Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/fAqAClIqEJU2Z5Ye9QXpUO1Tbkg.roa
File: fAqAClIqEJU2Z5Ye9QXpUO1Tbkg.roa (raw, json)
Hash identifier: YDMyeOOGj2eBmIkqGQ0q84C8FFV9NROwwY19+t/7x2o=
Subject key identifier: 7C:0A:80:0A:52:2A:10:95:36:67:96:1E:F5:05:E9:50:ED:53:6E:48
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 019905EE21A87C5881E4DB5238409BB4798C
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/fAqAClIqEJU2Z5Ye9QXpUO1Tbkg.roa
Signing time: Mon 01 Sep 2025 15:38:36 +0000
ROA not before: Mon 01 Sep 2025 15:38:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215066
IP address blocks: 31.222.220.0/24 maxlen: 24
31.222.221.0/24 maxlen: 24
31.222.222.0/24 maxlen: 24
31.222.223.0/24 maxlen: 24
185.253.124.0/24 maxlen: 24
185.253.125.0/24 maxlen: 24
185.253.126.0/24 maxlen: 24
185.253.127.0/24 maxlen: 24
188.64.36.0/22 maxlen: 24
194.164.226.0/24 maxlen: 24
194.164.227.0/24 maxlen: 24
194.164.228.0/24 maxlen: 24
194.164.229.0/24 maxlen: 24
195.22.134.0/24 maxlen: 24
195.22.135.0/24 maxlen: 24
195.144.8.0/24 maxlen: 24
2a07:244::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.mft
rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 06:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:05:ee:21:a8:7c:58:81:e4:db:52:38:40:9b:b4:79:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Sep 1 15:38:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c0a800a522a10953667961ef505e950ed536e48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:22:bc:c0:c5:d8:36:97:2d:b7:6b:38:13:67:
d2:f0:e1:44:b4:31:41:bd:70:56:0b:b7:90:6a:57:
cf:3b:c4:6f:b2:7f:0d:60:bc:98:a2:d9:af:20:ae:
b4:df:c7:18:c8:59:f1:49:fa:34:3c:49:20:df:ef:
24:d1:ad:a7:e0:53:37:64:d4:69:6b:23:24:29:b4:
f2:54:20:0a:5c:cf:ad:8c:bf:a5:cc:ab:6f:fc:73:
96:6a:63:d0:12:d2:a0:03:a7:8a:7b:ef:58:7a:78:
44:4a:0c:82:ba:f9:e5:02:ad:28:68:fc:6c:e8:e0:
11:7d:6d:dd:5f:d6:ad:0f:85:7e:97:75:8f:b5:ce:
2e:f8:8b:a9:ff:85:b4:ee:8a:bc:8a:8b:e2:03:fb:
e7:11:8a:22:47:4d:97:0e:11:d7:cd:66:fa:41:cb:
0b:69:5c:51:b8:6c:eb:a8:37:af:3c:92:0e:22:f0:
05:08:58:55:e5:b0:9b:07:59:1f:42:80:a9:a7:97:
fa:ac:f8:49:9a:11:b1:6b:d9:a5:0f:d9:da:56:ac:
63:c7:7b:fa:f1:6e:fc:d4:42:ee:06:db:eb:b0:00:
26:48:e8:67:10:96:fc:da:be:79:f1:99:0e:69:61:
08:ed:4e:e7:84:0d:a2:ea:bc:25:0f:20:1b:65:00:
a6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:0A:80:0A:52:2A:10:95:36:67:96:1E:F5:05:E9:50:ED:53:6E:48
