Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/IBPJ9WRffJTZBJnX0Y4oRkjBP94.roa
File: IBPJ9WRffJTZBJnX0Y4oRkjBP94.roa (raw, json)
Hash identifier: 3o67J4kdBQuX+YBupO5qitsho53kihUgV+GRKY2H2VA=
Subject key identifier: 20:13:C9:F5:64:5F:7C:94:D9:04:99:D7:D1:8E:28:46:48:C1:3F:DE
Certificate issuer: /CN=62d190b238d97af7900bdcbd02304b782ffcaf2a
Certificate serial: 01983686AFB506A7428A47AF63C2ABFB6DE1
Authority key identifier: 62:D1:90:B2:38:D9:7A:F7:90:0B:DC:BD:02:30:4B:78:2F:FC:AF:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/IBPJ9WRffJTZBJnX0Y4oRkjBP94.roa
Signing time: Wed 23 Jul 2025 09:04:13 +0000
ROA not before: Wed 23 Jul 2025 09:04:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25577
IP address blocks: 31.3.208.0/24 maxlen: 24
31.3.211.0/24 maxlen: 24
31.3.212.0/23 maxlen: 23
31.3.221.0/24 maxlen: 24
31.3.223.0/24 maxlen: 24
81.27.64.0/24 maxlen: 24
81.27.66.0/23 maxlen: 23
81.27.72.0/23 maxlen: 23
81.27.75.0/24 maxlen: 24
81.27.76.0/24 maxlen: 24
81.27.80.0/22 maxlen: 22
81.27.87.0/24 maxlen: 24
81.27.88.0/21 maxlen: 21
82.197.72.0/24 maxlen: 24
82.197.74.0/24 maxlen: 24
2001:9d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/YtGQsjjZeveQC9y9AjBLeC_8ryo.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/YtGQsjjZeveQC9y9AjBLeC_8ryo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:36:86:af:b5:06:a7:42:8a:47:af:63:c2:ab:fb:6d:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62d190b238d97af7900bdcbd02304b782ffcaf2a
Validity
Not Before: Jul 23 09:04:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2013c9f5645f7c94d90499d7d18e284648c13fde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:3e:0f:30:47:43:c0:a1:e2:5f:f3:a7:f7:cf:
c8:14:49:34:8f:44:65:67:39:8d:2f:58:08:41:c2:
51:14:29:42:6e:79:76:e3:36:9b:72:a6:cf:2b:3d:
a0:e1:cd:27:bb:0e:bd:26:91:b9:19:9c:87:49:68:
c0:93:01:90:71:48:30:59:fd:ed:9f:d3:33:87:ba:
39:69:4f:77:73:a0:ff:05:51:53:fd:e7:67:28:82:
17:9d:4f:1b:7d:02:ca:5f:85:64:a1:e0:c8:28:f9:
c2:04:40:5f:0b:0a:97:08:21:5f:bf:b9:8e:61:08:
cc:10:3b:92:51:99:70:93:a2:a1:e9:c9:e7:4b:19:
a6:35:39:23:a5:5f:48:26:87:53:34:e5:68:b8:91:
91:02:f7:c7:1f:f8:87:ea:bf:ed:9b:19:3a:50:53:
d8:00:7a:fa:42:6a:7a:0d:71:95:1a:58:fd:41:7b:
3a:02:78:78:97:84:4e:69:90:29:cc:f4:3b:80:60:
cb:a9:d7:d1:a5:eb:5e:42:15:c9:51:66:30:e6:79:
43:c0:cc:fa:56:70:44:33:4c:ad:95:8e:9a:fc:67:
99:7e:45:10:4c:ad:ec:66:b3:30:29:91:07:bb:d1:
ce:67:de:89:e3:4e:c6:a9:cf:8d:89:2f:63:a2:40:
18:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:13:C9:F5:64:5F:7C:94:D9:04:99:D7:D1:8E:28:46:48:C1:3F:DE
X509v3 Authority Key Identifier:
keyid:62:D1:90:B2:38:D9:7A:F7:90:0B:DC:BD:02:30:4B:78:2F:FC:AF:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YtGQsjjZeveQC9y9AjBLeC_8ryo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/IBPJ9WRffJTZBJnX0Y4oRkjBP94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/5a337f-c843-45f4-8d99-163fb7003e5d/1/YtGQsjjZeveQC9y9AjBLeC_8ryo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.208.0/24
