Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/skjABuaYQdSyDecgxOrBPzscPeU.roa
File: skjABuaYQdSyDecgxOrBPzscPeU.roa (raw, json)
Hash identifier: kzk4xU92DAB+Vcg2V/rYHygGxD8dQRxlWxtwdylCcxg=
Subject key identifier: B2:48:C0:06:E6:98:41:D4:B2:0D:E7:20:C4:EA:C1:3F:3B:1C:3D:E5
Certificate issuer: /CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Certificate serial: 0197175F0E8901DD41ED47543F71BC11652D
Authority key identifier: D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/skjABuaYQdSyDecgxOrBPzscPeU.roa
Signing time: Wed 28 May 2025 14:49:54 +0000
ROA not before: Wed 28 May 2025 14:49:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40994
IP address blocks: 31.14.17.0/24 maxlen: 24
46.102.156.0/24 maxlen: 24
46.102.157.0/24 maxlen: 24
83.138.55.0/24 maxlen: 24
86.106.182.0/23 maxlen: 24
94.177.8.0/23 maxlen: 24
110.172.148.0/24 maxlen: 24
193.219.97.0/24 maxlen: 24
203.34.137.0/24 maxlen: 24
203.98.67.0/24 maxlen: 24
205.147.200.0/23 maxlen: 24
2a0d:f302::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.mft
rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:17:5f:0e:89:01:dd:41:ed:47:54:3f:71:bc:11:65:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4cf0fbd5f6e1759903cc69de0dc4ea24c1f83df
Validity
Not Before: May 28 14:49:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b248c006e69841d4b20de720c4eac13f3b1c3de5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5a:8b:11:68:b0:6c:63:ee:75:0e:0f:8d:f7:
f9:9e:a5:64:2a:5c:7e:62:a4:cd:03:f9:54:6f:ee:
e8:0e:20:6b:44:ef:e5:cc:cc:97:39:28:ae:5f:e5:
2a:56:db:87:ff:e8:20:00:4a:f4:d0:b1:bd:c6:09:
65:4d:8b:8c:3e:0b:27:b6:12:dc:34:e3:b7:ae:69:
83:1a:9e:9e:60:7c:35:fb:e4:51:18:50:27:67:64:
4b:b8:3a:ed:ac:73:99:88:be:7d:88:18:26:d1:49:
60:7b:40:b5:86:f8:d2:b6:cc:a2:59:4a:d2:3e:94:
fa:7f:c5:9c:8d:5f:0a:66:8d:2d:a9:5d:59:89:95:
af:8d:57:48:3f:42:a8:98:e8:92:ae:5f:59:31:cc:
be:bf:86:4b:00:5f:12:a9:7f:e1:db:08:ba:06:16:
99:ac:71:c0:1a:39:6f:2a:a8:dd:1b:08:ef:07:d5:
c1:e3:08:af:2e:d7:9f:1b:4c:91:d2:31:49:dd:60:
0d:0a:f2:3d:b9:af:1f:6f:c2:0c:da:d6:df:d0:ac:
06:17:44:db:21:bd:70:8d:e1:dd:79:9b:07:2b:35:
f4:33:e8:75:d2:f5:7f:94:06:1f:be:ce:4a:fa:7e:
3d:7d:ee:99:df:a6:ec:b0:36:ac:64:17:a1:6a:7e:
15:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:48:C0:06:E6:98:41:D4:B2:0D:E7:20:C4:EA:C1:3F:3B:1C:3D:E5
X509v3 Authority Key Identifier:
keyid:D4:CF:0F:BD:5F:6E:17:59:90:3C:C6:9D:E0:DC:4E:A2:4C:1F:83:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M8PvV9uF1mQPMad4NxOokwfg98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/skjABuaYQdSyDecgxOrBPzscPeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d34fa2-3a37-4308-b783-5857f1c17624/1/1M8PvV9uF1mQPMad4NxOokwfg98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.17.0/24
46.102.156.0/23
