Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/1C6P3GNOT9xCFcwCmWzySJRmx5A.roa
File: 1C6P3GNOT9xCFcwCmWzySJRmx5A.roa (raw, json)
Hash identifier: s0f2U+jT20UZ968tvSAQBzHf4LLoAyTWw5fawKSyypo=
Subject key identifier: D4:2E:8F:DC:63:4E:4F:DC:42:15:CC:02:99:6C:F2:48:94:66:C7:90
Certificate issuer: /CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Certificate serial: 0198C7A3E7337FF464246A15A74628DCE36F
Authority key identifier: C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/1C6P3GNOT9xCFcwCmWzySJRmx5A.roa
Signing time: Wed 20 Aug 2025 13:21:04 +0000
ROA not before: Wed 20 Aug 2025 13:21:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24685
IP address blocks: 31.172.136.0/23 maxlen: 32
31.172.136.0/24 maxlen: 32
31.172.137.0/24 maxlen: 32
31.172.140.0/24 maxlen: 32
31.172.141.0/24 maxlen: 32
80.92.231.0/24 maxlen: 32
80.92.233.0/24 maxlen: 32
80.92.234.0/24 maxlen: 32
80.92.235.0/24 maxlen: 32
82.117.229.0/24 maxlen: 32
82.117.244.0/24 maxlen: 32
85.90.211.0/24 maxlen: 32
91.226.1.0/24 maxlen: 32
92.60.178.0/23 maxlen: 32
92.60.178.0/24 maxlen: 32
92.60.179.0/24 maxlen: 32
128.0.170.0/24 maxlen: 32
128.0.172.0/24 maxlen: 32
128.0.174.0/24 maxlen: 32
185.38.209.0/24 maxlen: 32
185.39.196.0/24 maxlen: 32
185.45.244.0/22 maxlen: 32
185.45.245.0/24 maxlen: 32
185.45.246.0/24 maxlen: 32
193.111.0.0/24 maxlen: 32
193.111.48.0/23 maxlen: 32
212.110.134.0/23 maxlen: 32
212.110.152.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c7:a3:e7:33:7f:f4:64:24:6a:15:a7:46:28:dc:e3:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c61953c08980adc94f2fa3a3c1ba95c40d21e7d3
Validity
Not Before: Aug 20 13:21:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d42e8fdc634e4fdc4215cc02996cf2489466c790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9d:d3:35:27:d8:48:96:fd:b7:13:9a:91:1d:
81:ad:37:c8:b1:80:b9:9f:2c:c2:51:b5:61:1e:3a:
7d:74:41:c5:c7:ce:06:fb:11:15:7c:d6:8a:c1:fe:
a7:a6:f4:58:df:98:2f:b6:11:ec:53:48:be:c6:84:
c6:5d:13:71:02:5d:26:1a:9d:7d:6e:a2:5d:5b:2e:
d6:eb:c7:e2:43:3c:44:39:cc:f3:ce:68:29:4a:de:
1a:63:b4:37:c5:ac:6e:23:eb:e2:06:24:db:a8:b3:
7c:7a:67:98:e8:25:ff:4c:2f:c0:48:3e:03:3d:ce:
20:83:33:ab:53:e0:83:19:ea:e4:02:35:58:c5:0f:
03:03:60:42:ef:de:38:ae:37:55:5c:dd:30:1d:5a:
a3:7a:41:32:86:37:0c:f0:7e:c3:aa:00:41:89:75:
5f:ef:e8:7e:41:38:9c:0c:bf:57:de:cd:57:e0:3a:
f2:6b:d5:6d:0b:df:c8:7a:f3:21:0c:67:d0:9c:24:
20:2b:77:06:ff:27:13:26:f4:b1:3a:d9:a8:2b:47:
eb:d7:5e:57:cb:78:67:f4:9f:28:15:9b:da:60:7c:
24:6a:cf:f4:a5:28:d0:ac:f7:a5:bc:71:52:31:cb:
c4:ef:09:73:a5:71:61:8a:09:4f:80:cb:ad:64:ce:
59:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:2E:8F:DC:63:4E:4F:DC:42:15:CC:02:99:6C:F2:48:94:66:C7:90
X509v3 Authority Key Identifier:
keyid:C6:19:53:C0:89:80:AD:C9:4F:2F:A3:A3:C1:BA:95:C4:0D:21:E7:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhlTwImArclPL6OjwbqVxA0h59M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/1C6P3GNOT9xCFcwCmWzySJRmx5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e01285-660d-4cd2-ad1f-625245a00abf/1/xhlTwImArclPL6OjwbqVxA0h59M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/23
