Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/x_kEH2zJHHewCxquQN5i7Z2Jnvs.roa
File: x_kEH2zJHHewCxquQN5i7Z2Jnvs.roa (raw, json)
Hash identifier: I2PK/LRtL0RyVycXgEUMToWLxsYstXAQXdiOl9wEuF4=
Subject key identifier: C7:F9:04:1F:6C:C9:1C:77:B0:0B:1A:AE:40:DE:62:ED:9D:89:9E:FB
Certificate issuer: /CN=8ef66691ad3a41652f5bd8596230b3ac743d2a2c
Certificate serial: 0197C1DDB7A222E59E575883FC7DFBB1D3A8
Authority key identifier: 8E:F6:66:91:AD:3A:41:65:2F:5B:D8:59:62:30:B3:AC:74:3D:2A:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jvZmka06QWUvW9hZYjCzrHQ9Kiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/x_kEH2zJHHewCxquQN5i7Z2Jnvs.roa
Signing time: Mon 30 Jun 2025 17:23:42 +0000
ROA not before: Mon 30 Jun 2025 17:23:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211130
IP address blocks: 31.128.112.0/24 maxlen: 24
31.128.113.0/24 maxlen: 24
31.128.114.0/24 maxlen: 24
31.128.115.0/24 maxlen: 24
31.128.116.0/24 maxlen: 24
31.128.117.0/24 maxlen: 24
31.128.118.0/24 maxlen: 24
31.128.119.0/24 maxlen: 24
31.128.120.0/24 maxlen: 24
31.128.121.0/24 maxlen: 24
31.128.122.0/24 maxlen: 24
31.128.123.0/24 maxlen: 24
31.128.124.0/24 maxlen: 24
31.128.125.0/24 maxlen: 24
31.128.126.0/24 maxlen: 24
31.128.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/jvZmka06QWUvW9hZYjCzrHQ9Kiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/jvZmka06QWUvW9hZYjCzrHQ9Kiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/jvZmka06QWUvW9hZYjCzrHQ9Kiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c1:dd:b7:a2:22:e5:9e:57:58:83:fc:7d:fb:b1:d3:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ef66691ad3a41652f5bd8596230b3ac743d2a2c
Validity
Not Before: Jun 30 17:23:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7f9041f6cc91c77b00b1aae40de62ed9d899efb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bc:56:a9:d2:8c:55:f3:9e:f6:3e:2f:4b:5c:
a9:ce:21:dc:c6:4a:7e:21:1c:da:ec:fb:a1:6b:37:
72:72:9b:14:89:8e:21:a2:e4:1e:f6:8c:6d:23:fd:
51:76:50:35:e2:ab:63:7b:65:42:63:f3:e6:9f:3d:
aa:70:a2:42:2f:93:7c:72:a2:61:00:1f:53:a9:5f:
b2:58:d1:d8:7f:cb:fa:60:09:a2:cf:0f:53:3b:04:
54:12:ad:ec:bd:0b:14:44:2b:13:af:cd:83:14:e8:
d6:ed:a8:98:1d:6d:69:7f:42:17:67:86:ea:7a:bb:
80:34:48:52:52:ee:db:29:8d:1c:85:1a:f4:97:cd:
04:09:f1:36:e6:ca:b6:fa:a4:64:d0:fd:a0:72:2b:
1d:63:5f:5b:58:19:cb:33:6a:dd:71:dd:6b:3e:c0:
95:30:4d:3e:13:53:3a:6f:08:b8:86:c5:68:27:ab:
92:15:2c:9e:c7:02:7d:2e:77:1d:08:24:4f:47:cb:
36:11:5e:01:0d:e8:5c:8e:d0:00:be:79:42:b8:69:
ff:f1:ec:92:98:1b:ef:64:32:d2:2b:68:64:2f:df:
1e:df:d2:41:f9:53:64:02:89:ea:93:2c:84:d7:43:
1e:87:60:17:93:a5:07:fe:b6:bd:8a:e6:21:08:b5:
1b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F9:04:1F:6C:C9:1C:77:B0:0B:1A:AE:40:DE:62:ED:9D:89:9E:FB
X509v3 Authority Key Identifier:
