Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/Fp3Bc4KlexjPquIQYqHT2u4idYY.roa
File: Fp3Bc4KlexjPquIQYqHT2u4idYY.roa (raw, json)
Hash identifier: FBIjAIhPWNb74EivXlWLk+ANKo/lf5tCnraIq5V/Hkk=
Subject key identifier: 16:9D:C1:73:82:A5:7B:18:CF:AA:E2:10:62:A1:D3:DA:EE:22:75:86
Certificate issuer: /CN=d423a5be5e21ca460732ae48f385a3ea150a2be1
Certificate serial: 01986408016F6921F951284533270B0C360F
Authority key identifier: D4:23:A5:BE:5E:21:CA:46:07:32:AE:48:F3:85:A3:EA:15:0A:2B:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1COlvl4hykYHMq5I84Wj6hUKK-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/Fp3Bc4KlexjPquIQYqHT2u4idYY.roa
Signing time: Fri 01 Aug 2025 05:08:22 +0000
ROA not before: Fri 01 Aug 2025 05:08:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20115
IP address blocks: 81.31.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/1COlvl4hykYHMq5I84Wj6hUKK-E.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/1COlvl4hykYHMq5I84Wj6hUKK-E.mft
rsync://rpki.ripe.net/repository/DEFAULT/1COlvl4hykYHMq5I84Wj6hUKK-E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 05:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:64:08:01:6f:69:21:f9:51:28:45:33:27:0b:0c:36:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d423a5be5e21ca460732ae48f385a3ea150a2be1
Validity
Not Before: Aug 1 05:08:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=169dc17382a57b18cfaae21062a1d3daee227586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8a:33:1a:c4:64:d7:93:0a:2b:67:c7:07:e1:
25:87:51:63:3a:7d:c0:35:e0:30:3d:40:e2:f8:3d:
d6:91:be:d7:da:72:95:71:86:af:1c:13:12:8e:af:
e0:ee:94:7a:ae:0e:56:56:bb:38:ee:94:6b:9f:f0:
54:b2:11:93:59:2d:ac:6f:c6:a4:c6:66:58:8a:84:
60:7f:82:a8:71:ba:96:f0:4f:43:ec:d8:cf:87:82:
7d:18:eb:07:9d:ae:d8:a0:e4:49:81:9a:81:32:90:
8d:ba:e5:e9:a8:e0:3c:ad:8e:32:46:cd:2c:bd:73:
dc:b7:4d:4f:56:9b:bf:7d:ac:3a:db:fc:00:2a:66:
7c:81:62:ec:a4:7b:76:a6:59:d4:ed:6d:e5:bc:e9:
d1:e6:5b:8f:d1:2f:fc:f3:be:e2:39:67:79:2f:c0:
42:0f:ce:d4:6a:83:e3:2c:e7:93:1a:c1:cd:83:9d:
0b:0d:ec:07:5a:1d:87:d7:b5:41:81:2e:b0:7c:aa:
dc:67:a4:4a:0b:e0:98:fb:1b:9b:b4:45:8d:ad:7f:
f9:44:c0:48:44:53:4d:97:06:a6:cb:90:83:12:dd:
6e:e2:bf:ba:d6:52:52:72:4e:62:45:d6:34:76:5c:
b0:a3:e8:09:d3:fe:7c:fd:82:41:c3:af:97:37:0b:
bd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:9D:C1:73:82:A5:7B:18:CF:AA:E2:10:62:A1:D3:DA:EE:22:75:86
X509v3 Authority Key Identifier:
keyid:D4:23:A5:BE:5E:21:CA:46:07:32:AE:48:F3:85:A3:EA:15:0A:2B:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1COlvl4hykYHMq5I84Wj6hUKK-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/Fp3Bc4KlexjPquIQYqHT2u4idYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/1COlvl4hykYHMq5I84Wj6hUKK-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
