Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/XxQXqatab54MwtEvRbVL6EigFQ8.roa
File: XxQXqatab54MwtEvRbVL6EigFQ8.roa (raw, json)
Hash identifier: D7EHKsQKGd8BxHFkj/BOthyEyhNjNBRXz8Cg84lbagg=
Subject key identifier: 5F:14:17:A9:AB:5A:6F:9E:0C:C2:D1:2F:45:B5:4B:E8:48:A0:15:0F
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 0197E130D3016DA4EB2BCB60AE9375916364
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/XxQXqatab54MwtEvRbVL6EigFQ8.roa
Signing time: Sun 06 Jul 2025 19:22:42 +0000
ROA not before: Sun 06 Jul 2025 19:22:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9121
IP address blocks: 31.169.64.0/24 maxlen: 24
31.169.65.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.67.0/24 maxlen: 24
31.169.69.0/24 maxlen: 24
31.169.70.0/24 maxlen: 24
31.169.71.0/24 maxlen: 24
31.169.72.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.78.0/24 maxlen: 24
31.169.79.0/24 maxlen: 24
31.169.81.0/24 maxlen: 24
31.169.82.0/24 maxlen: 24
31.169.84.0/24 maxlen: 24
31.169.85.0/24 maxlen: 24
31.169.87.0/24 maxlen: 24
31.169.88.0/24 maxlen: 24
31.169.92.0/24 maxlen: 24
31.169.93.0/24 maxlen: 24
31.169.94.0/24 maxlen: 24
31.169.95.0/24 maxlen: 24
185.33.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.mft
rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e1:30:d3:01:6d:a4:eb:2b:cb:60:ae:93:75:91:63:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jul 6 19:22:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f1417a9ab5a6f9e0cc2d12f45b54be848a0150f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5d:2c:24:3d:68:49:6f:2d:11:d2:49:cd:97:
c5:21:b3:4c:fa:86:af:04:77:bd:db:ff:fa:f1:36:
2d:26:99:78:ff:68:b3:92:f1:b6:3d:df:0a:9e:3a:
7c:11:2f:60:63:02:70:a7:d3:c4:14:53:19:8f:16:
f1:45:31:0b:8d:d1:35:fc:5e:47:e9:fa:c3:e5:32:
61:06:0c:e4:43:76:43:16:cb:42:49:2a:b5:52:04:
1a:d8:07:2b:44:68:49:5d:d0:42:4a:b9:c8:d6:87:
9a:07:65:6a:97:9a:92:52:b4:14:37:8f:44:06:e2:
0f:0f:2f:9c:7b:26:32:c4:b9:84:a2:f2:98:7b:53:
49:cd:2a:15:1b:8c:1d:16:95:63:c3:c5:ed:85:ec:
5c:9e:27:a3:3c:93:09:fc:04:c1:2f:81:55:73:f4:
ff:ed:74:27:69:8b:e8:16:5d:5d:91:24:e7:ad:a4:
61:77:f6:6a:bc:bc:ca:75:fb:83:e3:aa:1a:e6:cd:
a1:eb:e7:9b:d8:5c:12:a0:86:ec:ac:82:35:73:dd:
3d:d6:73:51:b3:b8:4a:81:99:9c:bb:48:c1:43:a7:
0f:47:4b:fc:71:55:31:97:f4:fc:90:bb:b0:8f:72:
ea:18:d5:0b:ca:bb:32:ff:b5:3c:b0:16:dc:47:56:
de:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:14:17:A9:AB:5A:6F:9E:0C:C2:D1:2F:45:B5:4B:E8:48:A0:15:0F
