Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KhEo8v1L6ArW-DwJ2bPRNtWSrzA.roa
File: KhEo8v1L6ArW-DwJ2bPRNtWSrzA.roa (raw, json)
Hash identifier: b77KsAA7XIazWRwaZ5CCjrgvVeHF+WrfgzpL9pwPSq0=
Subject key identifier: 2A:11:28:F2:FD:4B:E8:0A:D6:F8:3C:09:D9:B3:D1:36:D5:92:AF:30
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01982C996154005FD70079DAEE6D237C01D8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KhEo8v1L6ArW-DwJ2bPRNtWSrzA.roa
Signing time: Mon 21 Jul 2025 10:48:26 +0000
ROA not before: Mon 21 Jul 2025 10:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 31.56.192.0/22 maxlen: 22
31.56.216.0/22 maxlen: 22
31.57.196.0/24 maxlen: 24
31.57.238.0/24 maxlen: 24
31.58.169.0/24 maxlen: 24
31.59.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 22:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2c:99:61:54:00:5f:d7:00:79:da:ee:6d:23:7c:01:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 21 10:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a1128f2fd4be80ad6f83c09d9b3d136d592af30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:52:58:cd:df:46:f2:89:f3:a6:04:f9:a8:78:
26:5f:0d:12:c1:1f:6c:d5:a9:51:d6:da:ed:bb:af:
70:3a:01:e2:e8:90:51:98:35:e7:5d:5e:16:39:93:
f4:c5:96:d8:69:a8:53:4f:ec:8e:f6:57:02:a8:29:
85:af:12:37:e3:f3:38:4c:eb:27:bb:03:a4:f8:86:
d3:f3:73:f4:86:08:da:d3:08:15:1a:f5:df:05:59:
ec:59:b3:1a:af:c5:56:68:2e:72:71:45:02:10:fa:
72:65:34:51:ab:0c:ee:ef:07:79:b3:b9:b0:38:ee:
29:d1:93:53:b6:6f:2a:89:f5:fb:28:cd:2e:97:79:
66:35:10:0d:d3:70:ad:01:96:c5:ab:73:1b:c8:40:
cd:c1:18:46:10:c0:ad:57:a9:15:12:fb:ee:1e:12:
2d:6c:36:f1:e5:72:ca:17:3b:1f:33:3d:4a:e3:d4:
cf:f2:06:b9:42:e4:cd:4b:5e:64:35:11:cf:1e:b9:
86:62:54:3a:28:f6:cc:80:29:64:d8:ea:b3:68:6d:
57:7c:ce:f6:a9:5d:3d:47:93:f4:a1:ad:fe:05:2b:
78:0b:7b:9b:5d:c9:36:9e:17:b6:7b:c2:b5:5c:d8:
06:27:d4:4a:71:41:3b:3e:ed:ec:e9:c6:11:46:88:
ab:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:11:28:F2:FD:4B:E8:0A:D6:F8:3C:09:D9:B3:D1:36:D5:92:AF:30
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KhEo8v1L6ArW-DwJ2bPRNtWSrzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.192.0/22
31.56.216.0/22
31.57.196.0/24
31.57.238.0/24
31.58.169.0/24
31.59.172.0/24
Signature Algorithm: sha256WithRSAEncryption
17:cf:89:f5:5b:13:53:2c:e8:6a:68:71:9f:9c:67:10:85:f4:
b7:d9:29:8f:24:f0:73:b6:d0:c7:5a:c3:a3:ad:10:84:9c:89:
ac:45:11:3c:b4:2d:31:f8:46:fd:23:1f:c8:da:7e:cf:13:33:
45:08:81:13:40:c7:d8:ba:e6:b6:5e:41:ce:7d:f9:7f:c9:74:
bf:ef:6c:5e:4a:f3:c9:c0:e5:b0:f3:4d:43:e5:76:67:49:a3:
6b:84:67:6e:5b:11:5a:32:d3:63:2b:37:88:c3:fb:de:ab:68:
de:18:b4:75:14:7f:30:34:a3:43:97:d2:8f:b1:9f:04:1c:0e:
49:34:04:8a:84:23:a1:ad:5a:5b:ef:33:73:a4:85:21:c2:61:
40:84:54:c0:65:43:17:c0:8e:39:a9:cb:93:4f:86:8c:55:96:
ea:3f:a6:50:09:c2:6f:94:a5:f8:f3:6f:98:7a:e0:03:f6:e2:
67:c4:05:69:c5:d9:15:06:5a:4c:35:4a:71:98:23:c2:51:e7:
70:b2:4a:f7:66:9d:5f:a0:4d:09:5e:59:30:2f:52:c2:65:0e:
a6:40:77:ab:df:ad:93:86:21:d7:64:cc:c9:96:41:20:98:55:
ed:95:51:86:b5:51:1a:0d:c2:b1:e7:ed:9f:49:89:02:db:da:
95:ca:d6:ca
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZgsmWFUAF/XAHna7m0jfAHYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzIxMTA0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTExMjhmMmZkNGJlODBhZDZmODNjMDlkOWIzZDEzNmQ1OTJhZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lJYzd9G8onzpgT5qHgmXw0SwR9s
1alR1trtu69wOgHi6JBRmDXnXV4WOZP0xZbYaahTT+yO9lcCqCmFrxI34/M4TOsn
uwOk+IbT83P0hgja0wgVGvXfBVnsWbMar8VWaC5ycUUCEPpyZTRRqwzu7wd5s7mw
OO4p0ZNTtm8qifX7KM0ul3lmNRAN03CtAZbFq3MbyEDNwRhGEMCtV6kVEvvuHhIt
bDbx5XLKFzsfMz1K49TP8ga5QuTNS15kNRHPHrmGYlQ6KPbMgClk2OqzaG1XfM72
qV09R5P0oa3+BSt4C3ubXck2nhe2e8K1XNgGJ9RKcUE7Pu3s6cYRRoirTwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCoRKPL9S+gK1vg8Cdmz0TbVkq8wMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvS2hFbzh2MUw2QXJXLUR3SjJiUFJOdFdTcnpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCHzjAAwQC
HzjYAwQAHznEAwQAHznuAwQAHzqpAwQAHzusMA0GCSqGSIb3DQEBCwUAA4IBAQAX
z4n1WxNTLOhqaHGfnGcQhfS32SmPJPBzttDHWsOjrRCEnImsRRE8tC0x+Eb9Ix/I
2n7PEzNFCIETQMfYuua2XkHOffl/yXS/72xeSvPJwOWw801D5XZnSaNrhGduWxFa
MtNjKzeIw/veq2jeGLR1FH8wNKNDl9KPsZ8EHA5JNASKhCOhrVpb7zNzpIUhwmFA
hFTAZUMXwI45qcuTT4aMVZbqP6ZQCcJvlKX482+YeuAD9uJnxAVpxdkVBlpMNUpx
mCPCUedwskr3Zp1foE0JXlkwL1LCZQ6mQHer362ThiHXZMzJlkEgmFXtlVGGtVEa
DcKx5+2fSYkC29qVytbK
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:36:53 2025 by rpki-client