Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/xRFOm0ZvJLIyABQ-DUI-v4_Ds6s.roa
File: xRFOm0ZvJLIyABQ-DUI-v4_Ds6s.roa (raw, json)
Hash identifier: pIF4wo//VjKy3dqgAgwybsM9c3/sZz603lzKCmZSIkg=
Subject key identifier: C5:11:4E:9B:46:6F:24:B2:32:00:14:3E:0D:42:3E:BF:8F:C3:B3:AB
Certificate issuer: /CN=b914166b685ac015b94126cdb8b18c83a12ed862
Certificate serial: 0198655E7197D0E5C64BAEEDE42044F21969
Authority key identifier: B9:14:16:6B:68:5A:C0:15:B9:41:26:CD:B8:B1:8C:83:A1:2E:D8:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/xRFOm0ZvJLIyABQ-DUI-v4_Ds6s.roa
Signing time: Fri 01 Aug 2025 11:22:24 +0000
ROA not before: Fri 01 Aug 2025 11:22:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47583
IP address blocks: 31.97.0.0/23 maxlen: 24
31.97.2.0/24 maxlen: 24
31.97.3.0/24 maxlen: 24
31.97.8.0/21 maxlen: 24
31.97.16.0/20 maxlen: 24
31.97.32.0/21 maxlen: 24
31.97.40.0/22 maxlen: 24
31.97.44.0/22 maxlen: 24
31.97.48.0/22 maxlen: 24
31.97.52.0/22 maxlen: 24
31.97.56.0/22 maxlen: 24
31.97.60.0/22 maxlen: 24
31.97.64.0/24 maxlen: 24
31.97.65.0/24 maxlen: 24
31.97.66.0/23 maxlen: 24
31.97.68.0/23 maxlen: 24
31.97.70.0/23 maxlen: 24
31.97.72.0/22 maxlen: 24
31.97.76.0/22 maxlen: 24
31.97.80.0/20 maxlen: 24
31.97.96.0/21 maxlen: 24
31.97.104.0/21 maxlen: 24
31.97.112.0/21 maxlen: 24
31.97.120.0/21 maxlen: 24
31.97.128.0/20 maxlen: 24
31.97.144.0/22 maxlen: 24
31.97.148.0/23 maxlen: 24
31.97.150.0/24 maxlen: 24
31.97.151.0/24 maxlen: 24
31.97.152.0/21 maxlen: 24
31.97.160.0/20 maxlen: 24
31.97.176.0/23 maxlen: 24
31.97.178.0/24 maxlen: 24
31.97.179.0/24 maxlen: 24
31.97.180.0/22 maxlen: 24
31.97.184.0/23 maxlen: 24
31.97.186.0/24 maxlen: 24
31.97.187.0/24 maxlen: 24
31.97.188.0/22 maxlen: 24
31.97.192.0/21 maxlen: 24
31.97.200.0/21 maxlen: 24
31.97.208.0/21 maxlen: 24
31.97.216.0/23 maxlen: 24
31.97.218.0/23 maxlen: 24
31.97.220.0/22 maxlen: 24
31.97.224.0/20 maxlen: 24
31.97.240.0/20 maxlen: 24
69.62.64.0/23 maxlen: 24
69.62.66.0/23 maxlen: 24
69.62.68.0/22 maxlen: 24
69.62.72.0/21 maxlen: 24
69.62.80.0/22 maxlen: 24
69.62.84.0/23 maxlen: 24
69.62.86.0/23 maxlen: 24
69.62.88.0/21 maxlen: 24
69.62.96.0/21 maxlen: 24
69.62.104.0/24 maxlen: 24
69.62.105.0/24 maxlen: 24
69.62.106.0/23 maxlen: 24
69.62.108.0/22 maxlen: 24
69.62.112.0/22 maxlen: 24
69.62.116.0/22 maxlen: 24
69.62.120.0/23 maxlen: 24
69.62.122.0/24 maxlen: 24
69.62.123.0/24 maxlen: 24
69.62.124.0/24 maxlen: 24
69.62.125.0/24 maxlen: 24
69.62.126.0/23 maxlen: 24
72.60.0.0/20 maxlen: 24
72.60.16.0/22 maxlen: 24
72.60.20.0/22 maxlen: 24
72.60.24.0/21 maxlen: 24
72.60.32.0/21 maxlen: 24
72.60.40.0/22 maxlen: 24
103.199.184.0/22 maxlen: 24
148.222.52.0/24 maxlen: 24
148.222.53.0/24 maxlen: 24
