Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/M6e0Db6rIRrut7Sf9jFsbIVLDaM.roa
File: M6e0Db6rIRrut7Sf9jFsbIVLDaM.roa (raw, json)
Hash identifier: JXcstu8zslncBB42v+GEY3znOZDM894FUsNgQKDisvc=
Subject key identifier: 33:A7:B4:0D:BE:AB:21:1A:EE:B7:B4:9F:F6:31:6C:6C:85:4B:0D:A3
Certificate issuer: /CN=c98b825f36e9cc330315c940de800cbabce3397b
Certificate serial: 01971651E39FB527EBF078BDCE8B8CEC7D70
Authority key identifier: C9:8B:82:5F:36:E9:CC:33:03:15:C9:40:DE:80:0C:BA:BC:E3:39:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yYuCXzbpzDMDFclA3oAMurzjOXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/M6e0Db6rIRrut7Sf9jFsbIVLDaM.roa
Signing time: Wed 28 May 2025 09:55:54 +0000
ROA not before: Wed 28 May 2025 09:55:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51720
IP address blocks: 31.3.144.0/22 maxlen: 22
37.228.120.0/24 maxlen: 24
37.228.122.0/23 maxlen: 23
37.228.124.0/24 maxlen: 24
80.70.166.0/23 maxlen: 23
80.70.166.0/24 maxlen: 24
80.70.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/yYuCXzbpzDMDFclA3oAMurzjOXs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/yYuCXzbpzDMDFclA3oAMurzjOXs.mft
rsync://rpki.ripe.net/repository/DEFAULT/yYuCXzbpzDMDFclA3oAMurzjOXs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:16:51:e3:9f:b5:27:eb:f0:78:bd:ce:8b:8c:ec:7d:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c98b825f36e9cc330315c940de800cbabce3397b
Validity
Not Before: May 28 09:55:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33a7b40dbeab211aeeb7b49ff6316c6c854b0da3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f6:5f:b7:09:96:27:95:2a:51:c3:fd:5d:02:
c0:57:5e:d1:82:de:7a:c8:af:62:ae:72:49:7c:fa:
f8:90:02:30:ff:29:21:a2:cc:07:07:98:6e:fe:98:
d4:d9:be:bc:fa:0e:a6:4e:fb:3e:88:05:d7:2c:67:
cb:36:01:e3:7e:84:c6:85:f6:f9:d3:59:29:89:4d:
4e:40:22:ba:7b:8a:ae:d8:dd:02:7b:dd:c0:5b:24:
d5:e2:6b:67:16:cb:ee:50:ea:ce:13:f9:dd:99:07:
aa:42:10:ba:f0:c8:08:de:20:72:4a:9b:a0:ee:03:
12:8c:e7:81:9f:1a:a0:ce:59:9a:22:37:85:aa:c5:
20:8c:27:78:75:08:74:0e:64:97:e2:a9:3b:f1:3e:
ce:90:ea:78:36:3e:95:b6:51:25:f6:ae:ad:b4:30:
50:48:7a:ab:82:45:d7:f9:a6:5b:7d:06:4b:f2:5b:
2e:c2:a6:fe:bc:07:aa:83:67:a7:2e:e0:8a:49:c7:
43:68:0c:fd:44:bf:b0:f6:2c:a4:23:32:18:f5:73:
54:8c:bb:64:e7:01:1c:d8:c0:3b:bb:7d:87:a4:29:
48:67:22:23:68:f9:54:01:9b:47:aa:34:dc:76:4a:
37:0e:b0:d7:91:65:c6:48:4c:cb:72:92:26:22:e6:
d6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A7:B4:0D:BE:AB:21:1A:EE:B7:B4:9F:F6:31:6C:6C:85:4B:0D:A3
X509v3 Authority Key Identifier:
keyid:C9:8B:82:5F:36:E9:CC:33:03:15:C9:40:DE:80:0C:BA:BC:E3:39:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYuCXzbpzDMDFclA3oAMurzjOXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/M6e0Db6rIRrut7Sf9jFsbIVLDaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/ea3614-f090-4a2b-9355-b89a511c3bbd/1/yYuCXzbpzDMDFclA3oAMurzjOXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.144.0/22
