Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/uXnXM2doRdgPxPLss67yZDybX3c.roa
File: uXnXM2doRdgPxPLss67yZDybX3c.roa (raw, json)
Hash identifier: v/9LpKS+fRbveb8mkVXNCZiCRRTvaRsQbncri3yjFJk=
Subject key identifier: B9:79:D7:33:67:68:45:D8:0F:C4:F2:EC:B3:AE:F2:64:3C:9B:5F:77
Certificate issuer: /CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Certificate serial: 0198BEB5D5539CA59C3F4D63B82350EC32D8
Authority key identifier: EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/uXnXM2doRdgPxPLss67yZDybX3c.roa
Signing time: Mon 18 Aug 2025 19:44:04 +0000
ROA not before: Mon 18 Aug 2025 19:44:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401163
IP address blocks: 31.42.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.mft
rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 23:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:be:b5:d5:53:9c:a5:9c:3f:4d:63:b8:23:50:ec:32:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Validity
Not Before: Aug 18 19:44:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b979d733676845d80fc4f2ecb3aef2643c9b5f77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:25:3e:5a:f6:f6:36:cb:72:3a:f4:d5:12:56:
27:65:a0:57:7b:34:f4:8b:05:5d:d4:3e:ee:af:f4:
9d:f0:56:a8:97:9e:66:22:e5:fd:7e:66:49:d5:51:
6f:1d:1f:66:9c:5d:4a:60:80:00:10:c8:af:20:fd:
43:70:e5:5a:57:c6:56:1e:ab:98:0e:80:ad:c8:6d:
cf:a9:21:90:c0:6d:99:03:2c:12:a1:a6:1e:02:64:
ff:e1:00:4d:f2:e6:09:d8:c3:88:fb:36:3e:73:42:
cd:6a:3c:77:21:66:bf:25:ed:a5:79:2f:d6:26:92:
22:a7:52:e2:ff:0c:f5:68:ad:e7:3b:94:e8:04:fc:
15:2b:74:05:ee:cc:0b:e6:c2:ee:ad:64:80:47:35:
c4:65:c9:4d:6c:ee:10:67:9b:f3:6d:1b:89:7d:6e:
99:b7:89:23:76:8a:4a:24:f6:eb:a3:7c:ce:f6:75:
82:b6:6e:ed:7b:b6:74:9e:86:17:91:6f:21:8a:a5:
b5:40:2e:e0:7d:48:5b:72:98:4f:d5:a0:fb:f0:ca:
4e:a1:c0:15:9c:d9:8f:29:7b:11:97:45:ff:8b:d9:
c6:bf:c0:0b:1e:0b:57:8f:eb:3c:76:b4:9e:63:0e:
8e:04:9d:77:32:44:83:de:a0:61:f4:f1:41:75:75:
58:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:79:D7:33:67:68:45:D8:0F:C4:F2:EC:B3:AE:F2:64:3C:9B:5F:77
X509v3 Authority Key Identifier:
keyid:EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/uXnXM2doRdgPxPLss67yZDybX3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.127.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:3a:73:15:78:7c:5e:56:b2:0c:ad:41:e0:52:b1:93:71:5d:
b0:ee:d8:c4:34:24:fd:c1:23:5d:e5:cb:16:8d:0a:20:64:d6:
a7:80:bd:d1:1c:2b:79:e4:f3:3a:d9:1d:58:32:dc:16:31:15:
31:a3:5b:ae:d4:f4:29:f1:f8:c5:10:c1:67:58:0b:80:f1:c0:
af:dd:f5:e8:ad:db:9d:bc:da:d7:02:8f:ca:d7:d7:ec:fa:d8:
f6:dc:04:b9:cc:94:ee:34:18:2a:e2:ec:75:b4:6e:55:2c:18:
f6:3a:fc:36:1a:62:7d:38:d9:35:8c:43:98:4f:1d:5b:df:11:
69:6c:88:3d:01:44:24:9a:c4:05:39:11:50:c5:20:9c:18:e9:
16:1a:91:75:4e:47:74:48:db:44:6a:4d:3d:68:3d:a5:4b:71:
db:d7:7a:db:29:e0:b5:40:31:b8:1a:2a:c2:5d:2e:d8:cf:be:
60:74:d6:fa:a8:42:ba:62:ac:dd:73:1b:46:0d:bd:1a:30:2a:
db:b2:b4:0e:19:cf:96:d8:b6:b7:d0:47:3a:cb:34:f4:f1:2b:
1c:04:db:79:f5:9f:dd:7e:15:4f:a2:a7:4e:df:0d:bb:8f:19:
3d:57:e7:c0:0e:00:c5:43:8e:48:63:1a:7e:01:83:45:aa:09:
8f:56:e7:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZi+tdVTnKWcP01juCNQ7DLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMzQ5YWYyYWYxMTEzNjFiMjlmY2ZlZjJlMDQzZDViZTc1
ZTNmOTgwHhcNMjUwODE4MTk0NDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTc5ZDczMzY3Njg0NWQ4MGZjNGYyZWNiM2FlZjI2NDNjOWI1Zjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SU+Wvb2NstyOvTVElYnZaBXezT0
iwVd1D7ur/Sd8Faol55mIuX9fmZJ1VFvHR9mnF1KYIAAEMivIP1DcOVaV8ZWHquY
DoCtyG3PqSGQwG2ZAywSoaYeAmT/4QBN8uYJ2MOI+zY+c0LNajx3IWa/Je2leS/W
JpIip1Li/wz1aK3nO5ToBPwVK3QF7swL5sLurWSARzXEZclNbO4QZ5vzbRuJfW6Z
t4kjdopKJPbro3zO9nWCtm7te7Z0noYXkW8hiqW1QC7gfUhbcphP1aD78MpOocAV
nNmPKXsRl0X/i9nGv8ALHgtXj+s8drSeYw6OBJ13MkSD3qBh9PFBdXVYhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLl51zNnaEXYD8Ty7LOu8mQ8m193MB8GA1UdIwQY
MBaAFOs0mvKvERNhsp/P7y4EPVvnXj+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgt
OWNkNjYyYmM4MzIwLzEvdVhuWE0yZG9SZGdQeFBMc3M2N3laRHliWDNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgtOWNkNjYyYmM4MzIw
LzEvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyp/MA0G
CSqGSIb3DQEBCwUAA4IBAQBdOnMVeHxeVrIMrUHgUrGTcV2w7tjENCT9wSNd5csW
jQogZNangL3RHCt55PM62R1YMtwWMRUxo1uu1PQp8fjFEMFnWAuA8cCv3fXordud
vNrXAo/K19fs+tj23AS5zJTuNBgq4ux1tG5VLBj2Ovw2GmJ9ONk1jEOYTx1b3xFp
bIg9AUQkmsQFORFQxSCcGOkWGpF1Tkd0SNtEak09aD2lS3Hb13rbKeC1QDG4GirC
XS7Yz75gdNb6qEK6YqzdcxtGDb0aMCrbsrQOGc+W2La30Ec6yzT08SscBNt59Z/d
fhVPoqdO3w27jxk9V+fADgDFQ45IYxp+AYNFqgmPVufa
-----END CERTIFICATE-----
Generated at Thu Aug 21 04:56:56 2025 by rpki-client