Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/qOUhVI1G4SW4_rAdHVZjiGEJEhc.roa
File: qOUhVI1G4SW4_rAdHVZjiGEJEhc.roa (raw, json)
Hash identifier: mLpbGQvUh3BNlZYktMPLqJ4KDfxwOCyR9t25dQjnDY4=
Subject key identifier: A8:E5:21:54:8D:46:E1:25:B8:FE:B0:1D:1D:56:63:88:61:09:12:17
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 0197A2223756240231F0344E7B05D2FE43A5
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/qOUhVI1G4SW4_rAdHVZjiGEJEhc.roa
Signing time: Tue 24 Jun 2025 13:30:40 +0000
ROA not before: Tue 24 Jun 2025 13:30:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16003
IP address blocks: 31.172.74.0/24 maxlen: 24
31.172.78.0/24 maxlen: 24
79.132.137.0/24 maxlen: 24
79.132.139.0/24 maxlen: 24
103.75.125.0/24 maxlen: 24
103.75.126.0/24 maxlen: 24
162.248.161.0/24 maxlen: 24
185.18.52.0/22 maxlen: 22
185.18.52.0/24 maxlen: 24
217.194.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a2:22:37:56:24:02:31:f0:34:4e:7b:05:d2:fe:43:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: Jun 24 13:30:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8e521548d46e125b8feb01d1d56638861091217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e6:21:e7:7b:ae:7b:54:36:10:81:53:63:49:
9d:64:b9:44:28:38:cb:24:c4:8a:bf:ec:80:fb:c0:
f4:a2:a1:f5:5a:73:98:36:74:20:d0:0e:88:1e:f5:
51:d0:4a:48:b6:60:d2:55:52:45:ea:1a:a8:34:a5:
94:85:09:d9:38:8b:6e:66:32:0d:5a:10:d1:11:68:
4c:0b:3f:8e:5b:70:bc:35:1c:b0:48:e8:a7:ec:8d:
23:44:0e:6f:86:81:10:05:53:8c:37:c4:9b:ab:a2:
9d:f4:bf:89:ee:30:b6:91:4b:17:1f:4e:af:1b:05:
f9:1a:65:be:d2:e0:ed:de:32:a0:13:00:72:a3:03:
51:f5:e0:65:62:3c:79:ff:53:51:9a:72:6b:46:a2:
6a:0e:10:1a:03:26:5e:51:50:4b:66:5d:98:02:91:
f9:cc:ed:d3:72:7f:e5:d5:a7:76:87:26:d5:ab:e9:
2f:19:49:43:9c:ba:37:95:b9:73:b1:79:46:28:ca:
69:4f:b1:f0:fb:48:16:60:b0:fa:29:4c:4e:44:40:
6b:55:ac:ae:aa:ee:d3:09:64:5c:f3:04:cc:f3:ea:
df:5f:ea:cd:56:63:07:7c:bc:c3:90:26:29:9a:4d:
2e:9b:39:83:01:c7:12:2f:80:c8:68:e6:39:b5:8f:
8d:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E5:21:54:8D:46:E1:25:B8:FE:B0:1D:1D:56:63:88:61:09:12:17
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/qOUhVI1G4SW4_rAdHVZjiGEJEhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.74.0/24
31.172.78.0/24
79.132.137.0/24
79.132.139.0/24
103.75.125.0-103.75.126.255
162.248.161.0/24
185.18.52.0/22
217.194.148.0/24
Signature Algorithm: sha256WithRSAEncryption
27:bc:5c:13:c7:0b:b7:f0:21:6f:a8:0e:d9:a6:5a:47:b9:0e:
8c:5a:cb:2f:68:1b:3b:70:4c:a1:72:15:12:5c:0a:27:9b:5b:
ec:5d:d1:65:5b:43:d7:2e:8e:ed:ac:ab:d0:e7:d6:9c:d1:84:
bc:e0:ef:73:f2:0b:d9:67:fc:ff:53:0c:9d:c4:ba:31:35:40:
70:73:01:70:7a:1f:26:8c:a3:ed:36:51:96:c4:7e:b4:32:3c:
d2:d7:8f:7d:8d:d0:b8:ee:01:b3:fa:25:e7:51:fc:8f:49:37:
34:7d:78:d7:ce:b9:64:04:7c:ba:07:94:3a:e4:79:c6:d2:28:
97:5d:2d:a9:71:ef:8a:14:d5:32:ff:ac:75:60:fe:60:a1:fd:
2e:f5:20:a3:14:f5:42:79:23:9b:04:38:b9:e1:ae:8e:94:c8:
ff:af:04:f6:71:6d:af:53:c7:68:da:2a:20:0c:28:7a:59:eb:
a2:3f:9f:8a:64:a5:b6:f2:72:37:27:c2:e5:e7:f8:b8:02:7f:
46:ff:3d:62:da:ce:1e:5c:85:d6:59:9a:3c:b0:1b:d7:ca:9e:
7b:b7:b3:db:3e:99:66:f5:1c:16:be:62:91:83:ce:58:1e:4b:
7d:48:31:32:bb:5a:75:ab:3d:ae:ad:ce:88:4d:cc:c6:60:fa:
4b:06:d8:c8
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZeiIjdWJAIx8DROewXS/kOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjUwNjI0MTMzMDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGU1MjE1NDhkNDZlMTI1YjhmZWIwMWQxZDU2NjM4ODYxMDkxMjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouYh53uue1Q2EIFTY0mdZLlEKDjL
JMSKv+yA+8D0oqH1WnOYNnQg0A6IHvVR0EpItmDSVVJF6hqoNKWUhQnZOItuZjIN
WhDREWhMCz+OW3C8NRywSOin7I0jRA5vhoEQBVOMN8Sbq6Kd9L+J7jC2kUsXH06v
GwX5GmW+0uDt3jKgEwByowNR9eBlYjx5/1NRmnJrRqJqDhAaAyZeUVBLZl2YApH5
zO3Tcn/l1ad2hybVq+kvGUlDnLo3lblzsXlGKMppT7Hw+0gWYLD6KUxOREBrVayu
qu7TCWRc8wTM8+rfX+rNVmMHfLzDkCYpmk0umzmDAccSL4DIaOY5tY+NpwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFKjlIVSNRuEluP6wHR1WY4hhCRIXMB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvcU9VaFZJMUc0U1c0X3JBZEhWWmppR0VKRWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAH6xKAwQA
H6xOAwQAT4SJAwQAT4SLMAwDBABnS30DBABnS34DBACi+KEDBAK5EjQDBADZwpQw
DQYJKoZIhvcNAQELBQADggEBACe8XBPHC7fwIW+oDtmmWke5Doxayy9oGztwTKFy
FRJcCiebW+xd0WVbQ9cuju2sq9Dn1pzRhLzg73PyC9ln/P9TDJ3EujE1QHBzAXB6
HyaMo+02UZbEfrQyPNLXj32N0LjuAbP6JedR/I9JNzR9eNfOuWQEfLoHlDrkecbS
KJddLalx74oU1TL/rHVg/mCh/S71IKMU9UJ5I5sEOLnhro6UyP+vBPZxba9Tx2ja
KiAMKHpZ66I/n4pkpbbycjcnwuXn+LgCf0b/PWLazh5chdZZmjywG9fKnnu3s9s+
mWb1HBa+YpGDzlgeS31IMTK7WnWrPa6tzohNzMZg+ksG2Mg=
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:38:25 2025 by rpki-client