Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/dRyK6fyOLluuno6mdLfm9I8N5cU.roa
File: dRyK6fyOLluuno6mdLfm9I8N5cU.roa (raw, json)
Hash identifier: hGLM1rnaqR4GcFlhsxhGDSd143ODBHpnIFqXniXaJBo=
Subject key identifier: 75:1C:8A:E9:FC:8E:2E:5B:AE:9E:8E:A6:74:B7:E6:F4:8F:0D:E5:C5
Certificate issuer: /CN=da0589dce63981870a1850906c8c2d1d96740096
Certificate serial: 0198E67FFCBBA35911BEFFCA526DD10B895B
Authority key identifier: DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/dRyK6fyOLluuno6mdLfm9I8N5cU.roa
Signing time: Tue 26 Aug 2025 13:10:04 +0000
ROA not before: Tue 26 Aug 2025 13:10:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202045
IP address blocks: 31.177.0.0/22 maxlen: 22
31.177.0.0/23 maxlen: 23
31.177.2.0/23 maxlen: 23
31.177.4.0/24 maxlen: 24
31.177.5.0/24 maxlen: 24
31.177.6.0/23 maxlen: 23
45.145.122.0/23 maxlen: 23
94.199.5.0/24 maxlen: 24
171.22.144.0/24 maxlen: 24
185.180.152.0/22 maxlen: 22
193.138.240.0/24 maxlen: 24
193.138.241.0/24 maxlen: 24
2a13:7500:1000::/36 maxlen: 36
2a13:7500:1000::/48 maxlen: 48
2a13:7500:1200::/44 maxlen: 44
2a13:7500:1241::/48 maxlen: 48
2a13:7500:1242::/48 maxlen: 48
2a13:7500:1248::/48 maxlen: 48
2a13:7500:1320::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Aug 2025 13:22:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e6:7f:fc:bb:a3:59:11:be:ff:ca:52:6d:d1:0b:89:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0589dce63981870a1850906c8c2d1d96740096
Validity
Not Before: Aug 26 13:10:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=751c8ae9fc8e2e5bae9e8ea674b7e6f48f0de5c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fc:c6:75:25:d2:c6:39:18:e4:d4:62:0b:c5:
cc:30:7c:bd:63:bc:cd:a5:6d:69:8f:0f:fc:cf:8e:
ed:53:38:95:74:0f:88:f3:86:3e:d9:c9:27:38:78:
9f:01:44:f7:ae:b8:d4:4b:22:54:9a:b6:1f:96:99:
82:0d:30:b5:76:67:77:46:79:5c:5b:73:9f:65:6d:
58:e2:3a:97:58:1e:87:46:a5:61:de:76:bc:b4:ca:
48:e8:f1:4f:85:41:f1:d3:54:4a:5a:50:58:69:1f:
5d:43:a2:62:17:4a:b7:a0:38:5e:b9:81:37:20:f6:
5b:ec:9d:f0:0a:cb:e4:a6:13:c5:fc:f2:83:c7:d5:
96:ba:7f:ad:c5:15:6b:eb:e1:d4:72:54:98:4a:43:
81:ec:cd:8e:13:ff:1c:b7:cf:1f:28:48:ee:d6:05:
01:b2:91:74:cd:5b:6a:22:29:c3:b1:f3:32:e9:f5:
08:4b:44:e3:45:e5:b4:52:33:9f:d7:b1:dc:cc:ae:
99:27:07:3c:aa:0b:0d:6a:e6:bb:df:2a:3e:a2:5b:
24:a9:0d:a9:42:31:65:77:cb:75:ec:9c:a2:c5:da:
83:23:3d:db:85:a8:55:de:74:f7:d1:f2:43:22:3c:
98:69:75:98:f3:f0:f3:c0:a5:22:f9:7c:db:1d:02:
22:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:1C:8A:E9:FC:8E:2E:5B:AE:9E:8E:A6:74:B7:E6:F4:8F:0D:E5:C5
X509v3 Authority Key Identifier:
