Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/fe3UWErlwlOggEwCkJxbsCJKIY8.roa
File: fe3UWErlwlOggEwCkJxbsCJKIY8.roa (raw, json)
Hash identifier: Nw8a22LcuN4ruMe/EeNXuhwyjCSgY4qTnsEhY7+zV84=
Subject key identifier: 7D:ED:D4:58:4A:E5:C2:53:A0:80:4C:02:90:9C:5B:B0:22:4A:21:8F
Certificate issuer: /CN=4e15df688c3aeae3f685ed44b396c2198395861d
Certificate serial: 01990A2F12998D9B812B2F7A7F587FB906D1
Authority key identifier: 4E:15:DF:68:8C:3A:EA:E3:F6:85:ED:44:B3:96:C2:19:83:95:86:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/fe3UWErlwlOggEwCkJxbsCJKIY8.roa
Signing time: Tue 02 Sep 2025 11:28:00 +0000
ROA not before: Tue 02 Sep 2025 11:28:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29314
IP address blocks: 31.6.128.0/18 maxlen: 18
31.6.192.0/19 maxlen: 19
31.6.218.0/24 maxlen: 24
31.42.16.0/20 maxlen: 20
37.131.128.0/19 maxlen: 19
37.190.128.0/17 maxlen: 17
62.61.32.0/19 maxlen: 19
62.141.192.0/18 maxlen: 18
80.244.128.0/19 maxlen: 19
80.245.176.0/20 maxlen: 20
81.190.0.0/16 maxlen: 16
82.115.64.0/19 maxlen: 19
83.68.64.0/19 maxlen: 19
84.38.80.0/20 maxlen: 20
85.117.0.0/19 maxlen: 19
87.116.192.0/18 maxlen: 18
89.17.224.0/19 maxlen: 19
89.228.0.0/16 maxlen: 16
89.229.0.0/16 maxlen: 16
89.229.64.0/19 maxlen: 19
89.230.0.0/16 maxlen: 16
89.231.0.0/16 maxlen: 16
89.231.96.0/19 maxlen: 19
92.42.112.0/21 maxlen: 21
93.94.184.0/21 maxlen: 21
94.78.128.0/18 maxlen: 18
94.251.128.0/17 maxlen: 17
94.251.168.0/24 maxlen: 24
95.129.224.0/21 maxlen: 21
95.174.32.0/19 maxlen: 19
176.107.112.0/21 maxlen: 21
176.221.96.0/19 maxlen: 19
185.31.184.0/22 maxlen: 22
193.43.240.0/22 maxlen: 22
193.106.76.0/22 maxlen: 22
193.200.118.0/23 maxlen: 23
194.116.132.0/23 maxlen: 23
194.149.240.0/24 maxlen: 24
195.93.134.0/23 maxlen: 23
195.93.222.0/23 maxlen: 23
213.136.224.0/19 maxlen: 19
217.70.48.0/20 maxlen: 20
217.75.48.0/20 maxlen: 20
217.144.192.0/19 maxlen: 19
217.172.224.0/19 maxlen: 19
2a00:bde0::/34 maxlen: 34
2a00:bde0:4000::/34 maxlen: 34
2a00:bde0:8000::/34 maxlen: 34
2a00:bde0:c000::/34 maxlen: 34
2a02:2a40::/32 maxlen: 32
2a02:2a40::/34 maxlen: 34
2a02:2a40:4000::/34 maxlen: 34
2a02:2a40:8000::/34 maxlen: 34
2a02:2a40:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0a:2f:12:99:8d:9b:81:2b:2f:7a:7f:58:7f:b9:06:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e15df688c3aeae3f685ed44b396c2198395861d
Validity
