Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/3N9UYLo0xUDRDj5u2ZGsggXWyM8.roa
File: 3N9UYLo0xUDRDj5u2ZGsggXWyM8.roa (raw, json)
Hash identifier: GzegVU/Yobk+zlKS0VWYX3GqVecmGnXDmHTuncP48uU=
Subject key identifier: DC:DF:54:60:BA:34:C5:40:D1:0E:3E:6E:D9:91:AC:82:05:D6:C8:CF
Certificate issuer: /CN=46f01771d1cc8fd114c46a616206aa4c59dbdc19
Certificate serial: 01981833346D83EC7DB1834B56281B940B8F
Authority key identifier: 46:F0:17:71:D1:CC:8F:D1:14:C4:6A:61:62:06:AA:4C:59:DB:DC:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RvAXcdHMj9EUxGphYgaqTFnb3Bk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/3N9UYLo0xUDRDj5u2ZGsggXWyM8.roa
Signing time: Thu 17 Jul 2025 11:44:25 +0000
ROA not before: Thu 17 Jul 2025 11:44:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213038
IP address blocks: 31.220.151.0/24 maxlen: 24
89.36.197.0/24 maxlen: 24
89.40.170.0/24 maxlen: 24
89.42.24.0/24 maxlen: 24
103.95.116.0/24 maxlen: 24
103.95.117.0/24 maxlen: 24
185.145.252.0/24 maxlen: 24
185.145.253.0/24 maxlen: 24
185.145.254.0/24 maxlen: 24
185.145.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/RvAXcdHMj9EUxGphYgaqTFnb3Bk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/RvAXcdHMj9EUxGphYgaqTFnb3Bk.mft
rsync://rpki.ripe.net/repository/DEFAULT/RvAXcdHMj9EUxGphYgaqTFnb3Bk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 16:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:18:33:34:6d:83:ec:7d:b1:83:4b:56:28:1b:94:0b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46f01771d1cc8fd114c46a616206aa4c59dbdc19
Validity
Not Before: Jul 17 11:44:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dcdf5460ba34c540d10e3e6ed991ac8205d6c8cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:56:6d:6a:f6:47:0d:9c:5d:18:0f:cb:22:b6:
0f:e8:e8:64:10:7a:e8:a5:69:64:51:8b:e6:b9:f2:
09:e0:eb:07:15:43:27:c3:d5:fe:f0:c7:3f:28:0f:
3e:be:7e:99:0a:a9:7a:11:d0:20:d0:49:41:69:14:
2d:5d:41:c0:bb:7c:2d:63:c6:9a:39:69:f0:dc:6d:
af:da:ff:b2:ec:87:96:13:54:f6:02:91:60:7e:91:
80:d8:29:9e:c0:4d:47:92:7e:09:21:1e:9e:cc:99:
38:39:fb:7f:fe:d1:7e:bf:32:97:bb:bd:71:26:58:
6b:10:93:38:f8:b4:69:99:22:de:29:39:31:aa:a3:
6b:c3:3a:02:52:ad:2f:e5:c1:11:22:96:24:9e:cd:
00:1a:3e:92:92:6c:6f:6d:dd:07:56:b1:64:9e:07:
7b:c1:57:f5:d3:74:5f:5e:94:d3:70:9b:bd:1e:64:
e9:88:3e:c2:44:68:0e:e1:72:95:7d:40:5e:68:57:
47:cd:06:47:92:a4:f5:66:6a:1f:a1:8b:b4:58:58:
57:61:0e:d3:c6:f5:74:97:e4:13:92:a9:74:01:e4:
0a:07:b0:ed:66:b6:9e:7e:7a:cb:64:09:9e:b3:b9:
50:a8:15:8d:13:0d:20:3f:9c:ca:03:ed:8f:b3:b3:
2b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:DF:54:60:BA:34:C5:40:D1:0E:3E:6E:D9:91:AC:82:05:D6:C8:CF
X509v3 Authority Key Identifier:
