Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_m0CEzt9ogj6OOkcWx3RIRbvwhM.roa
File: _m0CEzt9ogj6OOkcWx3RIRbvwhM.roa (raw, json)
Hash identifier: r7s5D5xOzsENgOKY6KOTAZlWN/D9/k8agyXqCwSg9+4=
Subject key identifier: FE:6D:02:13:3B:7D:A2:08:FA:38:E9:1C:5B:1D:D1:21:16:EF:C2:13
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01992D0B1519127809771AD7B8E01058F327
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_m0CEzt9ogj6OOkcWx3RIRbvwhM.roa
Signing time: Tue 09 Sep 2025 05:55:24 +0000
ROA not before: Tue 09 Sep 2025 05:55:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 151612
IP address blocks: 31.13.224.0/24 maxlen: 24
31.13.231.0/24 maxlen: 24
81.161.230.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 17:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:0b:15:19:12:78:09:77:1a:d7:b8:e0:10:58:f3:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 9 05:55:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe6d02133b7da208fa38e91c5b1dd12116efc213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:87:b3:1a:79:21:c4:f8:ef:dd:d4:14:40:f0:
65:2a:ad:e9:40:e9:56:7a:76:28:91:31:f8:05:ba:
a9:3d:f8:d4:5d:b2:53:0a:c7:a5:c9:2e:db:05:68:
47:ca:5d:f5:57:0a:87:af:a4:b2:94:96:8d:22:f8:
83:91:70:0b:fe:ca:1d:c2:1c:f9:d8:0a:af:45:18:
29:38:d2:37:40:e9:f5:da:2c:a3:9c:50:07:47:eb:
79:f5:60:7b:1b:db:55:0d:22:8b:aa:2e:23:f6:73:
a1:a4:d0:6c:e0:e6:7f:c8:fb:5e:33:ce:8b:d3:10:
3f:de:ed:b3:5a:2d:c0:45:e9:05:fe:d7:dc:51:24:
fe:cf:be:8e:7d:05:4a:fb:f7:23:1d:6f:90:1b:a8:
a4:44:05:2d:e8:36:d9:04:e0:9f:03:33:3f:dc:2a:
cf:67:73:25:a0:ac:86:1d:53:35:59:37:64:52:c9:
0f:e9:63:69:29:de:c9:30:f3:ca:bc:00:f9:3e:a4:
8a:6a:ae:0b:98:58:c9:3e:b4:29:30:b7:af:f8:60:
36:7d:c0:5f:86:15:4b:32:c0:9c:4d:ce:c2:75:5e:
a5:49:b8:bb:af:1c:09:a5:79:fa:eb:36:62:7b:3e:
91:81:4b:51:9b:5a:45:97:48:50:77:49:96:32:82:
58:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:6D:02:13:3B:7D:A2:08:FA:38:E9:1C:5B:1D:D1:21:16:EF:C2:13
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_m0CEzt9ogj6OOkcWx3RIRbvwhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.224.0/24
31.13.231.0/24
81.161.230.0/24
87.120.89.0/24
193.37.47.0/24
Signature Algorithm: sha256WithRSAEncryption
97:a3:7b:4b:ec:bb:2d:81:3f:6f:a4:85:1f:98:7f:81:91:e8:
1c:f9:42:c2:91:f0:10:ea:3a:2c:38:69:aa:9e:4b:95:06:99:
69:35:f6:5f:18:ec:c3:bc:37:63:84:fc:dc:b1:16:fe:b4:a4:
0f:b9:d6:75:89:4c:47:81:e4:a0:c1:c5:0e:41:ac:06:0d:f5:
3f:51:6a:0f:47:69:a0:29:59:a0:9c:05:a3:8a:06:5b:2a:fe:
f5:36:c2:b8:23:66:75:6d:dc:05:cd:d5:1d:97:29:a0:82:c2:
42:55:cf:53:1a:1a:28:a4:73:86:49:22:e7:e9:6c:c3:4f:d2:
9c:c1:2b:d5:7c:bd:5c:82:d6:ad:db:39:50:90:69:cd:b9:6b:
70:5f:9e:cf:8e:6d:d7:6d:16:5f:9c:f1:22:ee:89:6f:d8:3e:
41:d2:f9:28:a6:a4:0a:05:c2:78:5d:d5:33:b8:d0:d5:e9:16:
d5:10:e3:40:1b:24:d7:07:c3:0d:5f:ea:8a:b0:9e:d5:38:2f:
96:d3:7f:9b:ba:aa:65:f3:dc:4f:0f:9f:f6:ee:aa:fc:dc:e4:
6d:5b:7a:d1:2c:8e:cd:13:14:c9:06:26:c4:c8:dc:6c:cd:cb:
88:25:57:e1:b9:e0:46:6b:f5:8b:3d:c5:95:cf:7c:7b:3f:14:
bc:08:93:ec
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZktCxUZEngJdxrXuOAQWPMnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwOTA5MDU1NTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTZkMDIxMzNiN2RhMjA4ZmEzOGU5MWM1YjFkZDEyMTE2ZWZjMjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4ezGnkhxPjv3dQUQPBlKq3pQOlW
enYokTH4BbqpPfjUXbJTCselyS7bBWhHyl31VwqHr6SylJaNIviDkXAL/sodwhz5
2AqvRRgpONI3QOn12iyjnFAHR+t59WB7G9tVDSKLqi4j9nOhpNBs4OZ/yPteM86L
0xA/3u2zWi3ARekF/tfcUST+z76OfQVK+/cjHW+QG6ikRAUt6DbZBOCfAzM/3CrP
Z3MloKyGHVM1WTdkUskP6WNpKd7JMPPKvAD5PqSKaq4LmFjJPrQpMLev+GA2fcBf
hhVLMsCcTc7CdV6lSbi7rxwJpXn66zZiez6RgUtRm1pFl0hQd0mWMoJYgwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFP5tAhM7faII+jjpHFsd0SEW78ITMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvX20wQ0V6dDlvZ2o2T09rY1d4M1JJUmJ2d2hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHw3gAwQA
Hw3nAwQAUaHmAwQAV3hZAwQAwSUvMA0GCSqGSIb3DQEBCwUAA4IBAQCXo3tL7Lst
gT9vpIUfmH+Bkegc+ULCkfAQ6josOGmqnkuVBplpNfZfGOzDvDdjhPzcsRb+tKQP
udZ1iUxHgeSgwcUOQawGDfU/UWoPR2mgKVmgnAWjigZbKv71NsK4I2Z1bdwFzdUd
lymggsJCVc9TGhoopHOGSSLn6WzDT9KcwSvVfL1cgtat2zlQkGnNuWtwX57Pjm3X
bRZfnPEi7olv2D5B0vkopqQKBcJ4XdUzuNDV6RbVEONAGyTXB8MNX+qKsJ7VOC+W
03+buqpl89xPD5/27qr83ORtW3rRLI7NExTJBibEyNxszcuIJVfhueBGa/WLPcWV
z3x7PxS8CJPs
-----END CERTIFICATE-----
Generated at Thu Sep 18 01:38:03 2025 by rpki-client