Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/Lc76ATmh3N2WmZPDYJ9rzhql95s.roa
File: Lc76ATmh3N2WmZPDYJ9rzhql95s.roa (raw, json)
Hash identifier: u40vTHuUL4j8mKfluquxQoMV2MtHuQDBqovqP0w+ck4=
Subject key identifier: 2D:CE:FA:01:39:A1:DC:DD:96:99:93:C3:60:9F:6B:CE:1A:A5:F7:9B
Certificate issuer: /CN=172537601a31697404922d957e74450f5a9cbe73
Certificate serial: 0198FEC53E99AAB9C6E291C8588A616FCC22
Authority key identifier: 17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/Lc76ATmh3N2WmZPDYJ9rzhql95s.roa
Signing time: Sun 31 Aug 2025 06:16:36 +0000
ROA not before: Sun 31 Aug 2025 06:16:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 31.223.192.0/21 maxlen: 24
31.223.200.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.mft
rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 22:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:fe:c5:3e:99:aa:b9:c6:e2:91:c8:58:8a:61:6f:cc:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=172537601a31697404922d957e74450f5a9cbe73
Validity
Not Before: Aug 31 06:16:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2dcefa0139a1dcdd969993c3609f6bce1aa5f79b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a7:0a:c1:13:67:2c:96:6d:c6:80:27:8f:cf:
fc:71:f4:28:d9:50:2f:66:e1:4a:e3:38:9e:e4:af:
d6:f0:3c:6a:e4:68:58:ae:ee:41:b2:c6:e4:87:21:
4f:7a:9b:6f:7d:43:74:6b:cb:f0:1c:ff:6d:17:d2:
18:f6:ba:44:26:30:ea:44:fe:d8:9e:91:e9:bb:1d:
df:54:96:d1:3d:87:b7:81:62:70:51:cd:1e:0c:b2:
4f:0a:e6:83:b9:07:0b:d3:71:af:83:96:6f:1a:e2:
f3:ca:b7:cd:ba:d4:0c:62:6c:7f:d6:f5:ff:46:9b:
af:b6:b9:20:87:d6:e3:c8:c2:68:53:1b:b6:ef:7e:
c4:89:3b:28:9d:96:91:f2:27:ad:9d:fd:2d:b5:bb:
ba:23:f2:e6:29:1a:ce:ad:12:61:f2:7b:97:b9:71:
d4:cc:c3:61:12:16:cb:aa:c8:5e:97:12:eb:3b:dc:
d3:c1:5a:fe:3e:1f:f7:58:c2:8b:06:3c:fe:6f:53:
65:49:64:67:24:30:db:8d:7f:28:12:20:67:35:ad:
67:7d:ae:af:a1:a8:84:51:71:52:60:23:cb:93:d2:
13:93:ee:ce:bc:14:36:80:3b:65:0a:57:eb:e4:ca:
40:43:d3:eb:be:f5:20:24:f3:30:65:2a:66:2c:bf:
c1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:CE:FA:01:39:A1:DC:DD:96:99:93:C3:60:9F:6B:CE:1A:A5:F7:9B
X509v3 Authority Key Identifier:
keyid:17:25:37:60:1A:31:69:74:04:92:2D:95:7E:74:45:0F:5A:9C:BE:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FyU3YBoxaXQEki2VfnRFD1qcvnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/Lc76ATmh3N2WmZPDYJ9rzhql95s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/219cae-264d-46a7-9e64-e604b61be0ea/1/FyU3YBoxaXQEki2VfnRFD1qcvnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.192.0/20
