73:03:31:65:20:42:80:00:3B:7D:B8:B7:A4:59:7B:31
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 01993CF5F2A9FF99DEC144B2041F3901200E
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/exu2V3MDMWUgQoAAO324t6RZezE.roa
Signing time: Fri 12 Sep 2025 08:06:15 +0000
ROA not before: Fri 12 Sep 2025 08:06:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9121
IP address blocks: 31.169.64.0/24 maxlen: 24
31.169.65.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.67.0/24 maxlen: 24
31.169.69.0/24 maxlen: 24
31.169.70.0/24 maxlen: 24
31.169.71.0/24 maxlen: 24
31.169.72.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.78.0/24 maxlen: 24
31.169.79.0/24 maxlen: 24
31.169.81.0/24 maxlen: 24
31.169.82.0/24 maxlen: 24
31.169.84.0/24 maxlen: 24
31.169.85.0/24 maxlen: 24
31.169.87.0/24 maxlen: 24
31.169.88.0/24 maxlen: 24
31.169.90.0/24 maxlen: 24
31.169.92.0/24 maxlen: 24
31.169.93.0/24 maxlen: 24
31.169.94.0/24 maxlen: 24
31.169.95.0/24 maxlen: 24
185.33.63.0/24 maxlen: 24
2a00:5740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.mft
rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:3c:f5:f2:a9:ff:99:de:c1:44:b2:04:1f:39:01:20:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Sep 12 08:06:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b1bb65773033165204280003b7db8b7a4597b31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:db:73:a7:de:dc:de:bd:8f:ff:14:bc:ba:c6:
84:d6:b4:5d:2a:a7:55:b8:b7:5b:30:c8:02:d0:e5:
a2:51:f7:11:c4:54:99:8b:ac:33:b8:26:08:8d:a8:
e5:1a:81:2c:1a:c1:e2:b6:6c:fb:ae:01:cc:33:40:
34:0f:9a:85:09:50:76:57:3f:ba:fa:d3:b6:65:52:
13:11:ef:a3:16:d3:15:7e:af:6a:9a:c4:54:1f:66:
38:42:40:d6:96:48:c8:bc:34:37:cd:98:ab:b1:e1:
30:3d:25:c6:e6:8b:7f:78:41:75:37:f3:99:2a:19:
74:8a:10:f7:4d:b1:bc:6b:70:0f:37:34:12:ae:58:
d3:25:41:24:d1:80:b8:4c:ca:fb:eb:a4:38:3c:f0:
e2:d1:63:58:64:78:c5:61:ab:c4:da:f5:d5:0c:3c:
84:4c:45:a5:5c:9a:e2:d8:c6:96:09:9c:08:9d:cd:
3c:81:a1:35:87:68:3d:46:3c:e6:4c:f3:78:7b:85:
e2:44:14:22:2e:69:e4:4e:c3:7c:70:27:53:2b:59:
02:31:8d:3a:d4:c7:67:d9:2b:cf:a7:55:53:0e:ac:
52:d7:01:87:12:8b:90:06:3c:f2:fd:76:da:6f:c3:
3e:c7:e9:77:2b:04:6b:01:64:f3:ba:08:92:2c:35:
4e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1B:B6:57:73:03:31:65:20:42:80:00:3B:7D:B8:B7:A4:59:7B:31
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/exu2V3MDMWUgQoAAO324t6RZezE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.64.0/22
31.169.69.0-31.169.72.255
