Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/trffbMiTH6DrGuiy0X3enBvY_Oo.roa
File: trffbMiTH6DrGuiy0X3enBvY_Oo.roa (raw, json)
Hash identifier: o0rF0YmxKHHBrS/g1LKn0ZhHqi9U3j4NE3U+lGfKC3M=
Subject key identifier: B6:B7:DF:6C:C8:93:1F:A0:EB:1A:E8:B2:D1:7D:DE:9C:1B:D8:FC:EA
Certificate issuer: /CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Certificate serial: 0199A41E2475111CD175143C4D5FCC837C34
Authority key identifier: A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/trffbMiTH6DrGuiy0X3enBvY_Oo.roa
Signing time: Thu 02 Oct 2025 08:51:02 +0000
ROA not before: Thu 02 Oct 2025 08:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21245
IP address blocks: 31.3.0.0/24 maxlen: 24
31.3.1.0/24 maxlen: 24
31.3.2.0/24 maxlen: 24
31.3.3.0/24 maxlen: 24
31.3.4.0/24 maxlen: 24
31.3.5.0/24 maxlen: 24
31.3.6.0/24 maxlen: 24
31.3.7.0/24 maxlen: 24
80.91.216.0/24 maxlen: 24
103.199.232.0/24 maxlen: 24
146.19.176.0/24 maxlen: 24
185.21.180.0/24 maxlen: 24
185.21.181.0/24 maxlen: 24
185.21.182.0/24 maxlen: 24
185.21.183.0/24 maxlen: 24
185.22.160.0/24 maxlen: 24
185.22.161.0/24 maxlen: 24
185.22.162.0/24 maxlen: 24
185.22.163.0/24 maxlen: 24
185.87.172.0/24 maxlen: 24
185.87.173.0/24 maxlen: 24
185.87.174.0/24 maxlen: 24
185.87.175.0/24 maxlen: 24
185.155.102.0/24 maxlen: 24
185.201.196.0/24 maxlen: 24
185.201.197.0/24 maxlen: 24
185.201.198.0/24 maxlen: 24
185.230.16.0/24 maxlen: 24
185.230.17.0/24 maxlen: 24
185.230.19.0/24 maxlen: 24
185.235.10.0/24 maxlen: 24
185.241.63.0/24 maxlen: 24
2a03:3f00::/48 maxlen: 48
2a03:3f00:1::/48 maxlen: 48
2a03:3f00:2::/48 maxlen: 48
2a03:3f00:3::/48 maxlen: 48
2a03:3f00:4::/48 maxlen: 48
2a03:3f00:5::/48 maxlen: 48
2a03:3f00:6::/48 maxlen: 48
2a03:3f00:7::/48 maxlen: 48
2a03:3f00:10::/48 maxlen: 48
2a03:3f00:17::/48 maxlen: 48
2a03:3f00:19::/48 maxlen: 48
2a03:3f00:31::/48 maxlen: 48
2a03:3f00:d8::/48 maxlen: 48
2a03:3f00:160::/48 maxlen: 48
2a03:3f00:161::/48 maxlen: 48
2a03:3f00:162::/48 maxlen: 48
2a03:3f00:163::/48 maxlen: 48
2a03:3f00:172::/48 maxlen: 48
2a03:3f00:174::/48 maxlen: 48
2a03:3f00:175::/48 maxlen: 48
2a03:3f00:180::/48 maxlen: 48
2a03:3f00:181::/48 maxlen: 48
2a03:3f00:182::/48 maxlen: 48
2a03:3f00:183::/48 maxlen: 48
2a03:3f00:3e7::/48 maxlen: 48
