Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/9UyjFHy6nxzD4SWi9fZqmvG9X1Y.roa
File: 9UyjFHy6nxzD4SWi9fZqmvG9X1Y.roa (raw, json)
Hash identifier: wwkmXrHk0uvcZv9VezayeMbciMCe2ZyulXrkSdIlpeo=
Subject key identifier: F5:4C:A3:14:7C:BA:9F:1C:C3:E1:25:A2:F5:F6:6A:9A:F1:BD:5F:56
Certificate issuer: /CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Certificate serial: 01980822666E62B435D39969E0EA2D93026F
Authority key identifier: 1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/9UyjFHy6nxzD4SWi9fZqmvG9X1Y.roa
Signing time: Mon 14 Jul 2025 08:52:08 +0000
ROA not before: Mon 14 Jul 2025 08:52:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213191
IP address blocks: 31.40.139.0/24 maxlen: 24
31.40.156.0/24 maxlen: 24
31.40.168.0/22 maxlen: 22
31.40.174.0/23 maxlen: 23
31.40.176.0/23 maxlen: 23
31.40.180.0/22 maxlen: 22
31.40.184.0/22 maxlen: 22
91.214.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:08:22:66:6e:62:b4:35:d3:99:69:e0:ea:2d:93:02:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1eaf5c2e5edc197834d07f345962b0745bee66d7
Validity
Not Before: Jul 14 08:52:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f54ca3147cba9f1cc3e125a2f5f66a9af1bd5f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f2:a0:e5:a3:0e:51:e8:39:f4:e7:b4:08:e0:
24:a0:d8:ae:1c:aa:f2:0e:b4:43:cd:7b:8e:97:44:
24:3b:63:18:91:1b:f5:9c:91:f9:ef:fd:2e:0d:61:
8f:54:93:46:f5:da:96:ea:28:e4:6d:a4:3e:ad:73:
05:7b:35:5f:03:de:e1:38:78:f7:fa:36:06:35:40:
c8:04:a9:5d:4a:8f:f4:85:0e:eb:60:b9:71:b2:1b:
f0:7b:8e:67:e6:c2:88:46:5e:6d:f4:4c:b2:0a:ed:
a6:1a:b4:6c:c4:5b:52:20:42:6e:c5:16:fa:45:3e:
c9:b2:85:88:95:e1:36:88:92:61:1e:34:e2:92:c6:
4a:d2:18:d4:d7:52:10:80:8e:3b:f3:34:59:7e:e8:
c5:b8:d1:1d:c6:04:56:60:2a:34:fc:a3:3a:8d:69:
2c:95:b1:46:bf:f6:0a:8b:5a:c4:da:76:05:4f:f0:
b9:5f:a1:1c:f4:c7:a1:1f:6d:3f:ff:34:ef:9b:6b:
5c:7d:69:6d:27:1b:e6:0e:14:cd:4a:fb:ce:0c:b2:
f7:6f:b4:18:86:9e:f8:74:66:97:bc:01:66:b9:7c:
85:27:12:aa:fd:79:f4:10:76:f1:4e:2a:9b:61:2f:
38:6a:68:35:96:a0:70:33:10:cd:15:70:28:5b:3d:
e6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:4C:A3:14:7C:BA:9F:1C:C3:E1:25:A2:F5:F6:6A:9A:F1:BD:5F:56
X509v3 Authority Key Identifier:
keyid:1E:AF:5C:2E:5E:DC:19:78:34:D0:7F:34:59:62:B0:74:5B:EE:66:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hq9cLl7cGXg00H80WWKwdFvuZtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/9UyjFHy6nxzD4SWi9fZqmvG9X1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1cfb92-9c31-464f-9382-4a34c1bbab2b/1/Hq9cLl7cGXg00H80WWKwdFvuZtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.139.0/24