keyid:8E:F6:66:91:AD:3A:41:65:2F:5B:D8:59:62:30:B3:AC:74:3D:2A:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jvZmka06QWUvW9hZYjCzrHQ9Kiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/x_kEH2zJHHewCxquQN5i7Z2Jnvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/jvZmka06QWUvW9hZYjCzrHQ9Kiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.112.0/20
Signature Algorithm: sha256WithRSAEncryption
93:05:7c:5f:12:00:f7:26:26:ea:b4:2a:ba:8c:cd:3a:7d:80:
29:94:cf:69:cb:fd:f0:35:2c:ca:a2:d2:1a:06:5e:d1:d7:71:
c2:97:de:9a:66:17:06:90:2b:fd:ac:a4:53:e8:d5:f0:4e:80:
d9:d3:95:bb:a3:0b:2b:58:bc:2e:6a:9c:53:53:72:f9:ac:e6:
29:f7:fb:cf:8f:50:7f:a3:11:32:67:c0:84:de:d2:8f:fa:bb:
24:32:17:f9:28:56:25:51:77:45:9b:25:32:65:c3:55:7b:f0:
f5:a3:72:7d:a8:04:13:51:db:6c:73:12:28:10:af:c2:6d:c6:
89:d1:5c:7d:47:54:ab:63:25:91:7e:85:c2:34:d9:19:4a:41:
3b:57:ee:57:1b:11:47:a9:0b:9b:4d:09:b1:2c:df:3a:f2:c3:
15:2f:68:59:91:c1:76:69:06:cb:2b:b1:41:47:c8:9a:7c:17:
8b:a3:04:92:7f:ff:c4:96:4f:d8:d2:32:b9:53:02:38:f8:7c:
02:30:ee:14:ca:ba:f4:ba:cc:30:f4:0b:08:bf:93:41:89:02:
db:a2:45:8f:c0:0d:06:a7:7a:02:21:36:3a:53:32:50:01:22:
a3:a3:a3:af:9d:22:1e:fa:98:14:3f:f5:16:99:ca:79:05:e0:
b6:3a:37:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfB3beiIuWeV1iD/H37sdOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZjY2NjkxYWQzYTQxNjUyZjViZDg1OTYyMzBiM2FjNzQz
ZDJhMmMwHhcNMjUwNjMwMTcyMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Y5MDQxZjZjYzkxYzc3YjAwYjFhYWU0MGRlNjJlZDlkODk5ZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLxWqdKMVfOe9j4vS1ypziHcxkp+
IRza7PuhazdycpsUiY4houQe9oxtI/1RdlA14qtje2VCY/Pmnz2qcKJCL5N8cqJh
AB9TqV+yWNHYf8v6YAmizw9TOwRUEq3svQsURCsTr82DFOjW7aiYHW1pf0IXZ4bq
eruANEhSUu7bKY0chRr0l80ECfE25sq2+qRk0P2gcisdY19bWBnLM2rdcd1rPsCV
ME0+E1M6bwi4hsVoJ6uSFSyexwJ9LncdCCRPR8s2EV4BDehcjtAAvnlCuGn/8eyS
mBvvZDLSK2hkL98e39JB+VNkAonqkyyE10Meh2AXk6UH/ra9iuYhCLUbfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMf5BB9syRx3sAsarkDeYu2diZ77MB8GA1UdIwQY
MBaAFI72ZpGtOkFlL1vYWWIws6x0PSosMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanZabWthMDZRV1V2VzloWllqQ3pySFE5S2l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mYzg3ZmEtY2JmYS00ZjNjLTg4ZDMt
YmE5MjJiYjFlYmI0LzEveF9rRUgyekpISGV3Q3hxdVFONWk3WjJKbnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mYzg3ZmEtY2JmYS00ZjNjLTg4ZDMtYmE5MjJiYjFlYmI0
LzEvanZabWthMDZRV1V2VzloWllqQ3pySFE5S2l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEH4BwMA0G
CSqGSIb3DQEBCwUAA4IBAQCTBXxfEgD3JibqtCq6jM06fYAplM9py/3wNSzKotIa
Bl7R13HCl96aZhcGkCv9rKRT6NXwToDZ05W7owsrWLwuapxTU3L5rOYp9/vPj1B/
oxEyZ8CE3tKP+rskMhf5KFYlUXdFmyUyZcNVe/D1o3J9qAQTUdtscxIoEK/CbcaJ
0Vx9R1SrYyWRfoXCNNkZSkE7V+5XGxFHqQubTQmxLN868sMVL2hZkcF2aQbLK7FB
R8iafBeLowSSf//Elk/Y0jK5UwI4+HwCMO4Uyrr0usww9AsIv5NBiQLbokWPwA0G
p3oCITY6UzJQASKjo6OvnSIe+pgUP/UWmcp5BeC2Ojd3
-----END CERTIFICATE-----
Generated at Sun Jul 27 11:25:57 2025 by rpki-client