Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/gdtLNhs1JQCPzai-VNs9JYZHoWI.roa
File: gdtLNhs1JQCPzai-VNs9JYZHoWI.roa (raw, json)
Hash identifier: ZjSEtnU3HKrgHwmUc/jOdFVfQULcq2id5Yk1K05ZWWM=
Subject key identifier: 81:DB:4B:36:1B:35:25:00:8F:CD:A8:BE:54:DB:3D:25:86:47:A1:62
Certificate issuer: /CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Certificate serial: 01975FBE0594F6E3C44098DCAAFF5DDCAF0E
Authority key identifier: 72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/gdtLNhs1JQCPzai-VNs9JYZHoWI.roa
Signing time: Wed 11 Jun 2025 16:06:18 +0000
ROA not before: Wed 11 Jun 2025 16:06:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197618
IP address blocks: 31.29.96.0/19 maxlen: 24
31.29.99.0/24 maxlen: 24
31.29.110.0/24 maxlen: 24
31.29.111.0/24 maxlen: 24
31.29.113.0/24 maxlen: 24
31.29.115.0/24 maxlen: 24
31.29.116.0/23 maxlen: 23
31.29.120.0/24 maxlen: 24
31.29.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.mft
rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Jun 2025 10:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5f:be:05:94:f6:e3:c4:40:98:dc:aa:ff:5d:dc:af:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Validity
Not Before: Jun 11 16:06:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81db4b361b3525008fcda8be54db3d258647a162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c7:b7:34:90:4b:1b:db:86:f2:b5:a0:35:6c:
b3:94:6f:70:a9:f2:d1:b8:ed:ee:e4:02:80:7b:13:
17:e3:ce:a6:2a:a6:59:e3:f1:a6:8f:62:0c:1e:a9:
23:d2:55:e3:31:5a:5a:39:5c:3f:1b:ad:29:8b:7c:
3e:d8:09:83:4d:fb:3c:02:17:7a:34:2f:b3:61:a0:
f8:fd:77:ab:21:57:7d:29:05:d0:bc:b9:05:65:54:
7d:49:89:a7:b5:96:cf:ca:6e:aa:1e:53:32:5a:6e:
cf:08:1c:4a:cd:b4:a5:ef:33:5e:d4:ba:7b:c3:41:
80:6b:7a:f5:41:b4:b5:4f:fd:3f:e6:f4:41:0b:ef:
05:41:ab:74:0c:76:b5:50:f6:43:60:8a:e0:95:d7:
b8:b9:36:a5:19:77:3d:b7:79:1e:2c:e5:ed:c1:2a:
e7:9a:b7:20:90:27:2e:23:8e:62:bc:e6:b7:f6:36:
bc:5b:68:a1:38:cb:4d:eb:f8:f6:63:a6:b3:ec:e2:
ef:da:77:29:e6:9f:57:00:7b:64:3f:b5:3b:16:c3:
3b:68:fb:3f:b5:e4:91:15:e9:90:91:e8:b8:15:8b:
7a:af:ad:bd:63:f0:8b:b0:37:51:33:4e:6b:78:72:
7e:ab:4a:34:84:05:16:fb:06:15:3b:62:9e:d9:df:
79:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:DB:4B:36:1B:35:25:00:8F:CD:A8:BE:54:DB:3D:25:86:47:A1:62
X509v3 Authority Key Identifier:
keyid:72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/gdtLNhs1JQCPzai-VNs9JYZHoWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.29.96.0/19