83.138.55.0/24
86.106.182.0/23
94.177.8.0/23
110.172.148.0/24
193.219.97.0/24
203.34.137.0/24
203.98.67.0/24
205.147.200.0/23
IPv6:
2a0d:f302::/32
Signature Algorithm: sha256WithRSAEncryption
82:af:42:4e:51:22:d1:e3:76:d5:8e:ba:ea:30:37:b4:5c:54:
8c:17:02:0d:a1:6f:33:8f:af:2c:59:ec:fa:06:8f:ec:cd:9d:
cd:b6:7e:23:6c:67:3a:1c:3e:bf:bf:92:f0:11:7c:f9:fe:48:
81:bb:27:cf:2b:3d:b1:c0:7f:c8:9c:68:77:6c:02:73:3a:d2:
ea:d2:e0:68:54:30:f8:cd:18:34:9b:37:b6:fd:ac:fc:8c:d6:
0f:c2:c0:31:f2:51:d5:b2:3a:25:2c:87:b6:39:17:04:3b:cc:
93:fa:19:23:50:d3:cc:82:4f:9b:67:7c:56:23:ad:74:37:06:
6f:43:f3:e1:91:56:56:c5:39:fc:9e:f6:a0:9f:a0:41:2e:22:
3e:ae:7c:a2:90:76:f6:43:57:ae:91:29:1a:30:bf:c7:5f:57:
0b:3b:17:d6:c8:b8:5b:c5:08:9b:8c:1a:df:45:95:9c:7c:ee:
c3:87:75:2a:98:e7:9a:3a:2b:30:e4:22:61:31:44:9f:6f:33:
76:ce:f1:f4:3f:18:3c:c6:3a:01:b9:b0:03:af:0a:c3:dd:5f:
9c:64:86:f1:14:89:f9:8a:2c:41:1d:43:85:f8:bb:33:d9:ae:
b3:9a:2c:5d:cf:fa:74:a4:37:05:c5:fc:f1:f9:fa:78:13:78:
6f:0d:0a:f1
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZcXXw6JAd1B7UdUP3G8EWUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Y2YwZmJkNWY2ZTE3NTk5MDNjYzY5ZGUwZGM0ZWEyNGMx
ZjgzZGYwHhcNMjUwNTI4MTQ0OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjQ4YzAwNmU2OTg0MWQ0YjIwZGU3MjBjNGVhYzEzZjNiMWMzZGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVqLEWiwbGPudQ4Pjff5nqVkKlx+
YqTNA/lUb+7oDiBrRO/lzMyXOSiuX+UqVtuH/+ggAEr00LG9xgllTYuMPgsnthLc
NOO3rmmDGp6eYHw1++RRGFAnZ2RLuDrtrHOZiL59iBgm0Ulge0C1hvjStsyiWUrS
PpT6f8WcjV8KZo0tqV1ZiZWvjVdIP0KomOiSrl9ZMcy+v4ZLAF8SqX/h2wi6BhaZ
rHHAGjlvKqjdGwjvB9XB4wivLtefG0yR0jFJ3WANCvI9ua8fb8IM2tbf0KwGF0Tb
Ib1wjeHdeZsHKzX0M+h10vV/lAYfvs5K+n49fe6Z36bssDasZBehan4VdwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFLJIwAbmmEHUsg3nIMTqwT87HD3lMB8GA1UdIwQY
MBaAFNTPD71fbhdZkDzGneDcTqJMH4PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU04UHZWOXVGMW1RUE1hZDROeE9va3dmZzk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9kMzRmYTItM2EzNy00MzA4LWI3ODMt
NTg1N2YxYzE3NjI0LzEvc2tqQUJ1YVlRZFN5RGVjZ3hPckJQenNjUGVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9kMzRmYTItM2EzNy00MzA4LWI3ODMtNTg1N2YxYzE3NjI0
LzEvMU04UHZWOXVGMW1RUE1hZDROeE9va3dmZzk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQAHw4RAwQB
LmacAwQAU4o3AwQBVmq2AwQBXrEIAwQAbqyUAwQAwdthAwQAyyKJAwQAy2JDAwQB
zZPIMA0EAgACMAcDBQAqDfMCMA0GCSqGSIb3DQEBCwUAA4IBAQCCr0JOUSLR43bV
jrrqMDe0XFSMFwINoW8zj68sWez6Bo/szZ3Ntn4jbGc6HD6/v5LwEXz5/kiBuyfP
Kz2xwH/InGh3bAJzOtLq0uBoVDD4zRg0mze2/az8jNYPwsAx8lHVsjolLIe2ORcE
O8yT+hkjUNPMgk+bZ3xWI610NwZvQ/PhkVZWxTn8nvagn6BBLiI+rnyikHb2Q1eu
kSkaML/HX1cLOxfWyLhbxQibjBrfRZWcfO7Dh3UqmOeaOisw5CJhMUSfbzN2zvH0
Pxg8xjoBubADrwrD3V+cZIbxFIn5iixBHUOF+Lsz2a6zmixdz/p0pDcFxfzx+fp4
E3hvDQrx
-----END CERTIFICATE-----
Generated at Sat Jun 7 05:06:58 2025 by rpki-client