keyid:DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/dRyK6fyOLluuno6mdLfm9I8N5cU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.0.0/21
45.145.122.0/23
94.199.5.0/24
171.22.144.0/24
185.180.152.0/22
193.138.240.0/23
IPv6:
2a13:7500:1000::/36
Signature Algorithm: sha256WithRSAEncryption
32:a5:fc:f3:80:25:81:d6:3e:3e:20:68:36:b5:43:be:16:61:
d9:26:cf:f6:83:fb:90:1f:df:d5:5f:53:38:df:d1:d8:29:a2:
57:04:25:80:18:d7:44:7b:3a:8d:c5:4c:c0:84:81:a3:37:8a:
13:0a:dd:2d:5e:ee:4a:13:e9:b4:3d:08:20:b2:37:a8:f9:17:
30:f6:33:f3:21:d5:49:1a:a0:aa:27:0e:9f:b4:36:ce:76:82:
c1:c2:05:02:1a:11:e4:53:a7:8c:36:a0:11:93:d4:0c:dc:5a:
a8:83:76:f6:de:8d:5b:3b:72:69:26:c4:b3:58:72:a0:01:60:
f6:a4:bf:55:d7:31:5a:20:ae:6f:4d:ae:83:37:51:56:7e:56:
dd:dd:e4:55:f9:53:3d:2a:96:d5:b8:ee:4e:01:23:62:14:11:
e9:03:7c:f1:da:87:a3:48:8f:d8:cb:ea:96:6f:fb:eb:0c:35:
da:44:33:91:21:af:7b:dd:a4:b1:25:64:92:56:94:68:26:6c:
db:ba:05:07:95:33:f0:41:96:04:2f:d3:7e:35:cf:f2:77:43:
7a:58:a2:e0:16:7a:d5:4a:12:02:1c:6b:e2:75:c6:58:c3:07:
4f:01:62:ae:b5:dd:bf:c5:0c:79:ed:1f:f6:fc:dc:3a:50:db:
1b:ff:90:36
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZjmf/y7o1kRvv/KUm3RC4lbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDU4OWRjZTYzOTgxODcwYTE4NTA5MDZjOGMyZDFkOTY3
NDAwOTYwHhcNMjUwODI2MTMxMDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTFjOGFlOWZjOGUyZTViYWU5ZThlYTY3NGI3ZTZmNDhmMGRlNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPzGdSXSxjkY5NRiC8XMMHy9Y7zN
pW1pjw/8z47tUziVdA+I84Y+2cknOHifAUT3rrjUSyJUmrYflpmCDTC1dmd3Rnlc
W3OfZW1Y4jqXWB6HRqVh3na8tMpI6PFPhUHx01RKWlBYaR9dQ6JiF0q3oDheuYE3
IPZb7J3wCsvkphPF/PKDx9WWun+txRVr6+HUclSYSkOB7M2OE/8ct88fKEju1gUB
spF0zVtqIinDsfMy6fUIS0TjReW0UjOf17HczK6ZJwc8qgsNaua73yo+olskqQ2p
QjFld8t17JyixdqDIz3bhahV3nT30fJDIjyYaXWY8/DzwKUi+XzbHQIicQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFHUciun8ji5brp6OpnS35vSPDeXFMB8GA1UdIwQY
MBaAFNoFidzmOYGHChhQkGyMLR2WdACWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYt
MTRlM2MyMDE3OTY5LzEvZFJ5SzZmeU9MbHV1bm82bWRMZm05SThONWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYtMTRlM2MyMDE3OTY5
LzEvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAqBAIAATAkAwQDH7EAAwQB
LZF6AwQAXscFAwQAqxaQAwQCubSYAwQBwYrwMA4EAgACMAgDBgQqE3UAEDANBgkq
hkiG9w0BAQsFAAOCAQEAMqX884AlgdY+PiBoNrVDvhZh2SbP9oP7kB/f1V9TON/R
2CmiVwQlgBjXRHs6jcVMwISBozeKEwrdLV7uShPptD0IILI3qPkXMPYz8yHVSRqg
qicOn7Q2znaCwcIFAhoR5FOnjDagEZPUDNxaqIN29t6NWztyaSbEs1hyoAFg9qS/
VdcxWiCub02ugzdRVn5W3d3kVflTPSqW1bjuTgEjYhQR6QN88dqHo0iP2Mvqlm/7
6ww12kQzkSGve92ksSVkklaUaCZs27oFB5Uz8EGWBC/TfjXP8ndDelii4BZ61UoS
Ahxr4nXGWMMHTwFirrXdv8UMee0f9vzcOlDbG/+QNg==
-----END CERTIFICATE-----
Generated at Tue Aug 26 20:16:27 2025 by rpki-client