Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7YGGgS8vBx2cSp4ewxwYfPdmA8E.roa
File: 7YGGgS8vBx2cSp4ewxwYfPdmA8E.roa (raw, json)
Hash identifier: u14ruAJ6+h50PAIFfnAbeDzYWoIY2z+EKUbo+4/G1L0=
Subject key identifier: ED:81:86:81:2F:2F:07:1D:9C:4A:9E:1E:C3:1C:18:7C:F7:66:03:C1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01983AF4E935B1380C3A8FA06B84436C84A3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7YGGgS8vBx2cSp4ewxwYfPdmA8E.roa
Signing time: Thu 24 Jul 2025 05:43:05 +0000
ROA not before: Thu 24 Jul 2025 05:43:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 151612
IP address blocks: 31.13.224.0/24 maxlen: 24
31.13.231.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3a:f4:e9:35:b1:38:0c:3a:8f:a0:6b:84:43:6c:84:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 24 05:43:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed8186812f2f071d9c4a9e1ec31c187cf76603c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fd:ed:dd:95:0e:cb:9e:29:28:6a:1d:2b:4b:
ee:23:51:80:f8:90:fb:5a:5e:35:4b:14:b6:c1:de:
19:e6:2f:fa:74:84:b7:d5:23:27:d0:98:a0:7d:12:
fa:17:c4:99:9e:0b:dc:e5:9f:f0:f8:a1:79:e8:53:
4e:ff:7c:42:af:21:49:7a:50:c9:86:13:7d:1e:7a:
94:7a:9c:cd:bd:f3:32:b0:21:51:df:37:7d:a5:a4:
40:58:9b:7d:3c:c3:a5:34:9e:4b:d0:60:92:dd:d6:
79:d6:88:96:f1:6f:a2:24:2c:6b:45:0b:a9:72:13:
f0:ec:cf:68:01:15:2d:d7:c7:df:d4:e9:f7:cb:1f:
77:8e:7f:88:ed:5d:7e:74:c0:f3:cd:2f:fb:9a:d1:
9c:d0:aa:86:60:69:98:29:f6:26:c8:b0:9b:31:7e:
5d:1d:cb:04:24:bd:d6:1f:87:ea:94:07:d6:ba:34:
f4:e2:04:c7:d9:e0:2e:49:b6:03:a0:72:e9:43:b5:
35:24:d8:7d:58:80:0b:0e:c2:a4:cb:c4:6b:d3:fa:
83:b3:07:9a:3e:97:e6:2e:ef:6e:34:04:e8:8c:ba:
fd:15:93:05:83:6f:47:c8:5b:3a:cc:b6:48:51:0b:
36:21:f8:0d:46:b4:60:a7:54:3e:aa:9e:57:0b:ec:
8f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:81:86:81:2F:2F:07:1D:9C:4A:9E:1E:C3:1C:18:7C:F7:66:03:C1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7YGGgS8vBx2cSp4ewxwYfPdmA8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.224.0/24
31.13.231.0/24
81.161.230.0/24
193.37.47.0/24
Signature Algorithm: sha256WithRSAEncryption
61:65:8d:72:c6:65:a3:4f:10:d2:97:29:25:ae:70:f6:c2:18:
32:fa:12:6e:40:9a:93:60:f2:2a:5a:0c:47:e3:a5:68:72:73:
c3:8e:2e:e2:97:cd:cd:c1:18:cd:26:f2:21:ea:44:4f:2e:87:
7d:56:03:18:46:b3:c4:0e:41:16:fb:44:08:a8:82:2a:b2:db:
6b:2e:9a:ce:f9:54:fb:86:32:4f:6a:20:4d:ba:50:98:ed:d8:
4f:71:b7:07:23:df:75:19:0d:ec:84:45:af:7b:4f:e1:5a:63:
c5:ba:9a:43:1b:86:95:61:cd:90:aa:b4:d7:83:69:ca:2a:a7:
29:fc:9b:ef:6f:01:d7:6d:11:42:9b:57:e9:9b:7f:ec:b2:11:
1e:db:aa:a7:00:eb:38:e2:9a:1e:bd:db:2d:00:a5:5c:c6:62:
f8:c8:d5:49:38:3d:f4:b9:78:9f:dd:a2:42:a6:00:4a:3f:4b:
7e:8d:cd:7e:e5:6a:74:78:95:79:c4:3f:bf:b9:df:70:3c:a0:
e2:b5:55:3f:2f:ae:64:f5:c3:de:a0:e3:62:e4:bf:60:db:7e:
e2:0d:c1:fb:d8:45:d1:28:21:1b:92:15:6d:df:74:17:50:66:
d6:de:9a:88:b0:2c:e3:ad:96:75:5b:68:35:3b:06:e5:9a:f8:
bd:63:0d:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZg69Ok1sTgMOo+ga4RDbISjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNzI0MDU0MzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDgxODY4MTJmMmYwNzFkOWM0YTllMWVjMzFjMTg3Y2Y3NjYwM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyP3t3ZUOy54pKGodK0vuI1GA+JD7
Wl41SxS2wd4Z5i/6dIS31SMn0JigfRL6F8SZngvc5Z/w+KF56FNO/3xCryFJelDJ
hhN9HnqUepzNvfMysCFR3zd9paRAWJt9PMOlNJ5L0GCS3dZ51oiW8W+iJCxrRQup
chPw7M9oARUt18ff1On3yx93jn+I7V1+dMDzzS/7mtGc0KqGYGmYKfYmyLCbMX5d
HcsEJL3WH4fqlAfWujT04gTH2eAuSbYDoHLpQ7U1JNh9WIALDsKky8Rr0/qDswea
PpfmLu9uNATojLr9FZMFg29HyFs6zLZIUQs2IfgNRrRgp1Q+qp5XC+yPpwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO2BhoEvLwcdnEqeHsMcGHz3ZgPBMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN1lHR2dTOHZCeDJjU3A0ZXd4d1lmUGRtQThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHw3gAwQA
Hw3nAwQAUaHmAwQAwSUvMA0GCSqGSIb3DQEBCwUAA4IBAQBhZY1yxmWjTxDSlykl
rnD2whgy+hJuQJqTYPIqWgxH46VocnPDji7il83NwRjNJvIh6kRPLod9VgMYRrPE
DkEW+0QIqIIqsttrLprO+VT7hjJPaiBNulCY7dhPcbcHI991GQ3shEWve0/hWmPF
uppDG4aVYc2QqrTXg2nKKqcp/JvvbwHXbRFCm1fpm3/sshEe26qnAOs44poevdst
AKVcxmL4yNVJOD30uXif3aJCpgBKP0t+jc1+5Wp0eJV5xD+/ud9wPKDitVU/L65k
9cPeoONi5L9g237iDcH72EXRKCEbkhVt33QXUGbW3pqIsCzjrZZ1W2g1Owblmvi9
Yw1p
-----END CERTIFICATE-----
Generated at Fri Aug 8 19:21:45 2025 by rpki-client