Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/9AxSzFS66R2VGCahfePSeUmALBg.roa
File: 9AxSzFS66R2VGCahfePSeUmALBg.roa (raw, json)
Hash identifier: d9Xc/VpEalOPEbAKjPTD3MUiOt5uFxwEkmJ4Iwc8fi0=
Subject key identifier: F4:0C:52:CC:54:BA:E9:1D:95:18:26:A1:7D:E3:D2:79:49:80:2C:18
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 0196D878FF2B15649E7CB817973899347DF3
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/9AxSzFS66R2VGCahfePSeUmALBg.roa
Signing time: Fri 16 May 2025 09:42:10 +0000
ROA not before: Fri 16 May 2025 09:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56582
IP address blocks: 31.169.64.0/24 maxlen: 24
31.169.65.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.67.0/24 maxlen: 24
31.169.69.0/24 maxlen: 24
31.169.70.0/24 maxlen: 24
31.169.71.0/24 maxlen: 24
31.169.72.0/24 maxlen: 24
31.169.74.0/24 maxlen: 24
31.169.76.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.78.0/24 maxlen: 24
31.169.79.0/24 maxlen: 24
31.169.81.0/24 maxlen: 24
31.169.82.0/24 maxlen: 24
31.169.84.0/24 maxlen: 24
31.169.85.0/24 maxlen: 24
31.169.87.0/24 maxlen: 24
31.169.88.0/24 maxlen: 24
31.169.92.0/24 maxlen: 24
31.169.93.0/24 maxlen: 24
31.169.94.0/24 maxlen: 24
185.33.63.0/24 maxlen: 24
2a00:5740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.mft
rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d8:78:ff:2b:15:64:9e:7c:b8:17:97:38:99:34:7d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: May 16 09:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f40c52cc54bae91d951826a17de3d27949802c18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:44:ca:10:77:62:1b:7e:a6:f0:e6:68:a5:3c:
4d:49:7f:e7:19:39:49:98:a1:96:b6:30:60:f0:2b:
47:91:d1:d5:de:5a:ec:06:1a:b4:3a:e1:68:f9:2b:
a1:af:6d:52:30:7d:9e:bb:f9:ae:64:86:40:99:2e:
0e:8e:33:60:b7:1a:e4:37:6e:ab:dc:ce:21:c9:35:
b1:d2:a2:86:1f:38:95:88:58:93:a3:be:90:a1:01:
a3:a5:82:6d:7c:f4:e3:b9:26:10:db:e4:6e:99:99:
97:be:07:3e:f5:d7:5e:26:c0:6c:ae:77:c5:a8:0f:
0d:76:f5:c1:db:26:c4:37:9a:fa:f0:d9:9e:46:f1:
41:f7:90:36:01:b8:5d:66:39:f4:29:1b:61:e3:b4:
da:51:9c:14:68:28:66:31:78:7d:27:11:13:4a:a2:
5d:1d:32:32:7d:a2:5c:0d:8e:32:69:6e:d7:41:58:
83:85:d1:a0:e5:53:23:5f:b0:52:50:c8:b7:d3:d0:
84:27:63:df:1a:29:2d:0b:d9:6b:83:f9:18:bd:26:
ff:d4:f4:1f:4a:b2:af:fc:f1:a6:23:31:0a:8a:87:
17:5a:cf:f9:18:a5:e1:ef:37:2e:70:a8:00:c5:09:
98:91:45:31:64:76:5d:d7:c6:b1:4b:79:5b:64:b7:
ad:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:0C:52:CC:54:BA:E9:1D:95:18:26:A1:7D:E3:D2:79:49:80:2C:18