Not Before: Sep 2 11:28:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7dedd4584ae5c253a0804c02909c5bb0224a218f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:50:ca:4a:dc:18:ce:d0:4f:fd:e3:e8:74:2f:
9c:42:96:41:09:31:b5:ec:66:fe:a0:b5:9a:98:79:
54:9f:a8:b3:6f:64:23:4a:5e:ec:e2:d9:b5:9b:05:
3d:9d:91:92:3e:e1:d2:92:78:9e:a0:5a:14:e4:1b:
fd:79:fb:09:71:2e:69:33:7e:b6:85:f8:34:d6:0b:
17:6d:67:61:d9:e7:57:7a:bd:97:67:c7:6d:93:ae:
37:07:62:c8:3e:24:e6:1d:12:ae:4c:51:cd:a6:8f:
7c:4f:49:27:ad:93:15:8e:d0:4c:f8:fd:73:a9:a2:
4b:e2:cf:00:fb:87:00:3d:4a:56:9b:62:16:a6:7b:
38:89:63:c1:fd:a3:0b:98:25:b7:41:ee:09:e0:77:
4e:3b:36:99:00:56:ca:00:9f:a4:57:81:69:27:e0:
22:4b:76:c4:39:f6:16:2e:4b:57:d1:e6:fe:b4:7a:
03:fa:fa:ac:ed:46:d9:fc:26:d0:45:bf:2f:b5:fd:
30:7e:8a:8f:ef:63:a3:ff:4f:42:b7:f4:39:ac:5e:
99:16:0e:0e:ed:c1:cd:f1:00:ad:ab:f4:c7:68:41:
ce:48:a1:bd:2b:eb:b4:f7:64:23:ef:c1:db:1a:83:
64:86:68:d9:71:69:44:7b:4d:65:70:d7:43:8b:c7:
79:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:ED:D4:58:4A:E5:C2:53:A0:80:4C:02:90:9C:5B:B0:22:4A:21:8F
X509v3 Authority Key Identifier:
keyid:4E:15:DF:68:8C:3A:EA:E3:F6:85:ED:44:B3:96:C2:19:83:95:86:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/fe3UWErlwlOggEwCkJxbsCJKIY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.128.0-31.6.223.255
31.42.16.0/20
37.131.128.0/19
37.190.128.0/17
62.61.32.0/19
62.141.192.0/18
80.244.128.0/19
80.245.176.0/20
81.190.0.0/16
82.115.64.0/19
83.68.64.0/19
84.38.80.0/20
85.117.0.0/19
87.116.192.0/18
89.17.224.0/19
89.228.0.0/14
92.42.112.0/21
93.94.184.0/21
94.78.128.0/18
94.251.128.0/17
95.129.224.0/21
95.174.32.0/19
176.107.112.0/21
176.221.96.0/19
185.31.184.0/22
193.43.240.0/22
193.106.76.0/22
193.200.118.0/23
194.116.132.0/23
194.149.240.0/24
195.93.134.0/23
195.93.222.0/23
213.136.224.0/19
217.70.48.0/20
217.75.48.0/20
217.144.192.0/19
217.172.224.0/19
IPv6:
2a00:bde0::/32
2a02:2a40::/32
Signature Algorithm: sha256WithRSAEncryption
32:cb:59:4d:88:43:8b:25:37:fa:41:6d:ac:9a:64:3a:c8:61:
ae:55:f0:53:7a:0f:1a:f7:2d:0a:9f:34:b8:b5:ed:3a:d9:e2:
57:98:10:a7:de:cd:98:40:34:67:14:27:47:3c:75:cb:c3:d1:
3d:ac:28:7f:00:20:01:db:bf:a2:f2:41:3b:e7:e0:29:fe:1d:
0f:5a:02:57:0c:0d:fc:89:40:6b:06:d5:e6:7f:37:17:fa:e6:
ad:0e:cb:c5:62:ec:14:37:c7:e1:41:6d:90:9d:3f:2d:a6:be:
97:5e:bc:85:2a:50:68:21:4a:5b:c9:4e:68:37:1e:f3:29:82:
76:c3:16:60:18:b3:6b:4c:d6:c8:15:9d:35:7f:cc:8c:8e:24:
19:74:03:bd:b4:51:df:3f:50:32:0f:1c:b1:b9:e8:66:f2:38:
78:9c:76:f3:2f:75:f2:2f:c1:f5:a8:0b:71:67:8e:bb:6c:64:
3c:26:7e:bc:9d:83:f4:20:30:dc:f6:1d:e8:59:d6:75:38:63:
b5:67:84:a7:b9:fe:cf:bc:4e:93:d4:b1:3c:1e:27:40:fa:3f:
3e:16:db:8e:6f:a4:e9:4b:06:27:18:06:84:41:ea:e2:72:7f:
0a:c5:9e:09:9f:4f:39:3c:66:13:c9:48:91:54:ba:1d:06:1a:
bd:23:50:2e
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgISAZkKLxKZjZuBKy96f1h/uQbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTVkZjY4OGMzYWVhZTNmNjg1ZWQ0NGIzOTZjMjE5ODM5
NTg2MWQwHhcNMjUwOTAyMTEyODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGVkZDQ1ODRhZTVjMjUzYTA4MDRjMDI5MDljNWJiMDIyNGEyMThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVDKStwYztBP/ePodC+cQpZBCTG1
7Gb+oLWamHlUn6izb2QjSl7s4tm1mwU9nZGSPuHSknieoFoU5Bv9efsJcS5pM362
hfg01gsXbWdh2edXer2XZ8dtk643B2LIPiTmHRKuTFHNpo98T0knrZMVjtBM+P1z
qaJL4s8A+4cAPUpWm2IWpns4iWPB/aMLmCW3Qe4J4HdOOzaZAFbKAJ+kV4FpJ+Ai
S3bEOfYWLktX0eb+tHoD+vqs7UbZ/CbQRb8vtf0wfoqP72Oj/09Ct/Q5rF6ZFg4O
7cHN8QCtq/THaEHOSKG9K+u092Qj78HbGoNkhmjZcWlEe01lcNdDi8d5aQIDAQAB
o4IDBTCCAwEwHQYDVR0OBBYEFH3t1FhK5cJToIBMApCcW7AiSiGPMB8GA1UdIwQY
MBaAFE4V32iMOurj9oXtRLOWwhmDlYYdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhYZmFJdzY2dVAyaGUxRXM1YkNHWU9WaGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYmY3YWItNWFhYi00MzM3LWEwMmEt
OGE2ZTU1NDE5NmJiLzEvZmUzVVdFcmx3bE9nZ0V3Q2tKeGJzQ0pLSVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYmY3YWItNWFhYi00MzM3LWEwMmEtOGE2ZTU1NDE5NmJi
LzEvVGhYZmFJdzY2dVAyaGUxRXM1YkNHWU9WaGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGQYIKwYBBQUHAQcBAf8EggEIMIIBBDCB6wQCAAEwgeQw
DAMEBx8GgAMEBR8GwAMEBB8qEAMEBSWDgAMEByW+gAMEBT49IAMEBj6NwAMEBVD0
gAMEBFD1sAMDAFG+AwQFUnNAAwQFU0RAAwQEVCZQAwQFVXUAAwQGV3TAAwQFWRHg
AwMCWeQDBANcKnADBANdXrgDBAZeToADBAde+4ADBANfgeADBAVfriADBAOwa3AD
BAWw3WADBAK5H7gDBALBK/ADBALBakwDBAHByHYDBAHCdIQDBADClfADBAHDXYYD
BAHDXd4DBAXViOADBATZRjADBATZSzADBAXZkMADBAXZrOAwFAQCAAIwDgMFACoA
veADBQAqAipAMA0GCSqGSIb3DQEBCwUAA4IBAQAyy1lNiEOLJTf6QW2smmQ6yGGu
VfBTeg8a9y0KnzS4te062eJXmBCn3s2YQDRnFCdHPHXLw9E9rCh/ACAB27+i8kE7
5+Ap/h0PWgJXDA38iUBrBtXmfzcX+uatDsvFYuwUN8fhQW2QnT8tpr6XXryFKlBo
IUpbyU5oNx7zKYJ2wxZgGLNrTNbIFZ01f8yMjiQZdAO9tFHfP1AyDxyxuehm8jh4
nHbzL3XyL8H1qAtxZ467bGQ8Jn68nYP0IDDc9h3oWdZ1OGO1Z4Snuf7PvE6T1LE8
HidA+j8+FtuOb6TpSwYnGAaEQericn8KxZ4Jn085PGYTyUiRVLodBhq9I1Au
-----END CERTIFICATE-----
Generated at Thu Sep 11 14:22:14 2025 by rpki-client