Signature Algorithm: sha256WithRSAEncryption
8e:df:c7:fe:eb:1f:18:3a:bd:51:81:2a:f7:aa:42:f3:b6:ee:
03:86:ba:7f:3d:f8:ef:6d:c6:a2:a9:13:30:fb:5d:6e:35:02:
1b:dd:d1:0f:e5:3a:32:b4:67:db:0e:1b:52:17:18:d0:fc:0e:
69:5a:44:7e:97:7c:94:ff:2f:11:62:d7:04:73:de:d4:bf:df:
2e:56:ef:a8:fc:d1:ed:ba:7d:82:95:07:c2:4c:88:9c:57:63:
50:b0:6f:83:e9:ad:c5:7c:da:b0:ed:b3:c6:41:53:2a:e8:3d:
48:f8:ab:49:4a:50:01:73:a8:cb:64:da:56:60:bf:af:b7:26:
8b:3f:28:49:eb:a7:32:12:63:9b:b1:0c:3f:b0:51:91:91:41:
5d:df:ca:96:81:be:4a:06:db:80:1b:f9:0b:03:65:41:ce:ec:
be:7c:6f:a1:c1:83:c6:15:ef:c6:a7:13:de:80:e4:c4:0a:36:
4d:f5:53:a2:ab:03:b2:01:29:2a:e7:1e:26:f5:c6:e5:dd:03:
4d:82:00:08:2c:80:fe:f8:a8:10:65:94:32:98:40:52:80:a8:
12:2c:fb:7f:1a:cb:b2:8c:11:d4:c3:84:0d:0e:bf:04:93:5b:
b0:c1:e5:e8:0e:60:20:34:bc:13:bf:1e:3f:81:1c:eb:4f:ba:
e6:17:78:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZj+xT6ZqrnG4pHIWIphb8wiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MjUzNzYwMWEzMTY5NzQwNDkyMmQ5NTdlNzQ0NTBmNWE5
Y2JlNzMwHhcNMjUwODMxMDYxNjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGNlZmEwMTM5YTFkY2RkOTY5OTkzYzM2MDlmNmJjZTFhYTVmNzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36cKwRNnLJZtxoAnj8/8cfQo2VAv
ZuFK4zie5K/W8Dxq5GhYru5BssbkhyFPeptvfUN0a8vwHP9tF9IY9rpEJjDqRP7Y
npHpux3fVJbRPYe3gWJwUc0eDLJPCuaDuQcL03Gvg5ZvGuLzyrfNutQMYmx/1vX/
Rpuvtrkgh9bjyMJoUxu2737EiTsonZaR8ietnf0ttbu6I/LmKRrOrRJh8nuXuXHU
zMNhEhbLqshelxLrO9zTwVr+Ph/3WMKLBjz+b1NlSWRnJDDbjX8oEiBnNa1nfa6v
oaiEUXFSYCPLk9ITk+7OvBQ2gDtlClfr5MpAQ9PrvvUgJPMwZSpmLL/BdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC3O+gE5odzdlpmTw2Cfa84apfebMB8GA1UdIwQY
MBaAFBclN2AaMWl0BJItlX50RQ9anL5zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQt
ZTYwNGI2MWJlMGVhLzEvTGM3NkFUbWgzTjJXbVpQRFlKOXJ6aHFsOTVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yMTljYWUtMjY0ZC00NmE3LTllNjQtZTYwNGI2MWJlMGVh
LzEvRnlVM1lCb3hhWFFFa2kyVmZuUkZEMXFjdm5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEH9/AMA0G
CSqGSIb3DQEBCwUAA4IBAQCO38f+6x8YOr1RgSr3qkLztu4Dhrp/PfjvbcaiqRMw
+11uNQIb3dEP5ToytGfbDhtSFxjQ/A5pWkR+l3yU/y8RYtcEc97Uv98uVu+o/NHt
un2ClQfCTIicV2NQsG+D6a3FfNqw7bPGQVMq6D1I+KtJSlABc6jLZNpWYL+vtyaL
PyhJ66cyEmObsQw/sFGRkUFd38qWgb5KBtuAG/kLA2VBzuy+fG+hwYPGFe/GpxPe
gOTECjZN9VOiqwOyASkq5x4m9cbl3QNNggAILID++KgQZZQymEBSgKgSLPt/Gsuy
jBHUw4QNDr8Ek1uwweXoDmAgNLwTvx4/gRzrT7rmF3i8
-----END CERTIFICATE-----
Generated at Fri Sep 19 03:18:09 2025 by rpki-client