Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/BE6iIPIX8zFmJc8BbYvpzoakrXE.roa
File: BE6iIPIX8zFmJc8BbYvpzoakrXE.roa (raw, json)
Hash identifier: zyf1exZFAT4j17OLfHltxLPlTiiX5aqGBHkZByoGZDo=
Subject key identifier: 04:4E:A2:20:F2:17:F3:31:66:25:CF:01:6D:8B:E9:CE:86:A4:AD:71
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019994B08E5B94BDE07633592464552A2D31
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/BE6iIPIX8zFmJc8BbYvpzoakrXE.roa
Signing time: Mon 29 Sep 2025 08:57:02 +0000
ROA not before: Mon 29 Sep 2025 08:57:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62904
IP address blocks: 31.172.69.0/24 maxlen: 24
31.172.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:94:b0:8e:5b:94:bd:e0:76:33:59:24:64:55:2a:2d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: Sep 29 08:57:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=044ea220f217f3316625cf016d8be9ce86a4ad71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:ef:ef:2c:28:d6:b2:58:68:80:e2:28:4f:08:
45:3f:98:66:5f:6b:06:b7:6d:8a:0c:a0:98:bf:b5:
d4:82:5d:7f:26:03:80:0d:83:2b:c0:44:92:ef:23:
6f:94:b8:91:fb:13:a4:49:62:f0:6d:f9:c2:4c:27:
d8:5e:55:ca:41:a1:88:da:2b:c1:10:4b:dd:97:41:
03:d9:ca:b0:e5:2f:0c:09:05:07:2b:76:86:f2:28:
25:db:d8:0c:89:06:6e:8f:c8:95:76:a8:c7:0e:c5:
a1:43:dc:1e:65:23:9c:7a:3a:88:37:3e:7e:19:86:
99:44:6c:9f:a5:2a:e7:d7:4b:a3:11:9d:24:74:b5:
8f:c7:ee:3c:f9:f8:76:10:b6:2a:21:a5:7c:fe:d5:
72:20:30:33:4d:e5:f4:a9:0f:36:c5:ea:dd:0c:ad:
57:d0:4a:c0:58:b9:17:d8:58:20:16:9e:82:27:eb:
df:01:11:84:be:5f:89:68:7b:30:a4:6f:b8:e8:60:
b9:04:ad:b4:1a:a4:17:dc:4b:42:9d:3c:e1:8c:c4:
fe:2b:08:4c:9e:5e:f6:4c:b7:f6:b9:a7:ae:88:ad:
f5:21:d0:9b:ed:3e:10:3a:7f:7d:8b:c6:b1:20:05:
23:47:3e:fd:2f:d5:6c:5d:e4:65:02:0d:cd:8f:fb:
b9:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:4E:A2:20:F2:17:F3:31:66:25:CF:01:6D:8B:E9:CE:86:A4:AD:71
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/BE6iIPIX8zFmJc8BbYvpzoakrXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.69.0/24
31.172.79.0/24
Signature Algorithm: sha256WithRSAEncryption
72:e6:1d:fe:2e:79:03:7a:e1:5f:5e:2a:ac:2e:b8:f9:95:4c:
29:9a:fe:ac:97:8e:2d:75:ff:cb:a2:e9:48:6d:a5:b2:08:45:
4b:2b:6f:a6:04:b3:e2:7f:d1:c8:59:44:9c:d8:e9:bd:d6:cb:
f0:83:34:53:ee:6b:83:89:0e:5f:4f:70:55:32:a1:e8:a1:3c:
ac:e8:eb:a8:71:40:50:03:7a:5e:98:a6:66:1e:d2:db:b3:bb:
bc:67:c4:0a:1a:31:ce:a4:f3:1c:c2:79:36:11:bf:f7:95:3f:
b0:d7:5b:16:c4:ea:6b:32:cc:e5:13:1f:ce:c9:eb:00:3b:5d:
22:64:d8:af:40:9c:2b:38:5e:1c:de:06:b9:55:81:11:f0:fb:
85:92:d9:61:52:c9:dd:b5:1f:c0:36:08:7a:1b:9e:33:9b:c6:
86:f4:fe:df:6a:d9:43:2a:57:68:1f:82:68:ff:cc:aa:53:2e:
a7:11:55:e9:fc:f8:2b:55:a5:c6:c4:84:9a:ad:30:be:a5:cd:
1e:75:44:3c:5b:f9:c6:61:e7:8e:32:89:a1:8b:0b:f0:4b:6f:
af:6e:b0:e3:90:b7:e7:2f:b1:56:fb:c2:9b:95:94:8c:88:52:
a3:06:4d:69:c7:ca:96:dd:53:14:22:11:71:fb:33:39:57:6f:
f8:7b:ce:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZmUsI5blL3gdjNZJGRVKi0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjUwOTI5MDg1NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDRlYTIyMGYyMTdmMzMxNjYyNWNmMDE2ZDhiZTljZTg2YTRhZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8O/vLCjWslhogOIoTwhFP5hmX2sG
t22KDKCYv7XUgl1/JgOADYMrwESS7yNvlLiR+xOkSWLwbfnCTCfYXlXKQaGI2ivB
EEvdl0ED2cqw5S8MCQUHK3aG8igl29gMiQZuj8iVdqjHDsWhQ9weZSOcejqINz5+
GYaZRGyfpSrn10ujEZ0kdLWPx+48+fh2ELYqIaV8/tVyIDAzTeX0qQ82xerdDK1X
0ErAWLkX2FggFp6CJ+vfARGEvl+JaHswpG+46GC5BK20GqQX3EtCnTzhjMT+KwhM
nl72TLf2uaeuiK31IdCb7T4QOn99i8axIAUjRz79L9VsXeRlAg3Nj/u5gwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAROoiDyF/MxZiXPAW2L6c6GpK1xMB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvQkU2aUlQSVg4ekZtSmM4QmJZdnB6b2FrclhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAH6xFAwQA
H6xPMA0GCSqGSIb3DQEBCwUAA4IBAQBy5h3+LnkDeuFfXiqsLrj5lUwpmv6sl44t
df/LoulIbaWyCEVLK2+mBLPif9HIWUSc2Om91svwgzRT7muDiQ5fT3BVMqHooTys
6OuocUBQA3pemKZmHtLbs7u8Z8QKGjHOpPMcwnk2Eb/3lT+w11sWxOprMszlEx/O
yesAO10iZNivQJwrOF4c3ga5VYER8PuFktlhUsndtR/ANgh6G54zm8aG9P7fatlD
KldoH4Jo/8yqUy6nEVXp/PgrVaXGxISarTC+pc0edUQ8W/nGYeeOMomhiwvwS2+v
brDjkLfnL7FW+8KblZSMiFKjBk1px8qW3VMUIhFx+zM5V2/4e84Z
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:55:52 2025 by rpki-client