Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/L32db9IlGhNXOn7fmZbtThVRHKE.roa
File: L32db9IlGhNXOn7fmZbtThVRHKE.roa (raw, json)
Hash identifier: PLqdtHddsoMMcCLUD2Z7mL+OEyNt5x4sg5HQMNFgRIs=
Subject key identifier: 2F:7D:9D:6F:D2:25:1A:13:57:3A:7E:DF:99:96:ED:4E:15:51:1C:A1
Certificate issuer: /CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Certificate serial: 01975E362BA87AE6AF3BEC8E73A6B13418A8
Authority key identifier: 5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/L32db9IlGhNXOn7fmZbtThVRHKE.roa
Signing time: Wed 11 Jun 2025 08:58:17 +0000
ROA not before: Wed 11 Jun 2025 08:58:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15704
IP address blocks: 31.221.128.0/17 maxlen: 20
37.29.128.0/17 maxlen: 20
46.6.0.0/16 maxlen: 24
46.222.0.0/16 maxlen: 20
80.81.96.0/19 maxlen: 19
82.144.0.0/19 maxlen: 19
83.175.192.0/18 maxlen: 18
95.169.224.0/19 maxlen: 24
109.227.128.0/18 maxlen: 24
178.237.224.0/21 maxlen: 21
178.237.232.0/21 maxlen: 21
185.241.128.0/22 maxlen: 22
188.127.160.0/19 maxlen: 19
213.171.224.0/19 maxlen: 19
213.172.32.0/19 maxlen: 19
217.168.0.0/20 maxlen: 24
217.168.3.0/24 maxlen: 24
217.168.6.0/24 maxlen: 24
217.168.13.0/24 maxlen: 24
217.172.64.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.mft
rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 17:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5e:36:2b:a8:7a:e6:af:3b:ec:8e:73:a6:b1:34:18:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Validity
Not Before: Jun 11 08:58:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f7d9d6fd2251a13573a7edf9996ed4e15511ca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:14:fb:5b:cf:8a:07:aa:f3:69:ac:63:bc:df:
a4:f0:5c:f4:5f:95:7f:df:0f:6b:09:6f:46:f3:d7:
96:7c:79:8a:53:aa:36:98:86:3c:6d:64:16:e4:15:
73:c0:ca:53:fd:07:37:d4:97:ed:f3:f2:e4:0b:bc:
da:e9:80:1b:c2:6a:18:12:c3:5b:99:d7:18:ed:a0:
0b:7e:5a:38:33:46:a3:5c:ee:25:67:8a:2b:02:67:
c8:bf:80:c1:ce:0d:e0:fd:5a:ac:88:c4:cc:6b:7f:
ad:c3:2c:a3:7f:36:55:7f:f6:0d:f7:14:d3:d6:55:
bc:bb:4f:bd:2c:a2:4a:86:f6:d1:b1:0f:7c:51:ae:
7d:52:4e:82:c5:4f:e8:62:63:c3:1c:b5:61:31:6f:
c6:9a:38:ba:02:4a:6a:e3:0f:45:5e:2b:ca:93:89:
84:09:e6:7e:1c:6a:a7:f1:0c:e3:04:fd:3b:00:43:
d2:0c:70:38:d0:4e:f4:b4:27:b7:70:9a:68:87:bf:
ce:2f:43:85:73:9c:99:03:11:29:cb:88:46:38:22:
08:51:6a:b7:4d:4e:dd:98:70:05:ac:d3:19:11:25:
77:57:01:08:70:36:78:b9:e6:94:10:28:e4:7f:d7:
22:a0:30:1d:34:c1:79:46:34:c6:da:b3:8c:d3:f4:
db:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:7D:9D:6F:D2:25:1A:13:57:3A:7E:DF:99:96:ED:4E:15:51:1C:A1
X509v3 Authority Key Identifier:
keyid:5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/L32db9IlGhNXOn7fmZbtThVRHKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.221.128.0/17
