Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/92fbd9-b9ee-42fc-aac1-fb97ddd54891/1/XNJw0i5YROHsLdGqQV-sQNcutQk.roa
File: XNJw0i5YROHsLdGqQV-sQNcutQk.roa (raw, json)
Hash identifier: jP7HL40L4UifhwI3DQuFuVlNNqWLOXwjBtyAaPoZl9M=
Subject key identifier: 5C:D2:70:D2:2E:58:44:E1:EC:2D:D1:AA:41:5F:AC:40:D7:2E:B5:09
Certificate issuer: /CN=03d602b9e1da2b568df544bda50e415799bbb1e2
Certificate serial: 01983DB7B11FBA02E5CC08ECE412940F189C
Authority key identifier: 03:D6:02:B9:E1:DA:2B:56:8D:F5:44:BD:A5:0E:41:57:99:BB:B1:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A9YCueHaK1aN9US9pQ5BV5m7seI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/92fbd9-b9ee-42fc-aac1-fb97ddd54891/1/XNJw0i5YROHsLdGqQV-sQNcutQk.roa
Signing time: Thu 24 Jul 2025 18:35:05 +0000
ROA not before: Thu 24 Jul 2025 18:35:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201112
IP address blocks: 31.3.218.0/23 maxlen: 23
194.110.4.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/92fbd9-b9ee-42fc-aac1-fb97ddd54891/1/A9YCueHaK1aN9US9pQ5BV5m7seI.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/92fbd9-b9ee-42fc-aac1-fb97ddd54891/1/A9YCueHaK1aN9US9pQ5BV5m7seI.mft
rsync://rpki.ripe.net/repository/DEFAULT/A9YCueHaK1aN9US9pQ5BV5m7seI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3d:b7:b1:1f:ba:02:e5:cc:08:ec:e4:12:94:0f:18:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03d602b9e1da2b568df544bda50e415799bbb1e2
Validity
Not Before: Jul 24 18:35:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5cd270d22e5844e1ec2dd1aa415fac40d72eb509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:71:86:89:7e:a8:d8:49:aa:ae:5c:c1:b4:cc:
b1:dd:b8:3a:d8:91:79:2a:ad:c4:89:3a:da:df:99:
95:c6:0e:c0:b9:8f:b1:30:08:a6:d2:1e:19:d2:e9:
73:30:9c:1d:d9:f2:9c:9e:87:3c:3a:b8:0c:ae:1a:
82:ea:a9:0a:68:7c:30:3a:8f:56:4f:6f:25:2b:8c:
b8:a9:c4:a3:68:ac:5b:9c:26:bb:ae:b3:f5:7b:b7:
f1:24:d0:2b:ff:b1:3b:f7:55:b7:88:e7:e8:d8:87:
d8:30:18:ce:d6:90:2c:40:80:b8:ae:6b:54:3c:bc:
b2:42:1e:90:e9:e6:e0:52:4a:f3:90:ef:58:0b:c2:
b6:8d:65:53:42:13:85:ac:b5:ea:2c:9d:87:1c:31:
0e:e7:78:88:f9:e8:9a:42:07:a2:30:ee:e4:b7:24:
c6:2a:68:26:4b:ab:09:91:cb:c8:66:54:d8:14:77:
4c:8b:e3:ad:fb:23:03:d8:12:2b:60:48:32:d8:96:
ae:d2:7d:29:5b:f7:1f:dc:a2:78:de:8e:b6:19:4c:
05:b1:c8:99:00:a1:58:ca:1e:1b:b4:87:af:d8:07:
56:92:80:07:09:c0:68:00:57:93:86:fe:65:63:77:
05:6c:75:4a:9e:e5:69:a6:0c:ae:63:c6:50:1c:c1:
bf:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D2:70:D2:2E:58:44:E1:EC:2D:D1:AA:41:5F:AC:40:D7:2E:B5:09
X509v3 Authority Key Identifier:
keyid:03:D6:02:B9:E1:DA:2B:56:8D:F5:44:BD:A5:0E:41:57:99:BB:B1:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A9YCueHaK1aN9US9pQ5BV5m7seI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/92fbd9-b9ee-42fc-aac1-fb97ddd54891/1/XNJw0i5YROHsLdGqQV-sQNcutQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/92fbd9-b9ee-42fc-aac1-fb97ddd54891/1/A9YCueHaK1aN9US9pQ5BV5m7seI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.218.0/23
