Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/6WP5y_QknC9iDxd6UTK4gFwVsMI.roa
File: 6WP5y_QknC9iDxd6UTK4gFwVsMI.roa (raw, json)
Hash identifier: TTYzypwej/xXrBw/bod0A6cWitM+AquDVWckZccyLEA=
Subject key identifier: E9:63:F9:CB:F4:24:9C:2F:62:0F:17:7A:51:32:B8:80:5C:15:B0:C2
Certificate issuer: /CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Certificate serial: 01992B0FDD64B342C88B3D769315D6B5F3DB
Authority key identifier: 8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/6WP5y_QknC9iDxd6UTK4gFwVsMI.roa
Signing time: Mon 08 Sep 2025 20:41:24 +0000
ROA not before: Mon 08 Sep 2025 20:41:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56703
IP address blocks: 31.40.0.0/23 maxlen: 23
31.40.2.0/24 maxlen: 24
31.40.3.0/24 maxlen: 24
31.40.5.0/24 maxlen: 24
31.40.6.0/24 maxlen: 24
194.26.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.mft
rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2b:0f:dd:64:b3:42:c8:8b:3d:76:93:15:d6:b5:f3:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fe02b7eedffc38ab5eab4416172e7d88e9ad1e2
Validity
Not Before: Sep 8 20:41:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e963f9cbf4249c2f620f177a5132b8805c15b0c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:be:6d:8e:7a:b9:bd:8e:41:b4:67:43:5b:9c:
e1:6e:0d:6f:64:00:81:76:36:c2:e5:79:0e:f4:63:
bf:c2:6c:0f:02:33:90:97:52:57:09:47:b8:2b:b3:
10:9b:fa:2f:0f:1a:64:12:c7:a5:32:74:1d:e2:86:
bd:b1:e7:49:a0:4a:41:a1:1f:32:c0:a7:a8:79:9d:
6c:52:ec:00:9a:ca:f1:41:dd:92:8f:73:a9:8d:20:
ee:0c:9c:28:36:b6:8b:cd:7e:0f:f2:b3:8c:08:1e:
24:1e:0c:99:9b:1b:91:37:8a:f3:8e:de:c1:e9:83:
8c:84:d6:bd:a4:ed:96:c0:2b:b7:14:6a:66:d6:32:
fe:f9:48:14:34:33:a7:5c:93:12:3a:99:55:7b:07:
9b:b8:d3:50:18:10:ae:8d:36:7d:49:c7:bc:a6:f1:
17:78:ae:7b:83:c8:d6:70:e8:c0:34:c7:6c:bd:27:
04:74:0c:fe:37:90:22:61:60:eb:4f:d1:c2:eb:22:
af:ce:04:39:f4:31:ca:9f:12:13:73:0d:d8:d9:b0:
07:17:3e:73:1d:f5:b8:83:a1:37:87:98:0a:1e:91:
47:35:8f:10:39:df:38:c6:49:bc:66:06:66:9e:d9:
5d:a0:89:bb:69:cd:9a:19:6e:0f:b7:bc:6a:cb:7f:
3a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:63:F9:CB:F4:24:9C:2F:62:0F:17:7A:51:32:B8:80:5C:15:B0:C2
X509v3 Authority Key Identifier:
keyid:8F:E0:2B:7E:ED:FF:C3:8A:B5:EA:B4:41:61:72:E7:D8:8E:9A:D1:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j-Arfu3_w4q16rRBYXLn2I6a0eI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/6WP5y_QknC9iDxd6UTK4gFwVsMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/d2c235-a1f5-4984-aadf-5146f13b71a1/1/j-Arfu3_w4q16rRBYXLn2I6a0eI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.0.0/22
31.40.5.0-31.40.6.255
