Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/n_0gQWnuZgCGrzr-56VUcT43QLk.roa
File: n_0gQWnuZgCGrzr-56VUcT43QLk.roa (raw, json)
Hash identifier: XMketwEcuZ+URAywiEYMqj5qljLKuaTzEVXxY0R3XE4=
Subject key identifier: 9F:FD:20:41:69:EE:66:00:86:AF:3A:FE:E7:A5:54:71:3E:37:40:B9
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0197539F4BF154C5CAA23943C975E65D7BDC
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/n_0gQWnuZgCGrzr-56VUcT43QLk.roa
Signing time: Mon 09 Jun 2025 07:37:17 +0000
ROA not before: Mon 09 Jun 2025 07:37:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43793
IP address blocks: 31.47.144.0/20 maxlen: 20
46.183.80.0/21 maxlen: 21
109.205.144.0/21 maxlen: 21
185.43.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:53:9f:4b:f1:54:c5:ca:a2:39:43:c9:75:e6:5d:7b:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jun 9 07:37:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ffd204169ee660086af3afee7a554713e3740b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:78:f9:5e:4c:b5:5d:22:6d:e6:dd:ef:e0:db:
87:57:93:c3:45:75:f5:d9:87:53:ee:a2:d1:58:fe:
7a:a1:91:19:06:43:bd:3f:32:bc:e8:06:29:33:f3:
67:ef:a6:05:08:43:74:2e:a3:55:f8:6d:f1:8a:9a:
d3:04:8f:d9:2e:76:60:10:d3:61:df:87:8c:03:3e:
bf:40:ac:de:3a:4f:ca:5a:92:98:0b:a0:aa:a6:a0:
85:35:cc:c9:de:53:6c:b9:37:28:09:b9:77:d1:8d:
05:a3:5e:1c:8a:c4:b0:2e:78:7d:51:2f:42:43:f6:
b2:df:8f:6d:54:fa:d6:9c:43:df:1c:41:22:59:02:
eb:e9:41:76:fb:9f:4f:07:50:65:5d:20:69:06:35:
03:b8:a9:47:72:39:0f:c1:dd:b4:51:0b:2b:d1:fc:
ce:33:07:0a:cb:ba:9e:29:58:45:21:fe:24:32:e8:
57:5c:7a:0b:86:7d:bb:52:8c:dd:f8:00:2c:f3:87:
1e:7f:54:fb:40:10:51:0c:54:fb:7d:77:5f:b3:74:
b6:cc:2a:b5:0e:9c:7d:8f:21:8d:fc:be:63:82:61:
5a:49:81:b4:7c:bb:7c:e8:a4:db:93:2e:d8:0d:42:
a9:10:82:fc:2f:92:30:58:3c:a9:25:d8:a9:ce:af:
42:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:FD:20:41:69:EE:66:00:86:AF:3A:FE:E7:A5:54:71:3E:37:40:B9
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/n_0gQWnuZgCGrzr-56VUcT43QLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.144.0/20
46.183.80.0/21
109.205.144.0/21
185.43.100.0/22
Signature Algorithm: sha256WithRSAEncryption
36:55:f1:c2:be:48:16:23:d4:46:09:a7:0a:d1:7f:46:eb:2a:
14:33:ed:85:e1:91:e6:b5:52:e9:e2:f5:4d:79:b4:11:c7:4a:
5d:68:5b:f1:e1:ce:6c:3b:26:d8:c1:80:b9:e3:3c:af:54:b1:
9b:bf:16:99:9f:0b:12:c0:7f:09:18:c3:42:b6:7b:51:7f:f8:
51:ce:fb:48:4a:7c:4f:5d:39:01:e9:10:71:66:8d:0c:a7:03:
bd:d8:09:26:2a:4e:b4:36:19:dc:0a:50:3b:02:c8:88:d9:18:
a3:70:21:6e:a4:1b:41:96:bc:c8:f1:65:d6:cf:86:07:7d:fc:
0a:f1:92:77:d8:57:3b:6b:2d:9a:21:fb:f8:27:23:38:0d:ae:
ef:e9:97:a3:07:53:8f:7d:b0:c9:3c:14:f1:f9:9e:14:f5:33:
51:af:e8:f3:b1:52:cf:07:91:21:2c:44:34:1e:ff:b8:62:ec:
fd:b1:e9:1d:9e:f9:dc:da:09:cb:8f:9a:43:4e:f9:6b:91:77:
63:c4:42:28:3b:4b:be:c9:33:af:5c:4c:56:b0:7c:28:6d:a5:
76:00:b9:c3:25:b0:53:e1:2b:6e:76:5f:98:46:31:72:9e:00:
0f:cd:3c:95:50:f9:44:77:4d:3e:af:74:85:60:c9:ad:d3:e4:
ee:af:1d:f8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdTn0vxVMXKojlDyXXmXXvcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwNjA5MDczNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmZkMjA0MTY5ZWU2NjAwODZhZjNhZmVlN2E1NTQ3MTNlMzc0MGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnj5Xky1XSJt5t3v4NuHV5PDRXX1
2YdT7qLRWP56oZEZBkO9PzK86AYpM/Nn76YFCEN0LqNV+G3xiprTBI/ZLnZgENNh
34eMAz6/QKzeOk/KWpKYC6CqpqCFNczJ3lNsuTcoCbl30Y0Fo14cisSwLnh9US9C
Q/ay349tVPrWnEPfHEEiWQLr6UF2+59PB1BlXSBpBjUDuKlHcjkPwd20UQsr0fzO
MwcKy7qeKVhFIf4kMuhXXHoLhn27Uozd+AAs84cef1T7QBBRDFT7fXdfs3S2zCq1
Dpx9jyGN/L5jgmFaSYG0fLt86KTbky7YDUKpEIL8L5IwWDypJdipzq9CQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ/9IEFp7mYAhq86/uelVHE+N0C5MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvbl8wZ1FXbnVaZ0NHcnpyLTU2VlVjVDQzUUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEHy+QAwQD
LrdQAwQDbc2QAwQCuStkMA0GCSqGSIb3DQEBCwUAA4IBAQA2VfHCvkgWI9RGCacK
0X9G6yoUM+2F4ZHmtVLp4vVNebQRx0pdaFvx4c5sOybYwYC54zyvVLGbvxaZnwsS
wH8JGMNCtntRf/hRzvtISnxPXTkB6RBxZo0MpwO92AkmKk60NhncClA7AsiI2Rij
cCFupBtBlrzI8WXWz4YHffwK8ZJ32Fc7ay2aIfv4JyM4Da7v6ZejB1OPfbDJPBTx
+Z4U9TNRr+jzsVLPB5EhLEQ0Hv+4Yuz9sekdnvnc2gnLj5pDTvlrkXdjxEIoO0u+
yTOvXExWsHwobaV2ALnDJbBT4Studl+YRjFyngAPzTyVUPlEd00+r3SFYMmt0+Tu
rx34
-----END CERTIFICATE-----
Generated at Wed Jun 18 19:35:54 2025 by rpki-client