Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/6WkW36jTYe2NbWKlbgyh5NLn5uI.roa
File: 6WkW36jTYe2NbWKlbgyh5NLn5uI.roa (raw, json)
Hash identifier: tLiFhdBUsTLBH4rpnV4d0AYNn/zImDkxbViuw5IBI/8=
Subject key identifier: E9:69:16:DF:A8:D3:61:ED:8D:6D:62:A5:6E:0C:A1:E4:D2:E7:E6:E2
Certificate issuer: /CN=b914166b685ac015b94126cdb8b18c83a12ed862
Certificate serial: 0197210AA358B6C1138140F648041D4FF7A7
Authority key identifier: B9:14:16:6B:68:5A:C0:15:B9:41:26:CD:B8:B1:8C:83:A1:2E:D8:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/6WkW36jTYe2NbWKlbgyh5NLn5uI.roa
Signing time: Fri 30 May 2025 11:53:54 +0000
ROA not before: Fri 30 May 2025 11:53:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47583
IP address blocks: 31.97.0.0/23 maxlen: 24
31.97.3.0/24 maxlen: 24
31.97.8.0/21 maxlen: 24
31.97.16.0/20 maxlen: 24
31.97.32.0/21 maxlen: 24
31.97.40.0/22 maxlen: 24
31.97.44.0/22 maxlen: 24
31.97.48.0/22 maxlen: 24
31.97.52.0/22 maxlen: 24
31.97.56.0/22 maxlen: 24
31.97.60.0/22 maxlen: 24
31.97.64.0/24 maxlen: 24
31.97.65.0/24 maxlen: 24
31.97.66.0/23 maxlen: 24
31.97.68.0/23 maxlen: 24
31.97.70.0/23 maxlen: 24
31.97.72.0/22 maxlen: 24
31.97.80.0/20 maxlen: 24
31.97.96.0/21 maxlen: 24
31.97.104.0/21 maxlen: 24
31.97.112.0/21 maxlen: 24
31.97.120.0/21 maxlen: 24
31.97.128.0/20 maxlen: 24
31.97.144.0/22 maxlen: 24
31.97.148.0/23 maxlen: 24
31.97.150.0/24 maxlen: 24
31.97.151.0/24 maxlen: 24
31.97.152.0/21 maxlen: 24
31.97.160.0/20 maxlen: 24
31.97.176.0/23 maxlen: 24
31.97.178.0/24 maxlen: 24
31.97.179.0/24 maxlen: 24
31.97.180.0/22 maxlen: 24
31.97.184.0/23 maxlen: 24
31.97.186.0/24 maxlen: 24
31.97.187.0/24 maxlen: 24
31.97.188.0/22 maxlen: 24
31.97.192.0/21 maxlen: 24
31.97.200.0/21 maxlen: 24
31.97.208.0/21 maxlen: 24
69.62.64.0/23 maxlen: 24
69.62.66.0/23 maxlen: 24
69.62.68.0/22 maxlen: 24
69.62.72.0/21 maxlen: 24
69.62.80.0/22 maxlen: 24
69.62.84.0/23 maxlen: 24
69.62.86.0/23 maxlen: 24
69.62.88.0/21 maxlen: 24
69.62.96.0/21 maxlen: 24
69.62.104.0/24 maxlen: 24
69.62.105.0/24 maxlen: 24
69.62.106.0/23 maxlen: 24
69.62.108.0/22 maxlen: 24
69.62.112.0/22 maxlen: 24
69.62.116.0/22 maxlen: 24
69.62.120.0/23 maxlen: 24
69.62.122.0/24 maxlen: 24
69.62.123.0/24 maxlen: 24
69.62.124.0/24 maxlen: 24
69.62.125.0/24 maxlen: 24
69.62.126.0/23 maxlen: 24
103.199.184.0/22 maxlen: 24
148.222.52.0/24 maxlen: 24
148.222.53.0/24 maxlen: 24
148.222.54.0/24 maxlen: 24
148.222.55.0/24 maxlen: 24
168.231.64.0/21 maxlen: 24
168.231.72.0/22 maxlen: 24
168.231.76.0/23 maxlen: 24
168.231.78.0/23 maxlen: 24
