Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/D3rB0zVCO2kOEV-pa6Z0evX1rm0.roa
File: D3rB0zVCO2kOEV-pa6Z0evX1rm0.roa (raw, json)
Hash identifier: OIq+0wPz29AZKig2PfV9te+eGDvxaB0e1LjXBoYQwuU=
Subject key identifier: 0F:7A:C1:D3:35:42:3B:69:0E:11:5F:A9:6B:A6:74:7A:F5:F5:AE:6D
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 0198AD22EF5F7ADA07DF5A176AF15CD05F3C
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/D3rB0zVCO2kOEV-pa6Z0evX1rm0.roa
Signing time: Fri 15 Aug 2025 09:50:04 +0000
ROA not before: Fri 15 Aug 2025 09:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 194.31.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ad:22:ef:5f:7a:da:07:df:5a:17:6a:f1:5c:d0:5f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Aug 15 09:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f7ac1d335423b690e115fa96ba6747af5f5ae6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:61:92:28:cf:9d:b5:aa:88:6c:ee:7d:b7:bf:
0a:01:22:e6:cd:87:8d:2e:0f:9e:99:5b:df:4e:15:
a7:b3:58:35:2d:1b:00:7a:ce:41:cc:3a:6c:0b:cb:
3f:3c:df:11:b6:5f:d3:a5:1f:6a:12:65:a0:8f:a8:
99:15:a0:71:4b:40:23:4b:f6:d5:d6:38:17:14:06:
9b:57:70:01:5f:f3:e4:c7:00:75:d6:dc:1a:e6:8a:
f1:5c:b9:d4:e5:38:92:c3:60:bc:c5:17:1d:07:12:
a1:3d:21:0f:19:92:ea:9e:b5:5f:60:71:15:b4:9b:
59:29:98:ec:5f:4c:ae:cc:4e:52:20:fa:3c:ce:51:
df:56:15:80:6a:00:b8:6f:54:b9:99:5d:f1:3e:9b:
e4:29:27:46:34:93:26:86:1d:69:9e:a4:94:56:05:
9f:78:67:01:70:88:6b:1c:65:01:1b:8f:1e:dc:c8:
61:33:d0:cb:0b:4d:1d:a8:bb:d0:95:22:f7:4f:13:
29:af:34:ec:28:b6:23:8e:0c:24:a5:22:a6:eb:21:
2f:df:b4:2b:60:4d:e0:39:7f:df:e7:00:27:1d:df:
49:99:85:b7:0a:47:44:57:eb:57:9d:ea:30:37:47:
65:a2:8e:92:fb:e6:1e:89:0c:82:b0:96:61:2a:cc:
c5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:7A:C1:D3:35:42:3B:69:0E:11:5F:A9:6B:A6:74:7A:F5:F5:AE:6D
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/D3rB0zVCO2kOEV-pa6Z0evX1rm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.165.0/24
Signature Algorithm: sha256WithRSAEncryption
19:98:96:18:8e:30:c2:81:d8:1b:c0:ab:84:c1:a6:c6:e2:82:
56:27:bd:8b:bc:6a:9d:7c:3a:27:92:35:08:9d:56:fc:cb:11:
04:b2:5e:43:ab:7c:2f:59:98:47:93:48:bc:c7:4a:d1:21:c0:
b6:ae:2c:19:40:a2:4b:b8:fc:e7:8c:89:19:eb:e3:86:87:44:
07:1a:2a:c9:09:ae:a5:5c:28:76:f6:f8:a6:8c:c9:91:f2:cb:
32:ed:34:3b:4f:13:72:aa:65:2e:99:15:12:ec:7a:51:60:a1:
40:9d:db:47:4b:6a:0c:0e:db:19:3b:f0:26:03:d4:9b:a3:b9:
45:84:26:8c:15:e5:4a:ed:6c:54:ff:49:49:12:23:b0:5a:9e:
c7:93:fd:1a:4c:d0:0e:8a:05:87:70:1f:f5:ab:c0:d2:c3:1d:
09:b5:8d:5e:84:6f:7b:13:8f:89:54:fe:38:e1:a4:e1:8b:a2:
69:57:d1:15:45:e7:48:a7:67:d0:98:4e:9f:9c:04:3b:ee:1e:
51:ed:74:8b:61:d3:66:52:40:04:66:85:e5:80:d6:c2:7f:22:
44:60:29:7a:50:69:e9:a0:38:1f:fe:c9:e6:06:d0:c6:b2:c7:
e2:ce:24:9f:94:4d:9f:25:06:99:47:45:84:38:6a:28:24:d2:
b5:e8:21:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZitIu9fetoH31oXavFc0F88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwODE1MDk1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjdhYzFkMzM1NDIzYjY5MGUxMTVmYTk2YmE2NzQ3YWY1ZjVhZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmGSKM+dtaqIbO59t78KASLmzYeN
Lg+emVvfThWns1g1LRsAes5BzDpsC8s/PN8Rtl/TpR9qEmWgj6iZFaBxS0AjS/bV
1jgXFAabV3ABX/PkxwB11twa5orxXLnU5TiSw2C8xRcdBxKhPSEPGZLqnrVfYHEV
tJtZKZjsX0yuzE5SIPo8zlHfVhWAagC4b1S5mV3xPpvkKSdGNJMmhh1pnqSUVgWf
eGcBcIhrHGUBG48e3MhhM9DLC00dqLvQlSL3TxMprzTsKLYjjgwkpSKm6yEv37Qr
YE3gOX/f5wAnHd9JmYW3CkdEV+tXneowN0dloo6S++YeiQyCsJZhKszFAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA96wdM1QjtpDhFfqWumdHr19a5tMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvRDNyQjB6VkNPMmtPRVYtcGE2WjBldlgxcm0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwh+lMA0G
CSqGSIb3DQEBCwUAA4IBAQAZmJYYjjDCgdgbwKuEwabG4oJWJ72LvGqdfDonkjUI
nVb8yxEEsl5Dq3wvWZhHk0i8x0rRIcC2riwZQKJLuPznjIkZ6+OGh0QHGirJCa6l
XCh29vimjMmR8ssy7TQ7TxNyqmUumRUS7HpRYKFAndtHS2oMDtsZO/AmA9Sbo7lF
hCaMFeVK7WxU/0lJEiOwWp7Hk/0aTNAOigWHcB/1q8DSwx0JtY1ehG97E4+JVP44
4aThi6JpV9EVRedIp2fQmE6fnAQ77h5R7XSLYdNmUkAEZoXlgNbCfyJEYCl6UGnp
oDgf/snmBtDGssfiziSflE2fJQaZR0WEOGooJNK16CHg
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:05:17 2025 by rpki-client