Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/c_9m0xgcLh9YaBDewGJWYh_14As.roa
File: c_9m0xgcLh9YaBDewGJWYh_14As.roa (raw, json)
Hash identifier: LgXs4WCpXr8O/VOFf7/hPYK7Aqr9ArHatWk7VUk10XE=
Subject key identifier: 73:FF:66:D3:18:1C:2E:1F:58:68:10:DE:C0:62:56:62:1F:F5:E0:0B
Certificate issuer: /CN=08418e9690d0fb711abf3874e1c500a627693c0a
Certificate serial: 019E94DDBC8262A34796DC91DDBC94DA060B
Authority key identifier: 08:41:8E:96:90:D0:FB:71:1A:BF:38:74:E1:C5:00:A6:27:69:3C:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/c_9m0xgcLh9YaBDewGJWYh_14As.roa
Signing time: Thu 04 Jun 2026 23:00:20 +0000
ROA not before: Thu 04 Jun 2026 23:00:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33171
IP address blocks: 31.217.254.0/24 maxlen: 24
2a11:7347::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 14:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:94:dd:bc:82:62:a3:47:96:dc:91:dd:bc:94:da:06:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08418e9690d0fb711abf3874e1c500a627693c0a
Validity
Not Before: Jun 4 23:00:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=73ff66d3181c2e1f586810dec06256621ff5e00b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:60:c2:d5:0a:4b:a1:5a:93:c0:b8:77:67:eb:
37:e1:c9:7b:9d:ac:e6:98:1c:ad:b6:65:84:b6:0a:
21:d1:51:89:b3:e9:e4:80:6d:d7:5c:9f:00:e1:71:
19:54:b0:cb:f2:10:ab:e0:74:74:f1:ee:35:1c:cc:
93:f9:5b:50:1c:b4:a3:8f:97:5a:b3:91:ac:9c:09:
a8:86:05:28:be:91:82:ae:7d:85:a9:8c:fa:f8:3c:
d2:ef:d6:b0:fb:7b:9d:5a:06:ca:3b:11:40:03:c6:
20:a5:0a:d2:04:c2:d1:7c:49:65:3c:00:f0:81:6b:
0b:ec:a9:b9:2e:5d:04:8c:83:58:b5:ed:26:04:15:
af:79:b5:e3:69:04:5e:ef:46:80:0f:99:52:ef:fa:
74:01:de:ca:d4:6c:69:56:a4:80:92:56:7d:81:2d:
42:f4:ba:16:be:5b:f5:30:25:75:bc:bc:d1:1c:eb:
21:aa:02:ce:8d:29:87:b9:b8:14:40:f9:7f:d8:fe:
ab:84:03:74:e3:ec:42:cf:33:00:9e:d1:ba:55:8e:
50:ae:30:98:07:f6:dd:77:be:80:9f:9d:f8:f0:c0:
83:40:cc:e7:e0:58:e4:eb:97:24:17:be:d9:90:30:
48:63:3c:09:43:0d:9c:06:44:b3:8b:40:db:25:aa:
4b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:FF:66:D3:18:1C:2E:1F:58:68:10:DE:C0:62:56:62:1F:F5:E0:0B
X509v3 Authority Key Identifier:
keyid:08:41:8E:96:90:D0:FB:71:1A:BF:38:74:E1:C5:00:A6:27:69:3C:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/c_9m0xgcLh9YaBDewGJWYh_14As.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.254.0/24
IPv6:
2a11:7347::/32
Signature Algorithm: sha256WithRSAEncryption