148.222.54.0/24 maxlen: 24
148.222.55.0/24 maxlen: 24
148.230.64.0/23 maxlen: 24
148.230.66.0/23 maxlen: 24
148.230.68.0/23 maxlen: 24
148.230.70.0/23 maxlen: 24
148.230.72.0/21 maxlen: 24
148.230.80.0/20 maxlen: 24
148.230.96.0/22 maxlen: 24
148.230.100.0/22 maxlen: 24
148.230.104.0/21 maxlen: 24
148.230.112.0/21 maxlen: 24
148.230.120.0/22 maxlen: 24
148.230.124.0/22 maxlen: 24
168.231.64.0/21 maxlen: 24
168.231.72.0/22 maxlen: 24
168.231.76.0/23 maxlen: 24
168.231.78.0/23 maxlen: 24
168.231.80.0/21 maxlen: 24
168.231.88.0/21 maxlen: 24
168.231.96.0/22 maxlen: 24
168.231.100.0/24 maxlen: 24
168.231.101.0/24 maxlen: 24
168.231.102.0/23 maxlen: 24
168.231.104.0/21 maxlen: 24
168.231.112.0/22 maxlen: 24
168.231.116.0/24 maxlen: 24
168.231.117.0/24 maxlen: 24
168.231.118.0/23 maxlen: 24
168.231.120.0/22 maxlen: 24
168.231.124.0/22 maxlen: 24
194.164.148.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/uRQWa2hawBW5QSbNuLGMg6Eu2GI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/uRQWa2hawBW5QSbNuLGMg6Eu2GI.mft
rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:65:5e:71:97:d0:e5:c6:4b:ae:ed:e4:20:44:f2:19:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914166b685ac015b94126cdb8b18c83a12ed862
Validity
Not Before: Aug 1 11:22:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5114e9b466f24b23200143e0d423ebf8fc3b3ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5e:3e:ed:f1:ee:b0:18:38:3e:5e:73:1d:4c:
9d:a0:bb:98:c3:72:03:1d:f0:3c:1b:7d:6f:10:87:
49:62:b2:c6:3b:45:4d:80:9a:35:c3:bc:fe:8c:c4:
5b:c0:02:ff:b9:e7:60:de:2c:4a:eb:0d:bc:17:5e:
e0:62:a6:22:18:c7:98:0b:d1:dd:94:39:f2:61:e2:
ec:ab:7a:92:ed:86:ef:d7:d4:85:5d:94:a0:24:63:
e7:46:87:89:4e:b4:ba:56:97:c1:68:82:a0:91:ff:
bd:20:a4:6b:23:ae:ea:ab:51:ef:99:e7:a1:91:98:
b1:9e:05:59:ca:07:18:2a:e0:81:9c:31:5a:55:e3:
c2:ad:93:b7:f7:66:bc:99:cc:e5:c5:fd:fa:60:26:
55:03:fa:c8:bc:ce:bf:e9:45:2b:da:1a:4a:df:a1:
ab:e1:2a:49:e8:50:86:7a:df:17:5c:b7:b1:6a:98:
5b:52:b6:bb:d4:0d:a7:95:a4:52:90:d5:8a:78:b2:
e3:97:6c:20:3b:d2:5c:ab:54:31:1c:d2:08:96:b0:
7b:5b:89:19:05:a7:dc:f1:f3:d0:1b:2e:84:47:25:
6a:72:5b:ff:a8:39:62:32:86:89:c7:07:94:3b:1b:
fc:79:d4:c0:e4:6e:e5:23:85:4d:38:0a:3e:75:b3:
32:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:11:4E:9B:46:6F:24:B2:32:00:14:3E:0D:42:3E:BF:8F:C3:B3:AB
X509v3 Authority Key Identifier:
keyid:B9:14:16:6B:68:5A:C0:15:B9:41:26:CD:B8:B1:8C:83:A1:2E:D8:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/xRFOm0ZvJLIyABQ-DUI-v4_Ds6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/uRQWa2hawBW5QSbNuLGMg6Eu2GI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.97.0.0/22
31.97.8.0-31.97.255.255
69.62.64.0/18
72.60.0.0-72.60.43.255
