Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/4NcTL285pt5vHsa8sRLMLmMiOV4.roa
File: 4NcTL285pt5vHsa8sRLMLmMiOV4.roa (raw, json)
Hash identifier: Arn8R5fVs3fVXhVyMLl20eHv17txV42oFln86qkkdKI=
Subject key identifier: E0:D7:13:2F:6F:39:A6:DE:6F:1E:C6:BC:B1:12:CC:2E:63:22:39:5E
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 0197E131BC9F7F8C166166A51C82FD8DC98D
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/4NcTL285pt5vHsa8sRLMLmMiOV4.roa
Signing time: Sun 06 Jul 2025 19:23:42 +0000
ROA not before: Sun 06 Jul 2025 19:23:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208972
IP address blocks: 31.169.64.0/24 maxlen: 24
31.169.65.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.67.0/24 maxlen: 24
31.169.69.0/24 maxlen: 24
31.169.70.0/24 maxlen: 24
31.169.71.0/24 maxlen: 24
31.169.72.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.78.0/24 maxlen: 24
31.169.79.0/24 maxlen: 24
31.169.81.0/24 maxlen: 24
31.169.82.0/24 maxlen: 24
31.169.84.0/24 maxlen: 24
31.169.85.0/24 maxlen: 24
31.169.87.0/24 maxlen: 24
31.169.88.0/24 maxlen: 24
31.169.90.0/24 maxlen: 24
31.169.92.0/24 maxlen: 24
31.169.93.0/24 maxlen: 24
31.169.94.0/24 maxlen: 24
31.169.95.0/24 maxlen: 24
185.33.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.mft
rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 04:02:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e1:31:bc:9f:7f:8c:16:61:66:a5:1c:82:fd:8d:c9:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jul 6 19:23:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0d7132f6f39a6de6f1ec6bcb112cc2e6322395e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:17:c5:80:96:af:0d:c1:a2:ab:11:55:4c:1b:
35:8c:0f:ed:f6:4f:76:50:93:36:69:4e:26:a5:3c:
b2:69:65:cf:80:18:7e:1f:fc:20:ee:9a:62:20:2e:
0d:9e:2e:c8:70:4c:95:05:37:08:4a:0c:8a:42:f6:
a2:f9:ec:f8:31:d5:b6:26:ef:38:50:a1:8e:01:dc:
ac:55:5a:a8:c0:b9:df:ab:a6:cd:5d:05:89:c0:df:
16:ee:52:3e:3d:b6:4d:95:6d:9d:74:ae:70:3e:78:
9f:5c:9e:1b:45:c6:9b:4e:b8:82:02:07:4a:5f:86:
fd:5a:26:00:ba:de:76:3e:1f:2c:6e:ad:24:27:23:
dc:92:b9:5f:d1:a7:c7:1b:69:17:6d:fc:00:ab:08:
26:98:db:bf:cf:0b:28:73:de:bc:28:fd:29:75:78:
86:c1:a8:17:75:06:68:75:7c:f6:67:43:dd:d2:af:
0f:b2:50:71:ea:2e:ae:e8:1f:17:c7:cb:f0:ed:c3:
90:af:41:c7:33:99:0a:ce:4a:fd:5e:0a:99:16:c2:
96:ab:c8:c4:73:6d:d2:e1:6e:c7:27:70:b4:95:a1:
b3:c8:ba:d6:4d:97:0a:f2:a6:d8:ab:37:eb:0d:fd:
4b:5e:0f:ac:d5:1e:88:e8:cc:8a:3f:ff:c8:88:83:
1a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D7:13:2F:6F:39:A6:DE:6F:1E:C6:BC:B1:12:CC:2E:63:22:39:5E