keyid:46:F0:17:71:D1:CC:8F:D1:14:C4:6A:61:62:06:AA:4C:59:DB:DC:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RvAXcdHMj9EUxGphYgaqTFnb3Bk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/3N9UYLo0xUDRDj5u2ZGsggXWyM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/7e57a3-a181-45df-b4ae-316f6dabffbf/1/RvAXcdHMj9EUxGphYgaqTFnb3Bk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.151.0/24
89.36.197.0/24
89.40.170.0/24
89.42.24.0/24
103.95.116.0/23
185.145.252.0/22
Signature Algorithm: sha256WithRSAEncryption
95:b1:89:f6:0e:c0:86:11:21:aa:94:ab:fb:8b:55:d1:be:7a:
ab:7e:40:fc:0d:69:7f:e4:e2:22:e0:82:44:e9:66:77:d1:f9:
f4:ac:0b:30:53:78:a2:f8:5e:1d:98:c0:18:a4:e1:c5:cf:c8:
a1:5f:47:b4:36:07:e4:0c:d4:fb:db:aa:44:6c:db:e8:64:c0:
43:62:cb:c3:24:4f:44:32:70:b8:58:04:9d:8e:79:00:50:15:
87:b6:74:5f:09:e9:75:fa:48:28:0f:df:8c:77:74:77:fc:a1:
a7:37:2c:e9:38:3e:5b:ff:4b:55:aa:8c:a2:84:d4:7b:e6:0f:
e3:33:1d:a5:9d:8e:66:0e:6d:65:14:fb:4b:a7:0f:73:df:52:
ff:32:48:63:d6:79:2c:87:c7:47:d7:78:e7:16:14:04:71:65:
77:9d:34:94:89:b4:d5:6a:e5:27:7b:8d:ec:6d:e3:43:04:87:
80:e6:6a:12:2e:2e:d1:af:5d:00:8f:51:01:7e:47:4b:c6:0e:
10:d8:09:df:5f:99:69:45:4c:d6:54:d7:e4:68:3f:38:f8:63:
2b:08:04:31:e4:36:a1:f0:51:3c:6c:b7:4d:ed:1f:0e:38:80:
db:a3:56:19:4f:a8:a5:06:4d:96:2d:f7:4b:32:b9:38:75:c1:
08:dd:58:57
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZgYMzRtg+x9sYNLVigblAuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZjAxNzcxZDFjYzhmZDExNGM0NmE2MTYyMDZhYTRjNTlk
YmRjMTkwHhcNMjUwNzE3MTE0NDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2RmNTQ2MGJhMzRjNTQwZDEwZTNlNmVkOTkxYWM4MjA1ZDZjOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFZtavZHDZxdGA/LIrYP6OhkEHro
pWlkUYvmufIJ4OsHFUMnw9X+8Mc/KA8+vn6ZCql6EdAg0ElBaRQtXUHAu3wtY8aa
OWnw3G2v2v+y7IeWE1T2ApFgfpGA2CmewE1Hkn4JIR6ezJk4Oft//tF+vzKXu71x
JlhrEJM4+LRpmSLeKTkxqqNrwzoCUq0v5cERIpYkns0AGj6Skmxvbd0HVrFkngd7
wVf103RfXpTTcJu9HmTpiD7CRGgO4XKVfUBeaFdHzQZHkqT1ZmofoYu0WFhXYQ7T
xvV0l+QTkql0AeQKB7DtZraefnrLZAmes7lQqBWNEw0gP5zKA+2Ps7Mr+wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNzfVGC6NMVA0Q4+btmRrIIF1sjPMB8GA1UdIwQY
MBaAFEbwF3HRzI/RFMRqYWIGqkxZ29wZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnZBWGNkSE1qOUVVeEdwaFlnYXFURm5iM0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC83ZTU3YTMtYTE4MS00NWRmLWI0YWUt
MzE2ZjZkYWJmZmJmLzEvM045VVlMbzB4VURSRGo1dTJaR3NnZ1hXeU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC83ZTU3YTMtYTE4MS00NWRmLWI0YWUtMzE2ZjZkYWJmZmJm
LzEvUnZBWGNkSE1qOUVVeEdwaFlnYXFURm5iM0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAH9yXAwQA
WSTFAwQAWSiqAwQAWSoYAwQBZ190AwQCuZH8MA0GCSqGSIb3DQEBCwUAA4IBAQCV
sYn2DsCGESGqlKv7i1XRvnqrfkD8DWl/5OIi4IJE6WZ30fn0rAswU3ii+F4dmMAY
pOHFz8ihX0e0NgfkDNT726pEbNvoZMBDYsvDJE9EMnC4WASdjnkAUBWHtnRfCel1
+kgoD9+Md3R3/KGnNyzpOD5b/0tVqoyihNR75g/jMx2lnY5mDm1lFPtLpw9z31L/
Mkhj1nksh8dH13jnFhQEcWV3nTSUibTVauUne43sbeNDBIeA5moSLi7Rr10Aj1EB
fkdLxg4Q2AnfX5lpRUzWVNfkaD84+GMrCAQx5Dah8FE8bLdN7R8OOIDbo1YZT6il
Bk2WLfdLMrk4dcEI3VhX
-----END CERTIFICATE-----
Generated at Fri Jul 25 19:50:20 2025 by rpki-client