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/XxQXqatab54MwtEvRbVL6EigFQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.64.0/22
31.169.69.0-31.169.72.255
31.169.77.0-31.169.79.255
31.169.81.0-31.169.82.255
31.169.84.0/23
31.169.87.0-31.169.88.255
31.169.92.0/22
185.33.63.0/24
Signature Algorithm: sha256WithRSAEncryption
20:c8:92:c7:73:31:a0:c7:71:7e:b8:83:d1:6e:91:5b:89:83:
17:29:fb:8b:c7:0d:b5:50:58:03:ef:a0:a9:42:9c:23:dc:e7:
f7:76:6d:ab:6c:2f:6e:eb:38:c8:05:b1:c5:5e:f1:94:4c:73:
da:de:22:5e:ef:fa:70:b7:f2:56:35:6f:5c:59:eb:3b:f0:a2:
87:39:66:ef:31:cb:d7:4c:7c:a1:66:5c:ae:2d:bc:d8:03:70:
a0:86:4b:de:e3:98:2a:f0:eb:96:fb:f5:a8:a1:e8:83:5d:e3:
22:34:5f:3c:20:00:dd:37:e1:95:cb:14:ff:8a:a5:0a:27:ae:
41:9e:2c:52:4d:df:e2:04:a2:0a:aa:ea:d6:66:9b:95:bb:19:
fb:2b:b8:7d:db:aa:5a:85:e7:0b:f4:1d:bd:94:4a:c6:73:4a:
b4:95:9e:74:9f:58:d2:d0:bf:9b:27:89:87:de:cc:60:ff:f9:
fa:bb:3a:07:5e:aa:01:5d:9f:2e:4b:05:35:79:4b:8a:ee:74:
ec:74:74:b4:98:12:90:6f:ca:80:d0:24:0d:0a:d6:78:da:ca:
52:4a:f7:ef:ea:9c:bc:95:2e:e0:6f:85:ed:e3:12:b4:e7:3b:
86:15:50:1e:17:28:d7:9a:4f:06:0a:00:20:78:39:bc:03:87:
90:8b:26:61
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZfhMNMBbaTrK8tgrpN1kWNkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjUwNzA2MTkyMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjE0MTdhOWFiNWE2ZjllMGNjMmQxMmY0NWI1NGJlODQ4YTAxNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz10sJD1oSW8tEdJJzZfFIbNM+oav
BHe92//68TYtJpl4/2izkvG2Pd8Knjp8ES9gYwJwp9PEFFMZjxbxRTELjdE1/F5H
6frD5TJhBgzkQ3ZDFstCSSq1UgQa2AcrRGhJXdBCSrnI1oeaB2Vql5qSUrQUN49E
BuIPDy+ceyYyxLmEovKYe1NJzSoVG4wdFpVjw8XthexcniejPJMJ/ATBL4FVc/T/
7XQnaYvoFl1dkSTnraRhd/ZqvLzKdfuD46oa5s2h6+eb2FwSoIbsrII1c9091nNR
s7hKgZmcu0jBQ6cPR0v8cVUxl/T8kLuwj3LqGNULyrsy/7U8sBbcR1begwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFF8UF6mrWm+eDMLRL0W1S+hIoBUPMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvWHhRWHFhdGFiNTRNd3RFdlJiVkw2RWlnRlE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQCH6lAMAwD
BAAfqUUDBAAfqUgwDAMEAB+pTQMEBB+pQDAMAwQAH6lRAwQAH6lSAwQBH6lUMAwD
BAAfqVcDBAAfqVgDBAIfqVwDBAC5IT8wDQYJKoZIhvcNAQELBQADggEBACDIksdz
MaDHcX64g9FukVuJgxcp+4vHDbVQWAPvoKlCnCPc5/d2batsL27rOMgFscVe8ZRM
c9reIl7v+nC38lY1b1xZ6zvwooc5Zu8xy9dMfKFmXK4tvNgDcKCGS97jmCrw65b7
9aih6INd4yI0XzwgAN034ZXLFP+KpQonrkGeLFJN3+IEogqq6tZmm5W7GfsruH3b
qlqF5wv0Hb2USsZzSrSVnnSfWNLQv5sniYfezGD/+fq7OgdeqgFdny5LBTV5S4ru
dOx0dLSYEpBvyoDQJA0K1njaylJK9+/qnLyVLuBvhe3jErTnO4YVUB4XKNeaTwYK
ACB4ObwDh5CLJmE=
-----END CERTIFICATE-----
Generated at Wed Jul 23 06:06:37 2025 by rpki-client