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/4NcTL285pt5vHsa8sRLMLmMiOV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.64.0/22
31.169.69.0-31.169.72.255
31.169.77.0-31.169.79.255
31.169.81.0-31.169.82.255
31.169.84.0/23
31.169.87.0-31.169.88.255
31.169.90.0/24
31.169.92.0/22
185.33.63.0/24
Signature Algorithm: sha256WithRSAEncryption
18:4c:a6:37:ea:66:b7:63:ef:45:65:0b:a6:9f:ac:91:9d:39:
1a:1e:e9:b7:d4:c3:91:58:8d:e8:81:67:ef:89:17:98:a9:7a:
c4:b0:7f:9d:42:2e:f2:83:0b:d7:32:3f:18:ce:89:4e:07:bf:
95:aa:47:1d:64:49:dc:bd:4d:e7:ab:48:2f:fe:53:65:c0:7b:
b4:e3:7e:d3:63:64:43:24:ff:d8:fa:06:b1:a1:40:7b:89:a5:
5e:71:99:21:0c:df:41:08:5a:3a:b8:c8:57:e8:58:e1:02:6d:
8a:62:ce:68:b9:2f:94:1a:e8:d9:a3:90:fb:49:ca:40:09:da:
fa:d1:ce:b3:9f:48:eb:2d:1a:61:57:58:53:3e:8b:17:95:47:
d9:9b:e3:1c:ca:99:3f:b5:a9:a6:d0:29:df:7c:d6:18:d0:ea:
be:92:20:3b:f9:69:47:59:b8:50:40:88:40:b3:39:d1:6c:2c:
e2:16:cd:05:db:39:8a:d9:f3:46:fe:ce:12:9f:2d:ce:c2:fd:
22:0f:90:13:c5:93:56:6c:f5:b4:f8:d4:3e:33:bc:d6:06:ba:
50:e1:fe:6b:02:86:ea:9e:02:b9:24:96:82:5f:17:d1:b8:fc:
96:16:fa:cb:b7:28:10:ab:9f:52:37:d7:a3:07:5b:12:a0:9c:
f6:e6:6d:ef
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZfhMbyff4wWYWalHIL9jcmNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjUwNzA2MTkyMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGQ3MTMyZjZmMzlhNmRlNmYxZWM2YmNiMTEyY2MyZTYzMjIzOTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRfFgJavDcGiqxFVTBs1jA/t9k92
UJM2aU4mpTyyaWXPgBh+H/wg7ppiIC4Nni7IcEyVBTcISgyKQvai+ez4MdW2Ju84
UKGOAdysVVqowLnfq6bNXQWJwN8W7lI+PbZNlW2ddK5wPnifXJ4bRcabTriCAgdK
X4b9WiYAut52Ph8sbq0kJyPckrlf0afHG2kXbfwAqwgmmNu/zwsoc968KP0pdXiG
wagXdQZodXz2Z0Pd0q8PslBx6i6u6B8Xx8vw7cOQr0HHM5kKzkr9XgqZFsKWq8jE
c23S4W7HJ3C0laGzyLrWTZcK8qbYqzfrDf1LXg+s1R6I6MyKP//IiIMaRQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFODXEy9vOabebx7GvLESzC5jIjleMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvNE5jVEwyODVwdDV2SHNhOHNSTE1MbU1pT1Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQCH6lAMAwD
BAAfqUUDBAAfqUgwDAMEAB+pTQMEBB+pQDAMAwQAH6lRAwQAH6lSAwQBH6lUMAwD
BAAfqVcDBAAfqVgDBAAfqVoDBAIfqVwDBAC5IT8wDQYJKoZIhvcNAQELBQADggEB
ABhMpjfqZrdj70VlC6afrJGdORoe6bfUw5FYjeiBZ++JF5ipesSwf51CLvKDC9cy
PxjOiU4Hv5WqRx1kSdy9TeerSC/+U2XAe7TjftNjZEMk/9j6BrGhQHuJpV5xmSEM
30EIWjq4yFfoWOECbYpizmi5L5Qa6NmjkPtJykAJ2vrRzrOfSOstGmFXWFM+ixeV
R9mb4xzKmT+1qabQKd981hjQ6r6SIDv5aUdZuFBAiECzOdFsLOIWzQXbOYrZ80b+
zhKfLc7C/SIPkBPFk1Zs9bT41D4zvNYGulDh/msChuqeArkkloJfF9G4/JYW+su3
KBCrn1I316MHWxKgnPbmbe8=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:45:15 2025 by rpki-client