Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HMO9H7TrLQScQTFPyJNmUv_yTRU.roa
File: HMO9H7TrLQScQTFPyJNmUv_yTRU.roa (raw, json)
Hash identifier: znR6lcbAHdqwRVNVn/33OHT9tegJbT9I++nuFMxkaWg=
Subject key identifier: 1C:C3:BD:1F:B4:EB:2D:04:9C:41:31:4F:C8:93:66:52:FF:F2:4D:15
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0198030AB1DF2650162BB4CBDE53F920CFB8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HMO9H7TrLQScQTFPyJNmUv_yTRU.roa
Signing time: Sun 13 Jul 2025 09:08:09 +0000
ROA not before: Sun 13 Jul 2025 09:08:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.59.79.0/24 maxlen: 24
31.59.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 22:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:03:0a:b1:df:26:50:16:2b:b4:cb:de:53:f9:20:cf:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 13 09:08:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cc3bd1fb4eb2d049c41314fc8936652fff24d15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:05:54:bf:a7:4d:10:ae:b6:cd:89:3a:97:21:
f6:71:57:81:d0:99:d2:f2:cc:94:bd:0e:d7:60:38:
74:87:82:1f:ae:38:c1:5d:3c:9c:c4:df:e9:bd:1b:
0e:65:6a:b8:49:0c:66:af:4e:fc:c3:3f:a8:e3:5e:
1b:9e:d5:54:b8:ad:e3:5a:76:14:e5:cf:af:2c:53:
8b:bc:38:ea:ae:34:0c:0e:bf:0f:ae:31:74:c2:e8:
31:8f:8f:dc:3b:cf:8d:b9:56:f9:b9:e0:a9:e7:6e:
52:28:11:fd:50:a4:fe:82:80:84:64:71:b7:e3:b7:
35:35:ee:aa:88:0d:05:d9:20:50:25:0e:a0:a9:42:
1c:d1:29:e7:19:08:be:c8:e7:59:0a:34:cf:f7:a1:
65:5f:a3:0f:de:88:c4:58:0f:cc:0b:79:8b:82:7e:
df:0c:b7:98:ce:ad:c0:a1:20:eb:df:04:e4:bc:f2:
a9:f0:a9:19:24:a6:fc:44:c6:e5:ee:26:23:32:0d:
d5:b4:74:6f:98:22:44:e7:38:89:5b:9c:e9:0f:83:
b5:69:9c:2d:dd:f1:0f:5e:99:12:89:bd:b7:5d:7f:
c8:c8:39:83:58:49:42:34:7d:e7:ab:d2:99:a1:08:
19:67:c5:01:a3:e6:7e:e6:2c:0f:05:6b:dc:e2:b8:
89:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C3:BD:1F:B4:EB:2D:04:9C:41:31:4F:C8:93:66:52:FF:F2:4D:15
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HMO9H7TrLQScQTFPyJNmUv_yTRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.126.0/24
31.56.142.0/23
31.56.148.0/22
31.57.114.0/24
31.57.116.0/24
31.59.79.0/24
31.59.228.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:8a:bd:fc:d3:16:b9:7c:33:47:62:34:c7:fa:ca:d4:5d:b6:
86:bf:0f:ba:03:e1:7f:c8:1b:9f:87:a9:d7:72:8e:d4:e7:10:
c8:ed:09:7a:e0:bc:bf:0c:67:c7:10:c4:d2:cb:99:9a:26:42:
7a:5d:c8:db:71:e9:16:10:7d:ad:97:92:b2:d8:2e:93:4c:cd:
0b:45:2d:26:68:b5:ff:11:57:53:37:bc:30:3a:15:dc:4e:31:
fc:a9:21:d3:48:31:78:7d:de:ba:dd:17:01:9b:f7:11:1a:c9:
b0:d9:ee:ac:82:a1:54:31:6c:b9:78:20:2e:be:57:cf:83:43:
7c:86:95:b9:69:6e:9c:d7:17:da:ce:e2:cc:a9:86:91:82:3d:
9f:5d:17:11:24:f5:20:13:b6:0b:e5:3d:07:9f:92:34:24:e1:
36:37:98:d9:40:4f:84:b8:80:f4:0b:0d:8a:a5:de:26:8a:f1:
43:38:a3:cd:5d:ca:e5:2f:d3:d3:7d:3c:83:34:04:87:e9:21:
b4:4a:c0:f5:97:ee:38:34:08:64:2a:a7:65:fb:6f:8b:76:ad:
da:f8:40:27:35:85:4f:ec:92:e0:d3:72:c5:cb:a2:ec:be:32:
75:6d:00:66:d7:c8:88:85:a0:1c:9e:51:c3:62:6c:52:52:44:
4e:d8:d0:c2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZgDCrHfJlAWK7TL3lP5IM+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzEzMDkwODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2MzYmQxZmI0ZWIyZDA0OWM0MTMxNGZjODkzNjY1MmZmZjI0ZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QVUv6dNEK62zYk6lyH2cVeB0JnS
8syUvQ7XYDh0h4IfrjjBXTycxN/pvRsOZWq4SQxmr078wz+o414bntVUuK3jWnYU
5c+vLFOLvDjqrjQMDr8PrjF0wugxj4/cO8+NuVb5ueCp525SKBH9UKT+goCEZHG3
47c1Ne6qiA0F2SBQJQ6gqUIc0SnnGQi+yOdZCjTP96FlX6MP3ojEWA/MC3mLgn7f
DLeYzq3AoSDr3wTkvPKp8KkZJKb8RMbl7iYjMg3VtHRvmCJE5ziJW5zpD4O1aZwt
3fEPXpkSib23XX/IyDmDWElCNH3nq9KZoQgZZ8UBo+Z+5iwPBWvc4riJqwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBzDvR+06y0EnEExT8iTZlL/8k0VMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSE1POUg3VHJMUVNjUVRGUHlKTm1Vdl95VFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDHzgIAwQA
Hzh+AwQBHziOAwQCHziUAwQAHzlyAwQAHzl0AwQAHztPAwQAHzvkMA0GCSqGSIb3
DQEBCwUAA4IBAQArir380xa5fDNHYjTH+srUXbaGvw+6A+F/yBufh6nXco7U5xDI
7Ql64Ly/DGfHEMTSy5maJkJ6XcjbcekWEH2tl5Ky2C6TTM0LRS0maLX/EVdTN7ww
OhXcTjH8qSHTSDF4fd663RcBm/cRGsmw2e6sgqFUMWy5eCAuvlfPg0N8hpW5aW6c
1xfazuLMqYaRgj2fXRcRJPUgE7YL5T0Hn5I0JOE2N5jZQE+EuID0Cw2Kpd4mivFD
OKPNXcrlL9PTfTyDNASH6SG0SsD1l+44NAhkKqdl+2+Ldq3a+EAnNYVP7JLg03LF
y6LsvjJ1bQBm18iIhaAcnlHDYmxSUkRO2NDC
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:40:13 2025 by rpki-client