31.40.156.0/24
31.40.168.0/22
31.40.174.0-31.40.177.255
31.40.180.0-31.40.187.255
91.214.80.0/24
Signature Algorithm: sha256WithRSAEncryption
11:ee:b0:c6:cd:00:9a:d6:9c:b9:9b:78:35:d5:32:e2:63:e9:
e9:eb:88:39:9c:49:68:89:68:25:d1:a8:30:ed:97:1a:7e:f6:
a9:8e:85:86:5c:11:ca:52:c6:64:12:78:f1:7b:6a:6b:a6:20:
fd:5e:4d:89:c1:b1:89:49:2e:8c:85:41:b1:71:7b:ca:e2:ba:
b2:08:70:2a:e1:6a:89:5c:82:5b:6e:b5:7e:bb:a6:3e:7c:6b:
6f:b9:6a:51:25:1c:0c:2e:16:fe:2f:a9:dd:18:b0:66:79:68:
86:f9:02:d0:8a:2a:c8:ab:c1:c2:1d:89:b6:e2:6f:8c:be:87:
6b:d7:35:7c:31:34:67:c0:98:4e:cc:02:8b:68:ac:d3:2c:0d:
dc:78:38:62:3e:55:fd:b2:6a:b1:65:e6:e0:78:02:3a:0d:c7:
57:1a:71:3e:58:c0:8e:66:66:e6:1b:f0:ae:33:82:65:8a:17:
e1:c5:c3:c2:57:82:2e:ec:0a:95:95:98:86:3e:9a:15:07:ae:
f3:94:3d:f1:57:4d:f1:17:cc:55:7e:ba:18:61:8d:23:eb:74:
2e:cb:87:ef:7f:45:35:1d:3e:16:c0:87:6d:2b:6f:1c:b1:ec:
dd:8d:b5:68:62:46:42:c2:b7:ee:5f:bd:14:f5:a9:b9:77:7d:
05:39:5b:50
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZgIImZuYrQ105lp4OotkwJvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYWY1YzJlNWVkYzE5NzgzNGQwN2YzNDU5NjJiMDc0NWJl
ZTY2ZDcwHhcNMjUwNzE0MDg1MjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTRjYTMxNDdjYmE5ZjFjYzNlMTI1YTJmNWY2NmE5YWYxYmQ1ZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvKg5aMOUeg59Oe0COAkoNiuHKry
DrRDzXuOl0QkO2MYkRv1nJH57/0uDWGPVJNG9dqW6ijkbaQ+rXMFezVfA97hOHj3
+jYGNUDIBKldSo/0hQ7rYLlxshvwe45n5sKIRl5t9EyyCu2mGrRsxFtSIEJuxRb6
RT7JsoWIleE2iJJhHjTiksZK0hjU11IQgI478zRZfujFuNEdxgRWYCo0/KM6jWks
lbFGv/YKi1rE2nYFT/C5X6Ec9MehH20//zTvm2tcfWltJxvmDhTNSvvODLL3b7QY
hp74dGaXvAFmuXyFJxKq/Xn0EHbxTiqbYS84amg1lqBwMxDNFXAoWz3mqQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPVMoxR8up8cw+ElovX2aprxvV9WMB8GA1UdIwQY
MBaAFB6vXC5e3Bl4NNB/NFlisHRb7mbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODIt
NGEzNGMxYmJhYjJiLzEvOVV5akZIeTZueHpENFNXaTlmWnFtdkc5WDFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8xY2ZiOTItOWMzMS00NjRmLTkzODItNGEzNGMxYmJhYjJi
LzEvSHE5Y0xsN2NHWGcwMEg4MFdXS3dkRnZ1WnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAHyiLAwQA
HyicAwQCHyioMAwDBAEfKK4DBAEfKLAwDAMEAh8otAMEAh8ouAMEAFvWUDANBgkq
hkiG9w0BAQsFAAOCAQEAEe6wxs0AmtacuZt4NdUy4mPp6euIOZxJaIloJdGoMO2X
Gn72qY6FhlwRylLGZBJ48Xtqa6Yg/V5NicGxiUkujIVBsXF7yuK6sghwKuFqiVyC
W261frumPnxrb7lqUSUcDC4W/i+p3RiwZnlohvkC0IoqyKvBwh2JtuJvjL6Ha9c1
fDE0Z8CYTswCi2is0ywN3Hg4Yj5V/bJqsWXm4HgCOg3HVxpxPljAjmZm5hvwrjOC
ZYoX4cXDwleCLuwKlZWYhj6aFQeu85Q98VdN8RfMVX66GGGNI+t0LsuH739FNR0+
FsCHbStvHLHs3Y21aGJGQsK37l+9FPWpuXd9BTlbUA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 23:07:13 2025 by rpki-client