Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ALGJMHzxFrT0U5pLkxEMSYvK-D8.roa
File: ALGJMHzxFrT0U5pLkxEMSYvK-D8.roa (raw, json)
Hash identifier: 7Ex6+KtPRbpyBHZLzqzjSPK7fE4PVujyB/6IQ1mOzDY=
Subject key identifier: 00:B1:89:30:7C:F1:16:B4:F4:53:9A:4B:93:11:0C:49:8B:CA:F8:3F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0198406F7F2056E4DE321F0195C670D277A9
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ALGJMHzxFrT0U5pLkxEMSYvK-D8.roa
Signing time: Fri 25 Jul 2025 07:15:05 +0000
ROA not before: Fri 25 Jul 2025 07:15:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 31.56.220.0/24 maxlen: 24
31.57.52.0/24 maxlen: 24
31.57.186.0/24 maxlen: 24
31.59.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 22:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:40:6f:7f:20:56:e4:de:32:1f:01:95:c6:70:d2:77:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 25 07:15:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00b189307cf116b4f4539a4b93110c498bcaf83f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b2:c0:74:56:be:f4:cc:9d:d7:80:d3:92:f7:
52:8c:73:56:28:13:74:e5:0b:fb:f5:63:b0:f5:1b:
03:12:02:2e:c5:81:80:e7:1a:c0:f2:cc:2d:9e:5d:
36:e4:22:f5:c7:41:d7:2f:5b:dc:ea:38:79:17:63:
40:60:13:86:9b:68:8c:e3:ed:b1:8c:d8:81:bb:1d:
92:5a:d7:cd:a9:27:b6:7d:90:13:fa:19:1b:98:45:
d1:1d:e8:33:db:82:0f:dd:ee:8c:42:cc:14:35:22:
bb:52:fc:96:21:0c:0c:12:b0:fc:e2:0c:e5:25:8c:
eb:29:81:9d:21:45:0d:4b:e5:35:5c:68:71:40:4e:
85:88:3e:97:fb:f1:09:ef:35:d0:88:0b:60:24:81:
dc:21:a7:10:dd:7b:ca:f9:ae:d3:87:40:1c:7f:3e:
c7:c1:14:07:ca:3b:bd:3f:75:cb:e8:e2:e4:e6:5e:
1b:01:85:77:c2:83:38:e8:15:b0:96:06:70:b9:fd:
ba:36:70:74:c3:f1:8c:11:3e:74:9a:6c:77:39:24:
b0:72:77:59:c1:72:75:34:09:ca:5c:8d:9b:be:6b:
82:32:be:e2:5b:00:d8:d7:6f:3a:88:fe:8d:57:b5:
4c:82:72:17:7a:a1:7b:b0:4c:11:48:82:64:4a:95:
ee:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B1:89:30:7C:F1:16:B4:F4:53:9A:4B:93:11:0C:49:8B:CA:F8:3F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ALGJMHzxFrT0U5pLkxEMSYvK-D8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.220.0/24
31.57.52.0/24
31.57.186.0/24
31.59.173.0/24
Signature Algorithm: sha256WithRSAEncryption
59:60:5a:a4:b4:d1:e9:64:33:cb:fc:fd:18:4d:28:fa:23:c9:
22:89:ac:44:f3:3f:cc:a8:42:a1:77:1a:32:a1:29:46:77:66:
80:3c:7d:32:66:61:3c:b7:f7:34:79:0d:e7:79:0d:8b:f6:8f:
cc:73:61:89:fb:e0:f7:d5:90:2a:a9:2d:2f:13:02:7a:08:fa:
f3:6f:71:ab:61:4c:99:f8:44:2e:0a:00:dd:cd:d8:17:85:e0:
2d:cc:cf:c0:42:17:3a:60:19:65:7e:bf:60:7f:45:68:b0:40:
44:71:62:07:9a:19:71:d0:fd:25:9f:0b:5f:8e:72:98:4a:a2:
ee:44:9a:a0:27:89:ad:c3:e9:e8:7f:24:25:f3:a9:58:0d:f3:
ba:7c:35:4a:0c:3d:37:db:9c:ed:ad:60:a2:71:4e:74:fd:0b:
74:64:ac:e7:35:92:73:eb:71:c4:f3:7b:99:c3:c8:e0:97:67:
5b:df:f8:49:dd:78:45:20:ef:db:81:1d:48:5c:11:48:4e:56:
60:e0:87:30:51:ff:28:87:a0:90:dd:80:82:9e:ac:a1:ea:c7:
60:3d:59:e4:03:80:2a:ab:03:e2:2b:a8:de:c8:42:83:c2:27:
65:d8:c8:58:b5:04:db:90:40:89:ed:68:bf:60:25:b6:13:18:
b2:59:c4:13
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZhAb38gVuTeMh8BlcZw0nepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzI1MDcxNTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGIxODkzMDdjZjExNmI0ZjQ1MzlhNGI5MzExMGM0OThiY2FmODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrLAdFa+9Myd14DTkvdSjHNWKBN0
5Qv79WOw9RsDEgIuxYGA5xrA8swtnl025CL1x0HXL1vc6jh5F2NAYBOGm2iM4+2x
jNiBux2SWtfNqSe2fZAT+hkbmEXRHegz24IP3e6MQswUNSK7UvyWIQwMErD84gzl
JYzrKYGdIUUNS+U1XGhxQE6FiD6X+/EJ7zXQiAtgJIHcIacQ3XvK+a7Th0Acfz7H
wRQHyju9P3XL6OLk5l4bAYV3woM46BWwlgZwuf26NnB0w/GMET50mmx3OSSwcndZ
wXJ1NAnKXI2bvmuCMr7iWwDY1286iP6NV7VMgnIXeqF7sEwRSIJkSpXuKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFACxiTB88Ra09FOaS5MRDEmLyvg/MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQUxHSk1IenhGclQwVTVwTGt4RU1TWXZLLUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzjcAwQA
Hzk0AwQAHzm6AwQAHzutMA0GCSqGSIb3DQEBCwUAA4IBAQBZYFqktNHpZDPL/P0Y
TSj6I8kiiaxE8z/MqEKhdxoyoSlGd2aAPH0yZmE8t/c0eQ3neQ2L9o/Mc2GJ++D3
1ZAqqS0vEwJ6CPrzb3GrYUyZ+EQuCgDdzdgXheAtzM/AQhc6YBllfr9gf0VosEBE
cWIHmhlx0P0lnwtfjnKYSqLuRJqgJ4mtw+nofyQl86lYDfO6fDVKDD0325ztrWCi
cU50/Qt0ZKznNZJz63HE83uZw8jgl2db3/hJ3XhFIO/bgR1IXBFITlZg4IcwUf8o
h6CQ3YCCnqyh6sdgPVnkA4AqqwPiK6jeyEKDwidl2MhYtQTbkECJ7Wi/YCW2Exiy
WcQT
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:39:37 2025 by rpki-client