168.231.80.0/21 maxlen: 24
168.231.88.0/21 maxlen: 24
168.231.96.0/22 maxlen: 24
168.231.100.0/24 maxlen: 24
168.231.101.0/24 maxlen: 24
168.231.102.0/23 maxlen: 24
168.231.104.0/21 maxlen: 24
168.231.112.0/22 maxlen: 24
168.231.116.0/24 maxlen: 24
168.231.117.0/24 maxlen: 24
168.231.118.0/23 maxlen: 24
168.231.120.0/22 maxlen: 24
168.231.124.0/22 maxlen: 24
194.164.148.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/uRQWa2hawBW5QSbNuLGMg6Eu2GI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/uRQWa2hawBW5QSbNuLGMg6Eu2GI.mft
rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 05:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:21:0a:a3:58:b6:c1:13:81:40:f6:48:04:1d:4f:f7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914166b685ac015b94126cdb8b18c83a12ed862
Validity
Not Before: May 30 11:53:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e96916dfa8d361ed8d6d62a56e0ca1e4d2e7e6e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:80:2c:28:7a:d0:e5:10:39:66:02:e6:ca:24:
3e:f1:6d:19:a5:14:50:af:fd:bf:e3:77:08:af:1d:
91:b5:52:0e:1c:78:cd:88:fb:49:36:88:3f:e7:98:
24:b3:8c:bd:7d:d0:0e:80:f1:1e:bd:26:94:f2:85:
fd:fa:57:d1:64:ef:13:b9:01:ce:22:27:b9:86:c6:
31:3b:6f:a2:2d:d5:74:86:b4:89:8c:7a:d4:66:cc:
96:f3:f9:b0:1e:30:62:fc:cd:77:80:c8:29:45:ac:
02:69:4a:17:e9:de:f7:00:4c:ab:bf:a3:a0:37:e6:
68:ba:ce:72:11:a8:e3:2a:99:9f:5a:a4:2e:69:4a:
ca:3f:44:4c:71:e6:44:30:23:5c:99:7e:4b:62:2f:
3c:74:ca:76:9f:72:c9:8f:c6:96:be:5f:55:87:6f:
f1:ee:9b:fe:77:1b:25:80:a5:19:b6:54:99:41:bb:
10:cc:8c:93:8a:de:00:01:e5:c2:cf:ac:69:a8:5c:
79:c3:b2:fc:6e:3f:f0:db:48:a8:f7:da:54:a1:40:
e5:04:c5:5d:be:34:44:00:69:b1:01:6f:ab:89:87:
f2:c5:22:ad:57:07:ac:a5:9b:2a:3a:bf:f1:23:85:
b7:90:22:c5:0b:59:c4:e9:3f:f2:d6:61:bf:8c:06:
17:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:69:16:DF:A8:D3:61:ED:8D:6D:62:A5:6E:0C:A1:E4:D2:E7:E6:E2
X509v3 Authority Key Identifier:
keyid:B9:14:16:6B:68:5A:C0:15:B9:41:26:CD:B8:B1:8C:83:A1:2E:D8:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRQWa2hawBW5QSbNuLGMg6Eu2GI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/6WkW36jTYe2NbWKlbgyh5NLn5uI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/d3be70-ddf1-48f5-866f-ea67a98625fe/1/uRQWa2hawBW5QSbNuLGMg6Eu2GI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.97.0.0/23
31.97.3.0/24
31.97.8.0-31.97.75.255
31.97.80.0-31.97.215.255
69.62.64.0/18
103.199.184.0/22
148.222.52.0/22
168.231.64.0/18
194.164.148.0/22
Signature Algorithm: sha256WithRSAEncryption
94:00:a3:11:19:b9:0c:d2:9c:7b:e1:30:b5:ac:f0:6d:3e:34:
f4:50:af:fd:31:9c:67:93:cb:d4:96:58:7d:1d:43:ec:a6:59:
24:7e:ff:70:93:b5:c1:54:22:f7:64:f2:2b:d5:48:86:ee:6b:
bb:2d:b1:40:25:ef:e1:9d:7e:d0:59:f4:40:72:45:f0:e9:30:
ba:f6:6e:ed:28:87:79:96:41:7a:5b:ae:04:67:2d:05:d3:a0:
71:68:a6:ea:73:77:50:5f:a3:fd:df:e7:6d:ff:f0:51:94:a0:
36:c8:ed:c3:da:de:87:4f:90:d3:76:5c:ff:60:76:e0:e2:55:
4f:11:10:65:9d:ae:ac:c2:c8:14:ce:d0:24:8e:b1:6a:7e:df:
ee:0f:d5:02:62:ff:14:03:a1:18:6d:ce:6a:02:d5:57:b4:94:
08:46:e9:f1:fa:4d:83:9a:57:8f:a4:5b:15:b9:52:07:77:9d:
9c:ff:8d:20:ee:2c:b2:c2:09:68:1b:e7:20:72:73:1d:4f:09:
63:56:6a:9f:24:12:da:27:a3:05:b2:a6:5f:e0:77:98:a2:19:
72:d0:11:f3:70:53:a1:f3:d8:c6:22:4b:42:a5:6f:58:e1:79:
79:6d:e9:03:d1:70:c6:60:57:d9:72:10:16:56:81:38:c9:a4:
ac:6b:72:8a
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZchCqNYtsETgUD2SAQdT/enMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQxNjZiNjg1YWMwMTViOTQxMjZjZGI4YjE4YzgzYTEy
ZWQ4NjIwHhcNMjUwNTMwMTE1MzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTY5MTZkZmE4ZDM2MWVkOGQ2ZDYyYTU2ZTBjYTFlNGQyZTdlNmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4AsKHrQ5RA5ZgLmyiQ+8W0ZpRRQ
r/2/43cIrx2RtVIOHHjNiPtJNog/55gks4y9fdAOgPEevSaU8oX9+lfRZO8TuQHO
Iie5hsYxO2+iLdV0hrSJjHrUZsyW8/mwHjBi/M13gMgpRawCaUoX6d73AEyrv6Og
N+Zous5yEajjKpmfWqQuaUrKP0RMceZEMCNcmX5LYi88dMp2n3LJj8aWvl9Vh2/x
7pv+dxslgKUZtlSZQbsQzIyTit4AAeXCz6xpqFx5w7L8bj/w20io99pUoUDlBMVd
vjREAGmxAW+riYfyxSKtVwespZsqOr/xI4W3kCLFC1nE6T/y1mG/jAYXIQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFOlpFt+o02HtjW1ipW4MoeTS5+biMB8GA1UdIwQY
MBaAFLkUFmtoWsAVuUEmzbixjIOhLthiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJRV2EyaGF3Qlc1UVNiTnVMR01nNkV1MkdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9kM2JlNzAtZGRmMS00OGY1LTg2NmYt
ZWE2N2E5ODYyNWZlLzEvNldrVzM2alRZZTJOYldLbGJneWg1TkxuNXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9kM2JlNzAtZGRmMS00OGY1LTg2NmYtZWE2N2E5ODYyNWZl
LzEvdVJRV2EyaGF3Qlc1UVNiTnVMR01nNkV1MkdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQBH2EAAwQA
H2EDMAwDBAMfYQgDBAIfYUgwDAMEBB9hUAMEAx9h0AMEBkU+QAMEAmfHuAMEApTe
NAMEBqjnQAMEAsKklDANBgkqhkiG9w0BAQsFAAOCAQEAlACjERm5DNKce+Ewtazw
bT409FCv/TGcZ5PL1JZYfR1D7KZZJH7/cJO1wVQi92TyK9VIhu5ruy2xQCXv4Z1+
0Fn0QHJF8OkwuvZu7SiHeZZBeluuBGctBdOgcWim6nN3UF+j/d/nbf/wUZSgNsjt
w9reh0+Q03Zc/2B24OJVTxEQZZ2urMLIFM7QJI6xan7f7g/VAmL/FAOhGG3OagLV
V7SUCEbp8fpNg5pXj6RbFblSB3ednP+NIO4sssIJaBvnIHJzHU8JY1ZqnyQS2iej
BbKmX+B3mKIZctAR83BTofPYxiJLQqVvWOF5eW3pA9FwxmBX2XIQFlaBOMmkrGty
ig==
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:14:14 2025 by rpki-client