Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/634qCh-7Wv-PulTccVRL5SubKoY.roa
File: 634qCh-7Wv-PulTccVRL5SubKoY.roa (raw, json)
Hash identifier: 0R2UB26l/XKQi6S3Bw7SA9lJjofKcWTfh2pbN8kV6CI=
Subject key identifier: EB:7E:2A:0A:1F:BB:5A:FF:8F:BA:54:DC:71:54:4B:E5:2B:9B:2A:86
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0197E89C07C42EC72A7F554903CA95F98F2D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/634qCh-7Wv-PulTccVRL5SubKoY.roa
Signing time: Tue 08 Jul 2025 05:57:09 +0000
ROA not before: Tue 08 Jul 2025 05:57:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47376
IP address blocks: 31.56.211.0/24 maxlen: 24
94.183.150.0/24 maxlen: 24
94.183.151.0/24 maxlen: 24
94.183.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 02:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e8:9c:07:c4:2e:c7:2a:7f:55:49:03:ca:95:f9:8f:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 8 05:57:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb7e2a0a1fbb5aff8fba54dc71544be52b9b2a86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:98:df:f7:17:7b:75:43:43:ba:e2:ec:90:0c:
06:f6:49:c8:2b:0a:08:3e:d5:7f:07:21:f7:b1:df:
c7:11:46:53:d1:c6:cc:c9:61:a0:65:11:8b:dd:a0:
30:74:c1:f7:ce:45:9a:69:76:f8:0a:48:a1:f5:81:
91:8e:50:af:d1:54:c9:d9:62:eb:e1:64:77:a5:0a:
03:77:61:6b:ef:07:13:a6:d1:ad:83:c1:42:3f:b9:
c9:6c:eb:83:61:3a:90:2e:c0:92:66:96:de:92:78:
fe:9e:97:4b:a0:cc:30:05:95:83:6a:60:7e:fe:a4:
6b:88:5c:c9:7a:59:ce:1f:89:17:50:e0:e6:46:48:
52:af:89:be:c4:0b:6f:3d:77:7e:3b:ed:58:07:2b:
8b:3a:1e:5b:14:4f:9b:c9:7f:7a:1d:24:99:46:b2:
61:e7:b7:13:2e:01:2a:29:f0:dd:fe:e0:b8:24:8e:
61:b7:97:23:69:71:8d:12:b8:79:00:10:74:7b:be:
a3:04:ac:00:58:30:02:97:7b:84:6b:b7:7f:af:ff:
96:0d:a0:e0:d1:e6:9b:70:27:7b:28:1f:24:b5:43:
69:23:7b:c6:88:60:3e:12:bf:e2:0e:a7:f3:22:1f:
d6:a8:e2:6d:d8:9c:af:f9:95:0b:ff:1d:ec:22:e8:
08:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:7E:2A:0A:1F:BB:5A:FF:8F:BA:54:DC:71:54:4B:E5:2B:9B:2A:86
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/634qCh-7Wv-PulTccVRL5SubKoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.211.0/24
94.183.150.0/23
94.183.158.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:bc:e3:20:b2:9f:22:fd:df:dc:b9:ea:bb:fc:c3:db:a8:dd:
c9:7c:bc:4f:fb:b8:62:3d:68:18:45:68:06:a8:99:6a:05:e5:
da:e9:38:79:e2:ed:16:df:a9:86:e4:ed:1f:bb:3a:3a:78:cc:
69:9f:8c:86:09:4a:09:f1:10:6d:a8:9c:29:e7:3b:e4:dd:59:
47:5d:c0:40:93:88:18:f7:e2:a1:cf:f7:b5:64:ab:68:c6:ea:
cb:82:0f:f3:c0:23:fe:9c:35:f3:dd:94:63:7f:7a:2c:4c:93:
e0:9f:9b:63:50:a2:ff:0b:22:c6:59:17:cc:34:44:4b:96:cd:
22:44:0f:70:29:6c:a4:a7:e4:2b:60:bc:e1:ac:b1:b4:64:52:
19:6f:47:a4:1b:d1:81:25:fb:04:7e:30:72:64:36:5a:9d:93:
53:6c:7b:eb:d6:5d:ac:08:46:5c:7e:76:31:ac:d0:a9:f9:3a:
dc:a0:6f:da:cd:2d:ff:91:0a:b6:39:87:e5:ad:58:03:f7:8b:
19:21:6c:10:45:04:30:41:13:6d:2d:8d:22:f0:c9:36:17:2a:
89:7e:e1:d8:e3:27:31:9a:c2:0c:af:2b:65:3a:bf:c1:5f:e4:
85:34:ac:55:c4:fe:68:f8:d5:46:31:e1:2c:e9:8f:3f:7d:2c:
f3:f2:0a:33
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZfonAfELscqf1VJA8qV+Y8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzA4MDU1NzA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjdlMmEwYTFmYmI1YWZmOGZiYTU0ZGM3MTU0NGJlNTJiOWIyYTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5jf9xd7dUNDuuLskAwG9knIKwoI
PtV/ByH3sd/HEUZT0cbMyWGgZRGL3aAwdMH3zkWaaXb4Ckih9YGRjlCv0VTJ2WLr
4WR3pQoDd2Fr7wcTptGtg8FCP7nJbOuDYTqQLsCSZpbeknj+npdLoMwwBZWDamB+
/qRriFzJelnOH4kXUODmRkhSr4m+xAtvPXd+O+1YByuLOh5bFE+byX96HSSZRrJh
57cTLgEqKfDd/uC4JI5ht5cjaXGNErh5ABB0e76jBKwAWDACl3uEa7d/r/+WDaDg
0eabcCd7KB8ktUNpI3vGiGA+Er/iDqfzIh/WqOJt2Jyv+ZUL/x3sIugIVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOt+Kgofu1r/j7pU3HFUS+UrmyqGMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNjM0cUNoLTdXdi1QdWxUY2NWUkw1U3ViS29ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzjTAwQB
XreWAwQAXreeMA0GCSqGSIb3DQEBCwUAA4IBAQCKvOMgsp8i/d/cueq7/MPbqN3J
fLxP+7hiPWgYRWgGqJlqBeXa6Th54u0W36mG5O0fuzo6eMxpn4yGCUoJ8RBtqJwp
5zvk3VlHXcBAk4gY9+Khz/e1ZKtoxurLgg/zwCP+nDXz3ZRjf3osTJPgn5tjUKL/
CyLGWRfMNERLls0iRA9wKWykp+QrYLzhrLG0ZFIZb0ekG9GBJfsEfjByZDZanZNT
bHvr1l2sCEZcfnYxrNCp+TrcoG/azS3/kQq2OYflrVgD94sZIWwQRQQwQRNtLY0i
8Mk2FyqJfuHY4ycxmsIMrytlOr/BX+SFNKxVxP5o+NVGMeEs6Y8/fSzz8goz
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:39:05 2025 by rpki-client