Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/DSrriY0kTNELG4oxKEIjyONHFzY.roa
File: DSrriY0kTNELG4oxKEIjyONHFzY.roa (raw, json)
Hash identifier: G+y9D4/mU3p2L2jX8635Per34u+yYnPZalrdKQqBsuo=
Subject key identifier: 0D:2A:EB:89:8D:24:4C:D1:0B:1B:8A:31:28:42:23:C8:E3:47:17:36
Certificate issuer: /CN=31d7d9d29cecf8e59122233d716e6b050e718478
Certificate serial: 0199856EEA99053AD6FCE8D019E035293139
Authority key identifier: 31:D7:D9:D2:9C:EC:F8:E5:91:22:23:3D:71:6E:6B:05:0E:71:84:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/DSrriY0kTNELG4oxKEIjyONHFzY.roa
Signing time: Fri 26 Sep 2025 09:51:02 +0000
ROA not before: Fri 26 Sep 2025 09:51:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204607
IP address blocks: 83.143.120.0/23 maxlen: 23
83.143.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 18:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:85:6e:ea:99:05:3a:d6:fc:e8:d0:19:e0:35:29:31:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d7d9d29cecf8e59122233d716e6b050e718478
Validity
Not Before: Sep 26 09:51:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d2aeb898d244cd10b1b8a31284223c8e3471736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e7:a5:d1:8b:75:59:16:9e:5a:1d:d9:d8:20:
16:5a:7d:3e:1e:87:3c:8d:93:06:98:d8:d1:ce:46:
e9:68:ef:17:1f:6a:2d:20:6d:53:3f:c7:29:75:0e:
9b:1e:21:f1:4e:f7:0c:1d:69:8e:d6:b6:d0:88:ec:
5e:14:43:e8:46:d0:a9:0a:40:d3:5e:3e:7e:20:c9:
8d:0a:94:16:be:b4:8d:46:bb:8e:a0:55:d1:df:58:
47:1e:97:7a:02:a3:a4:c0:f7:bf:94:b7:d8:ff:b0:
36:d2:b7:bf:23:43:5a:20:b1:13:25:37:95:6a:ae:
4d:10:2f:2b:26:93:9d:17:d2:c0:99:0a:36:90:a0:
90:70:f4:9d:96:58:a1:a4:6f:63:53:d9:eb:a9:f4:
8e:d3:a0:0c:02:75:d8:49:9d:31:07:3b:b0:34:a0:
b8:cf:14:74:1d:35:a8:63:86:1e:99:1e:4d:3a:71:
2e:28:9e:f7:e7:21:1d:43:dc:7a:e6:e0:f6:66:3e:
00:26:99:0b:b5:cb:64:ea:d5:d3:2b:7d:aa:58:75:
23:23:2b:56:23:da:10:0a:0a:65:f0:11:35:c2:6f:
32:4d:6f:32:33:dc:24:08:1e:f8:cf:bc:88:df:8c:
a0:80:9d:d9:d1:ef:f3:71:11:7e:88:20:78:04:1f:
c7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:2A:EB:89:8D:24:4C:D1:0B:1B:8A:31:28:42:23:C8:E3:47:17:36
X509v3 Authority Key Identifier:
keyid:31:D7:D9:D2:9C:EC:F8:E5:91:22:23:3D:71:6E:6B:05:0E:71:84:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/DSrriY0kTNELG4oxKEIjyONHFzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.143.120.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:59:8b:b9:e1:7d:81:b5:48:a7:95:02:22:51:21:35:ba:8b:
71:f2:00:47:54:53:eb:93:ca:e1:23:fb:d4:6d:97:e6:e1:10:
86:b7:11:f4:4c:21:2c:e6:e3:f3:9b:24:42:9b:42:83:f5:52:
f7:60:48:d0:75:f7:39:35:c6:20:f4:eb:38:92:67:59:28:64:
ce:05:9b:07:6c:e2:1c:c9:f6:01:67:ee:36:05:9e:1d:69:c6:
db:52:5c:e5:18:e2:82:f2:88:de:3d:7d:0f:2d:08:4d:43:1c:
c8:bb:cf:a9:51:4f:59:00:20:b1:cd:b3:f5:08:1d:0e:ad:23:
d8:34:19:bf:32:3f:66:a3:ca:bb:3c:9a:58:a7:f0:f3:7f:d8:
f8:e9:6a:b0:6d:c8:34:90:cd:d2:73:ad:b5:40:c2:da:3a:49:
10:58:f2:28:87:63:e0:54:84:ea:46:e6:d8:a2:4e:da:79:9d:
f7:84:bd:70:c1:c1:4d:6b:24:97:43:1d:28:47:5e:3f:dc:98:
9e:e2:c8:ba:56:57:ba:a5:cf:6f:05:6a:e6:1d:c6:88:fe:8e:
1f:ac:ef:a5:1e:82:aa:8e:61:01:81:75:e9:ff:b6:7b:b8:28:
3b:ee:0e:5f:dc:54:3a:fb:72:2a:9e:d3:83:5e:63:e1:14:cf:
77:8e:c4:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmFbuqZBTrW/OjQGeA1KTE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDdkOWQyOWNlY2Y4ZTU5MTIyMjMzZDcxNmU2YjA1MGU3
MTg0NzgwHhcNMjUwOTI2MDk1MTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDJhZWI4OThkMjQ0Y2QxMGIxYjhhMzEyODQyMjNjOGUzNDcxNzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+el0Yt1WRaeWh3Z2CAWWn0+Hoc8
jZMGmNjRzkbpaO8XH2otIG1TP8cpdQ6bHiHxTvcMHWmO1rbQiOxeFEPoRtCpCkDT
Xj5+IMmNCpQWvrSNRruOoFXR31hHHpd6AqOkwPe/lLfY/7A20re/I0NaILETJTeV
aq5NEC8rJpOdF9LAmQo2kKCQcPSdllihpG9jU9nrqfSO06AMAnXYSZ0xBzuwNKC4
zxR0HTWoY4YemR5NOnEuKJ735yEdQ9x65uD2Zj4AJpkLtctk6tXTK32qWHUjIytW
I9oQCgpl8BE1wm8yTW8yM9wkCB74z7yI34yggJ3Z0e/zcRF+iCB4BB/HtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0q64mNJEzRCxuKMShCI8jjRxc2MB8GA1UdIwQY
MBaAFDHX2dKc7PjlkSIjPXFuawUOcYR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRmWjBwenMtT1dSSWlNOWNXNXJCUTV4aEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9hZjgzMmItYTY0MS00ZTQ2LWE4MzYt
NDBmNGM2OGU5YTMxLzEvRFNycmlZMGtUTkVMRzRveEtFSWp5T05IRnpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9hZjgzMmItYTY0MS00ZTQ2LWE4MzYtNDBmNGM2OGU5YTMx
LzEvTWRmWjBwenMtT1dSSWlNOWNXNXJCUTV4aEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBU494MA0G
CSqGSIb3DQEBCwUAA4IBAQCkWYu54X2BtUinlQIiUSE1uotx8gBHVFPrk8rhI/vU
bZfm4RCGtxH0TCEs5uPzmyRCm0KD9VL3YEjQdfc5NcYg9Os4kmdZKGTOBZsHbOIc
yfYBZ+42BZ4dacbbUlzlGOKC8ojePX0PLQhNQxzIu8+pUU9ZACCxzbP1CB0OrSPY
NBm/Mj9mo8q7PJpYp/Dzf9j46Wqwbcg0kM3Sc621QMLaOkkQWPIoh2PgVITqRubY
ok7aeZ33hL1wwcFNaySXQx0oR14/3Jie4si6Vle6pc9vBWrmHcaI/o4frO+lHoKq
jmEBgXXp/7Z7uCg77g5f3FQ6+3IqntODXmPhFM93jsTF
-----END CERTIFICATE-----
Generated at Thu Oct 9 03:45:42 2025 by rpki-client