Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2sJCY-hal0rZBQUvhFaknWQqKu4.roa
File: 2sJCY-hal0rZBQUvhFaknWQqKu4.roa (raw, json)
Hash identifier: 2AeR43STyk6Yc+c2Kk5dayI7QrUGyKo6Uf8A7WiA5EU=
Subject key identifier: DA:C2:42:63:E8:5A:97:4A:D9:05:05:2F:84:56:A4:9D:64:2A:2A:EE
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0199C2A3CE4380E30FEC78CF5789FA8B79F6
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2sJCY-hal0rZBQUvhFaknWQqKu4.roa
Signing time: Wed 08 Oct 2025 07:05:39 +0000
ROA not before: Wed 08 Oct 2025 07:05:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 31.56.89.0/24 maxlen: 24
31.56.211.0/24 maxlen: 24
31.56.213.0/24 maxlen: 24
31.56.214.0/24 maxlen: 24
31.58.239.0/24 maxlen: 24
31.59.186.0/24 maxlen: 24
94.183.160.0/24 maxlen: 24
94.183.174.0/24 maxlen: 24
94.183.175.0/24 maxlen: 24
94.183.176.0/24 maxlen: 24
94.183.178.0/24 maxlen: 24
94.183.181.0/24 maxlen: 24
217.60.14.0/24 maxlen: 24
217.60.198.0/24 maxlen: 24
217.60.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c2:a3:ce:43:80:e3:0f:ec:78:cf:57:89:fa:8b:79:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 8 07:05:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dac24263e85a974ad905052f8456a49d642a2aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:67:d8:00:d8:ae:3d:51:4c:fb:96:42:97:c2:
c1:51:27:00:87:f3:4a:59:40:04:1a:4e:15:76:35:
67:f7:95:2a:55:15:c3:1b:62:97:e6:c7:34:b8:99:
ac:cd:d5:4e:54:a7:50:13:fb:5b:00:0a:ef:56:23:
6c:35:b2:16:f7:ea:35:e7:6b:68:eb:71:3c:72:32:
b6:93:74:ac:14:77:6a:b2:20:d8:14:1b:2f:0c:49:
f1:da:31:6a:bc:5a:31:80:6d:9b:ab:6f:f7:07:d1:
06:56:2f:d4:bc:c6:9a:25:85:eb:44:71:5e:e2:81:
03:82:01:25:8b:42:6c:57:9f:0d:f9:7d:45:4e:00:
0f:e7:6d:54:4a:6b:03:e0:df:48:dc:99:05:db:4c:
70:1e:74:87:0a:5b:28:df:99:60:8b:b3:17:09:16:
28:59:4f:fa:98:82:6f:2d:17:e1:19:96:bc:51:9a:
38:88:05:61:6b:76:12:c2:5d:8e:25:e7:8a:df:f8:
0e:d9:54:b4:46:35:b3:cc:78:aa:9f:99:48:01:85:
a6:c8:76:6f:15:06:76:4a:d6:e7:f4:dc:7d:e7:71:
ab:6f:97:b6:82:09:96:cb:2f:45:9e:97:0c:e5:99:
17:1f:3b:e5:51:3e:c1:e2:37:d8:e3:b7:c3:18:1c:
71:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C2:42:63:E8:5A:97:4A:D9:05:05:2F:84:56:A4:9D:64:2A:2A:EE
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2sJCY-hal0rZBQUvhFaknWQqKu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.89.0/24
31.56.211.0/24
31.56.213.0-31.56.214.255
31.58.239.0/24
31.59.186.0/24
