Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/Z83GLoAga3sBSQ_7zAotBwUPbzU.roa
File: Z83GLoAga3sBSQ_7zAotBwUPbzU.roa (raw, json)
Hash identifier: ZWcGtyQo9h5IeC35NP7le1RrDMKBapDGltNCVXN1yBQ=
Subject key identifier: 67:CD:C6:2E:80:20:6B:7B:01:49:0F:FB:CC:0A:2D:07:05:0F:6F:35
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 0197E12FE7802D96A911435C835A5CAEE452
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/Z83GLoAga3sBSQ_7zAotBwUPbzU.roa
Signing time: Sun 06 Jul 2025 19:21:42 +0000
ROA not before: Sun 06 Jul 2025 19:21:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56582
IP address blocks: 31.169.64.0/24 maxlen: 24
31.169.65.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.67.0/24 maxlen: 24
31.169.69.0/24 maxlen: 24
31.169.70.0/24 maxlen: 24
31.169.71.0/24 maxlen: 24
31.169.72.0/24 maxlen: 24
31.169.74.0/24 maxlen: 24
31.169.76.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.78.0/24 maxlen: 24
31.169.79.0/24 maxlen: 24
31.169.81.0/24 maxlen: 24
31.169.82.0/24 maxlen: 24
31.169.84.0/24 maxlen: 24
31.169.85.0/24 maxlen: 24
31.169.87.0/24 maxlen: 24
31.169.88.0/24 maxlen: 24
31.169.92.0/24 maxlen: 24
31.169.93.0/24 maxlen: 24
31.169.94.0/24 maxlen: 24
31.169.95.0/24 maxlen: 24
185.33.63.0/24 maxlen: 24
2a00:5740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.mft
rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e1:2f:e7:80:2d:96:a9:11:43:5c:83:5a:5c:ae:e4:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Jul 6 19:21:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67cdc62e80206b7b01490ffbcc0a2d07050f6f35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d2:9b:b4:58:f2:04:80:e3:b3:29:10:71:23:
77:8f:62:ed:8f:fe:1d:e4:32:7d:7d:e1:48:44:5d:
97:d5:a2:cd:67:31:cb:6c:af:55:c8:9e:db:75:91:
8d:34:78:ee:6f:d5:23:dc:39:45:2f:f2:f5:6a:f2:
30:49:c5:6f:c3:d6:95:75:16:0f:b6:1b:94:50:13:
f5:9b:01:fb:5a:ce:65:8e:0c:45:55:f3:5b:e7:6b:
49:3c:79:97:d4:77:d0:05:ba:da:e7:4e:e3:73:0f:
c7:6c:5b:cb:08:03:0e:63:b4:66:62:0e:45:58:ae:
34:bd:a6:6d:40:b8:25:0a:77:0e:b3:ea:07:6e:64:
12:70:23:90:db:02:4c:fd:da:4f:bf:45:38:55:32:
84:77:59:24:20:31:3d:39:5b:7a:89:24:9a:05:ae:
54:36:5f:82:c2:c5:6d:14:88:84:26:cb:62:27:5e:
a8:54:02:74:7f:d5:ea:f2:ac:98:2f:96:2a:3a:d0:
6b:4b:3e:c3:6b:dc:c3:2f:5e:f3:7e:ab:bd:7f:74:
e6:86:c2:f2:3e:1f:20:2f:cb:c2:e6:5b:9a:a6:be:
a0:80:ba:b7:6d:02:d2:e4:7c:3b:6f:76:a5:72:71:
6b:56:14:e7:70:f9:53:fa:d9:28:90:70:16:46:cf:
64:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:CD:C6:2E:80:20:6B:7B:01:49:0F:FB:CC:0A:2D:07:05:0F:6F:35
