Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/x31hzZOnD7O9edsjO5u3SJ23-pI.roa
File: x31hzZOnD7O9edsjO5u3SJ23-pI.roa (raw, json)
Hash identifier: oo82mjNcZVQ5QSJcBfFb2oJyDhWM7EmnrUotsqB9cDc=
Subject key identifier: C7:7D:61:CD:93:A7:0F:B3:BD:79:DB:23:3B:9B:B7:48:9D:B7:FA:92
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019A3177733C9B7DDC4500BD536DF3374667
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/x31hzZOnD7O9edsjO5u3SJ23-pI.roa
Signing time: Wed 29 Oct 2025 19:35:03 +0000
ROA not before: Wed 29 Oct 2025 19:35:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.21.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Oct 2025 22:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:31:77:73:3c:9b:7d:dc:45:00:bd:53:6d:f3:37:46:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Oct 29 19:35:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c77d61cd93a70fb3bd79db233b9bb7489db7fa92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:88:1d:da:4e:43:54:62:70:88:bc:e8:4f:98:
28:20:e7:a4:ce:24:8f:8a:e4:67:91:59:94:4f:f4:
ba:fe:d1:ca:b0:0a:bf:98:92:0c:ae:d3:7e:3c:15:
24:88:4d:22:90:99:d4:9a:b3:b1:3a:a1:9f:cb:c3:
99:5f:4e:69:36:9b:6b:52:57:b1:6f:a6:9e:6b:6b:
53:54:e8:bc:31:d0:aa:fa:22:7d:12:2e:f0:e1:e9:
c7:2c:af:08:05:17:a7:d3:21:c8:ce:1c:4c:66:bf:
b4:09:41:06:c7:f8:24:6d:d2:d2:25:72:4b:65:6d:
bd:2b:5b:55:09:26:79:f6:90:77:0d:09:bd:7b:a8:
3d:aa:89:3e:6b:3e:01:41:f8:44:ea:76:c8:3c:a8:
5c:8b:f6:a8:e4:72:30:33:c0:45:6e:33:1d:a8:e0:
c3:ad:5e:c7:29:c6:a9:3f:72:42:de:18:72:3d:ca:
a3:1c:64:79:4d:31:08:a4:e9:de:93:6f:f5:d8:68:
10:88:5d:67:23:66:a1:e1:fb:94:96:d7:44:cb:29:
5c:23:72:a4:40:fc:05:27:a1:02:3a:c9:ab:e8:2e:
aa:2c:bf:38:31:58:15:50:18:e9:56:f3:bb:20:8c:
38:01:2a:cb:c3:d5:07:9d:f6:48:8d:75:91:b7:88:
7f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:7D:61:CD:93:A7:0F:B3:BD:79:DB:23:3B:9B:B7:48:9D:B7:FA:92
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/x31hzZOnD7O9edsjO5u3SJ23-pI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.87.0/24
Signature Algorithm: sha256WithRSAEncryption
21:f9:de:00:60:1a:e8:61:79:02:36:e3:2d:7e:9f:f1:42:9f:
fb:9b:09:3d:d7:9a:77:2f:fb:dc:63:e4:d2:b7:31:21:42:2e:
40:36:5f:60:b9:b0:a9:87:b9:3c:c0:d7:57:e8:45:53:e3:88:
6e:02:9f:4d:f9:a8:12:2b:7b:44:41:25:04:75:89:f4:46:c8:
3d:49:a1:fb:43:d6:d8:33:e0:2e:3a:26:08:8f:04:96:4f:81:
91:b9:46:a9:ff:25:35:12:74:8e:09:88:3a:6f:96:82:e5:b1:
37:38:18:bc:d9:2b:22:8d:ff:d7:61:10:a7:74:45:e7:4f:69:
6d:5e:75:9b:0d:5f:fb:67:fc:93:ed:62:5c:00:5b:d2:95:8b:
09:87:ad:50:1e:ac:41:7a:2d:17:d4:9e:7a:10:1e:b6:c0:46:
da:59:97:9b:2b:87:99:44:64:c4:96:c3:b5:7d:6b:4e:5e:66:
de:f6:e6:83:31:48:69:6d:c4:d8:e2:a5:2b:a9:fb:14:b3:b9:
d7:aa:34:1b:43:d2:f8:b8:9e:0e:6a:d7:dc:26:8e:00:70:f5:
bd:dd:89:1d:f9:3f:52:de:a5:bf:ac:1b:af:14:eb:16:23:39:
d5:99:8c:44:69:cd:e6:66:02:67:03:f1:13:d3:7a:dd:39:7a:
fb:19:da:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoxd3M8m33cRQC9U23zN0ZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUxMDI5MTkzNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzdkNjFjZDkzYTcwZmIzYmQ3OWRiMjMzYjliYjc0ODlkYjdmYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYgd2k5DVGJwiLzoT5goIOekziSP
iuRnkVmUT/S6/tHKsAq/mJIMrtN+PBUkiE0ikJnUmrOxOqGfy8OZX05pNptrUlex
b6aea2tTVOi8MdCq+iJ9Ei7w4enHLK8IBRen0yHIzhxMZr+0CUEGx/gkbdLSJXJL
ZW29K1tVCSZ59pB3DQm9e6g9qok+az4BQfhE6nbIPKhci/ao5HIwM8BFbjMdqODD
rV7HKcapP3JC3hhyPcqjHGR5TTEIpOnek2/12GgQiF1nI2ah4fuUltdEyylcI3Kk
QPwFJ6ECOsmr6C6qLL84MVgVUBjpVvO7IIw4ASrLw9UHnfZIjXWRt4h/kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMd9Yc2Tpw+zvXnbIzubt0idt/qSMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEveDMxaHpaT25EN085ZWRzak81dTNTSjIzLXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRVXMA0G
CSqGSIb3DQEBCwUAA4IBAQAh+d4AYBroYXkCNuMtfp/xQp/7mwk915p3L/vcY+TS
tzEhQi5ANl9gubCph7k8wNdX6EVT44huAp9N+agSK3tEQSUEdYn0Rsg9SaH7Q9bY
M+AuOiYIjwSWT4GRuUap/yU1EnSOCYg6b5aC5bE3OBi82Ssijf/XYRCndEXnT2lt
XnWbDV/7Z/yT7WJcAFvSlYsJh61QHqxBei0X1J56EB62wEbaWZebK4eZRGTElsO1
fWtOXmbe9uaDMUhpbcTY4qUrqfsUs7nXqjQbQ9L4uJ4OatfcJo4AcPW93Ykd+T9S
3qW/rBuvFOsWIznVmYxEac3mZgJnA/ET03rdOXr7GdrU
-----END CERTIFICATE-----
Generated at Fri Oct 31 05:32:52 2025 by rpki-client