Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/eiuuVdDHw7tCNh7-88E3raSuIfc.roa
File: eiuuVdDHw7tCNh7-88E3raSuIfc.roa (raw, json)
Hash identifier: 3m5MOXmDNJezPlvUGc+JuyJPY6iXYjUfrVVj0/0iqB0=
Subject key identifier: 7A:2B:AE:55:D0:C7:C3:BB:42:36:1E:FE:F3:C1:37:AD:A4:AE:21:F7
Certificate issuer: /CN=8ea43bb38d6e0be8c289094ba4adf387d0de40a0
Certificate serial: 0196C9ABA077223E8BE18DE93847DBE2F542
Authority key identifier: 8E:A4:3B:B3:8D:6E:0B:E8:C2:89:09:4B:A4:AD:F3:87:D0:DE:40:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jqQ7s41uC-jCiQlLpK3zh9DeQKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/eiuuVdDHw7tCNh7-88E3raSuIfc.roa
Signing time: Tue 13 May 2025 12:43:10 +0000
ROA not before: Tue 13 May 2025 12:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197746
IP address blocks: 31.22.112.0/24 maxlen: 24
31.22.113.0/24 maxlen: 24
31.22.114.0/24 maxlen: 24
31.22.115.0/24 maxlen: 24
31.22.116.0/24 maxlen: 24
31.22.119.0/24 maxlen: 24
185.23.88.0/24 maxlen: 24
185.23.89.0/24 maxlen: 24
2a00:6620:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/jqQ7s41uC-jCiQlLpK3zh9DeQKA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/jqQ7s41uC-jCiQlLpK3zh9DeQKA.mft
rsync://rpki.ripe.net/repository/DEFAULT/jqQ7s41uC-jCiQlLpK3zh9DeQKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 15:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:ab:a0:77:22:3e:8b:e1:8d:e9:38:47:db:e2:f5:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ea43bb38d6e0be8c289094ba4adf387d0de40a0
Validity
Not Before: May 13 12:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a2bae55d0c7c3bb42361efef3c137ada4ae21f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:2e:69:92:73:df:07:13:31:1c:4f:a8:73:7d:
fe:73:ae:d6:55:62:eb:c4:c6:ae:86:9e:c9:8b:4c:
ee:74:9f:c2:5e:07:9c:25:c3:ec:ca:78:12:16:de:
cf:03:04:f6:55:c4:c0:a1:25:2b:b0:5d:1c:9a:12:
de:b8:65:7b:d9:45:36:b9:61:23:94:5b:90:eb:07:
d3:6a:3d:4c:c7:c9:5e:c1:26:d1:bc:dc:ce:50:a1:
41:47:25:89:4f:af:ce:68:4f:23:b7:aa:8e:bb:b3:
3d:00:3e:ca:5a:5b:29:66:18:0d:b9:e4:ef:65:cb:
64:61:b0:06:d1:9f:dd:b9:eb:d4:b8:6e:48:dd:a4:
d6:7d:ae:e2:e8:98:3b:8b:e9:9a:67:4a:1e:4b:57:
a8:2d:90:bd:24:4a:36:14:e3:8f:b2:01:52:fc:21:
64:34:31:6d:f6:33:9d:40:31:c9:03:f3:27:1e:98:
47:ae:99:b3:88:fe:62:c4:1c:5b:c4:ae:40:cb:c8:
cf:8c:a8:e2:80:5c:d2:e4:a0:70:4e:16:b7:6b:3c:
6a:3e:0d:e9:71:85:46:53:24:27:48:44:fe:a1:82:
e9:32:e7:a9:23:26:0e:a5:af:24:e2:55:e0:68:28:
e6:a7:67:da:f5:e4:e7:f6:48:61:e0:3a:6a:10:57:
76:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:2B:AE:55:D0:C7:C3:BB:42:36:1E:FE:F3:C1:37:AD:A4:AE:21:F7
X509v3 Authority Key Identifier:
keyid:8E:A4:3B:B3:8D:6E:0B:E8:C2:89:09:4B:A4:AD:F3:87:D0:DE:40:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jqQ7s41uC-jCiQlLpK3zh9DeQKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/eiuuVdDHw7tCNh7-88E3raSuIfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6f85b1-6a3c-408d-a39b-24f7f9436cec/1/jqQ7s41uC-jCiQlLpK3zh9DeQKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.112.0-31.22.116.255
