Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/3dPoJqhsoyfW8LTaalN-9K6bowI.roa
File: 3dPoJqhsoyfW8LTaalN-9K6bowI.roa (raw, json)
Hash identifier: Ov+7/eFKo2fz0CoT3Zr8gQQUohxGAt804EGIlPvMphg=
Subject key identifier: DD:D3:E8:26:A8:6C:A3:27:D6:F0:B4:DA:6A:53:7E:F4:AE:9B:A3:02
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0197DB7F4E21CE9C919B4DBA18530EE7B4A6
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/3dPoJqhsoyfW8LTaalN-9K6bowI.roa
Signing time: Sat 05 Jul 2025 16:50:42 +0000
ROA not before: Sat 05 Jul 2025 16:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42216
IP address blocks: 31.210.47.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
78.135.98.0/24 maxlen: 24
188.132.163.0/24 maxlen: 24
188.132.213.0/24 maxlen: 24
188.132.217.0/24 maxlen: 24
188.132.228.0/24 maxlen: 24
2a10:9440::/48 maxlen: 48
2a10:9440:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 19:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:db:7f:4e:21:ce:9c:91:9b:4d:ba:18:53:0e:e7:b4:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jul 5 16:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ddd3e826a86ca327d6f0b4da6a537ef4ae9ba302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:55:c1:04:4a:63:dd:33:9b:25:0d:a5:ec:aa:
0e:73:30:9d:ec:66:15:51:5e:70:ba:cf:90:7a:ed:
8b:31:58:7c:34:48:46:5f:b9:6b:70:a6:6c:6c:4a:
27:b2:1b:51:10:77:f2:0a:c6:c0:a5:e6:66:0d:2c:
95:1a:fe:f3:8c:a8:60:5c:86:9b:0f:79:5d:21:8b:
93:69:6b:7b:48:11:4f:5c:22:1d:bc:54:95:a3:81:
a4:d2:28:e6:b1:0c:8d:44:30:39:f8:0e:9a:70:c9:
ad:f0:2d:6b:36:be:b5:fb:f8:cc:18:0a:bd:ef:7a:
2d:8c:cb:4c:8f:92:af:f1:22:64:64:af:56:ff:fe:
bb:d1:90:38:e8:d4:fb:9e:35:b4:6f:c9:bb:63:c6:
9f:b3:9f:ad:cd:cc:d0:80:98:45:09:da:c2:62:cd:
04:44:1b:9d:79:60:24:c7:0e:01:f0:c9:37:2e:36:
19:eb:36:82:8d:b2:66:14:52:be:45:c1:9d:93:44:
f5:9c:d8:d6:69:ea:fe:6b:5a:8f:3f:95:15:cb:3f:
4b:cc:e5:9e:36:60:c3:bc:3d:91:ed:8e:bd:08:f2:
f0:4c:cb:d7:fe:d3:a6:f2:b7:a6:d7:9b:57:3c:4f:
45:ed:45:e0:73:52:c8:9d:f7:43:df:4f:f9:e5:d6:
f4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D3:E8:26:A8:6C:A3:27:D6:F0:B4:DA:6A:53:7E:F4:AE:9B:A3:02
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/3dPoJqhsoyfW8LTaalN-9K6bowI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.47.0/24
77.92.142.0/23
77.92.152.0/24
78.135.86.0/24
78.135.98.0/24
188.132.163.0/24
188.132.213.0/24
188.132.217.0/24
188.132.228.0/24
IPv6:
2a10:9440::/47
Signature Algorithm: sha256WithRSAEncryption
1e:aa:de:4a:69:8d:56:be:b8:4d:df:ec:3f:58:db:46:c1:a6:
47:8d:7f:bc:ed:a2:ad:6e:21:f1:b7:ab:8d:4b:e8:09:e2:f6:
85:f8:a7:c9:3d:79:11:74:ed:15:f3:48:53:fe:86:fd:c4:f5:
0a:f0:fc:ce:c2:e2:39:db:9a:2e:b1:4a:db:45:5d:e3:77:40:
e6:ad:37:e9:04:d5:13:7e:4f:72:3e:3c:6e:93:b6:c0:2a:78:
53:e8:ea:c5:30:7b:00:6b:81:b5:04:9b:ae:a8:f4:b8:27:f5:
e5:ec:82:34:01:9b:a8:67:33:32:5f:50:a5:8f:e7:0c:cf:d4:
77:dc:7d:ba:22:e5:97:e0:ad:84:fc:96:a3:11:99:68:57:a7:
f1:b6:31:08:e3:9d:fd:ea:bc:bc:3e:3f:5a:f7:73:e3:ef:c4:
5f:f3:4b:6d:cb:c5:7a:82:3c:43:19:4b:73:a7:82:e3:49:e0:
b6:aa:dd:d8:e8:47:ff:a1:b2:3f:25:69:7e:93:b4:95:43:cf:
d2:62:15:85:7b:c1:a7:cb:b1:b2:99:db:76:b7:04:27:f9:a4:
e9:02:e1:ea:c4:08:42:0b:dc:ef:59:1a:27:cd:d8:43:d1:57:
82:58:d2:67:a9:39:69:65:06:c1:0d:36:d8:81:76:1e:84:9f:
bd:ae:60:32
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZfbf04hzpyRm026GFMO57SmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwNzA1MTY1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQzZTgyNmE4NmNhMzI3ZDZmMGI0ZGE2YTUzN2VmNGFlOWJhMzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1XBBEpj3TObJQ2l7KoOczCd7GYV
UV5wus+Qeu2LMVh8NEhGX7lrcKZsbEonshtREHfyCsbApeZmDSyVGv7zjKhgXIab
D3ldIYuTaWt7SBFPXCIdvFSVo4Gk0ijmsQyNRDA5+A6acMmt8C1rNr61+/jMGAq9
73otjMtMj5Kv8SJkZK9W//670ZA46NT7njW0b8m7Y8afs5+tzczQgJhFCdrCYs0E
RBudeWAkxw4B8Mk3LjYZ6zaCjbJmFFK+RcGdk0T1nNjWaer+a1qPP5UVyz9LzOWe
NmDDvD2R7Y69CPLwTMvX/tOm8rem15tXPE9F7UXgc1LInfdD30/55db0gwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFN3T6CaobKMn1vC02mpTfvSum6MCMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvM2RQb0pxaHNveWZXOExUYWFsTi05SzZib3dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA8BAIAATA2AwQAH9IvAwQB
TVyOAwQATVyYAwQATodWAwQATodiAwQAvISjAwQAvITVAwQAvITZAwQAvITkMA8E
AgACMAkDBwEqEJRAAAAwDQYJKoZIhvcNAQELBQADggEBAB6q3kppjVa+uE3f7D9Y
20bBpkeNf7ztoq1uIfG3q41L6Ani9oX4p8k9eRF07RXzSFP+hv3E9Qrw/M7C4jnb
mi6xSttFXeN3QOatN+kE1RN+T3I+PG6TtsAqeFPo6sUwewBrgbUEm66o9Lgn9eXs
gjQBm6hnMzJfUKWP5wzP1Hfcfboi5ZfgrYT8lqMRmWhXp/G2MQjjnf3qvLw+P1r3
c+PvxF/zS23LxXqCPEMZS3OnguNJ4Laq3djoR/+hsj8laX6TtJVDz9JiFYV7wafL
sbKZ23a3BCf5pOkC4erECEIL3O9ZGifN2EPRV4JY0mepOWllBsENNtiBdh6En72u
YDI=
-----END CERTIFICATE-----
Generated at Tue Jul 22 04:29:50 2025 by rpki-client