Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/BoO9SwQEMHsLwB3D3d0QdThU64M.roa
File: BoO9SwQEMHsLwB3D3d0QdThU64M.roa (raw, json)
Hash identifier: xEZ0t9PxPtT9JsjJCaQCvAAhYcQDNvD5JhyTg8dedDI=
Subject key identifier: 06:83:BD:4B:04:04:30:7B:0B:C0:1D:C3:DD:DD:10:75:38:54:EB:83
Certificate issuer: /CN=d50697943676399ac5cac6a3e476545af0df49dd
Certificate serial: 0198F0CC27F23B43242DAD1136EA31F6A76A
Authority key identifier: D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/BoO9SwQEMHsLwB3D3d0QdThU64M.roa
Signing time: Thu 28 Aug 2025 13:09:28 +0000
ROA not before: Thu 28 Aug 2025 13:09:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 719
IP address blocks: 131.207.133.0/24 maxlen: 24
131.207.168.0/24 maxlen: 24
131.207.174.0/24 maxlen: 24
131.207.175.0/24 maxlen: 24
131.207.176.0/24 maxlen: 24
131.207.199.0/24 maxlen: 24
131.207.213.0/24 maxlen: 24
131.207.225.0/24 maxlen: 24
131.207.230.0/24 maxlen: 24
131.207.242.0/24 maxlen: 24
131.207.243.0/24 maxlen: 24
131.207.248.0/21 maxlen: 21
192.49.8.0/24 maxlen: 24
192.49.32.0/24 maxlen: 24
192.49.69.0/24 maxlen: 24
192.49.171.0/24 maxlen: 24
192.49.172.0/24 maxlen: 24
193.142.224.0/24 maxlen: 24
193.142.225.0/24 maxlen: 24
193.142.226.0/24 maxlen: 24
193.142.227.0/24 maxlen: 24
193.142.228.0/24 maxlen: 24
193.142.229.0/24 maxlen: 24
193.142.230.0/24 maxlen: 24
193.142.231.0/24 maxlen: 24
194.110.38.0/24 maxlen: 24
194.110.44.0/24 maxlen: 24
194.110.45.0/24 maxlen: 24
194.110.46.0/24 maxlen: 24
194.110.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 02:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f0:cc:27:f2:3b:43:24:2d:ad:11:36:ea:31:f6:a7:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d50697943676399ac5cac6a3e476545af0df49dd
Validity
Not Before: Aug 28 13:09:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0683bd4b0404307b0bc01dc3dddd10753854eb83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:29:b2:d4:d0:ed:a9:56:4b:6a:2f:76:6d:31:
1e:5b:1d:da:47:14:f3:b8:00:89:4f:93:46:6b:4b:
7a:91:67:68:35:9e:a9:86:52:cc:25:57:dd:12:b0:
fb:ef:b9:7d:5a:bb:85:d8:58:fe:67:3b:88:12:ef:
bb:98:b3:05:31:84:30:d4:c6:9a:52:a6:8c:e8:7b:
35:97:a3:62:84:3f:bb:03:dd:6c:5b:2e:6b:60:db:
2a:1e:78:f0:5a:f6:f6:bd:4f:42:c4:bc:77:4f:cd:
bc:f1:c1:f9:4a:07:73:6f:b5:33:49:54:f2:9a:b1:
0a:5e:a7:2a:12:3c:bd:1a:6d:a6:66:74:22:77:4d:
fc:b3:6c:28:e0:12:23:3e:ca:70:a3:1e:0c:58:28:
02:f3:03:76:cd:59:22:4d:5d:cb:d4:0b:b4:ec:ff:
1f:e5:2a:7b:fa:a4:b1:8d:8d:13:ac:59:db:36:18:
45:72:a9:55:d3:9e:23:10:ce:41:e8:88:22:13:6c:
3e:c7:03:7c:5f:57:55:de:5f:3c:da:d1:4c:7d:2b:
35:92:91:09:7f:ae:f1:d5:c8:2f:74:e5:d1:23:e4:
11:7f:8f:9c:e2:a9:66:78:5b:4a:a0:84:7e:5c:52:
54:69:ac:b4:73:aa:bb:d6:70:ea:6e:a4:92:6e:59:
26:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:83:BD:4B:04:04:30:7B:0B:C0:1D:C3:DD:DD:10:75:38:54:EB:83
X509v3 Authority Key Identifier:
keyid:D5:06:97:94:36:76:39:9A:C5:CA:C6:A3:E4:76:54:5A:F0:DF:49:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1QaXlDZ2OZrFysaj5HZUWvDfSd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/BoO9SwQEMHsLwB3D3d0QdThU64M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/5f6aff-13bb-4db8-957f-8d23ac5cb502/1/1QaXlDZ2OZrFysaj5HZUWvDfSd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.207.133.0/24
131.207.168.0/24
131.207.174.0-131.207.176.255
131.207.199.0/24
131.207.213.0/24
131.207.225.0/24
131.207.230.0/24
131.207.242.0/23
131.207.248.0/21
192.49.8.0/24
192.49.32.0/24
192.49.69.0/24
192.49.171.0-192.49.172.255
193.142.224.0/21
194.110.38.0/24
194.110.44.0/22
Signature Algorithm: sha256WithRSAEncryption
75:bb:aa:cd:92:70:24:af:33:bf:16:78:88:ad:05:f6:69:34:
57:ca:9d:40:4b:b3:d1:0a:f0:2e:35:23:e7:b0:08:8c:3c:b6:
2a:9e:d3:f0:88:a9:e8:10:eb:2f:d9:a4:29:7e:96:10:81:67:
e8:0a:88:a4:70:d5:d3:e9:28:6a:e6:38:2f:1b:d5:da:fe:1f:
82:f6:ac:a3:60:f8:69:04:1f:6b:6d:93:70:94:52:8b:43:1d:
42:45:03:f6:1c:db:81:60:a8:a0:20:fa:5e:b3:bc:46:86:17:
91:5e:c9:24:47:70:2b:11:1d:68:d7:af:b9:ed:e2:1c:92:cc:
cb:3e:c0:f6:aa:7f:a3:a2:41:10:72:b0:f8:25:61:64:86:e4:
83:8b:f0:86:c2:b2:61:4a:b6:06:d1:71:a6:d6:1f:62:23:e0:
f3:44:e3:98:16:e7:53:56:ce:47:72:fe:57:fa:0a:c6:70:88:
9c:18:c0:3a:69:54:bd:56:a5:28:0f:7e:00:3c:0f:20:5e:72:
98:f3:bc:7e:30:86:b0:1f:8d:94:a8:85:94:b1:56:1b:51:0d:
b5:b1:c8:b6:41:3f:fe:52:e5:c3:f6:2b:32:5a:4f:40:51:8c:
cb:5c:8c:56:1c:ff:e7:a7:b9:08:a5:bb:3f:6a:e7:c6:96:ce:
33:fd:06:ca
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZjwzCfyO0MkLa0RNuox9qdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MDY5Nzk0MzY3NjM5OWFjNWNhYzZhM2U0NzY1NDVhZjBk
ZjQ5ZGQwHhcNMjUwODI4MTMwOTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjgzYmQ0YjA0MDQzMDdiMGJjMDFkYzNkZGRkMTA3NTM4NTRlYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSmy1NDtqVZLai92bTEeWx3aRxTz
uACJT5NGa0t6kWdoNZ6phlLMJVfdErD777l9WruF2Fj+ZzuIEu+7mLMFMYQw1Maa
UqaM6Hs1l6NihD+7A91sWy5rYNsqHnjwWvb2vU9CxLx3T8288cH5Sgdzb7UzSVTy
mrEKXqcqEjy9Gm2mZnQid038s2wo4BIjPspwox4MWCgC8wN2zVkiTV3L1Au07P8f
5Sp7+qSxjY0TrFnbNhhFcqlV054jEM5B6IgiE2w+xwN8X1dV3l882tFMfSs1kpEJ
f67x1cgvdOXRI+QRf4+c4qlmeFtKoIR+XFJUaay0c6q71nDqbqSSblkmEwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFAaDvUsEBDB7C8Adw93dEHU4VOuDMB8GA1UdIwQY
MBaAFNUGl5Q2djmaxcrGo+R2VFrw30ndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2Yt
OGQyM2FjNWNiNTAyLzEvQm9POVN3UUVNSHNMd0IzRDNkMFFkVGhVNjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS81ZjZhZmYtMTNiYi00ZGI4LTk1N2YtOGQyM2FjNWNiNTAy
LzEvMVFhWGxEWjJPWnJGeXNhajVIWlVXdkRmU2QwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAIPPhQME
AIPPqDAMAwQBg8+uAwQAg8+wAwQAg8/HAwQAg8/VAwQAg8/hAwQAg8/mAwQBg8/y
AwQDg8/4AwQAwDEIAwQAwDEgAwQAwDFFMAwDBADAMasDBADAMawDBAPBjuADBADC
biYDBALCbiwwDQYJKoZIhvcNAQELBQADggEBAHW7qs2ScCSvM78WeIitBfZpNFfK
nUBLs9EK8C41I+ewCIw8tiqe0/CIqegQ6y/ZpCl+lhCBZ+gKiKRw1dPpKGrmOC8b
1dr+H4L2rKNg+GkEH2ttk3CUUotDHUJFA/Yc24FgqKAg+l6zvEaGF5FeySRHcCsR
HWjXr7nt4hySzMs+wPaqf6OiQRBysPglYWSG5IOL8IbCsmFKtgbRcabWH2Ij4PNE
45gW51NWzkdy/lf6CsZwiJwYwDppVL1WpSgPfgA8DyBecpjzvH4whrAfjZSohZSx
VhtRDbWxyLZBP/5S5cP2KzJaT0BRjMtcjFYc/+enuQiluz9q58aWzjP9Bso=
-----END CERTIFICATE-----
Generated at Wed Sep 10 09:36:12 2025 by rpki-client