2a03:3f00:3e8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/pLGPlqqgNWfyL8AsQqaTVwhlWqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/pLGPlqqgNWfyL8AsQqaTVwhlWqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 08:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a4:1e:24:75:11:1c:d1:75:14:3c:4d:5f:cc:83:7c:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Validity
Not Before: Oct 2 08:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6b7df6cc8931fa0eb1ae8b2d17dde9c1bd8fcea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:40:77:2d:0e:14:df:82:df:32:3d:4c:7c:82:
28:f9:84:7e:31:bb:f8:7c:35:96:3a:c8:14:91:70:
14:e6:92:2f:5b:36:1e:be:c6:55:d2:56:9c:8c:07:
6d:cd:bd:04:ab:d6:97:dd:74:50:9e:f9:77:8f:b6:
d0:59:48:cf:87:de:86:62:85:07:ed:4e:2b:e6:23:
00:4f:29:97:32:de:ef:b8:c6:bb:38:33:c4:e2:02:
ee:10:15:c8:0c:48:c0:85:e4:b8:84:76:94:49:53:
06:19:d8:27:a2:20:a1:c2:bf:3a:88:cd:9b:f5:49:
f0:7e:48:ee:15:40:5a:1a:b8:4e:51:d3:4f:0e:0c:
f2:5d:2d:0f:d3:b4:44:55:8d:c9:64:20:73:9e:a1:
3c:65:16:03:e1:b2:73:1e:45:17:a0:e9:23:33:e4:
cd:ae:57:c5:29:29:7b:67:41:d6:2d:80:f0:30:c6:
fa:fb:5a:5e:b9:ec:15:7a:b6:c6:be:3a:f3:2e:3e:
2f:25:fb:32:72:4e:9e:fe:bc:f6:0c:eb:df:d1:3b:
25:60:98:a2:b3:7a:ea:7b:fe:ee:ca:ce:1d:bc:72:
9c:0a:21:e1:d1:7e:86:a9:c7:dc:91:4d:27:c8:82:
53:19:d8:d0:d7:76:c3:4f:54:ee:86:a9:79:0e:db:
43:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B7:DF:6C:C8:93:1F:A0:EB:1A:E8:B2:D1:7D:DE:9C:1B:D8:FC:EA
X509v3 Authority Key Identifier:
keyid:A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/trffbMiTH6DrGuiy0X3enBvY_Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/pLGPlqqgNWfyL8AsQqaTVwhlWqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.0.0/21
80.91.216.0/24
103.199.232.0/24
146.19.176.0/24
185.21.180.0/22
185.22.160.0/22
185.87.172.0/22
185.155.102.0/24
185.201.196.0-185.201.198.255
185.230.16.0/23
185.230.19.0/24
185.235.10.0/24
185.241.63.0/24
IPv6:
2a03:3f00::/45
2a03:3f00:10::/48
2a03:3f00:17::/48
2a03:3f00:19::/48
2a03:3f00:31::/48
2a03:3f00:d8::/48
2a03:3f00:160::/46
2a03:3f00:172::/48
2a03:3f00:174::/47
2a03:3f00:180::/46
2a03:3f00:3e7::-2a03:3f00:3e8:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
25:8e:8b:6f:22:4f:bd:cb:4a:e4:d2:51:ff:cb:d2:14:48:ea:
8f:c0:0c:c2:b6:7e:2e:1b:0f:56:ed:82:36:1e:5e:cf:eb:c3:
53:85:70:99:48:09:18:50:36:3e:e3:3a:e7:8c:99:be:5f:40:
ab:d9:d5:ff:f6:eb:ef:2e:8b:32:16:ba:ef:49:26:4d:0a:3c:
56:42:f3:2e:ac:66:6b:3d:7e:4c:95:b9:7c:8b:28:98:09:2b:
bb:2e:dc:07:ff:ac:01:8f:9e:4d:88:66:5a:fa:7c:40:35:cc:
d8:1f:64:63:71:d7:d1:a8:08:82:d7:bb:31:5f:fb:f0:b6:43:
