Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/B-ZyiP2W42s6rAPnPgjSpkgDrhE.roa
File: B-ZyiP2W42s6rAPnPgjSpkgDrhE.roa (raw, json)
Hash identifier: y9ArwsHbeMgslSW24i9NBE7FZ7/IRvLJDkBEBw9VG1M=
Subject key identifier: 07:E6:72:88:FD:96:E3:6B:3A:AC:03:E7:3E:08:D2:A6:48:03:AE:11
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0198099F4318BD633B8276AB35C1D4802925
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/B-ZyiP2W42s6rAPnPgjSpkgDrhE.roa
Signing time: Mon 14 Jul 2025 15:48:08 +0000
ROA not before: Mon 14 Jul 2025 15:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 31.56.52.0/22 maxlen: 22
31.56.190.0/24 maxlen: 24
31.57.199.0/24 maxlen: 24
31.59.68.0/24 maxlen: 24
31.59.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:9f:43:18:bd:63:3b:82:76:ab:35:c1:d4:80:29:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 14 15:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07e67288fd96e36b3aac03e73e08d2a64803ae11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:b0:56:ff:70:23:e8:11:49:ba:ef:6c:8f:d0:
e6:ac:ff:d4:da:4c:55:b0:28:e4:37:ef:1a:1f:81:
09:49:ed:cf:06:a7:60:a2:4c:ca:ac:82:43:8e:99:
a5:ff:59:a7:13:5d:1b:d7:61:82:90:5f:62:24:ae:
17:ab:ad:df:24:46:89:45:0b:7c:26:11:52:cf:bc:
dc:85:e9:b3:a2:06:76:25:47:a9:65:c6:3a:6f:46:
f5:1d:30:fc:87:ca:57:fe:a5:9c:dd:64:c4:c6:0b:
44:64:b7:28:fc:52:58:0f:25:4e:a7:1d:88:f8:97:
01:c5:b1:eb:13:d2:6b:73:29:9b:69:41:75:fc:9b:
6a:11:1d:96:98:d3:37:b0:5f:df:de:ed:9f:59:d0:
56:a2:4d:92:7a:74:49:fc:58:5c:61:67:cd:82:63:
ab:48:e2:0e:2b:d2:81:54:f9:2a:78:85:e8:5f:9a:
e4:17:ec:49:a7:7a:8c:1e:a3:c8:fb:45:24:9b:89:
0e:b9:3b:88:1f:79:f2:48:2f:3c:c4:cd:6e:cb:ee:
7d:f1:ba:a8:c8:88:45:0f:9e:af:3b:6b:78:72:c0:
dd:7d:9d:ad:88:ac:f0:93:a9:6c:12:ba:5f:02:ae:
f4:c2:49:b7:f2:66:dd:5f:8d:f7:af:a7:66:00:a4:
9c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E6:72:88:FD:96:E3:6B:3A:AC:03:E7:3E:08:D2:A6:48:03:AE:11
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/B-ZyiP2W42s6rAPnPgjSpkgDrhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.52.0/22
31.56.190.0/24
31.57.199.0/24
31.59.68.0/24
31.59.71.0/24
Signature Algorithm: sha256WithRSAEncryption
56:1f:12:cd:b2:9b:b6:57:03:3d:f6:6a:b7:00:c4:d5:c4:df:
22:01:8d:eb:b9:e5:59:83:9d:2d:b2:49:d9:8c:36:9f:6e:67:
83:f7:18:f8:ff:49:32:ce:2c:e2:0a:43:c4:68:54:9a:5e:a8:
08:7b:e8:30:5d:c7:1b:de:53:e2:81:82:d7:cb:c2:5c:64:00:
b6:47:82:0b:b1:19:f0:18:3f:25:32:27:43:7d:ac:c2:a5:0d:
a3:b2:35:6c:6d:eb:fe:ad:30:ec:56:a6:20:85:d9:54:bd:8a:
cf:7b:6d:10:40:83:04:be:b7:0f:2d:8c:21:a9:4b:04:49:0c:
ea:77:c7:a6:93:91:09:bf:4c:f1:2e:91:43:73:fb:b4:0f:cf:
b8:ef:76:e2:b6:2b:13:43:16:97:d7:82:6e:2c:9a:7d:a0:da:
28:3b:c2:9f:02:16:e5:48:05:e0:68:4f:be:67:c0:cb:a2:0d:
af:d5:78:2a:49:45:87:e5:a4:47:97:f4:56:91:66:b3:ed:70:
d1:0f:7d:b8:85:b0:63:f7:e4:ab:cf:40:ef:c1:d1:e9:5b:c9:
5c:ff:a1:e4:3f:9a:5b:71:b1:db:9d:1a:38:f8:d1:75:e0:53:
25:47:cf:4d:65:90:e4:60:e9:69:f8:50:83:3d:37:50:84:23:
cb:60:7f:91
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZgJn0MYvWM7gnarNcHUgCklMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzE0MTU0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2U2NzI4OGZkOTZlMzZiM2FhYzAzZTczZTA4ZDJhNjQ4MDNhZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8bBW/3Aj6BFJuu9sj9DmrP/U2kxV
sCjkN+8aH4EJSe3PBqdgokzKrIJDjpml/1mnE10b12GCkF9iJK4Xq63fJEaJRQt8
JhFSz7zchemzogZ2JUepZcY6b0b1HTD8h8pX/qWc3WTExgtEZLco/FJYDyVOpx2I
+JcBxbHrE9JrcymbaUF1/JtqER2WmNM3sF/f3u2fWdBWok2SenRJ/FhcYWfNgmOr
SOIOK9KBVPkqeIXoX5rkF+xJp3qMHqPI+0Ukm4kOuTuIH3nySC88xM1uy+598bqo
yIhFD56vO2t4csDdfZ2tiKzwk6lsErpfAq70wkm38mbdX433r6dmAKScQQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAfmcoj9luNrOqwD5z4I0qZIA64RMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQi1aeWlQMlc0MnM2ckFQblBnalNwa2dEcmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCHzg0AwQA
Hzi+AwQAHznHAwQAHztEAwQAHztHMA0GCSqGSIb3DQEBCwUAA4IBAQBWHxLNspu2
VwM99mq3AMTVxN8iAY3rueVZg50tsknZjDafbmeD9xj4/0kyziziCkPEaFSaXqgI
e+gwXccb3lPigYLXy8JcZAC2R4ILsRnwGD8lMidDfazCpQ2jsjVsbev+rTDsVqYg
hdlUvYrPe20QQIMEvrcPLYwhqUsESQzqd8emk5EJv0zxLpFDc/u0D8+473bitisT
QxaX14JuLJp9oNooO8KfAhblSAXgaE++Z8DLog2v1XgqSUWH5aRHl/RWkWaz7XDR
D324hbBj9+Srz0DvwdHpW8lc/6HkP5pbcbHbnRo4+NF14FMlR89NZZDkYOlp+FCD
PTdQhCPLYH+R
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:24:13 2025 by rpki-client