Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/7F1yiKEYKouWihYF8HTBUaTI47E.roa
File: 7F1yiKEYKouWihYF8HTBUaTI47E.roa (raw, json)
Hash identifier: tm6BKX09j0bHv6O18XbmyrZDYil3UoQrnt4LzUAov5U=
Subject key identifier: EC:5D:72:88:A1:18:2A:8B:96:8A:16:05:F0:74:C1:51:A4:C8:E3:B1
Certificate issuer: /CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Certificate serial: 01973FA0946EE3E8609E590E10F1B72F6BE4
Authority key identifier: DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/7F1yiKEYKouWihYF8HTBUaTI47E.roa
Signing time: Thu 05 Jun 2025 10:26:17 +0000
ROA not before: Thu 05 Jun 2025 10:26:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200350
IP address blocks: 31.44.8.0/21 maxlen: 24
37.230.172.0/22 maxlen: 24
37.230.188.0/22 maxlen: 24
45.133.96.0/22 maxlen: 24
46.21.244.0/22 maxlen: 24
51.250.0.0/17 maxlen: 24
62.84.112.0/20 maxlen: 24
84.201.128.0/18 maxlen: 24
84.252.128.0/20 maxlen: 24
89.169.128.0/18 maxlen: 24
89.232.188.0/22 maxlen: 24
92.255.1.0/24 maxlen: 24
92.255.3.0/24 maxlen: 24
93.77.160.0/19 maxlen: 24
130.193.32.0/19 maxlen: 24
158.160.0.0/16 maxlen: 24
178.154.192.0/18 maxlen: 24
185.206.164.0/22 maxlen: 24
185.216.194.0/23 maxlen: 24
193.32.216.0/22 maxlen: 24
213.165.192.0/19 maxlen: 24
217.28.224.0/20 maxlen: 24
217.198.168.0/21 maxlen: 24
2a0d:d6c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:a0:94:6e:e3:e8:60:9e:59:0e:10:f1:b7:2f:6b:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Validity
Not Before: Jun 5 10:26:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec5d7288a1182a8b968a1605f074c151a4c8e3b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:15:44:43:bd:96:78:00:3d:3d:e3:49:25:e7:
1d:c5:ed:63:ad:50:7b:5c:72:64:0b:a0:15:a7:db:
fe:c5:7f:e6:3c:54:09:e3:9c:4b:12:d6:46:f6:c9:
29:2c:a0:ac:2a:f4:f4:10:bb:9b:a7:a7:e5:66:8c:
51:ec:54:b2:31:09:f0:46:e0:1b:38:75:be:66:97:
2f:05:98:ba:af:0e:cd:77:3c:25:02:0c:69:ed:95:
39:5a:d0:d8:e4:ab:9f:33:21:a0:06:bb:80:d4:c2:
c2:28:d0:19:96:45:6e:23:25:ca:a1:33:15:36:04:
14:62:f6:ce:53:6e:35:30:48:43:a9:ed:72:17:c9:
99:27:56:ed:f8:92:9b:f3:70:76:dc:91:dc:4f:44:
75:a1:d0:27:f7:a8:9d:cb:ef:c6:58:97:9a:e7:e2:
1a:4a:63:97:cf:e3:ae:73:3e:64:b0:dd:eb:1d:3b:
c6:1a:65:65:a1:c6:5b:8c:81:df:cc:96:91:19:91:
b5:ae:29:ac:b4:f3:fd:bf:27:33:13:2a:61:12:05:
68:bc:da:21:32:f8:a4:62:f3:68:2e:10:dc:bc:78:
0d:d8:4c:79:c9:b6:17:60:bd:c7:91:f6:62:d3:f6:
e8:b6:eb:23:0c:2a:bc:6a:40:af:b1:e8:1d:b2:5a:
ff:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:5D:72:88:A1:18:2A:8B:96:8A:16:05:F0:74:C1:51:A4:C8:E3:B1
X509v3 Authority Key Identifier:
keyid:DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/7F1yiKEYKouWihYF8HTBUaTI47E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.8.0/21
37.230.172.0/22
37.230.188.0/22
45.133.96.0/22
46.21.244.0/22
51.250.0.0/17
62.84.112.0/20
84.201.128.0/18