94.183.160.0/24
94.183.174.0-94.183.176.255
94.183.178.0/24
94.183.181.0/24
217.60.14.0/24
217.60.198.0/24
217.60.242.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:db:fa:1e:f1:90:62:75:11:ed:5c:1a:62:da:0f:67:fd:c0:
d7:bf:88:74:78:52:8a:b0:45:ee:30:98:75:a3:64:b9:e6:50:
b8:cf:ab:71:19:47:a0:ae:4c:9a:10:e1:18:d4:b7:22:17:be:
6d:2e:bc:6e:60:2f:c5:3b:1f:ab:a8:bf:f9:44:60:4b:ed:ba:
05:92:51:52:3d:36:3d:af:41:ea:fc:21:68:c7:d7:c4:bf:3f:
48:43:6e:53:a7:c8:02:ea:39:68:71:ed:f4:0d:9f:ba:e1:06:
cb:4b:89:e5:3c:55:08:2b:47:da:ce:2f:1d:7a:81:dd:b4:84:
75:2c:39:07:53:c6:58:86:45:cb:a6:b2:0b:b8:0e:6c:5a:ae:
4e:2f:ab:25:65:9d:65:fb:fd:ce:60:62:9d:83:8a:86:8e:24:
e5:91:d4:12:57:60:cb:8d:2e:d4:39:08:9e:91:de:25:a0:5d:
e9:33:52:9e:99:1c:bf:d8:55:f9:73:e5:9a:15:e3:76:42:4d:
4f:ae:e8:9c:a4:40:f7:34:d2:03:d6:29:90:bf:7e:94:81:55:
bd:a7:b8:b7:1f:4f:cf:1e:2e:95:44:47:79:35:6e:3b:3b:55:
bb:71:e7:38:7d:71:41:d3:f4:f4:76:9c:f5:bd:55:45:79:02:
d9:39:b3:ea
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZnCo85DgOMP7HjPV4n6i3n2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMDA4MDcwNTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWMyNDI2M2U4NWE5NzRhZDkwNTA1MmY4NDU2YTQ5ZDY0MmEyYWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmfYANiuPVFM+5ZCl8LBUScAh/NK
WUAEGk4VdjVn95UqVRXDG2KX5sc0uJmszdVOVKdQE/tbAArvViNsNbIW9+o152to
63E8cjK2k3SsFHdqsiDYFBsvDEnx2jFqvFoxgG2bq2/3B9EGVi/UvMaaJYXrRHFe
4oEDggEli0JsV58N+X1FTgAP521USmsD4N9I3JkF20xwHnSHClso35lgi7MXCRYo
WU/6mIJvLRfhGZa8UZo4iAVha3YSwl2OJeeK3/gO2VS0RjWzzHiqn5lIAYWmyHZv
FQZ2Stbn9Nx953Grb5e2ggmWyy9FnpcM5ZkXHzvlUT7B4jfY47fDGBxxFQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFNrCQmPoWpdK2QUFL4RWpJ1kKiruMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMnNKQ1ktaGFsMHJaQlFVdmhGYWtuV1FxS3U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAHzhZAwQA
HzjTMAwDBAAfONUDBAAfONYDBAAfOu8DBAAfO7oDBABet6AwDAMEAV63rgMEAF63
sAMEAF63sgMEAF63tQMEANk8DgMEANk8xgMEANk88jANBgkqhkiG9w0BAQsFAAOC
AQEAC9v6HvGQYnUR7VwaYtoPZ/3A17+IdHhSirBF7jCYdaNkueZQuM+rcRlHoK5M
mhDhGNS3Ihe+bS68bmAvxTsfq6i/+URgS+26BZJRUj02Pa9B6vwhaMfXxL8/SENu
U6fIAuo5aHHt9A2fuuEGy0uJ5TxVCCtH2s4vHXqB3bSEdSw5B1PGWIZFy6ayC7gO
bFquTi+rJWWdZfv9zmBinYOKho4k5ZHUEldgy40u1DkInpHeJaBd6TNSnpkcv9hV
+XPlmhXjdkJNT67onKRA9zTSA9YpkL9+lIFVvae4tx9Pzx4ulURHeTVuOztVu3Hn
OH1xQdP09Hac9b1VRXkC2Tmz6g==
-----END CERTIFICATE-----
Generated at Wed Oct 8 14:06:42 2025 by rpki-client