37.228.120.0/24
37.228.122.0-37.228.124.255
80.70.166.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:a5:04:ac:03:f7:15:90:94:4f:ee:2b:3a:84:31:b3:2d:13:
f6:d0:94:d4:09:52:6b:f4:0e:15:1a:7c:4e:de:e8:9b:15:90:
d9:42:14:e0:74:f4:4b:28:36:fb:f8:74:de:d3:88:b8:75:4f:
74:d6:22:ee:99:67:b5:53:c8:75:e5:b3:c8:41:87:a1:60:7b:
6e:a8:74:13:a3:c2:5e:56:7f:bd:a1:a3:cf:ae:6c:bc:46:f3:
de:b2:1c:91:a3:a8:82:90:22:0e:83:53:a6:db:76:d9:03:bd:
96:7a:16:a7:b0:58:56:5d:7c:0a:3e:db:60:69:34:91:de:97:
79:56:f0:70:ef:e0:30:de:76:13:3e:13:ca:73:2b:70:b8:83:
4f:3f:59:48:6b:29:96:92:3d:3d:1c:a6:3c:09:03:6d:35:5e:
e7:45:0b:19:47:e0:c8:b4:eb:13:39:7d:d8:30:7b:4b:11:58:
60:b8:19:b8:34:bd:72:07:8e:98:2c:e0:98:35:83:eb:68:5e:
f6:ec:e5:dd:c5:ca:0b:db:8f:c6:d6:65:f6:5f:e1:b6:cd:b4:
a6:71:fd:a7:65:f9:76:50:fa:c3:88:31:1f:c5:a1:18:a2:73:
25:13:fa:51:7b:cd:41:6b:30:39:64:5c:c3:5c:6a:91:3b:44:
b2:64:43:5e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZcWUeOftSfr8Hi9zouM7H1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5OGI4MjVmMzZlOWNjMzMwMzE1Yzk0MGRlODAwY2JhYmNl
MzM5N2IwHhcNMjUwNTI4MDk1NTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2E3YjQwZGJlYWIyMTFhZWViN2I0OWZmNjMxNmM2Yzg1NGIwZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvZftwmWJ5UqUcP9XQLAV17Rgt56
yK9irnJJfPr4kAIw/ykhoswHB5hu/pjU2b68+g6mTvs+iAXXLGfLNgHjfoTGhfb5
01kpiU1OQCK6e4qu2N0Ce93AWyTV4mtnFsvuUOrOE/ndmQeqQhC68MgI3iBySpug
7gMSjOeBnxqgzlmaIjeFqsUgjCd4dQh0DmSX4qk78T7OkOp4Nj6VtlEl9q6ttDBQ
SHqrgkXX+aZbfQZL8lsuwqb+vAeqg2enLuCKScdDaAz9RL+w9iykIzIY9XNUjLtk
5wEc2MA7u32HpClIZyIjaPlUAZtHqjTcdko3DrDXkWXGSEzLcpImIubWgwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDOntA2+qyEa7re0n/YxbGyFSw2jMB8GA1UdIwQY
MBaAFMmLgl826cwzAxXJQN6ADLq84zl7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVl1Q1h6YnB6RE1ERmNsQTNvQU11cnpqT1hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9lYTM2MTQtZjA5MC00YTJiLTkzNTUt
Yjg5YTUxMWMzYmJkLzEvTTZlMERiNnJJUnJ1dDdTZjlqRnNiSVZMRGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9lYTM2MTQtZjA5MC00YTJiLTkzNTUtYjg5YTUxMWMzYmJk
LzEveVl1Q1h6YnB6RE1ERmNsQTNvQU11cnpqT1hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCHwOQAwQA
JeR4MAwDBAEl5HoDBAAl5HwDBAFQRqYwDQYJKoZIhvcNAQELBQADggEBABylBKwD
9xWQlE/uKzqEMbMtE/bQlNQJUmv0DhUafE7e6JsVkNlCFOB09EsoNvv4dN7TiLh1
T3TWIu6ZZ7VTyHXls8hBh6Fge26odBOjwl5Wf72ho8+ubLxG896yHJGjqIKQIg6D
U6bbdtkDvZZ6FqewWFZdfAo+22BpNJHel3lW8HDv4DDedhM+E8pzK3C4g08/WUhr
KZaSPT0cpjwJA201XudFCxlH4Mi06xM5fdgwe0sRWGC4Gbg0vXIHjpgs4Jg1g+to
Xvbs5d3Fygvbj8bWZfZf4bbNtKZx/adl+XZQ+sOIMR/FoRiicyUT+lF7zUFrMDlk
XMNcapE7RLJkQ14=
-----END CERTIFICATE-----
Generated at Sat Jun 7 07:29:30 2025 by rpki-client