Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2xtKIzId6XJ8CFeEI8STQO4hDsg.roa
File: 2xtKIzId6XJ8CFeEI8STQO4hDsg.roa (raw, json)
Hash identifier: DT8zULSP18cVFH19PgynCeOonnbp9Qh2evY/joUOtAI=
Subject key identifier: DB:1B:4A:23:32:1D:E9:72:7C:08:57:84:23:C4:93:40:EE:21:0E:C8
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 0196C7EF99C057B37D6F25641768FE6757E8
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2xtKIzId6XJ8CFeEI8STQO4hDsg.roa
Signing time: Tue 13 May 2025 04:38:10 +0000
ROA not before: Tue 13 May 2025 04:38:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31195
IP address blocks: 31.173.132.0/23 maxlen: 23
31.173.134.0/23 maxlen: 23
31.173.135.0/24 maxlen: 24
31.173.143.0/24 maxlen: 24
31.173.225.0/24 maxlen: 24
31.173.226.0/24 maxlen: 24
31.173.228.0/23 maxlen: 23
31.173.228.0/24 maxlen: 24
31.173.229.0/24 maxlen: 24
31.173.230.0/24 maxlen: 24
31.173.231.0/24 maxlen: 24
31.173.232.0/23 maxlen: 23
31.173.235.0/24 maxlen: 24
31.173.236.0/23 maxlen: 23
31.173.238.0/24 maxlen: 24
31.173.239.0/24 maxlen: 24
37.28.188.0/22 maxlen: 22
37.28.190.0/24 maxlen: 24
37.28.191.0/24 maxlen: 24
37.29.43.0/24 maxlen: 24
37.29.88.0/22 maxlen: 22
37.29.89.0/24 maxlen: 24
37.29.91.0/24 maxlen: 24
37.29.92.0/22 maxlen: 22
37.29.94.0/24 maxlen: 24
37.29.95.0/24 maxlen: 24
78.25.124.0/22 maxlen: 22
78.25.127.0/24 maxlen: 24
83.149.52.0/22 maxlen: 22
83.169.224.0/23 maxlen: 23
83.169.226.0/24 maxlen: 24
83.169.227.0/24 maxlen: 24
83.169.228.0/23 maxlen: 23
83.169.230.0/24 maxlen: 24
85.26.240.0/22 maxlen: 22
85.26.244.0/22 maxlen: 22
85.26.247.0/24 maxlen: 24
178.176.233.0/24 maxlen: 24
178.176.234.0/24 maxlen: 24
178.176.235.0/24 maxlen: 24
178.178.64.0/24 maxlen: 24
178.178.65.0/24 maxlen: 24
178.178.66.0/24 maxlen: 24
178.178.67.0/24 maxlen: 24
178.178.68.0/24 maxlen: 24
178.178.69.0/24 maxlen: 24
178.178.70.0/24 maxlen: 24
178.178.71.0/24 maxlen: 24
178.178.72.0/24 maxlen: 24
178.178.73.0/24 maxlen: 24
178.178.74.0/24 maxlen: 24
178.178.75.0/24 maxlen: 24
178.178.76.0/24 maxlen: 24
188.170.228.0/23 maxlen: 23
188.170.230.0/24 maxlen: 24
188.170.231.0/24 maxlen: 24
188.170.232.0/24 maxlen: 24
188.170.233.0/24 maxlen: 24
188.170.234.0/24 maxlen: 24
188.170.235.0/24 maxlen: 24
188.170.236.0/24 maxlen: 24
188.170.237.0/24 maxlen: 24
188.170.239.0/24 maxlen: 24
2a03:d006::/40 maxlen: 40
2a03:d006:100::/40 maxlen: 40
2a03:d006:200::/40 maxlen: 40
2a03:d006:300::/40 maxlen: 40
2a03:d006:400::/40 maxlen: 40
2a03:d006:500::/40 maxlen: 40
2a03:d006:600::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c7:ef:99:c0:57:b3:7d:6f:25:64:17:68:fe:67:57:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: May 13 04:38:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db1b4a23321de9727c08578423c49340ee210ec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b9:c8:d6:19:76:7c:3e:5f:b5:29:07:c2:9c:
53:a0:ab:c7:38:1a:b2:dc:01:b4:18:18:37:4a:40:
dc:9c:0f:f5:05:e3:0d:b3:80:39:f3:cd:59:67:fd:
9a:d7:f0:e9:74:e7:56:cb:06:b8:44:a9:1f:fb:dd:
00:54:ad:13:a2:80:93:88:88:80:9a:0b:cc:56:35:
ad:e4:00:63:d8:21:cd:d8:5d:87:7b:f8:46:0c:57:
cd:75:75:60:cf:b2:7f:3b:cf:b1:0b:ac:07:72:6f:
7e:cf:1a:c0:85:8d:9d:a8:93:b6:1e:a5:83:3a:53:
01:d1:a3:f9:5d:fe:20:a2:17:44:63:af:44:12:c5:
6c:44:40:0d:6b:49:63:4b:43:a4:6f:15:f5:66:6f:
d6:60:a5:6c:91:30:60:ac:46:c0:a5:23:73:cf:9a:
7c:29:6d:ab:97:17:d0:2e:55:83:e7:54:b9:21:00:
be:98:9b:e3:4d:29:17:2e:be:0d:da:04:d3:08:1e:
fa:b3:e1:65:9b:39:aa:fe:91:2b:c0:51:f1:e8:cb:
d2:d1:39:6d:f5:ea:05:06:58:1d:48:5e:b2:3a:44:
06:d3:dd:2b:bd:a4:d0:90:23:35:0d:b0:28:61:80:
e5:35:29:b0:0c:e1:e6:22:25:b2:5d:6a:f9:58:38:
82:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1B:4A:23:32:1D:E9:72:7C:08:57:84:23:C4:93:40:EE:21:0E:C8
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/2xtKIzId6XJ8CFeEI8STQO4hDsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.132.0/22
31.173.143.0/24
31.173.225.0-31.173.226.255
31.173.228.0-31.173.233.255
31.173.235.0-31.173.239.255
37.28.188.0/22
37.29.43.0/24
37.29.88.0/21
78.25.124.0/22
83.149.52.0/22
83.169.224.0-83.169.230.255
85.26.240.0/21
178.176.233.0-178.176.235.255
178.178.64.0-178.178.76.255
188.170.228.0-188.170.237.255
188.170.239.0/24
IPv6:
2a03:d006::-2a03:d006:6ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4d:28:a9:d3:2e:bd:bd:98:e9:9c:bb:e6:2d:3b:fd:f3:d0:86:
92:26:8c:99:22:32:45:37:38:1c:a9:c1:33:8c:4f:71:f1:0c:
02:9b:91:16:00:c3:46:aa:00:62:b3:af:f4:6f:86:fd:71:d8:
c7:d2:3d:69:f3:38:82:ae:4e:19:f2:94:d1:b2:1d:3e:e9:6e:
35:90:9f:87:87:08:44:d6:c7:1b:1e:4c:11:52:2c:d6:c6:da:
65:b6:1b:72:49:f6:b2:e2:50:a4:ed:22:a6:a6:3a:35:44:83:
21:4d:e0:56:42:df:ce:be:2c:0d:b6:f2:a0:86:d6:ff:2b:95:
d4:1b:3b:86:27:91:52:c4:f6:4e:c0:f9:5d:a4:e8:a0:72:dd:
78:4c:ea:14:d1:cc:54:5b:aa:36:6c:8b:a7:af:c0:0e:fb:91:
31:c7:9d:f4:36:0c:ac:8b:2d:36:ce:11:90:2a:23:78:72:a7:
44:a0:e5:40:4a:9e:ca:e5:1c:d1:4a:f0:6a:d8:a8:4c:a7:54:
6b:b4:67:da:09:8a:67:d7:c8:35:11:ee:2c:7e:29:08:5d:68:
45:cd:85:2f:12:33:95:4c:c7:d9:37:bb:ed:16:b9:66:85:58:
7b:b7:81:3a:0b:d4:85:5a:08:af:fb:47:ff:40:d7:8c:b5:d8:
4b:39:c0:b3
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZbH75nAV7N9byVkF2j+Z1foMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjUwNTEzMDQzODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjFiNGEyMzMyMWRlOTcyN2MwODU3ODQyM2M0OTM0MGVlMjEwZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbnI1hl2fD5ftSkHwpxToKvHOBqy
3AG0GBg3SkDcnA/1BeMNs4A5881ZZ/2a1/DpdOdWywa4RKkf+90AVK0TooCTiIiA
mgvMVjWt5ABj2CHN2F2He/hGDFfNdXVgz7J/O8+xC6wHcm9+zxrAhY2dqJO2HqWD
OlMB0aP5Xf4gohdEY69EEsVsREANa0ljS0OkbxX1Zm/WYKVskTBgrEbApSNzz5p8
KW2rlxfQLlWD51S5IQC+mJvjTSkXLr4N2gTTCB76s+Flmzmq/pErwFHx6MvS0Tlt
9eoFBlgdSF6yOkQG090rvaTQkCM1DbAoYYDlNSmwDOHmIiWyXWr5WDiCUwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFNsbSiMyHelyfAhXhCPEk0DuIQ7IMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvMnh0S0l6SWQ2WEo4Q0ZlRUk4U1RRTzRoRHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBnwQCAAEwgZgDBAIf
rYQDBAAfrY8wDAMEAB+t4QMEAB+t4jAMAwQCH63kAwQBH63oMAwDBAAfresDBAQf
reADBAIlHLwDBAAlHSsDBAMlHVgDBAJOGXwDBAJTlTQwDAMEBVOp4AMEAFOp5gME
A1Ua8DAMAwQAsrDpAwQCsrDoMAwDBAayskADBACyskwwDAMEAryq5AMEAbyq7AME
ALyq7zAXBAIAAjARMA8DBQEqA9AGAwYAKgPQBgYwDQYJKoZIhvcNAQELBQADggEB
AE0oqdMuvb2Y6Zy75i07/fPQhpImjJkiMkU3OBypwTOMT3HxDAKbkRYAw0aqAGKz
r/Rvhv1x2MfSPWnzOIKuThnylNGyHT7pbjWQn4eHCETWxxseTBFSLNbG2mW2G3JJ
9rLiUKTtIqamOjVEgyFN4FZC386+LA228qCG1v8rldQbO4YnkVLE9k7A+V2k6KBy
3XhM6hTRzFRbqjZsi6evwA77kTHHnfQ2DKyLLTbOEZAqI3hyp0Sg5UBKnsrlHNFK
8GrYqEynVGu0Z9oJimfXyDUR7ix+KQhdaEXNhS8SM5VMx9k3u+0WuWaFWHu3gToL
1IVaCK/7R/9A14y12Es5wLM=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:04:48 2025 by rpki-client