dd:51:b1:09:8d:fd:7d:1f:23:26:2d:15:9e:ec:02:8b:05:b6:
54:32:3d:db:89:f9:f8:fb:87:6c:aa:04:dc:71:e0:a5:c9:a5:
14:52:fc:73:59:b4:87:ab:f5:37:11:97:de:a5:eb:15:a2:de:
74:2e:46:ad:6e:d6:50:eb:b7:4a:84:9b:7d:1c:88:a2:3c:bb:
79:d5:8a:a5:90:60:3d:ba:e0:d6:22:f2:42:bb:5c:c3:45:d1:
1d:26:fd:2e:a5:17:df:f5:e5:42:e5:94:ed:f3:9a:e9:cd:25:
02:6a:24:d0:c3:74:11:25:54:4c:79:ca:32:5b:d8:7c:b9:f9:
dc:21:55:c1:2c:40:fc:2d:6f:31:95:63:ea:15:d4:c4:bc:31:
06:4a:6c:10:56:fe:4d:ce:4a:f9:df:f6:02:6d:e6:98:0b:45:
f0:1f:f6:89:91:50:cd:ac:e7:bd:d5:66:de:5a:b6:18:61:ce:
ec:3f:58:04:89:1a:6e:4a:6b:ed:fa:67:e1:ce:f7:fd:bd:c2:
9f:93:8b:31:60:80:2f:cf:40:e2:18:92:c1:b2:d6:04:c2:79:
a4:cb:2b:b0:0b:fc:30:cf:14:bc:dc:e2:f1:ab:f5:91:93:dc:
e2:89:d9:60:b3:af:46:86:01:59:ba:25:8a:df:e3:15:02:20:
ea:05:b3:df
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ6U3byCYqNHltyR3byU2gYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDE4ZTk2OTBkMGZiNzExYWJmMzg3NGUxYzUwMGE2Mjc2
OTNjMGEwHhcNMjYwNjA0MjMwMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2ZmNjZkMzE4MWMyZTFmNTg2ODEwZGVjMDYyNTY2MjFmZjVlMDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWDC1QpLoVqTwLh3Z+s34cl7nazm
mByttmWEtgoh0VGJs+nkgG3XXJ8A4XEZVLDL8hCr4HR08e41HMyT+VtQHLSjj5da
s5GsnAmohgUovpGCrn2FqYz6+DzS79aw+3udWgbKOxFAA8YgpQrSBMLRfEllPADw
gWsL7Km5Ll0EjINYte0mBBWvebXjaQRe70aAD5lS7/p0Ad7K1GxpVqSAklZ9gS1C
9LoWvlv1MCV1vLzRHOshqgLOjSmHubgUQPl/2P6rhAN04+xCzzMAntG6VY5QrjCY
B/bdd76An5348MCDQMzn4Fjk65ckF77ZkDBIYzwJQw2cBkSzi0DbJapLbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHP/ZtMYHC4fWGgQ3sBiVmIf9eALMB8GA1UdIwQY
MBaAFAhBjpaQ0PtxGr84dOHFAKYnaTwKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9lOTc1NjMtYzdlNS00MDM2LWE3OTYt
MjJjMGNhMjEzMzgwLzEvY185bTB4Z2NMaDlZYUJEZXdHSldZaF8xNEFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9lOTc1NjMtYzdlNS00MDM2LWE3OTYtMjJjMGNhMjEzMzgw
LzEvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAH9n+MA0E
AgACMAcDBQAqEXNHMA0GCSqGSIb3DQEBCwUAA4IBAQDdUbEJjf19HyMmLRWe7AKL
BbZUMj3bifn4+4dsqgTcceClyaUUUvxzWbSHq/U3EZfepesVot50LkatbtZQ67dK
hJt9HIiiPLt51YqlkGA9uuDWIvJCu1zDRdEdJv0upRff9eVC5ZTt85rpzSUCaiTQ
w3QRJVRMecoyW9h8ufncIVXBLED8LW8xlWPqFdTEvDEGSmwQVv5Nzkr53/YCbeaY
C0XwH/aJkVDNrOe91WbeWrYYYc7sP1gEiRpuSmvt+mfhzvf9vcKfk4sxYIAvz0Di
GJLBstYEwnmkyyuwC/wwzxS83OLxq/WRk9ziidlgs69GhgFZuiWK3+MVAiDqBbPf
-----END CERTIFICATE-----
Generated at Sat Jun 13 23:55:52 2026 by rpki-client