31.169.77.0-31.169.79.255
31.169.81.0-31.169.82.255
31.169.84.0/23
31.169.87.0-31.169.88.255
31.169.90.0/24
31.169.92.0/22
185.33.63.0/24
IPv6:
2a00:5740::/29
Signature Algorithm: sha256WithRSAEncryption
15:3d:bd:08:c9:8b:07:ff:b5:94:d4:57:3e:5a:03:4f:33:17:
96:c5:35:3d:34:2c:f4:6f:41:09:31:ab:e1:99:16:ea:05:c5:
3e:0a:68:c2:fb:55:0d:b8:90:c0:90:0e:08:e4:e1:d6:42:29:
c4:c6:d9:5e:67:aa:7e:66:69:61:ff:6d:3f:4c:b0:f8:74:fa:
e9:9b:ed:1f:9e:90:5c:54:22:0c:a1:d6:18:34:66:20:f1:5a:
22:a3:cf:18:bc:89:92:3c:72:a7:c3:66:4d:e6:8c:d2:9c:d3:
60:54:9d:12:56:34:71:bf:cd:6a:9e:3c:be:7f:cc:2c:b4:ee:
b0:ce:e6:6b:4b:07:53:fe:92:f9:80:30:39:41:4a:de:73:7b:
ef:42:40:49:ec:95:ff:14:b9:fd:d6:02:99:67:39:43:36:f0:
af:fb:d5:04:5b:50:3b:b9:d7:ed:62:24:3e:6f:ee:2c:2c:36:
d7:84:35:92:8b:dc:21:14:95:68:ad:2c:64:6a:7e:e5:17:62:
a2:9b:82:5f:c4:61:2d:33:59:12:c6:0c:03:48:32:a1:45:75:
47:22:89:fb:59:e0:96:89:6f:14:f3:c2:60:cd:1d:fe:5c:16:
bc:e0:d1:9f:f9:f2:0c:8d:4d:1b:6f:4a:a1:67:6a:2c:1e:63:
18:92:a5:9f
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZk89fKp/5newUSyBB85ASAOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjUwOTEyMDgwNjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjFiYjY1NzczMDMzMTY1MjA0MjgwMDAzYjdkYjhiN2E0NTk3YjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+9tzp97c3r2P/xS8usaE1rRdKqdV
uLdbMMgC0OWiUfcRxFSZi6wzuCYIjajlGoEsGsHitmz7rgHMM0A0D5qFCVB2Vz+6
+tO2ZVITEe+jFtMVfq9qmsRUH2Y4QkDWlkjIvDQ3zZirseEwPSXG5ot/eEF1N/OZ
Khl0ihD3TbG8a3APNzQSrljTJUEk0YC4TMr766Q4PPDi0WNYZHjFYavE2vXVDDyE
TEWlXJri2MaWCZwInc08gaE1h2g9RjzmTPN4e4XiRBQiLmnkTsN8cCdTK1kCMY06
1Mdn2SvPp1VTDqxS1wGHEouQBjzy/Xbab8M+x+l3KwRrAWTzugiSLDVO/wIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFHsbtldzAzFlIEKAADt9uLekWXsxMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvZXh1MlYzTURNV1VnUW9BQU8zMjR0NlJaZXpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQCH6lAMAwD
BAAfqUUDBAAfqUgwDAMEAB+pTQMEBB+pQDAMAwQAH6lRAwQAH6lSAwQBH6lUMAwD
BAAfqVcDBAAfqVgDBAAfqVoDBAIfqVwDBAC5IT8wDQQCAAIwBwMFAyoAV0AwDQYJ
KoZIhvcNAQELBQADggEBABU9vQjJiwf/tZTUVz5aA08zF5bFNT00LPRvQQkxq+GZ
FuoFxT4KaML7VQ24kMCQDgjk4dZCKcTG2V5nqn5maWH/bT9MsPh0+umb7R+ekFxU
Igyh1hg0ZiDxWiKjzxi8iZI8cqfDZk3mjNKc02BUnRJWNHG/zWqePL5/zCy07rDO
5mtLB1P+kvmAMDlBSt5ze+9CQEnslf8Uuf3WAplnOUM28K/71QRbUDu51+1iJD5v
7iwsNteENZKL3CEUlWitLGRqfuUXYqKbgl/EYS0zWRLGDANIMqFFdUciiftZ4JaJ
bxTzwmDNHf5cFrzg0Z/58gyNTRtvSqFnaiweYxiSpZ8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:25:20 2025 by rpki-client