Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2kjIWyC49ucndu1sWLCeO3SGTVA.roa
File: 2kjIWyC49ucndu1sWLCeO3SGTVA.roa (raw, json)
Hash identifier: Kg2lUlfL+sYHHTf4lpo23krXEkiu0dm1dHZRwPlJp6g=
Subject key identifier: DA:48:C8:5B:20:B8:F6:E7:27:76:ED:6C:58:B0:9E:3B:74:86:4D:50
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019932A475411E6ECEA52C974AC8F2BC1E76
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2kjIWyC49ucndu1sWLCeO3SGTVA.roa
Signing time: Wed 10 Sep 2025 08:01:02 +0000
ROA not before: Wed 10 Sep 2025 08:01:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210064
IP address blocks: 31.59.168.0/24 maxlen: 24
94.183.158.0/24 maxlen: 24
217.60.15.0/24 maxlen: 24
2a14:6e40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 10:28:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:32:a4:75:41:1e:6e:ce:a5:2c:97:4a:c8:f2:bc:1e:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 10 08:01:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da48c85b20b8f6e72776ed6c58b09e3b74864d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:e8:87:26:b2:7e:4e:67:9e:c8:af:0d:4d:ec:
30:5a:ea:af:36:3f:12:83:f4:05:73:96:a1:da:d2:
e5:ef:0b:8a:3a:61:71:58:db:b9:71:55:0b:4e:f3:
7e:67:5d:27:5c:af:fb:cc:35:f8:b7:d0:3c:60:b9:
ef:35:8b:16:fd:6e:3e:ad:f1:73:91:e9:1b:6a:cf:
38:32:0d:10:f8:7f:5a:60:90:b2:76:15:38:fb:68:
ea:b9:9d:14:16:b5:16:3a:58:f8:53:cf:66:31:e0:
18:1e:00:e7:b8:f6:2c:ad:b3:c4:c3:bb:f3:ef:9e:
cd:32:36:69:12:af:98:cd:68:25:f4:fe:a9:4a:cd:
4f:38:e7:c9:76:1d:c2:1b:33:a5:72:98:5a:75:d6:
8e:ce:3e:9b:3c:1a:69:23:ed:8c:c7:ac:22:8b:24:
0a:8a:27:01:7e:e0:86:c2:b1:4e:ff:3e:97:3a:4a:
72:53:75:bf:f6:c8:20:82:2d:4b:3e:d0:13:48:73:
47:f0:19:7d:24:15:fc:68:30:40:14:8b:65:71:52:
ce:cc:f3:a1:2b:aa:a1:58:fc:af:7a:09:3a:04:78:
76:d4:07:6d:db:d0:0a:dd:db:1e:76:dd:68:74:2e:
74:b4:48:11:52:96:39:f0:c8:81:ea:d9:fd:66:12:
4c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:48:C8:5B:20:B8:F6:E7:27:76:ED:6C:58:B0:9E:3B:74:86:4D:50
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2kjIWyC49ucndu1sWLCeO3SGTVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.59.168.0/24
94.183.158.0/24
217.60.15.0/24
IPv6:
2a14:6e40:1::/48
Signature Algorithm: sha256WithRSAEncryption
67:ab:d7:eb:8e:65:54:53:33:6f:f8:64:5a:18:45:ea:68:5e:
68:19:86:b2:29:78:91:d8:92:f7:17:bf:9c:ae:2d:6a:73:cc:
d5:2c:0b:95:f6:60:8c:d2:12:27:90:0c:9f:8f:72:58:4a:e0:
0d:de:7c:b0:02:13:a7:37:75:c6:d2:b7:c0:a5:54:f0:a1:e4:
aa:02:c2:33:cd:00:24:6f:98:be:3d:e0:0e:22:5c:4f:ff:60:
74:8c:c2:d2:83:e5:dc:7e:fe:da:f0:ce:3a:db:65:2c:2e:5d:
16:2e:b5:bd:ab:4f:e3:55:db:ff:ad:ff:1e:96:f6:6a:da:c4:
92:d8:58:8d:72:42:d4:05:c2:ec:08:95:26:1a:ca:ef:34:87:
b1:64:78:9c:c4:72:70:7c:20:d8:fb:52:01:05:02:af:da:dc:
a3:71:f0:ef:7b:1d:d1:65:31:2d:d3:28:71:70:e3:99:37:d5:
a9:c2:5f:39:6c:ea:35:51:cf:73:a5:53:12:e5:43:47:05:97:
a2:a9:b5:dc:dd:e1:f9:4c:da:ac:c4:cc:6b:49:35:55:dc:c5:
fe:ea:c7:96:21:89:7f:44:4e:af:ac:b0:ba:1e:1e:44:5b:a9:
50:53:bd:5b:ec:fe:45:9c:9f:3a:56:2c:8c:2b:52:02:ec:4b:
cc:91:9c:50
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZkypHVBHm7OpSyXSsjyvB52MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwOTEwMDgwMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQ4Yzg1YjIwYjhmNmU3Mjc3NmVkNmM1OGIwOWUzYjc0ODY0ZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8uiHJrJ+TmeeyK8NTewwWuqvNj8S
g/QFc5ah2tLl7wuKOmFxWNu5cVULTvN+Z10nXK/7zDX4t9A8YLnvNYsW/W4+rfFz
kekbas84Mg0Q+H9aYJCydhU4+2jquZ0UFrUWOlj4U89mMeAYHgDnuPYsrbPEw7vz
757NMjZpEq+YzWgl9P6pSs1POOfJdh3CGzOlcphaddaOzj6bPBppI+2Mx6wiiyQK
iicBfuCGwrFO/z6XOkpyU3W/9sgggi1LPtATSHNH8Bl9JBX8aDBAFItlcVLOzPOh
K6qhWPyvegk6BHh21Adt29AK3dsedt1odC50tEgRUpY58MiB6tn9ZhJMzQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNpIyFsguPbnJ3btbFiwnjt0hk1QMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMmtqSVd5QzQ5dWNuZHUxc1dMQ2VPM1NHVFZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAHzuoAwQA
XreeAwQA2TwPMA8EAgACMAkDBwAqFG5AAAEwDQYJKoZIhvcNAQELBQADggEBAGer
1+uOZVRTM2/4ZFoYRepoXmgZhrIpeJHYkvcXv5yuLWpzzNUsC5X2YIzSEieQDJ+P
clhK4A3efLACE6c3dcbSt8ClVPCh5KoCwjPNACRvmL494A4iXE//YHSMwtKD5dx+
/trwzjrbZSwuXRYutb2rT+NV2/+t/x6W9mraxJLYWI1yQtQFwuwIlSYayu80h7Fk
eJzEcnB8INj7UgEFAq/a3KNx8O97HdFlMS3TKHFw45k31anCXzls6jVRz3OlUxLl
Q0cFl6Kptdzd4flM2qzEzGtJNVXcxf7qx5YhiX9ETq+ssLoeHkRbqVBTvVvs/kWc
nzpWLIwrUgLsS8yRnFA=
-----END CERTIFICATE-----
Generated at Wed Sep 10 18:50:58 2025 by rpki-client