Signature Algorithm: sha256WithRSAEncryption
46:c0:f9:5d:0e:fa:4b:ef:5d:90:cd:29:79:67:ff:9f:a9:54:
3c:46:62:6b:a1:a6:f3:a7:ae:b6:3a:39:4a:28:57:3a:38:61:
79:50:41:01:e5:2f:69:0d:1b:29:71:c5:bf:db:8f:4d:f5:c0:
e8:9a:44:b6:91:65:ed:57:e6:32:64:ce:09:3b:70:aa:e2:03:
50:1f:63:fc:07:47:f0:ae:02:2c:f1:f4:c6:93:7c:ee:43:d1:
c3:3d:f4:7d:5f:1b:bb:3d:4d:af:47:6c:1c:7b:ed:78:27:ee:
6b:34:6f:f4:3e:ed:ea:d5:64:a1:c2:f4:e8:e5:93:93:eb:25:
c6:93:06:13:dc:fb:dc:c9:b0:cd:11:60:8b:f8:ea:54:c8:80:
f7:e5:c2:43:66:e3:37:34:94:c0:7f:29:f5:02:36:dd:43:51:
0f:80:a3:b9:9b:30:ef:9e:86:03:43:ed:d6:a2:a9:6f:8c:ef:
58:98:94:eb:20:b9:b0:0d:49:de:33:fd:4c:61:34:7c:22:e1:
de:b0:9b:e4:66:48:b2:8e:36:ee:2b:91:6c:33:7d:03:97:5b:
cf:a5:a4:42:70:f2:13:5e:9c:b5:82:05:14:53:b4:48:2f:80:
2a:50:6d:a1:8c:72:e7:34:92:04:80:63:aa:73:2a:dc:e1:cc:
c2:a2:34:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdfvgWU9uPEQJjcqv9d3K8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNjMzMzg4YTdhNWNmZTlhN2NhMTlmZDc0YzkyMmRjYjEy
NTY5ZDMwHhcNMjUwNjExMTYwNjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWRiNGIzNjFiMzUyNTAwOGZjZGE4YmU1NGRiM2QyNTg2NDdhMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxce3NJBLG9uG8rWgNWyzlG9wqfLR
uO3u5AKAexMX486mKqZZ4/Gmj2IMHqkj0lXjMVpaOVw/G60pi3w+2AmDTfs8Ahd6
NC+zYaD4/XerIVd9KQXQvLkFZVR9SYmntZbPym6qHlMyWm7PCBxKzbSl7zNe1Lp7
w0GAa3r1QbS1T/0/5vRBC+8FQat0DHa1UPZDYIrglde4uTalGXc9t3keLOXtwSrn
mrcgkCcuI45ivOa39ja8W2ihOMtN6/j2Y6az7OLv2ncp5p9XAHtkP7U7FsM7aPs/
teSRFemQkei4FYt6r629Y/CLsDdRM05reHJ+q0o0hAUW+wYVO2Ke2d95kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHbSzYbNSUAj82ovlTbPSWGR6FiMB8GA1UdIwQY
MBaAFHJjM4inpc/pp8oZ/XTJItyxJWnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5Yzct
MTM4Yzg0MTdhZTkzLzEvZ2R0TE5oczFKUUNQemFpLVZOczlKWVpIb1dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5YzctMTM4Yzg0MTdhZTkz
LzEvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFHx1gMA0G
CSqGSIb3DQEBCwUAA4IBAQBGwPldDvpL712QzSl5Z/+fqVQ8RmJroabzp662OjlK
KFc6OGF5UEEB5S9pDRspccW/249N9cDomkS2kWXtV+YyZM4JO3Cq4gNQH2P8B0fw
rgIs8fTGk3zuQ9HDPfR9Xxu7PU2vR2wce+14J+5rNG/0Pu3q1WShwvTo5ZOT6yXG
kwYT3PvcybDNEWCL+OpUyID35cJDZuM3NJTAfyn1AjbdQ1EPgKO5mzDvnoYDQ+3W
oqlvjO9YmJTrILmwDUneM/1MYTR8IuHesJvkZkiyjjbuK5FsM30Dl1vPpaRCcPIT
Xpy1ggUUU7RIL4AqUG2hjHLnNJIEgGOqcyrc4czCojRc
-----END CERTIFICATE-----
Generated at Thu Jun 19 17:33:04 2025 by rpki-client