194.110.4.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:94:b3:21:39:8b:50:2f:9a:a9:b4:4d:7f:33:ef:f0:df:34:
71:be:8e:be:63:4b:7a:d3:af:21:47:98:96:85:d5:91:e1:52:
f3:b5:d1:e1:fa:69:6f:80:da:fd:9c:26:fb:8f:ed:65:89:93:
09:0b:c4:cc:0e:db:67:64:6e:02:38:fe:19:b9:04:72:07:a1:
1f:17:8d:b1:b7:09:af:24:47:b4:62:81:f3:02:c5:30:39:f2:
65:51:4e:8c:c0:b8:51:4f:b7:99:8b:6f:d7:32:1d:92:01:04:
f3:f9:da:d9:2f:90:98:10:08:aa:6c:0b:9d:2c:e6:19:89:94:
65:57:81:6a:dc:39:55:ef:45:f3:81:23:5c:67:44:e1:37:1e:
84:5f:3c:39:14:dc:8b:93:67:f4:fe:00:25:db:44:e4:2f:12:
7d:d4:86:9a:74:86:28:d2:13:0c:5c:fe:0c:77:6a:8f:67:86:
38:e4:a9:9d:d3:f1:21:a0:3e:ad:df:7f:46:d4:00:16:7f:20:
96:df:ff:f5:db:34:de:a1:64:74:3f:21:29:5b:4b:48:fb:d5:
ff:cf:34:6a:51:4f:29:c5:f0:76:be:96:3b:ef:8a:27:32:98:
bf:71:aa:bb:60:80:2c:bb:a5:cb:01:e9:07:a4:53:0c:e5:7a:
96:17:4c:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZg9t7EfugLlzAjs5BKUDxicMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZDYwMmI5ZTFkYTJiNTY4ZGY1NDRiZGE1MGU0MTU3OTli
YmIxZTIwHhcNMjUwNzI0MTgzNTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2QyNzBkMjJlNTg0NGUxZWMyZGQxYWE0MTVmYWM0MGQ3MmViNTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3GGiX6o2EmqrlzBtMyx3bg62JF5
Kq3EiTra35mVxg7AuY+xMAim0h4Z0ulzMJwd2fKcnoc8OrgMrhqC6qkKaHwwOo9W
T28lK4y4qcSjaKxbnCa7rrP1e7fxJNAr/7E791W3iOfo2IfYMBjO1pAsQIC4rmtU
PLyyQh6Q6ebgUkrzkO9YC8K2jWVTQhOFrLXqLJ2HHDEO53iI+eiaQgeiMO7ktyTG
KmgmS6sJkcvIZlTYFHdMi+Ot+yMD2BIrYEgy2Jau0n0pW/cf3KJ43o62GUwFsciZ
AKFYyh4btIev2AdWkoAHCcBoAFeThv5lY3cFbHVKnuVppgyuY8ZQHMG/MQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFzScNIuWETh7C3RqkFfrEDXLrUJMB8GA1UdIwQY
MBaAFAPWArnh2itWjfVEvaUOQVeZu7HiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTlZQ3VlSGFLMWFOOVVTOXBRNUJWNW03c2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85MmZiZDktYjllZS00MmZjLWFhYzEt
ZmI5N2RkZDU0ODkxLzEvWE5KdzBpNVlST0hzTGRHcVFWLXNRTmN1dFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy85MmZiZDktYjllZS00MmZjLWFhYzEtZmI5N2RkZDU0ODkx
LzEvQTlZQ3VlSGFLMWFOOVVTOXBRNUJWNW03c2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBHwPaAwQB
wm4EMA0GCSqGSIb3DQEBCwUAA4IBAQC8lLMhOYtQL5qptE1/M+/w3zRxvo6+Y0t6
068hR5iWhdWR4VLztdHh+mlvgNr9nCb7j+1liZMJC8TMDttnZG4COP4ZuQRyB6Ef
F42xtwmvJEe0YoHzAsUwOfJlUU6MwLhRT7eZi2/XMh2SAQTz+drZL5CYEAiqbAud
LOYZiZRlV4Fq3DlV70XzgSNcZ0ThNx6EXzw5FNyLk2f0/gAl20TkLxJ91IaadIYo
0hMMXP4Md2qPZ4Y45Kmd0/EhoD6t339G1AAWfyCW3//12zTeoWR0PyEpW0tI+9X/
zzRqUU8pxfB2vpY774onMpi/caq7YIAsu6XLAekHpFMM5XqWF0wD
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:01:12 2025 by rpki-client