194.26.117.0/24
Signature Algorithm: sha256WithRSAEncryption
03:db:66:39:a4:97:2e:66:7c:3d:92:bd:6f:f2:23:f4:7a:0f:
81:ac:62:c8:99:a2:b4:83:f2:e9:df:5c:3d:8e:d1:2f:72:4c:
8e:63:92:6c:cc:7c:97:57:5c:e4:c7:6b:b2:31:52:17:b8:fb:
28:d5:fe:b8:32:13:d1:76:3a:e6:8a:7e:98:b0:6a:7a:87:65:
bd:46:bf:39:ce:25:b5:2c:61:15:2c:dd:3d:bd:6e:7a:2a:ef:
94:8e:8e:e6:a9:39:d0:66:9e:4e:03:4e:66:0c:30:1f:08:84:
75:2f:b4:d3:5b:df:1c:18:e9:5e:0c:a6:fe:43:a0:86:61:b8:
f2:09:8f:0f:20:cf:b8:1f:c2:40:67:36:de:00:e2:d8:96:ed:
c0:4a:5a:70:93:da:62:4a:f2:0c:2f:95:44:e3:0a:ef:15:d6:
4f:ac:c0:82:a1:12:db:33:50:5f:a9:84:82:11:bd:85:29:7d:
a0:61:f0:a5:17:aa:9e:85:94:73:3b:58:4d:92:70:ab:2e:e0:
a8:31:2e:f5:43:27:2c:0a:4c:9a:7f:a5:2e:dd:49:40:b1:25:
2b:0b:00:c5:90:eb:4e:f1:0c:6d:08:bd:1e:b8:3a:34:61:30:
8e:43:db:58:85:e3:3a:71:c2:51:c5:61:38:cc:29:42:96:f8:
95:d0:b2:9b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZkrD91ks0LIiz12kxXWtfPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmZTAyYjdlZWRmZmMzOGFiNWVhYjQ0MTYxNzJlN2Q4OGU5
YWQxZTIwHhcNMjUwOTA4MjA0MTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTYzZjljYmY0MjQ5YzJmNjIwZjE3N2E1MTMyYjg4MDVjMTViMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz75tjnq5vY5BtGdDW5zhbg1vZACB
djbC5XkO9GO/wmwPAjOQl1JXCUe4K7MQm/ovDxpkEselMnQd4oa9sedJoEpBoR8y
wKeoeZ1sUuwAmsrxQd2Sj3OpjSDuDJwoNraLzX4P8rOMCB4kHgyZmxuRN4rzjt7B
6YOMhNa9pO2WwCu3FGpm1jL++UgUNDOnXJMSOplVewebuNNQGBCujTZ9Sce8pvEX
eK57g8jWcOjANMdsvScEdAz+N5AiYWDrT9HC6yKvzgQ59DHKnxITcw3Y2bAHFz5z
HfW4g6E3h5gKHpFHNY8QOd84xkm8ZgZmntldoIm7ac2aGW4Pt7xqy386PQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOlj+cv0JJwvYg8XelEyuIBcFbDCMB8GA1UdIwQY
MBaAFI/gK37t/8OKteq0QWFy59iOmtHiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvai1BcmZ1M193NHExNnJSQllYTG4ySTZhMGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9kMmMyMzUtYTFmNS00OTg0LWFhZGYt
NTE0NmYxM2I3MWExLzEvNldQNXlfUWtuQzlpRHhkNlVUSzRnRndWc01JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9kMmMyMzUtYTFmNS00OTg0LWFhZGYtNTE0NmYxM2I3MWEx
LzEvai1BcmZ1M193NHExNnJSQllYTG4ySTZhMGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCHygAMAwD
BAAfKAUDBAAfKAYDBADCGnUwDQYJKoZIhvcNAQELBQADggEBAAPbZjmkly5mfD2S
vW/yI/R6D4GsYsiZorSD8unfXD2O0S9yTI5jkmzMfJdXXOTHa7IxUhe4+yjV/rgy
E9F2OuaKfpiwanqHZb1GvznOJbUsYRUs3T29bnoq75SOjuapOdBmnk4DTmYMMB8I
hHUvtNNb3xwY6V4Mpv5DoIZhuPIJjw8gz7gfwkBnNt4A4tiW7cBKWnCT2mJK8gwv
lUTjCu8V1k+swIKhEtszUF+phIIRvYUpfaBh8KUXqp6FlHM7WE2ScKsu4KgxLvVD
JywKTJp/pS7dSUCxJSsLAMWQ607xDG0IvR64OjRhMI5D21iF4zpxwlHFYTjMKUKW
+JXQsps=
-----END CERTIFICATE-----
Generated at Mon Sep 15 20:37:44 2025 by rpki-client