Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/6D4VDnJruomtDKmPzZ9tR9QwUl8.roa
File: 6D4VDnJruomtDKmPzZ9tR9QwUl8.roa (raw, json)
Hash identifier: fYQlXEVOzFYOZ0d8BKIsEXPkigP4eWydNLul/QaZGvA=
Subject key identifier: E8:3E:15:0E:72:6B:BA:89:AD:0C:A9:8F:CD:9F:6D:47:D4:30:52:5F
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 01988721EF90AC92E874B4B2171AA6FAECA5
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/6D4VDnJruomtDKmPzZ9tR9QwUl8.roa
Signing time: Fri 08 Aug 2025 00:43:24 +0000
ROA not before: Fri 08 Aug 2025 00:43:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215245
IP address blocks: 31.22.76.0/24 maxlen: 24
31.22.77.0/24 maxlen: 24
46.247.108.0/24 maxlen: 24
46.247.109.0/24 maxlen: 24
62.169.152.0/24 maxlen: 24
86.54.5.0/24 maxlen: 24
194.46.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 00:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:87:21:ef:90:ac:92:e8:74:b4:b2:17:1a:a6:fa:ec:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Aug 8 00:43:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e83e150e726bba89ad0ca98fcd9f6d47d430525f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7d:bc:54:6c:13:99:3f:62:d2:ef:d2:be:95:
4a:ee:e1:41:82:24:62:c9:b8:b7:3a:b0:9a:0c:09:
6e:03:8a:01:44:40:83:f2:b2:64:b5:74:75:0a:9e:
39:45:09:a9:3a:d6:ae:ba:19:c2:36:60:b7:64:58:
31:bf:10:90:6b:4d:1d:9f:38:7f:aa:dd:93:e9:bd:
65:05:65:27:81:8c:35:c5:93:11:02:23:61:1b:3b:
c0:7a:39:0e:54:10:e8:ed:84:ec:07:49:4f:0b:32:
8f:6f:c7:80:2d:e8:cb:d4:a2:fb:46:8a:49:20:f3:
97:d9:73:6c:29:29:cb:d6:6c:e8:9d:e6:c7:36:57:
18:42:ae:d2:85:e5:1e:53:d4:25:40:95:46:88:89:
ea:e6:c8:b5:1d:44:7d:94:52:a9:20:f6:a4:e5:71:
09:00:01:b9:e9:e5:73:b2:04:a2:da:78:31:e8:12:
77:d3:f7:ca:f2:6f:55:74:8d:d8:c2:50:15:4c:40:
54:12:64:ba:10:3b:23:34:42:07:38:76:b0:1d:85:
f4:68:ad:59:a2:64:fd:67:79:04:db:11:42:98:47:
e9:44:8d:23:bc:93:83:ec:1d:57:0e:71:bc:8b:88:
1e:70:88:4c:8f:33:2a:51:1c:ff:0c:a1:8e:51:ea:
b9:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:3E:15:0E:72:6B:BA:89:AD:0C:A9:8F:CD:9F:6D:47:D4:30:52:5F
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/6D4VDnJruomtDKmPzZ9tR9QwUl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.76.0/23
46.247.108.0/23
62.169.152.0/24
86.54.5.0/24
194.46.60.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:d2:ca:f4:1c:84:e9:0d:91:1b:5e:66:96:02:73:b2:93:48:
4c:98:8d:29:e7:45:5b:5a:4e:06:81:d2:dd:63:7e:35:bf:3d:
9e:fa:7a:6a:af:c1:24:c3:b2:17:50:62:b1:c8:f6:a8:c9:be:
82:22:90:8a:0e:12:68:d3:df:08:9c:de:b6:6b:d8:60:e5:e3:
d0:b3:d4:60:25:be:ba:ec:1f:25:7b:8e:65:4c:c4:99:30:f6:
b1:7b:f2:db:ec:e5:5a:74:ea:9e:bd:5c:36:68:10:3e:d8:ae:
8d:80:f4:80:b5:0a:aa:f0:bb:6c:78:9f:0e:a6:90:0f:0d:37:
df:9d:80:ed:4b:ca:5f:af:9d:22:8f:a9:94:e2:f7:9e:c1:66:
99:c1:34:69:38:f5:74:09:81:33:09:a1:6d:f3:a6:82:28:88:
8e:9f:da:84:5c:08:e8:37:a8:fe:4d:d6:85:49:1b:2e:24:2b:
a8:dd:ca:be:cf:2e:8e:dc:9b:42:ec:c6:4f:69:d5:f7:ce:3a:
b5:5e:98:74:ff:bf:1d:7d:94:9a:a4:92:5c:e3:18:16:f9:d6:
f7:be:36:45:72:e4:8a:0a:c7:a8:28:25:37:1e:30:ac:f3:2a:
24:0c:3e:49:93:71:db:95:36:ed:05:a4:7c:65:45:ff:40:c1:
03:0e:de:86
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZiHIe+QrJLodLSyFxqm+uylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwODA4MDA0MzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODNlMTUwZTcyNmJiYTg5YWQwY2E5OGZjZDlmNmQ0N2Q0MzA1MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqX28VGwTmT9i0u/SvpVK7uFBgiRi
ybi3OrCaDAluA4oBRECD8rJktXR1Cp45RQmpOtauuhnCNmC3ZFgxvxCQa00dnzh/
qt2T6b1lBWUngYw1xZMRAiNhGzvAejkOVBDo7YTsB0lPCzKPb8eALejL1KL7RopJ
IPOX2XNsKSnL1mzonebHNlcYQq7SheUeU9QlQJVGiInq5si1HUR9lFKpIPak5XEJ
AAG56eVzsgSi2ngx6BJ30/fK8m9VdI3YwlAVTEBUEmS6EDsjNEIHOHawHYX0aK1Z
omT9Z3kE2xFCmEfpRI0jvJOD7B1XDnG8i4gecIhMjzMqURz/DKGOUeq50QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOg+FQ5ya7qJrQypj82fbUfUMFJfMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvNkQ0VkRuSnJ1b210REttUHpaOXRSOVF3VWw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBHxZMAwQB
LvdsAwQAPqmYAwQAVjYFAwQAwi48MA0GCSqGSIb3DQEBCwUAA4IBAQAs0sr0HITp
DZEbXmaWAnOyk0hMmI0p50VbWk4GgdLdY341vz2e+npqr8Ekw7IXUGKxyPaoyb6C
IpCKDhJo098InN62a9hg5ePQs9RgJb667B8le45lTMSZMPaxe/Lb7OVadOqevVw2
aBA+2K6NgPSAtQqq8LtseJ8OppAPDTffnYDtS8pfr50ij6mU4veewWaZwTRpOPV0
CYEzCaFt86aCKIiOn9qEXAjoN6j+TdaFSRsuJCuo3cq+zy6O3JtC7MZPadX3zjq1
Xph0/78dfZSapJJc4xgW+db3vjZFcuSKCseoKCU3HjCs8yokDD5Jk3HblTbtBaR8
ZUX/QMEDDt6G
-----END CERTIFICATE-----
Generated at Mon Aug 11 07:23:42 2025 by rpki-client