Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/CXkACV-63YQsGoLAT_fjFmpIWrY.roa
File: CXkACV-63YQsGoLAT_fjFmpIWrY.roa (raw, json)
Hash identifier: VrWjblsIWiGRBo5IbexwcD3xb4sOkqQVyxbnH8/frQ4=
Subject key identifier: 09:79:00:09:5F:BA:DD:84:2C:1A:82:C0:4F:F7:E3:16:6A:48:5A:B6
Certificate issuer: /CN=4b98127943e7175734964010c89ef821416a31b3
Certificate serial: 019691C330B3AE1214B9C45C90BD38D01AE6
Authority key identifier: 4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/CXkACV-63YQsGoLAT_fjFmpIWrY.roa
Signing time: Fri 02 May 2025 16:10:10 +0000
ROA not before: Fri 02 May 2025 16:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 31.90.0.0/15 maxlen: 15
31.92.0.0/15 maxlen: 15
31.94.0.0/16 maxlen: 16
31.96.0.0/16 maxlen: 16
31.100.0.0/14 maxlen: 14
31.104.0.0/16 maxlen: 16
31.105.0.0/16 maxlen: 16
31.106.0.0/15 maxlen: 15
31.112.0.0/14 maxlen: 14
31.116.0.0/16 maxlen: 16
31.117.0.0/16 maxlen: 16
31.118.0.0/16 maxlen: 16
31.119.0.0/16 maxlen: 16
31.120.0.0/16 maxlen: 16
31.121.0.0/16 maxlen: 16
31.122.0.0/16 maxlen: 16
31.126.0.0/15 maxlen: 15
46.68.66.0/24 maxlen: 24
95.144.0.0/13 maxlen: 13
109.180.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:91:c3:30:b3:ae:12:14:b9:c4:5c:90:bd:38:d0:1a:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b98127943e7175734964010c89ef821416a31b3
Validity
Not Before: May 2 16:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=097900095fbadd842c1a82c04ff7e3166a485ab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:34:88:b7:26:6f:66:5b:95:52:d4:4f:30:96:
5e:7a:e2:1a:fa:42:fb:47:be:66:03:16:ef:03:f9:
35:30:88:d2:31:94:e4:fa:14:af:8e:e8:1c:74:84:
06:a8:7d:2d:fe:65:30:b2:41:50:a0:1b:06:3a:e2:
91:c2:64:c3:55:9d:e0:f8:a4:df:8e:30:77:8e:67:
95:95:a0:39:8c:4c:ba:9a:4d:13:7a:2e:09:2c:98:
9d:50:83:de:08:2e:a3:63:ad:9c:04:88:d2:88:9e:
e1:65:44:bb:5b:74:eb:46:ad:e3:56:de:c9:f1:d7:
d8:18:d8:9f:21:af:55:a4:5e:58:1d:14:9e:a2:17:
2a:62:31:e9:e6:ea:5c:f8:9f:80:20:09:4e:96:d7:
41:fb:a7:e2:32:86:b4:df:ca:ac:12:a3:d8:57:cf:
57:ff:2e:4c:4d:c2:8b:58:21:cb:60:68:cc:f5:85:
d3:2d:b3:bc:b9:8d:d7:83:18:5f:d9:5b:a7:ba:7d:
e6:7b:ba:1c:2f:b2:4b:ad:56:d8:fe:a3:00:c1:70:
d5:8e:9a:7f:14:bb:4d:17:f9:4c:78:08:ed:8e:e1:
0b:a3:99:c0:86:95:49:69:33:32:3b:2d:64:5f:aa:
8e:53:ad:ae:83:b3:5d:d2:61:d8:af:ca:e7:06:17:
0c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:79:00:09:5F:BA:DD:84:2C:1A:82:C0:4F:F7:E3:16:6A:48:5A:B6
X509v3 Authority Key Identifier:
keyid:4B:98:12:79:43:E7:17:57:34:96:40:10:C8:9E:F8:21:41:6A:31:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5gSeUPnF1c0lkAQyJ74IUFqMbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/CXkACV-63YQsGoLAT_fjFmpIWrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f20df3-2753-4353-a668-621792f7e56a/1/S5gSeUPnF1c0lkAQyJ74IUFqMbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.90.0.0-31.94.255.255