37.29.128.0/17
46.6.0.0/16
46.222.0.0/16
80.81.96.0/19
82.144.0.0/19
83.175.192.0/18
95.169.224.0/19
109.227.128.0/18
178.237.224.0/20
185.241.128.0/22
188.127.160.0/19
213.171.224.0/19
213.172.32.0/19
217.168.0.0/20
217.172.64.0/20
Signature Algorithm: sha256WithRSAEncryption
6b:55:27:b2:1b:46:ba:f6:bb:f6:fb:af:b2:24:b6:de:e0:14:
a4:46:dd:6d:3e:c1:19:33:0a:00:70:3f:21:4d:c7:21:b2:e0:
33:2e:78:2a:2a:95:fa:a4:42:e8:0a:84:8b:fa:d0:db:93:cd:
33:43:e8:da:81:b3:0a:b0:73:7e:ae:67:d8:f0:b5:c6:ea:43:
af:a2:d6:a4:d0:f5:fb:49:cf:9a:64:d7:31:50:01:03:a9:e6:
81:54:c4:0e:88:0a:ec:ba:91:b4:9b:04:27:7c:b8:fc:45:60:
7d:1f:5f:e4:05:3d:98:13:55:85:a4:fd:62:33:7d:89:21:b6:
13:7c:4b:8b:b0:b4:8c:18:81:25:62:a8:11:11:e6:ba:8a:d4:
8e:a9:32:33:a1:96:04:00:b4:8f:07:b3:75:6b:5e:dd:f0:88:
1e:e0:e1:b8:20:c9:2c:7f:a6:b8:cd:b8:6d:d7:dd:4c:11:e5:
31:cb:1c:63:c2:41:3e:72:e1:65:8b:98:ed:4b:94:3d:dd:18:
e3:a4:bd:a1:5c:42:b8:dc:17:2f:37:5b:3b:b2:ad:81:22:87:
af:ab:32:5d:9d:b6:1e:3e:d5:2b:b9:d6:84:83:e4:98:8a:c5:
e8:65:ee:da:6d:79:e0:cb:91:35:b9:93:54:fd:d5:5b:1f:96:
76:95:14:13
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZdeNiuoeuavO+yOc6axNBioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOTM5YjBjZWQzOGQ3NWNjNjNlZDUwZDZlNWNlNzJiYmI1
YjRiMTAwHhcNMjUwNjExMDg1ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjdkOWQ2ZmQyMjUxYTEzNTczYTdlZGY5OTk2ZWQ0ZTE1NTExY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRT7W8+KB6rzaaxjvN+k8Fz0X5V/
3w9rCW9G89eWfHmKU6o2mIY8bWQW5BVzwMpT/Qc31Jft8/LkC7za6YAbwmoYEsNb
mdcY7aALflo4M0ajXO4lZ4orAmfIv4DBzg3g/VqsiMTMa3+twyyjfzZVf/YN9xTT
1lW8u0+9LKJKhvbRsQ98Ua59Uk6CxU/oYmPDHLVhMW/Gmji6Akpq4w9FXivKk4mE
CeZ+HGqn8QzjBP07AEPSDHA40E70tCe3cJpoh7/OL0OFc5yZAxEpy4hGOCIIUWq3
TU7dmHAFrNMZESV3VwEIcDZ4ueaUECjkf9cioDAdNMF5RjTG2rOM0/Tb3wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFC99nW/SJRoTVzp+35mW7U4VURyhMB8GA1UdIwQY
MBaAFFqTmwztONdcxj7VDW5c5yu7W0sQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgt
ZDYwYjNiNmNjYTZlLzEvTDMyZGI5SWxHaE5YT243Zm1aYnRUaFZSSEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgtZDYwYjNiNmNjYTZl
LzEvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQHH92AAwQH
JR2AAwMALgYDAwAu3gMEBVBRYAMEBVKQAAMEBlOvwAMEBV+p4AMEBm3jgAMEBLLt
4AMEArnxgAMEBbx/oAMEBdWr4AMEBdWsIAMEBNmoAAMEBNmsQDANBgkqhkiG9w0B
AQsFAAOCAQEAa1UnshtGuva79vuvsiS23uAUpEbdbT7BGTMKAHA/IU3HIbLgMy54
KiqV+qRC6AqEi/rQ25PNM0Po2oGzCrBzfq5n2PC1xupDr6LWpND1+0nPmmTXMVAB
A6nmgVTEDogK7LqRtJsEJ3y4/EVgfR9f5AU9mBNVhaT9YjN9iSG2E3xLi7C0jBiB
JWKoERHmuorUjqkyM6GWBAC0jwezdWte3fCIHuDhuCDJLH+muM24bdfdTBHlMcsc
Y8JBPnLhZYuY7UuUPd0Y46S9oVxCuNwXLzdbO7KtgSKHr6syXZ22Hj7VK7nWhIPk
mIrF6GXu2m154MuRNbmTVP3VWx+WdpUUEw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 02:42:32 2025 by rpki-client