103.199.184.0/22
148.222.52.0/22
148.230.64.0/18
168.231.64.0/18
194.164.148.0/22
Signature Algorithm: sha256WithRSAEncryption
10:ef:5c:df:8d:b1:a5:eb:8f:56:5d:64:cd:8b:1f:f0:0e:d0:
9a:d2:26:7a:c3:86:68:20:d0:b0:1c:28:3b:e2:ce:d7:f0:c9:
f7:13:b5:09:cb:b2:c8:49:2a:11:ce:c0:16:7e:46:9e:fb:0f:
b0:87:f9:55:1e:f3:13:5c:01:cc:4c:72:c0:0b:bb:e1:a3:3a:
1e:16:b0:1e:45:2c:fa:f8:ac:0e:a5:f1:89:3c:e9:d1:db:27:
a5:6a:eb:94:18:69:c4:14:72:12:ea:06:e0:fc:cb:cf:5d:17:
be:18:1f:3a:e1:4a:31:47:bc:18:42:c3:85:e9:96:40:19:c6:
f3:c4:67:17:a2:ad:2d:88:24:13:68:2a:bf:88:45:b9:7e:41:
cd:07:6f:01:ea:83:db:19:77:75:c4:c7:c9:11:14:3b:d6:bd:
fc:ee:aa:f0:4a:11:97:15:d3:bc:9c:f5:84:d3:94:fc:61:1d:
64:cb:27:fa:60:cb:4b:a1:d3:99:07:cb:68:ee:66:73:d1:02:
14:96:44:d0:25:a0:f2:f2:27:75:00:75:38:9d:f8:34:42:04:
50:cf:08:44:f8:68:24:32:ce:43:1c:0e:62:57:96:58:02:ef:
2d:3e:b9:d5:2a:27:55:ca:03:54:24:e0:32:ba:bd:dd:a0:14:
5d:b1:ee:fa
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZhlXnGX0OXGS67t5CBE8hlpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQxNjZiNjg1YWMwMTViOTQxMjZjZGI4YjE4YzgzYTEy
ZWQ4NjIwHhcNMjUwODAxMTEyMjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTExNGU5YjQ2NmYyNGIyMzIwMDE0M2UwZDQyM2ViZjhmYzNiM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuV4+7fHusBg4Pl5zHUydoLuYw3ID
HfA8G31vEIdJYrLGO0VNgJo1w7z+jMRbwAL/uedg3ixK6w28F17gYqYiGMeYC9Hd
lDnyYeLsq3qS7Ybv19SFXZSgJGPnRoeJTrS6VpfBaIKgkf+9IKRrI67qq1Hvmeeh
kZixngVZygcYKuCBnDFaVePCrZO392a8mczlxf36YCZVA/rIvM6/6UUr2hpK36Gr
4SpJ6FCGet8XXLexaphbUra71A2nlaRSkNWKeLLjl2wgO9Jcq1QxHNIIlrB7W4kZ
Bafc8fPQGy6ERyVqclv/qDliMoaJxweUOxv8edTA5G7lI4VNOAo+dbMyNQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFMURTptGbySyMgAUPg1CPr+Pw7OrMB8GA1UdIwQY
MBaAFLkUFmtoWsAVuUEmzbixjIOhLthiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJRV2EyaGF3Qlc1UVNiTnVMR01nNkV1MkdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9kM2JlNzAtZGRmMS00OGY1LTg2NmYt
ZWE2N2E5ODYyNWZlLzEveFJGT20wWnZKTEl5QUJRLURVSS12NF9EczZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9kM2JlNzAtZGRmMS00OGY1LTg2NmYtZWE2N2E5ODYyNWZl
LzEvdVJRV2EyaGF3Qlc1UVNiTnVMR01nNkV1MkdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCH2EAMAsD
BAMfYQgDAwEfYAMEBkU+QDALAwMCSDwDBAJIPCgDBAJnx7gDBAKU3jQDBAaU5kAD
BAao50ADBALCpJQwDQYJKoZIhvcNAQELBQADggEBABDvXN+NsaXrj1ZdZM2LH/AO
0JrSJnrDhmgg0LAcKDviztfwyfcTtQnLsshJKhHOwBZ+Rp77D7CH+VUe8xNcAcxM
csALu+GjOh4WsB5FLPr4rA6l8Yk86dHbJ6Vq65QYacQUchLqBuD8y89dF74YHzrh
SjFHvBhCw4XplkAZxvPEZxeirS2IJBNoKr+IRbl+Qc0HbwHqg9sZd3XEx8kRFDvW
vfzuqvBKEZcV07yc9YTTlPxhHWTLJ/pgy0uh05kHy2juZnPRAhSWRNAloPLyJ3UA
dTid+DRCBFDPCET4aCQyzkMcDmJXllgC7y0+udUqJ1XKA1Qk4DK6vd2gFF2x7vo=
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:03:40 2025 by rpki-client