31.96.0.0/16
31.100.0.0-31.107.255.255
31.112.0.0-31.122.255.255
31.126.0.0/15
46.68.66.0/24
95.144.0.0/13
109.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8f:20:03:eb:4b:70:a2:2e:c3:ea:84:cf:42:2e:4a:98:1c:ba:
7a:8b:5d:7a:ca:9f:67:5c:f3:7b:ec:57:3e:d1:9c:7e:10:6b:
50:a0:ce:8a:dd:ff:ec:18:78:d0:a4:26:ac:3c:65:bb:d5:ee:
85:c5:5c:9b:54:97:04:6f:6e:d8:7c:d0:cc:99:29:27:c0:d6:
aa:c6:b9:66:39:26:72:fd:9a:4e:51:26:84:c4:24:41:e6:04:
f1:2c:27:1f:a5:d1:48:6c:7b:b2:75:c2:b2:62:e0:61:67:47:
ef:f7:1e:6b:8b:0d:b8:53:18:69:b2:b3:85:5a:cc:02:05:1c:
a3:6a:93:4e:80:a7:ef:c8:40:58:0c:8d:20:0a:32:44:02:41:
37:0d:a8:89:38:ec:3b:05:f3:41:71:8d:01:02:f2:c7:20:9b:
d7:99:1d:28:f7:cc:2f:9b:8c:68:b6:17:a8:df:0e:34:48:79:
8a:0e:30:cb:58:57:b4:87:ba:1d:79:06:01:33:5e:be:58:33:
94:a6:0a:8c:23:62:c2:16:41:42:88:91:bb:ab:05:90:8e:97:
29:4d:ec:d4:ea:61:33:40:ca:02:dd:ae:f3:b2:8e:dd:90:e6:
14:86:6d:0a:01:be:ae:4d:87:d8:30:43:be:54:0d:9c:ad:50:
4b:2b:95:35
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZaRwzCzrhIUucRckL040BrmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTgxMjc5NDNlNzE3NTczNDk2NDAxMGM4OWVmODIxNDE2
YTMxYjMwHhcNMjUwNTAyMTYxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTc5MDAwOTVmYmFkZDg0MmMxYTgyYzA0ZmY3ZTMxNjZhNDg1YWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTSItyZvZluVUtRPMJZeeuIa+kL7
R75mAxbvA/k1MIjSMZTk+hSvjugcdIQGqH0t/mUwskFQoBsGOuKRwmTDVZ3g+KTf
jjB3jmeVlaA5jEy6mk0Tei4JLJidUIPeCC6jY62cBIjSiJ7hZUS7W3TrRq3jVt7J
8dfYGNifIa9VpF5YHRSeohcqYjHp5upc+J+AIAlOltdB+6fiMoa038qsEqPYV89X
/y5MTcKLWCHLYGjM9YXTLbO8uY3Xgxhf2Vunun3me7ocL7JLrVbY/qMAwXDVjpp/
FLtNF/lMeAjtjuELo5nAhpVJaTMyOy1kX6qOU62ug7Nd0mHYr8rnBhcMwwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFAl5AAlfut2ELBqCwE/34xZqSFq2MB8GA1UdIwQY
MBaAFEuYEnlD5xdXNJZAEMie+CFBajGzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2Njgt
NjIxNzkyZjdlNTZhLzEvQ1hrQUNWLTYzWVFzR29MQVRfZmpGbXBJV3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mMjBkZjMtMjc1My00MzUzLWE2NjgtNjIxNzkyZjdlNTZh
LzEvUzVnU2VVUG5GMWMwbGtBUXlKNzRJVUZxTWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAoDAwEfWgMD
AB9eAwMAH2AwCgMDAh9kAwMCH2gwCgMDBB9wAwMAH3oDAwEffgMEAC5EQgMDA1+Q
AwMBbbQwDQYJKoZIhvcNAQELBQADggEBAI8gA+tLcKIuw+qEz0IuSpgcunqLXXrK
n2dc83vsVz7RnH4Qa1Cgzord/+wYeNCkJqw8ZbvV7oXFXJtUlwRvbth80MyZKSfA
1qrGuWY5JnL9mk5RJoTEJEHmBPEsJx+l0Uhse7J1wrJi4GFnR+/3HmuLDbhTGGmy
s4VazAIFHKNqk06Ap+/IQFgMjSAKMkQCQTcNqIk47DsF80FxjQEC8scgm9eZHSj3
zC+bjGi2F6jfDjRIeYoOMMtYV7SHuh15BgEzXr5YM5SmCowjYsIWQUKIkburBZCO
lylN7NTqYTNAygLdrvOyjt2Q5hSGbQoBvq5Nh9gwQ75UDZytUEsrlTU=
-----END CERTIFICATE-----
Generated at Sun May 11 04:33:28 2025 by rpki-client