Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/BRx8YXqDNB1GFUFqyh6QeZ00QCQ.roa
File: BRx8YXqDNB1GFUFqyh6QeZ00QCQ.roa (raw, json)
Hash identifier: o3eKIyn+wElbYPzG51u2wAS6yMUVN8sHDDwj5Rm2E/Q=
Subject key identifier: 05:1C:7C:61:7A:83:34:1D:46:15:41:6A:CA:1E:90:79:9D:34:40:24
Certificate issuer: /CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Certificate serial: 0198185A923A688D22713CCB1279FF4BE689
Authority key identifier: 7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/BRx8YXqDNB1GFUFqyh6QeZ00QCQ.roa
Signing time: Thu 17 Jul 2025 12:27:25 +0000
ROA not before: Thu 17 Jul 2025 12:27:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207059
IP address blocks: 31.184.200.0/24 maxlen: 24
31.184.201.0/24 maxlen: 24
31.184.202.0/24 maxlen: 24
31.184.203.0/24 maxlen: 24
195.39.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 06:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:18:5a:92:3a:68:8d:22:71:3c:cb:12:79:ff:4b:e6:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Validity
Not Before: Jul 17 12:27:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=051c7c617a83341d4615416aca1e90799d344024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8c:1f:e7:bc:40:34:f8:6f:3b:cb:70:df:a0:
31:4f:fd:c2:db:5e:15:3a:65:fc:f8:a1:ab:68:91:
a8:e2:d4:18:62:92:cc:5b:3d:0a:35:44:24:4e:77:
85:75:86:08:35:00:d7:01:f7:00:fe:a6:50:a7:87:
34:87:78:e8:8a:83:8d:00:50:d6:86:89:ea:df:0b:
a5:b5:6c:6f:5e:4d:c7:79:8d:1b:d6:58:8e:fa:d6:
bc:88:68:7a:3a:7a:7e:c9:85:f1:b3:5f:d7:e0:69:
7e:06:f1:cd:aa:3e:2c:e5:36:d4:67:a0:2c:fa:23:
3d:d9:1a:47:b4:c4:b1:ff:a4:bf:95:42:21:ac:6d:
e3:88:0f:83:f6:c4:75:30:09:39:6a:09:20:e0:d3:
8d:b5:25:64:be:9b:46:75:a8:b8:9b:af:91:ee:a7:
f8:72:e3:46:bf:ac:32:5b:d1:a7:ed:19:8e:e7:5d:
0c:cc:ae:21:55:80:db:8d:9b:60:bd:43:fa:4a:88:
4a:be:f5:4d:68:2e:43:d1:1c:19:47:6b:5a:6c:ad:
e4:9f:33:fa:83:6b:c9:a3:ee:b5:33:e9:5d:1d:20:
ac:e4:c6:34:15:1d:4a:43:bf:d9:02:62:fa:7c:d3:
ea:c2:7c:df:1f:41:46:3c:8f:a6:61:49:88:47:a5:
c5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:1C:7C:61:7A:83:34:1D:46:15:41:6A:CA:1E:90:79:9D:34:40:24
X509v3 Authority Key Identifier:
keyid:7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/BRx8YXqDNB1GFUFqyh6QeZ00QCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.184.200.0/22
195.39.207.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:2f:c6:a0:ea:eb:0f:64:b5:34:6c:eb:e7:18:07:f7:41:67:
ef:19:0f:51:5e:c0:5a:d6:1b:f7:e4:ab:c3:17:85:e2:06:7a:
1b:6c:7a:f0:c2:74:36:2b:f3:a1:cc:3d:67:e9:0d:f3:5c:b8:
b4:df:94:fe:3c:c5:f9:a1:64:37:0c:13:3f:c2:e1:fb:a6:df:
54:05:78:3f:3a:b4:16:f8:5d:ec:e6:81:4c:a8:17:d2:dd:5f:
83:4b:11:a4:84:fb:9f:b1:ea:f3:7e:94:87:54:a4:3d:23:e5:
59:93:19:b8:ef:d5:d8:97:7d:95:b5:1c:f3:3e:bb:40:3a:14:
e4:3d:72:89:b2:b3:a8:5c:c4:27:ec:87:94:ea:52:37:e9:bd:
06:b2:92:c7:1a:5b:1b:e8:8a:a2:e8:3c:1b:77:31:20:f7:0d:
a1:c7:3f:54:37:3b:a1:a2:90:43:d3:68:7a:70:c7:7f:c3:0a:
b1:e8:34:5d:80:8b:2d:79:61:ce:6c:48:23:07:65:bd:2b:eb:
08:4d:83:81:a1:36:17:47:2c:83:d5:0b:ed:f4:be:f1:a1:f2:
24:c6:bb:6a:42:0d:14:c4:29:61:c9:85:5c:28:1e:1d:54:e3:
6f:15:a3:43:50:c3:63:6e:d2:1e:57:33:43:20:57:87:87:ee:
30:c1:41:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZgYWpI6aI0icTzLEnn/S+aJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2U1ODVhNTliNTIzYmI4NmQ2NjBhNzE2OGUxYzFlYmEw
OTRkYTAwHhcNMjUwNzE3MTIyNzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTFjN2M2MTdhODMzNDFkNDYxNTQxNmFjYTFlOTA3OTlkMzQ0MDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Ywf57xANPhvO8tw36AxT/3C214V
OmX8+KGraJGo4tQYYpLMWz0KNUQkTneFdYYINQDXAfcA/qZQp4c0h3joioONAFDW
honq3wultWxvXk3HeY0b1liO+ta8iGh6Onp+yYXxs1/X4Gl+BvHNqj4s5TbUZ6As
+iM92RpHtMSx/6S/lUIhrG3jiA+D9sR1MAk5agkg4NONtSVkvptGdai4m6+R7qf4
cuNGv6wyW9Gn7RmO510MzK4hVYDbjZtgvUP6SohKvvVNaC5D0RwZR2tabK3knzP6
g2vJo+61M+ldHSCs5MY0FR1KQ7/ZAmL6fNPqwnzfH0FGPI+mYUmIR6XFyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAUcfGF6gzQdRhVBasoekHmdNEAkMB8GA1UdIwQY
MBaAFHw+WFpZtSO7htZgpxaOHB66CU2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUt
NmRjMWY1NjAzMWViLzEvQlJ4OFlYcUROQjFHRlVGcXloNlFlWjAwUUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUtNmRjMWY1NjAzMWVi
LzEvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCH7jIAwQA
wyfPMA0GCSqGSIb3DQEBCwUAA4IBAQCNL8ag6usPZLU0bOvnGAf3QWfvGQ9RXsBa
1hv35KvDF4XiBnobbHrwwnQ2K/OhzD1n6Q3zXLi035T+PMX5oWQ3DBM/wuH7pt9U
BXg/OrQW+F3s5oFMqBfS3V+DSxGkhPufserzfpSHVKQ9I+VZkxm479XYl32VtRzz
PrtAOhTkPXKJsrOoXMQn7IeU6lI36b0GspLHGlsb6Iqi6DwbdzEg9w2hxz9UNzuh
opBD02h6cMd/wwqx6DRdgIsteWHObEgjB2W9K+sITYOBoTYXRyyD1Qvt9L7xofIk
xrtqQg0UxClhyYVcKB4dVONvFaNDUMNjbtIeVzNDIFeHh+4wwUHA
-----END CERTIFICATE-----
Generated at Sun Jul 27 16:11:08 2025 by rpki-client