Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/yBjQt0nxOzCTFYaYzTfVvAxNLN4.roa
File: yBjQt0nxOzCTFYaYzTfVvAxNLN4.roa (raw, json)
Hash identifier: mRd9L3aVB8Ods5APaINStOPnEMONcl4icTGrN8Xa60U=
Subject key identifier: C8:18:D0:B7:49:F1:3B:30:93:15:86:98:CD:37:D5:BC:0C:4D:2C:DE
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 01976CA7FCBE227B5D0EF7F53A5554FD678B
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/yBjQt0nxOzCTFYaYzTfVvAxNLN4.roa
Signing time: Sat 14 Jun 2025 04:17:17 +0000
ROA not before: Sat 14 Jun 2025 04:17:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56766
IP address blocks: 31.133.38.0/23 maxlen: 24
31.133.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6c:a7:fc:be:22:7b:5d:0e:f7:f5:3a:55:54:fd:67:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Jun 14 04:17:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c818d0b749f13b3093158698cd37d5bc0c4d2cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:4a:f5:24:42:33:24:33:a4:9e:0c:56:85:38:
c2:b9:ce:f6:bc:19:f0:4e:a6:1d:e0:21:eb:65:3e:
72:17:c1:d9:8c:ba:b5:5e:74:48:85:52:92:6b:98:
37:85:61:82:0f:c9:dd:8b:23:8f:0a:73:b5:5d:ec:
cc:1c:1a:16:41:4c:89:11:38:4f:82:76:0b:8a:50:
b1:87:53:2e:6b:46:2e:de:d4:52:af:c7:75:eb:8b:
92:84:27:14:4c:c9:be:d9:fc:18:0a:50:05:30:2e:
43:bf:de:ca:50:3b:e1:73:cc:20:20:ca:4e:27:62:
16:0b:85:05:03:f0:fc:a9:a4:55:43:a2:5f:35:06:
72:00:94:e1:01:ce:68:e5:aa:3b:a5:5e:aa:eb:23:
2d:58:e4:50:3b:80:5f:de:47:62:1f:47:5c:a2:ad:
2c:87:73:89:f1:a2:03:ef:16:7d:b7:78:d4:0a:43:
89:c8:ad:ce:e0:ab:cd:d5:79:9d:c4:91:d8:6d:00:
7b:4b:0d:4d:77:47:b1:4c:e7:92:36:8d:39:ef:36:
af:7e:07:35:c8:56:1c:58:88:75:44:0f:bd:a3:22:
36:cd:e1:83:34:79:6f:8c:66:fa:f0:14:46:bd:d7:
8a:12:93:38:eb:72:7f:60:89:df:2d:bd:79:59:39:
b5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:18:D0:B7:49:F1:3B:30:93:15:86:98:CD:37:D5:BC:0C:4D:2C:DE
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/yBjQt0nxOzCTFYaYzTfVvAxNLN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.38.0/23
31.133.43.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:b0:94:2e:55:0e:ae:e0:16:34:26:f4:ca:9f:9f:d3:59:7c:
1c:12:29:6f:b6:e3:c1:d1:c3:6b:19:5a:6b:ee:6b:02:b7:16:
39:20:61:48:23:03:e5:7b:b3:11:f1:56:d2:16:de:98:84:51:
f0:e7:cf:90:08:92:76:87:43:bd:71:73:7c:95:1d:6f:e8:55:
ff:6e:ed:3a:1a:4a:9f:1e:5a:a6:2f:54:71:43:1f:3e:2f:e3:
01:93:91:eb:22:0a:e6:43:29:4b:1c:19:83:da:f6:cd:33:66:
72:88:17:40:95:ed:7e:5d:fc:8d:17:57:98:04:1f:4c:5e:2e:
fb:c3:d7:cc:2c:90:8e:ef:ca:38:19:e1:d5:95:ba:46:f9:89:
c3:bb:b3:4c:32:af:96:89:e7:e6:42:0d:62:51:6b:41:3f:83:
9d:72:1e:22:7b:d0:85:c1:0b:18:ef:cf:06:a2:72:73:4e:2f:
69:63:72:b8:30:52:1d:36:8a:ec:2f:2a:93:61:64:0e:84:51:
01:f8:1a:db:fc:9f:bf:e1:9a:df:5a:6e:70:52:71:41:36:21:
5d:27:be:8c:0c:15:81:7a:cb:39:ea:41:e7:89:e6:4d:3a:ca:
cf:2f:47:5b:69:0a:29:33:7a:6c:96:31:88:2e:28:7a:b8:65:
19:a3:2c:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZdsp/y+IntdDvf1OlVU/WeLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjUwNjE0MDQxNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODE4ZDBiNzQ5ZjEzYjMwOTMxNTg2OThjZDM3ZDViYzBjNGQyY2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUr1JEIzJDOkngxWhTjCuc72vBnw
TqYd4CHrZT5yF8HZjLq1XnRIhVKSa5g3hWGCD8ndiyOPCnO1XezMHBoWQUyJEThP
gnYLilCxh1Mua0Yu3tRSr8d164uShCcUTMm+2fwYClAFMC5Dv97KUDvhc8wgIMpO
J2IWC4UFA/D8qaRVQ6JfNQZyAJThAc5o5ao7pV6q6yMtWORQO4Bf3kdiH0dcoq0s
h3OJ8aID7xZ9t3jUCkOJyK3O4KvN1XmdxJHYbQB7Sw1Nd0exTOeSNo057zavfgc1
yFYcWIh1RA+9oyI2zeGDNHlvjGb68BRGvdeKEpM463J/YInfLb15WTm10QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMgY0LdJ8TswkxWGmM031bwMTSzeMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEveUJqUXQwbnhPekNURllhWXpUZlZ2QXhOTE40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBH4UmAwQA
H4UrMA0GCSqGSIb3DQEBCwUAA4IBAQAasJQuVQ6u4BY0JvTKn5/TWXwcEilvtuPB
0cNrGVpr7msCtxY5IGFIIwPle7MR8VbSFt6YhFHw58+QCJJ2h0O9cXN8lR1v6FX/
bu06GkqfHlqmL1RxQx8+L+MBk5HrIgrmQylLHBmD2vbNM2ZyiBdAle1+XfyNF1eY
BB9MXi77w9fMLJCO78o4GeHVlbpG+YnDu7NMMq+WiefmQg1iUWtBP4Odch4ie9CF
wQsY788GonJzTi9pY3K4MFIdNorsLyqTYWQOhFEB+Brb/J+/4ZrfWm5wUnFBNiFd
J76MDBWBess56kHnieZNOsrPL0dbaQopM3psljGILih6uGUZoywb
-----END CERTIFICATE-----
Generated at Sun Jun 15 16:31:59 2025 by rpki-client