2d:0f:11:14:b2:6b:79:f9:3f:d0:1f:ee:c4:c1:53:0e:28:36:
d2:32:bf:87:88:84:b4:70:94:de:68:d5:7c:c8:98:cd:17:38:
4e:34:a0:00:50:db:33:eb:18:a5:35:e9:6d:f2:7f:92:18:6f:
a8:fa:81:e1:8a:02:62:0e:ec:8c:77:5e:0d:3d:e5:87:d0:1f:
55:3c:c1:0b:c8:45:11:24:60:4b:a5:ff:f5:e4:9c:db:3f:41:
a6:52:4e:86:c8:8b:5d:3f:16:65:93:94:7d:93:ee:99:99:d1:
11:b4:fd:d6:f8:47:82:d3:d6:ba:b2:61:27:af:cf:05:4e:fc:
04:bc:84:3e
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZmkHiR1ERzRdRQ8TV/Mg3w0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjE4Zjk2YWFhMDM1NjdmMjJmYzAyYzQyYTY5MzU3MDg2
NTVhYTkwHhcNMjUxMDAyMDg1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmI3ZGY2Y2M4OTMxZmEwZWIxYWU4YjJkMTdkZGU5YzFiZDhmY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUB3LQ4U34LfMj1MfIIo+YR+Mbv4
fDWWOsgUkXAU5pIvWzYevsZV0lacjAdtzb0Eq9aX3XRQnvl3j7bQWUjPh96GYoUH
7U4r5iMATymXMt7vuMa7ODPE4gLuEBXIDEjAheS4hHaUSVMGGdgnoiChwr86iM2b
9UnwfkjuFUBaGrhOUdNPDgzyXS0P07REVY3JZCBznqE8ZRYD4bJzHkUXoOkjM+TN
rlfFKSl7Z0HWLYDwMMb6+1peuewVerbGvjrzLj4vJfsyck6e/rz2DOvf0TslYJii
s3rqe/7uys4dvHKcCiHh0X6GqcfckU0nyIJTGdjQ13bDT1Tuhql5DttDdwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFLa332zIkx+g6xrostF93pwb2PzqMB8GA1UdIwQY
MBaAFKSxj5aqoDVn8i/ALEKmk1cIZVqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExHUGxxcWdOV2Z5TDhBc1FxYVRWd2hsV3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82ODIwZjktNDQ1OS00ODU4LTk4Y2Ut
YzY5NGYwZWFjYmE2LzEvdHJmZmJNaVRINkRyR3VpeTBYM2VuQnZZX09vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82ODIwZjktNDQ1OS00ODU4LTk4Y2UtYzY5NGYwZWFjYmE2
LzEvcExHUGxxcWdOV2Z5TDhBc1FxYVRWd2hsV3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DBcBAIAATBWAwQDHwMA
AwQAUFvYAwQAZ8foAwQAkhOwAwQCuRW0AwQCuRagAwQCuVesAwQAuZtmMAwDBAK5
ycQDBAC5ycYDBAG55hADBAC55hMDBAC56woDBAC58T8wdAQCAAIwbgMHAyoDPwAA
AAMHACoDPwAAEAMHACoDPwAAFwMHACoDPwAAGQMHACoDPwAAMQMHACoDPwAA2AMH
AioDPwABYAMHACoDPwABcgMHASoDPwABdAMHAioDPwABgDASAwcAKgM/AAPnAwcA
KgM/AAPoMA0GCSqGSIb3DQEBCwUAA4IBAQAljotvIk+9y0rk0lH/y9IUSOqPwAzC
tn4uGw9W7YI2Hl7P68NThXCZSAkYUDY+4zrnjJm+X0Cr2dX/9uvvLosyFrrvSSZN
CjxWQvMurGZrPX5Mlbl8iyiYCSu7LtwH/6wBj55NiGZa+nxANczYH2RjcdfRqAiC
17sxX/vwtkMtDxEUsmt5+T/QH+7EwVMOKDbSMr+HiIS0cJTeaNV8yJjNFzhONKAA
UNsz6xilNelt8n+SGG+o+oHhigJiDuyMd14NPeWH0B9VPMELyEURJGBLpf/15Jzb
P0GmUk6GyItdPxZlk5R9k+6ZmdERtP3W+EeC09a6smEnr88FTvwEvIQ+
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:55:37 2025 by rpki-client