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/fAqAClIqEJU2Z5Ye9QXpUO1Tbkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.220.0/22
185.253.124.0/22
188.64.36.0/22
194.164.226.0-194.164.229.255
195.22.134.0/23
195.144.8.0/24
IPv6:
2a07:244::/32
Signature Algorithm: sha256WithRSAEncryption
02:82:a9:5b:e4:b3:59:2e:3f:ff:94:a4:06:c6:08:f5:55:60:
74:06:38:01:60:e1:ac:c2:f5:08:ff:15:8c:ac:ac:75:71:d8:
37:ce:48:08:b0:4a:11:0b:d4:28:e0:7d:b7:55:41:81:06:2d:
6f:59:ad:f1:27:0a:a8:5e:f3:a8:85:eb:9d:a4:81:c9:36:8e:
22:76:9b:99:ff:da:fe:2e:7d:61:87:18:38:79:90:c6:2e:71:
a7:c6:cd:6b:e8:d1:30:7c:6d:c2:a8:0b:d1:9d:16:f6:24:39:
bc:0c:d5:0f:fc:98:f2:fe:5f:f2:87:06:47:35:ac:c3:9c:31:
36:80:a4:28:45:58:af:04:2d:52:dd:f0:7c:a5:82:18:a3:40:
2e:2e:ae:81:53:02:04:15:cc:d3:2a:42:20:ba:08:4b:11:a9:
98:40:f3:c3:a9:d2:04:d8:94:30:96:1d:47:e1:c9:90:5c:58:
f3:6e:c8:29:00:88:c2:39:c1:aa:c4:ad:aa:db:db:4b:8e:12:
b8:31:50:2d:de:30:0a:4e:53:b2:fa:15:e4:7c:28:a9:97:a7:
6e:b3:cb:9a:25:e2:62:fd:8b:69:ec:68:2c:87:f6:f2:81:b9:
19:6f:45:67:c8:8d:bb:1e:09:2d:6a:b4:cf:57:d0:f4:8d:c6:
41:2a:e1:ab
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZkF7iGofFiB5NtSOECbtHmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjUwOTAxMTUzODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzBhODAwYTUyMmExMDk1MzY2Nzk2MWVmNTA1ZTk1MGVkNTM2ZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSK8wMXYNpctt2s4E2fS8OFEtDFB
vXBWC7eQalfPO8Rvsn8NYLyYotmvIK6038cYyFnxSfo0PEkg3+8k0a2n4FM3ZNRp
ayMkKbTyVCAKXM+tjL+lzKtv/HOWamPQEtKgA6eKe+9YenhESgyCuvnlAq0oaPxs
6OARfW3dX9atD4V+l3WPtc4u+Iup/4W07oq8ioviA/vnEYoiR02XDhHXzWb6QcsL
aVxRuGzrqDevPJIOIvAFCFhV5bCbB1kfQoCpp5f6rPhJmhGxa9mlD9naVqxjx3v6
8W781ELuBtvrsAAmSOhnEJb82r558ZkOaWEI7U7nhA2i6rwlDyAbZQCm8wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFHwKgApSKhCVNmeWHvUF6VDtU25IMB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvZkFxQUNsSXFFSlUyWjVZZTlRWHBVTzFUYmtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQCH97cAwQC
uf18AwQCvEAkMAwDBAHCpOIDBAHCpOQDBAHDFoYDBADDkAgwDQQCAAIwBwMFACoH
AkQwDQYJKoZIhvcNAQELBQADggEBAAKCqVvks1kuP/+UpAbGCPVVYHQGOAFg4azC
9Qj/FYysrHVx2DfOSAiwShEL1CjgfbdVQYEGLW9ZrfEnCqhe86iF652kgck2jiJ2
m5n/2v4ufWGHGDh5kMYucafGzWvo0TB8bcKoC9GdFvYkObwM1Q/8mPL+X/KHBkc1
rMOcMTaApChFWK8ELVLd8HylghijQC4uroFTAgQVzNMqQiC6CEsRqZhA88Op0gTY
lDCWHUfhyZBcWPNuyCkAiMI5warErarb20uOErgxUC3eMApOU7L6FeR8KKmXp26z
y5ol4mL9i2nsaCyH9vKBuRlvRWfIjbseCS1qtM9X0PSNxkEq4as=
-----END CERTIFICATE-----
Generated at Wed Sep 10 14:27:15 2025 by rpki-client