Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/DdbBxkSpqv27jL5VCitevUUKtGo.roa
File: DdbBxkSpqv27jL5VCitevUUKtGo.roa (raw, json)
Hash identifier: W2qQ5Ka9ZbfjONO7pHLlOm1UmxsrTkoa9epsQmZhKZM=
Subject key identifier: 0D:D6:C1:C6:44:A9:AA:FD:BB:8C:BE:55:0A:2B:5E:BD:45:0A:B4:6A
Certificate issuer: /CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Certificate serial: 019816D1D0515F52B2E319CE45FE06ECBCBA
Authority key identifier: FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/DdbBxkSpqv27jL5VCitevUUKtGo.roa
Signing time: Thu 17 Jul 2025 05:18:25 +0000
ROA not before: Thu 17 Jul 2025 05:18:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51411
IP address blocks: 31.25.92.0/24 maxlen: 24
31.25.93.0/24 maxlen: 24
31.25.94.0/24 maxlen: 24
31.25.95.0/24 maxlen: 24
178.236.32.0/22 maxlen: 22
178.236.33.0/24 maxlen: 24
178.236.34.0/24 maxlen: 24
178.236.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:16:d1:d0:51:5f:52:b2:e3:19:ce:45:fe:06:ec:bc:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Validity
Not Before: Jul 17 05:18:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0dd6c1c644a9aafdbb8cbe550a2b5ebd450ab46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fe:70:af:0a:8e:e8:f2:b2:89:41:04:70:b6:
a7:65:dc:c9:61:3c:5d:72:8a:64:12:b7:b7:dc:db:
9a:39:3a:be:c7:bf:15:85:2d:6a:ba:c7:87:62:91:
b7:1b:0f:4e:67:15:76:f6:e9:c4:c2:e5:dd:20:45:
d8:8c:1e:0c:ed:7f:79:f7:7a:d1:1d:e0:07:93:0b:
76:86:39:cb:e1:a2:d6:7e:e7:26:76:7c:11:7d:b1:
b3:ed:7a:e8:5b:d9:58:cb:6e:46:b6:5b:2e:a2:85:
9a:01:11:30:80:21:59:d3:c7:35:b9:48:95:19:5f:
65:b1:9a:61:31:aa:e5:9a:bd:3e:b0:1e:75:dc:46:
98:68:3e:4f:92:8b:cd:f1:00:57:0f:f6:a7:3f:ef:
b0:b0:e1:94:97:20:d2:3e:ec:03:6c:6e:41:ab:29:
a8:2c:2c:a1:83:e7:30:a2:72:7a:48:a9:36:b0:4e:
9e:ec:0a:6d:df:ca:51:1b:fe:d5:12:c6:b0:07:0f:
19:fb:7e:89:d7:1b:ec:7c:6c:ef:ba:e5:88:0f:53:
29:4c:f9:ee:e6:b2:bd:57:71:93:7f:fb:28:f5:bf:
10:3f:9a:ba:85:9e:70:2b:35:bb:13:64:92:6c:4f:
fe:4a:42:bc:0f:66:61:fe:c4:d6:7f:0e:39:22:5e:
51:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D6:C1:C6:44:A9:AA:FD:BB:8C:BE:55:0A:2B:5E:BD:45:0A:B4:6A
X509v3 Authority Key Identifier:
keyid:FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/DdbBxkSpqv27jL5VCitevUUKtGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.92.0/22
178.236.32.0/22
Signature Algorithm: sha256WithRSAEncryption
77:57:1e:8d:fb:c4:b6:b3:88:30:74:39:da:9d:dc:82:ae:1d:
a8:b1:81:52:52:42:9c:2a:9d:7e:aa:af:29:07:e0:2a:f5:0c:
85:5b:8a:ff:26:4c:38:d0:a5:6a:c9:23:ec:a0:82:c0:64:36:
1b:5e:97:cd:d1:a1:cd:46:02:6c:5c:92:05:fe:8c:6c:f6:f1:
22:8a:6a:5b:e4:ab:47:34:51:b8:7a:6a:0e:79:25:86:70:27:
d9:53:77:03:66:4a:79:b7:e4:7f:6f:c6:21:79:84:2f:0d:7f:
1d:f9:2f:5d:e8:59:29:74:d6:ed:2c:4f:99:48:bc:36:b1:a4:
61:8f:34:8f:c1:71:a3:f2:9b:ad:ce:75:2a:89:68:24:5b:ff:
e2:ad:c0:35:c1:a0:a1:ab:c1:39:d4:dc:92:66:8f:87:b9:19:
6b:fc:ef:f1:01:5b:af:b1:da:0d:55:10:8f:0a:b3:b9:3f:62:
eb:94:b7:22:aa:05:3d:ee:fb:d0:cb:f4:1e:98:45:b9:03:65:
f3:8c:90:72:51:d2:82:4a:68:8b:db:1f:92:81:15:bd:ba:f7:
7b:14:a6:5b:fc:2e:84:12:3c:ee:37:e5:aa:aa:1a:bd:b1:6d:
8a:07:ab:b3:3b:7a:7c:9b:7d:26:8b:b3:34:9b:cc:dc:46:63:
86:0e:31:25
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZgW0dBRX1Ky4xnORf4G7Ly6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2QwYmMxMWIyOWRhNDRhZDU3MzA0YzNmODU2ODg3MGEw
MTljMjQwHhcNMjUwNzE3MDUxODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ2YzFjNjQ0YTlhYWZkYmI4Y2JlNTUwYTJiNWViZDQ1MGFiNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyv5wrwqO6PKyiUEEcLanZdzJYTxd
copkEre33NuaOTq+x78VhS1quseHYpG3Gw9OZxV29unEwuXdIEXYjB4M7X9593rR
HeAHkwt2hjnL4aLWfucmdnwRfbGz7XroW9lYy25GtlsuooWaAREwgCFZ08c1uUiV
GV9lsZphMarlmr0+sB513EaYaD5PkovN8QBXD/anP++wsOGUlyDSPuwDbG5Bqymo
LCyhg+cwonJ6SKk2sE6e7Apt38pRG/7VEsawBw8Z+36J1xvsfGzvuuWID1MpTPnu
5rK9V3GTf/so9b8QP5q6hZ5wKzW7E2SSbE/+SkK8D2Zh/sTWfw45Il5RPwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFA3WwcZEqar9u4y+VQorXr1FCrRqMB8GA1UdIwQY
MBaAFPo9C8EbKdpErVcwTD+FaIcKAZwkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qMEx3UnNwMmtTdFZ6Qk1QNFZvaHdvQm5DUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1
LWQyMTA3MWVmNzM1Yi8xL0RkYkJ4a1NwcXYyN2pMNVZDaXRldlVVS3RHby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1LWQyMTA3MWVmNzM1
Yi8xLzEtajBMd1JzcDJrU3RWekJNUDRWb2h3b0JuQ1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAIfGVwD
BAKy7CAwDQYJKoZIhvcNAQELBQADggEBAHdXHo37xLaziDB0Odqd3IKuHaixgVJS
QpwqnX6qrykH4Cr1DIVbiv8mTDjQpWrJI+yggsBkNhtel83Roc1GAmxckgX+jGz2
8SKKalvkq0c0Ubh6ag55JYZwJ9lTdwNmSnm35H9vxiF5hC8Nfx35L13oWSl01u0s
T5lIvDaxpGGPNI/BcaPym63OdSqJaCRb/+KtwDXBoKGrwTnU3JJmj4e5GWv87/EB
W6+x2g1VEI8Ks7k/YuuUtyKqBT3u+9DL9B6YRbkDZfOMkHJR0oJKaIvbH5KBFb26
93sUplv8LoQSPO435aqqGr2xbYoHq7M7enybfSaLszSbzNxGY4YOMSU=
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:21:49 2025 by rpki-client