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/Z83GLoAga3sBSQ_7zAotBwUPbzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.64.0/22
31.169.69.0-31.169.72.255
31.169.74.0/24
31.169.76.0/22
31.169.81.0-31.169.82.255
31.169.84.0/23
31.169.87.0-31.169.88.255
31.169.92.0/22
185.33.63.0/24
IPv6:
2a00:5740::/29
Signature Algorithm: sha256WithRSAEncryption
58:58:02:e4:d3:69:36:47:0d:6f:19:1b:58:11:d7:3c:40:00:
42:88:89:9e:69:d7:67:a1:ad:ff:79:cf:bc:90:b6:fb:c0:11:
5b:86:b9:02:31:6d:62:07:86:f0:05:f1:7c:74:6f:66:19:12:
64:6b:3b:76:1f:33:dc:1c:96:f3:60:59:c8:e1:61:5f:00:09:
da:21:1b:49:79:8f:35:82:67:2d:f0:76:e4:5a:20:5c:03:f0:
41:95:bf:07:42:ad:42:3c:16:7d:55:30:17:8a:15:92:04:99:
08:e9:7d:7b:4d:79:21:be:9e:74:92:97:c2:1d:f4:a8:74:c7:
25:2f:0b:47:09:70:d3:f6:58:10:2e:1c:53:69:e5:48:bc:63:
73:6d:70:e6:ef:80:fc:c9:65:7d:54:da:97:78:cb:a4:9b:f3:
1b:96:e9:48:18:a0:38:21:6b:2d:c4:0a:34:1d:05:3a:26:b1:
44:b9:5b:60:94:50:d1:73:24:ec:2b:34:c5:78:e9:a3:9c:e5:
b2:0c:18:1c:5c:a7:1f:98:92:05:12:78:bf:84:4e:0e:24:4d:
fa:e0:fa:63:9b:1e:ca:e6:14:e2:0a:c2:83:6d:d4:21:86:c8:
6f:76:36:e9:11:93:58:36:0f:45:73:a4:01:12:b7:75:96:f5:
13:d1:4c:f4
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZfhL+eALZapEUNcg1pcruRSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjUwNzA2MTkyMTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2NkYzYyZTgwMjA2YjdiMDE0OTBmZmJjYzBhMmQwNzA1MGY2ZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29KbtFjyBIDjsykQcSN3j2Ltj/4d
5DJ9feFIRF2X1aLNZzHLbK9VyJ7bdZGNNHjub9Uj3DlFL/L1avIwScVvw9aVdRYP
thuUUBP1mwH7Ws5ljgxFVfNb52tJPHmX1HfQBbra507jcw/HbFvLCAMOY7RmYg5F
WK40vaZtQLglCncOs+oHbmQScCOQ2wJM/dpPv0U4VTKEd1kkIDE9OVt6iSSaBa5U
Nl+CwsVtFIiEJstiJ16oVAJ0f9Xq8qyYL5YqOtBrSz7Da9zDL17zfqu9f3TmhsLy
Ph8gL8vC5luapr6ggLq3bQLS5Hw7b3alcnFrVhTncPlT+tkokHAWRs9kowIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFGfNxi6AIGt7AUkP+8wKLQcFD281MB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvWjgzR0xvQWdhM3NCU1FfN3pBb3RCd1VQYnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQCH6lAMAwD
BAAfqUUDBAAfqUgDBAAfqUoDBAIfqUwwDAMEAB+pUQMEAB+pUgMEAR+pVDAMAwQA
H6lXAwQAH6lYAwQCH6lcAwQAuSE/MA0EAgACMAcDBQMqAFdAMA0GCSqGSIb3DQEB
CwUAA4IBAQBYWALk02k2Rw1vGRtYEdc8QABCiImeaddnoa3/ec+8kLb7wBFbhrkC
MW1iB4bwBfF8dG9mGRJkazt2HzPcHJbzYFnI4WFfAAnaIRtJeY81gmct8HbkWiBc
A/BBlb8HQq1CPBZ9VTAXihWSBJkI6X17TXkhvp50kpfCHfSodMclLwtHCXDT9lgQ
LhxTaeVIvGNzbXDm74D8yWV9VNqXeMukm/MblulIGKA4IWstxAo0HQU6JrFEuVtg
lFDRcyTsKzTFeOmjnOWyDBgcXKcfmJIFEni/hE4OJE364Ppjmx7K5hTiCsKDbdQh
hshvdjbpEZNYNg9Fc6QBErd1lvUT0Uz0
-----END CERTIFICATE-----
Generated at Wed Jul 23 06:05:08 2025 by rpki-client