84.252.128.0/20
89.169.128.0/18
89.232.188.0/22
92.255.1.0/24
92.255.3.0/24
93.77.160.0/19
130.193.32.0/19
158.160.0.0/16
178.154.192.0/18
185.206.164.0/22
185.216.194.0/23
193.32.216.0/22
213.165.192.0/19
217.28.224.0/20
217.198.168.0/21
IPv6:
2a0d:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
12:d6:83:59:35:4d:36:15:78:13:2b:d1:5a:2e:40:cf:04:31:
10:1c:dc:b5:90:9b:e5:d9:93:d1:9f:57:c9:1c:37:91:fc:4a:
10:21:6f:b7:da:c5:51:08:d5:40:b3:39:97:c3:a7:0a:d6:81:
c7:08:e1:16:8c:c2:6a:32:fd:90:dc:1d:35:d3:c4:83:bd:f3:
f1:a4:4e:0e:01:97:55:44:04:5c:da:3c:9a:34:fb:ff:e9:d8:
ba:fa:aa:68:0a:bb:80:81:bb:bd:85:3c:02:f3:55:32:95:81:
fa:a8:a4:05:ae:84:4b:bd:cd:21:92:6e:8c:fd:5f:ac:33:cc:
6c:2d:ae:4f:d7:50:40:c9:8d:da:a8:24:84:8e:b0:a0:f7:dc:
59:5a:d2:ee:b7:d0:09:28:93:be:d0:57:05:53:4f:2b:b1:1c:
8b:20:8e:5a:59:76:af:06:15:f8:23:81:09:85:09:03:a6:df:
21:af:cb:f4:2b:55:ce:34:61:92:c7:c7:28:b9:10:03:fd:07:
2a:6b:a1:ef:ab:e1:1a:12:f9:e4:b6:ec:9a:e0:a6:3d:1a:b8:
71:20:60:63:10:a2:3a:9a:e1:71:80:3c:97:ce:61:13:00:8f:
29:80:6c:3b:57:83:78:48:14:a1:6a:1b:44:ff:58:e7:39:d2:
68:e1:fb:07
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZc/oJRu4+hgnlkOEPG3L2vkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODZlM2U5MjhjN2YwYzlkYjY5NTE1ZmYzYWExZjY3OGNl
ZTQzYzAwHhcNMjUwNjA1MTAyNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzVkNzI4OGExMTgyYThiOTY4YTE2MDVmMDc0YzE1MWE0YzhlM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxVEQ72WeAA9PeNJJecdxe1jrVB7
XHJkC6AVp9v+xX/mPFQJ45xLEtZG9skpLKCsKvT0ELubp6flZoxR7FSyMQnwRuAb
OHW+ZpcvBZi6rw7NdzwlAgxp7ZU5WtDY5KufMyGgBruA1MLCKNAZlkVuIyXKoTMV
NgQUYvbOU241MEhDqe1yF8mZJ1bt+JKb83B23JHcT0R1odAn96idy+/GWJea5+Ia
SmOXz+Oucz5ksN3rHTvGGmVlocZbjIHfzJaRGZG1rimstPP9vyczEyphEgVovNoh
MvikYvNoLhDcvHgN2Ex5ybYXYL3HkfZi0/botusjDCq8akCvsegdslr//wIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFOxdcoihGCqLlooWBfB0wVGkyOOxMB8GA1UdIwQY
MBaAFNyG4+kox/DJ22lRX/OqH2eM7kPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjIt
OWM4ZTU5YzI3NzFjLzEvN0YxeWlLRVlLb3VXaWhZRjhIVEJVYVRJNDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjItOWM4ZTU5YzI3NzFj
LzEvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBkAQCAAEwgYkDBAMf
LAgDBAIl5qwDBAIl5rwDBAIthWADBAIuFfQDBAcz+gADBAQ+VHADBAZUyYADBARU
/IADBAZZqYADBAJZ6LwDBABc/wEDBABc/wMDBAVdTaADBAWCwSADAwCeoAMEBrKa
wAMEArnOpAMEAbnYwgMEAsEg2AMEBdWlwAMEBNkc4AMEA9nGqDANBAIAAjAHAwUD
Kg3WwDANBgkqhkiG9w0BAQsFAAOCAQEAEtaDWTVNNhV4EyvRWi5AzwQxEBzctZCb
5dmT0Z9XyRw3kfxKECFvt9rFUQjVQLM5l8OnCtaBxwjhFozCajL9kNwdNdPEg73z
8aRODgGXVUQEXNo8mjT7/+nYuvqqaAq7gIG7vYU8AvNVMpWB+qikBa6ES73NIZJu
jP1frDPMbC2uT9dQQMmN2qgkhI6woPfcWVrS7rfQCSiTvtBXBVNPK7EciyCOWll2
rwYV+COBCYUJA6bfIa/L9CtVzjRhksfHKLkQA/0HKmuh76vhGhL55LbsmuCmPRq4
cSBgYxCiOprhcYA8l85hEwCPKYBsO1eDeEgUoWobRP9Y5znSaOH7Bw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:18:35 2025 by rpki-client