31.172.140.0/23
80.92.231.0/24
80.92.233.0-80.92.235.255
82.117.229.0/24
82.117.244.0/24
85.90.211.0/24
91.226.1.0/24
92.60.178.0/23
128.0.170.0/24
128.0.172.0/24
128.0.174.0/24
185.38.209.0/24
185.39.196.0/24
185.45.244.0/22
193.111.0.0/24
193.111.48.0/23
212.110.134.0/23
212.110.152.0/23
Signature Algorithm: sha256WithRSAEncryption
44:65:e8:ad:db:1d:b8:f1:45:73:ce:6c:1b:9b:bd:6e:54:5f:
e5:22:04:ba:dd:22:71:a0:87:8b:78:a7:8b:b9:00:ae:4d:ee:
b4:00:e5:c9:63:69:92:aa:aa:e2:68:ce:6b:22:2a:c8:a4:65:
7a:6a:cb:cd:54:f0:d3:27:a5:75:e7:d0:77:c9:e6:a4:ae:05:
6e:65:8e:d1:0c:4a:e9:9d:22:9a:3b:dd:28:11:9c:88:be:2a:
b6:42:7a:90:26:b7:98:18:f3:9b:a9:e3:fa:aa:32:b4:a0:39:
9e:4e:0c:44:01:14:aa:74:15:d5:18:57:2f:bd:16:02:97:07:
d4:f0:72:ca:ed:d8:09:4e:0e:c5:56:a6:59:48:fd:1a:fa:12:
f5:13:ff:d8:e7:86:3e:c6:90:a9:d2:76:22:a2:cf:66:2e:c8:
ed:13:2a:21:d8:a3:50:e2:6f:7c:55:c0:80:9f:70:9b:0e:46:
d9:47:9f:03:05:c3:19:62:51:b2:1f:84:3f:82:2d:fb:6e:1d:
db:4d:c4:b5:4e:c5:e2:c1:9e:88:85:61:e8:e4:77:69:6c:61:
02:52:d8:18:31:2d:ff:c8:dd:1c:54:f9:76:43:3e:0f:41:5b:
83:10:c5:66:73:b7:35:7b:88:8a:6c:fc:b1:3a:2d:55:e4:08:
aa:15:ad:3a
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZjHo+czf/RkJGoVp0Yo3ONvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTk1M2MwODk4MGFkYzk0ZjJmYTNhM2MxYmE5NWM0MGQy
MWU3ZDMwHhcNMjUwODIwMTMyMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDJlOGZkYzYzNGU0ZmRjNDIxNWNjMDI5OTZjZjI0ODk0NjZjNzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt53TNSfYSJb9txOakR2BrTfIsYC5
nyzCUbVhHjp9dEHFx84G+xEVfNaKwf6npvRY35gvthHsU0i+xoTGXRNxAl0mGp19
bqJdWy7W68fiQzxEOczzzmgpSt4aY7Q3xaxuI+viBiTbqLN8emeY6CX/TC/ASD4D
Pc4ggzOrU+CDGerkAjVYxQ8DA2BC7944rjdVXN0wHVqjekEyhjcM8H7DqgBBiXVf
7+h+QTicDL9X3s1X4Drya9VtC9/IevMhDGfQnCQgK3cG/ycTJvSxOtmoK0fr115X
y3hn9J8oFZvaYHwkas/0pSjQrPelvHFSMcvE7wlzpXFhiglPgMutZM5Z4QIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFNQuj9xjTk/cQhXMApls8kiUZseQMB8GA1UdIwQY
MBaAFMYZU8CJgK3JTy+jo8G6lcQNIefTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYt
NjI1MjQ1YTAwYWJmLzEvMUM2UDNHTk9UOXhDRmN3Q21XenlTSlJteDVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lMDEyODUtNjYwZC00Y2QyLWFkMWYtNjI1MjQ1YTAwYWJm
LzEveGhsVHdJbUFyY2xQTDZPandicVZ4QTBoNTlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAR+s
iAMEAR+sjAMEAFBc5zAMAwQAUFzpAwQCUFzoAwQAUnXlAwQAUnX0AwQAVVrTAwQA
W+IBAwQBXDyyAwQAgACqAwQAgACsAwQAgACuAwQAuSbRAwQAuSfEAwQCuS30AwQA
wW8AAwQBwW8wAwQB1G6GAwQB1G6YMA0GCSqGSIb3DQEBCwUAA4IBAQBEZeit2x24
8UVzzmwbm71uVF/lIgS63SJxoIeLeKeLuQCuTe60AOXJY2mSqqriaM5rIirIpGV6
asvNVPDTJ6V159B3yeakrgVuZY7RDErpnSKaO90oEZyIviq2QnqQJreYGPObqeP6
qjK0oDmeTgxEARSqdBXVGFcvvRYClwfU8HLK7dgJTg7FVqZZSP0a+hL1E//Y54Y+
xpCp0nYios9mLsjtEyoh2KNQ4m98VcCAn3CbDkbZR58DBcMZYlGyH4Q/gi37bh3b
TcS1TsXiwZ6IhWHo5HdpbGECUtgYMS3/yN0cVPl2Qz4PQVuDEMVmc7c1e4iKbPyx
Oi1V5AiqFa06
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:04:16 2025 by rpki-client