31.22.119.0/24
185.23.88.0/23
IPv6:
2a00:6620:2000::/48
Signature Algorithm: sha256WithRSAEncryption
0a:62:e5:bb:1d:dd:9e:01:b6:71:43:67:8b:24:2f:3e:70:2b:
0e:ce:4b:70:76:dd:23:a4:78:99:b7:36:81:c7:40:13:98:86:
5b:cb:bd:0a:ce:39:5f:e7:bc:2d:76:d0:50:db:4d:e9:f7:04:
a1:57:cc:4f:19:78:7f:a8:9c:24:ef:05:2f:25:96:3c:f9:ea:
4e:5a:11:1c:b8:38:3c:04:17:fd:15:7f:b9:b4:ae:51:37:65:
32:f5:e2:12:22:7d:fb:f5:b4:78:43:65:df:62:3c:4f:24:d4:
b6:18:e6:63:f5:08:2e:74:f2:5e:d6:df:a5:57:62:31:6b:24:
40:8a:be:76:47:78:87:e5:5f:f8:3a:4d:01:6b:c4:f1:3a:97:
5b:13:c1:0b:6f:f5:b7:2b:21:15:23:20:18:8f:fe:eb:d2:75:
f2:9f:e8:35:ae:dd:9a:78:30:c7:4a:70:59:fc:1d:67:27:49:
53:f0:fe:09:6f:89:e2:c4:c8:19:1f:70:04:1e:a4:5c:cd:7f:
da:f6:13:d9:46:e2:c9:f7:31:26:45:a1:89:c4:72:80:96:3d:
27:27:93:a1:81:be:12:ed:31:20:a6:95:d7:88:89:c3:5b:c4:
57:4d:85:45:b3:88:34:ec:19:63:49:20:eb:40:14:a6:ae:56:
c0:21:ed:01
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZbJq6B3Ij6L4Y3pOEfb4vVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYTQzYmIzOGQ2ZTBiZThjMjg5MDk0YmE0YWRmMzg3ZDBk
ZTQwYTAwHhcNMjUwNTEzMTI0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTJiYWU1NWQwYzdjM2JiNDIzNjFlZmVmM2MxMzdhZGE0YWUyMWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4y5pknPfBxMxHE+oc33+c67WVWLr
xMauhp7Ji0zudJ/CXgecJcPsyngSFt7PAwT2VcTAoSUrsF0cmhLeuGV72UU2uWEj
lFuQ6wfTaj1Mx8lewSbRvNzOUKFBRyWJT6/OaE8jt6qOu7M9AD7KWlspZhgNueTv
ZctkYbAG0Z/duevUuG5I3aTWfa7i6Jg7i+maZ0oeS1eoLZC9JEo2FOOPsgFS/CFk
NDFt9jOdQDHJA/MnHphHrpmziP5ixBxbxK5Ay8jPjKjigFzS5KBwTha3azxqPg3p
cYVGUyQnSET+oYLpMuepIyYOpa8k4lXgaCjmp2fa9eTn9khh4DpqEFd2YQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFHorrlXQx8O7QjYe/vPBN62kriH3MB8GA1UdIwQY
MBaAFI6kO7ONbgvowokJS6St84fQ3kCgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanFRN3M0MXVDLWpDaVFsTHBLM3poOURlUUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82Zjg1YjEtNmEzYy00MDhkLWEzOWIt
MjRmN2Y5NDM2Y2VjLzEvZWl1dVZkREh3N3RDTmg3LTg4RTNyYVN1SWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82Zjg1YjEtNmEzYy00MDhkLWEzOWItMjRmN2Y5NDM2Y2Vj
LzEvanFRN3M0MXVDLWpDaVFsTHBLM3poOURlUUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBAQfFnAD
BAAfFnQDBAAfFncDBAG5F1gwDwQCAAIwCQMHACoAZiAgADANBgkqhkiG9w0BAQsF
AAOCAQEACmLlux3dngG2cUNniyQvPnArDs5LcHbdI6R4mbc2gcdAE5iGW8u9Cs45
X+e8LXbQUNtN6fcEoVfMTxl4f6icJO8FLyWWPPnqTloRHLg4PAQX/RV/ubSuUTdl
MvXiEiJ9+/W0eENl32I8TyTUthjmY/UILnTyXtbfpVdiMWskQIq+dkd4h+Vf+DpN
AWvE8TqXWxPBC2/1tyshFSMgGI/+69J18p/oNa7dmngwx0pwWfwdZydJU/D+CW+J
4sTIGR9wBB6kXM1/2vYT2UbiyfcxJkWhicRygJY9JyeToYG+Eu0xIKaV14iJw1vE
V02FRbOINOwZY0kg60AUpq5WwCHtAQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:46:27 2025 by rpki-client