31.3.211.0-31.3.213.255
31.3.221.0/24
31.3.223.0/24
81.27.64.0/24
81.27.66.0/23
81.27.72.0/23
81.27.75.0-81.27.76.255
81.27.80.0/22
81.27.87.0-81.27.95.255
82.197.72.0/24
82.197.74.0/24
IPv6:
2001:9d8::/32
Signature Algorithm: sha256WithRSAEncryption
00:d5:39:83:9e:f9:d2:9a:0e:ab:76:c7:87:54:fc:7c:21:22:
51:40:c1:c6:b0:e9:f9:5b:79:27:3e:e6:8a:0f:61:43:f6:0c:
e5:89:44:4d:79:4a:1d:e9:57:0d:a9:de:a3:a4:02:96:7b:b8:
23:49:f3:59:d1:25:ab:ff:9a:c4:d5:9e:3c:ee:4d:ad:39:e1:
52:85:35:89:8b:93:94:0f:12:e3:2d:39:5c:c8:76:21:e9:e4:
24:d0:ad:b6:8b:21:78:8d:54:e3:72:ad:3c:ae:d0:85:24:6b:
43:cc:4d:54:ce:5f:0b:7e:46:6b:c8:6c:cd:ee:2f:2d:0f:42:
ae:22:5c:cd:fb:7c:73:90:f1:a6:93:65:0b:20:96:51:d5:43:
4d:3c:f7:54:c2:3b:bd:88:66:fa:98:a6:61:e2:52:d2:ce:26:
b9:a2:f4:b2:fc:9b:33:bc:ea:3b:f5:d3:45:7a:07:48:d4:75:
8c:52:23:f4:d0:03:ed:39:c1:96:bd:35:79:ae:e3:39:48:06:
54:9a:9c:83:10:d9:dc:3c:2d:41:27:05:a5:40:50:0a:55:89:
b7:bb:ae:6d:f1:ac:60:94:3c:90:2e:1c:53:9d:28:59:0a:33:
b4:51:df:56:7d:29:8f:2e:47:fa:6c:2c:ac:8e:9c:1d:0b:07:
34:20:cb:a1
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZg2hq+1BqdCikevY8Kr+23hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZDE5MGIyMzhkOTdhZjc5MDBiZGNiZDAyMzA0Yjc4MmZm
Y2FmMmEwHhcNMjUwNzIzMDkwNDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDEzYzlmNTY0NWY3Yzk0ZDkwNDk5ZDdkMThlMjg0NjQ4YzEzZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5j4PMEdDwKHiX/On98/IFEk0j0Rl
ZzmNL1gIQcJRFClCbnl24zabcqbPKz2g4c0nuw69JpG5GZyHSWjAkwGQcUgwWf3t
n9Mzh7o5aU93c6D/BVFT/ednKIIXnU8bfQLKX4VkoeDIKPnCBEBfCwqXCCFfv7mO
YQjMEDuSUZlwk6Kh6cnnSxmmNTkjpV9IJodTNOVouJGRAvfHH/iH6r/tmxk6UFPY
AHr6Qmp6DXGVGlj9QXs6Anh4l4ROaZApzPQ7gGDLqdfRpeteQhXJUWYw5nlDwMz6
VnBEM0ytlY6a/GeZfkUQTK3sZrMwKZEHu9HOZ96J407Gqc+NiS9jokAYDwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFCATyfVkX3yU2QSZ19GOKEZIwT/eMB8GA1UdIwQY
MBaAFGLRkLI42Xr3kAvcvQIwS3gv/K8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXRHUXNqalpldmVRQzl5OUFqQkxlQ184cnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi81YTMzN2YtYzg0My00NWY0LThkOTkt
MTYzZmI3MDAzZTVkLzEvSUJQSjlXUmZmSlRaQkpuWDBZNG9Sa2pCUDk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi81YTMzN2YtYzg0My00NWY0LThkOTktMTYzZmI3MDAzZTVk
LzEvWXRHUXNqalpldmVRQzl5OUFqQkxlQ184cnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwZgQCAAEwYAMEAB8D0DAM
AwQAHwPTAwQBHwPUAwQAHwPdAwQAHwPfAwQAURtAAwQBURtCAwQBURtIMAwDBABR
G0sDBABRG0wDBAJRG1AwDAMEAFEbVwMEBVEbQAMEAFLFSAMEAFLFSjANBAIAAjAH
AwUAIAEJ2DANBgkqhkiG9w0BAQsFAAOCAQEAANU5g5750poOq3bHh1T8fCEiUUDB
xrDp+Vt5Jz7mig9hQ/YM5YlETXlKHelXDaneo6QClnu4I0nzWdElq/+axNWePO5N
rTnhUoU1iYuTlA8S4y05XMh2IenkJNCttosheI1U43KtPK7QhSRrQ8xNVM5fC35G
a8hsze4vLQ9CriJczft8c5DxppNlCyCWUdVDTTz3VMI7vYhm+pimYeJS0s4muaL0
svybM7zqO/XTRXoHSNR1jFIj9NAD7TnBlr01ea7jOUgGVJqcgxDZ3DwtQScFpUBQ
ClWJt7uubfGsYJQ8kC4cU50oWQoztFHfVn0pjy5H+mwsrI6cHQsHNCDLoQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:48:09 2025 by rpki-client