64:87:46:39:53:a6:20:43:8b:f6:9a:6d:6e:80:d8:c5:8b:28:
94:49:ae:64:08:2d:6b:a2:69:e3:c6:73:87:d7:82:86:b3:fd:
4d:a6:5c:09:fc:3b:77:46:28:c4:87:a8:d9:76:f0:97:c8:45:
d1:46:c3:d1:8e:f3:3d:c4:1b:9b:d5:27:1d:1f:43:a3:2e:5d:
2a:39:87:4a:b9:a8:59:4c:08:dd:c7:89:0d:55:32:7e:b4:5c:
cf:41:e2:d0:32:99:0b:67:c2:3e:08:fa:cb:7a:19:f7:8b:b5:
c6:5a:2b:c7:af:44:81:b9:2d:1a:0f:7d:4c:ad:5d:03:8b:3f:
96:9f:13:ac:a6:3a:a9:01:83:6f:c2:1d:66:f6:7d:e3:0d:8c:
f4:18:d1:5e:57:e0:18:a4:f8:36:02:a9:39:bf:ac:b1:0a:37:
7c:a1:8c:19:e7:49:6b:f0:82:78:a8:03:be:7a:4d:fb:73:b9:
5c:95:89:74:43:52:1f:52:9f:33:11:04:9c:4c:28:a1:97:f8:
13:57:74:06:30:69:ce:f0:a5:f7:82:2c:c8:b0:bc:bd:d4:4c:
79:ab:d2:a9:0b:25:3d:11:da:9d:b4:6f:38:a2:33:fb:3b:3d:
d1:8d:1e:c2:00:d4:86:74:9d:2d:bc:97:10:44:fa:68:4f:36:
12:f7:92:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZhkCAFvaSH5UShFMycLDDYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MjNhNWJlNWUyMWNhNDYwNzMyYWU0OGYzODVhM2VhMTUw
YTJiZTEwHhcNMjUwODAxMDUwODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjlkYzE3MzgyYTU3YjE4Y2ZhYWUyMTA2MmExZDNkYWVlMjI3NTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIozGsRk15MKK2fHB+Elh1FjOn3A
NeAwPUDi+D3Wkb7X2nKVcYavHBMSjq/g7pR6rg5WVrs47pRrn/BUshGTWS2sb8ak
xmZYioRgf4KocbqW8E9D7NjPh4J9GOsHna7YoORJgZqBMpCNuuXpqOA8rY4yRs0s
vXPct01PVpu/faw62/wAKmZ8gWLspHt2plnU7W3lvOnR5luP0S/8877iOWd5L8BC
D87UaoPjLOeTGsHNg50LDewHWh2H17VBgS6wfKrcZ6RKC+CY+xubtEWNrX/5RMBI
RFNNlwamy5CDEt1u4r+61lJSck5iRdY0dlywo+gJ0/58/YJBw6+XNwu9dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBadwXOCpXsYz6riEGKh09ruInWGMB8GA1UdIwQY
MBaAFNQjpb5eIcpGBzKuSPOFo+oVCivhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUNPbHZsNGh5a1lITXE1STg0V2o2aFVLSy1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hM2UzYmItZmQ5Zi00MDQyLWIyY2It
ZDk0NzY2NjU3NTVhLzEvRnAzQmM0S2xleGpQcXVJUVlxSFQydTRpZFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hM2UzYmItZmQ5Zi00MDQyLWIyY2ItZDk0NzY2NjU3NTVh
LzEvMUNPbHZsNGh5a1lITXE1STg0V2o2aFVLSy1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUR+AMA0G
CSqGSIb3DQEBCwUAA4IBAQBkh0Y5U6YgQ4v2mm1ugNjFiyiUSa5kCC1romnjxnOH
14KGs/1NplwJ/Dt3RijEh6jZdvCXyEXRRsPRjvM9xBub1ScdH0OjLl0qOYdKuahZ
TAjdx4kNVTJ+tFzPQeLQMpkLZ8I+CPrLehn3i7XGWivHr0SBuS0aD31MrV0Diz+W
nxOspjqpAYNvwh1m9n3jDYz0GNFeV+AYpPg2Aqk5v6yxCjd8oYwZ50lr8IJ4qAO+
ek37c7lclYl0Q1IfUp8zEQScTCihl/gTV3QGMGnO8KX3gizIsLy91Ex5q9KpCyU9
EdqdtG84ojP7Oz3RjR7CANSGdJ0tvJcQRPpoTzYS95LP
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:55:29 2025 by rpki-client