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/9AxSzFS66R2VGCahfePSeUmALBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.64.0/22
31.169.69.0-31.169.72.255
31.169.74.0/24
31.169.76.0/22
31.169.81.0-31.169.82.255
31.169.84.0/23
31.169.87.0-31.169.88.255
31.169.92.0-31.169.94.255
185.33.63.0/24
IPv6:
2a00:5740::/29
Signature Algorithm: sha256WithRSAEncryption
3c:93:66:64:89:51:c3:36:31:61:48:a9:42:1b:77:a8:50:37:
df:11:f4:4b:be:b5:51:cf:a4:dc:5a:e3:9c:e1:bd:01:ef:fb:
42:8d:c5:b5:22:84:e8:1b:52:2f:ff:57:db:5b:4c:1f:ff:2a:
1c:2b:9d:fb:6f:a8:af:12:45:23:c4:12:ce:cf:8c:c2:d5:07:
e3:b8:c4:2f:36:9d:f3:c8:6a:77:88:d4:f6:2a:fd:ac:09:7a:
3e:c9:53:ba:62:c7:a3:0f:73:0d:ba:ee:0b:78:48:da:66:ef:
33:9e:bc:d9:a3:2b:ef:c4:8b:fb:19:db:f0:97:6d:73:40:87:
55:4c:71:f2:16:8d:b8:05:1f:82:3b:b4:2f:2f:c7:9a:e4:39:
e7:82:c4:ea:89:af:ad:6e:db:cd:9b:c0:63:10:88:00:9c:bb:
42:5a:15:3a:e0:b6:1a:8a:db:74:51:56:52:5f:52:c0:a8:16:
e9:b2:5a:aa:91:ec:9c:67:91:4c:d8:95:aa:ff:dc:ea:fe:38:
c3:46:04:5c:7c:e5:c1:df:64:b6:ff:ca:98:de:e4:d8:63:30:
1a:5d:9a:72:5c:23:1f:77:d2:2e:6f:09:82:4f:f8:39:1d:0a:
8d:4f:66:a0:82:6a:b3:11:3c:0a:d0:35:72:98:b1:be:69:bd:
2b:91:89:1f
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAZbYeP8rFWSefLgXlziZNH3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjUwNTE2MDk0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDBjNTJjYzU0YmFlOTFkOTUxODI2YTE3ZGUzZDI3OTQ5ODAyYzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwETKEHdiG36m8OZopTxNSX/nGTlJ
mKGWtjBg8CtHkdHV3lrsBhq0OuFo+Suhr21SMH2eu/muZIZAmS4OjjNgtxrkN26r
3M4hyTWx0qKGHziViFiTo76QoQGjpYJtfPTjuSYQ2+RumZmXvgc+9ddeJsBsrnfF
qA8NdvXB2ybEN5r68NmeRvFB95A2AbhdZjn0KRth47TaUZwUaChmMXh9JxETSqJd
HTIyfaJcDY4yaW7XQViDhdGg5VMjX7BSUMi309CEJ2PfGiktC9lrg/kYvSb/1PQf
SrKv/PGmIzEKiocXWs/5GKXh7zcucKgAxQmYkUUxZHZd18axS3lbZLetrQIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFPQMUsxUuukdlRgmoX3j0nlJgCwYMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvOUF4U3pGUzY2UjJWR0NhaGZlUFNlVW1BTEJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQCH6lAMAwD
BAAfqUUDBAAfqUgDBAAfqUoDBAIfqUwwDAMEAB+pUQMEAB+pUgMEAR+pVDAMAwQA
H6lXAwQAH6lYMAwDBAIfqVwDBAAfqV4DBAC5IT8wDQQCAAIwBwMFAyoAV0AwDQYJ
KoZIhvcNAQELBQADggEBADyTZmSJUcM2MWFIqUIbd6hQN98R9Eu+tVHPpNxa45zh
vQHv+0KNxbUihOgbUi//V9tbTB//KhwrnftvqK8SRSPEEs7PjMLVB+O4xC82nfPI
aneI1PYq/awJej7JU7pix6MPcw267gt4SNpm7zOevNmjK+/Ei/sZ2/CXbXNAh1VM
cfIWjbgFH4I7tC8vx5rkOeeCxOqJr61u282bwGMQiACcu0JaFTrgthqK23RRVlJf
UsCoFumyWqqR7JxnkUzYlar/3Or+OMNGBFx85cHfZLb/ypje5NhjMBpdmnJcIx93
0i5vCYJP+DkdCo1PZqCCarMRPArQNXKYsb5pvSuRiR8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 20:19:30 2025 by rpki-client