Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/48mk-tiLOBUin_hOeWufUFtqqHY.roa
File: 48mk-tiLOBUin_hOeWufUFtqqHY.roa (raw, json)
Hash identifier: LVemaS2nvq8FLpTkywonG4p7lU7Idz+2UB3YYuHS1pU=
Subject key identifier: E3:C9:A4:FA:D8:8B:38:15:22:9F:F8:4E:79:6B:9F:50:5B:6A:A8:76
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A52E5CEB3700D6C20C374B483F2B36D86
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/48mk-tiLOBUin_hOeWufUFtqqHY.roa
Signing time: Wed 05 Nov 2025 07:23:03 +0000
ROA not before: Wed 05 Nov 2025 07:23:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205886
IP address blocks: 31.56.231.0/24 maxlen: 24
31.57.31.0/24 maxlen: 24
31.57.205.0/24 maxlen: 24
31.57.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 07 Nov 2025 14:56:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:e5:ce:b3:70:0d:6c:20:c3:74:b4:83:f2:b3:6d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 5 07:23:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3c9a4fad88b3815229ff84e796b9f505b6aa876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:69:ce:7a:e9:91:de:40:38:9b:2d:04:17:5f:
cd:42:56:36:d9:68:1a:d1:d8:2d:ba:6e:5a:08:3b:
59:4d:14:53:94:7e:49:80:56:00:a9:08:fd:5a:d3:
2c:bd:38:1b:25:79:70:32:1e:77:34:fc:64:36:75:
ec:2b:a0:8f:1d:f7:d5:a2:71:f3:45:38:7e:d7:c3:
af:50:73:1c:1c:b2:ef:0a:96:e9:77:cf:dc:7e:1f:
e9:0b:5a:54:0a:a6:9e:b1:f4:d6:95:cc:30:70:76:
a1:13:db:d7:20:47:4a:95:d3:1a:db:74:fc:1f:32:
a7:22:1d:6e:e0:c3:39:81:a3:40:50:d3:d3:75:12:
e8:04:9a:64:5c:12:b1:ae:56:0c:77:17:c4:14:51:
37:39:aa:2c:fe:f2:12:2c:9c:2d:20:c3:15:10:9d:
ff:2b:67:74:93:48:30:15:16:5e:e1:8b:23:2f:6d:
40:be:18:1d:ca:6b:98:93:da:6e:5b:cc:d0:0e:e8:
0a:87:d9:f8:2b:fa:23:2c:f8:88:ae:45:a6:15:ac:
73:f7:1e:85:6e:03:f0:c2:d2:d0:70:d9:81:66:47:
6e:55:67:64:7f:c0:5c:bf:65:41:00:4f:61:da:dc:
27:79:18:5e:8c:4d:db:67:08:c7:1d:df:a6:b4:90:
1b:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:C9:A4:FA:D8:8B:38:15:22:9F:F8:4E:79:6B:9F:50:5B:6A:A8:76
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/48mk-tiLOBUin_hOeWufUFtqqHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.231.0/24
31.57.31.0/24
31.57.205.0/24
31.57.249.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:a1:8e:50:e0:86:3b:f0:fb:a3:75:00:0e:f1:66:56:76:fb:
00:2d:58:50:06:a2:18:d0:6e:b5:d4:da:6b:e7:94:ec:78:26:
c1:62:9e:e8:7a:65:66:15:1c:79:ac:79:75:dc:1f:6a:e0:5f:
16:59:17:65:89:2e:b2:88:11:12:aa:77:59:22:7c:d2:97:02:
0a:76:ee:a9:8f:64:38:2e:eb:e0:33:d5:18:aa:4a:b2:ab:04:
d2:bf:d6:f7:fe:3f:a0:bc:d4:b8:bd:76:85:59:d7:45:91:06:
99:2b:37:c5:4d:30:dd:bb:8a:4b:3d:4a:a8:12:39:ff:82:7d:
ca:d9:68:6e:ea:06:df:53:e4:ce:da:00:26:7b:7b:37:1b:fd:
88:ba:4c:16:69:c8:b7:04:59:b3:cf:b2:b9:7e:13:5f:27:bd:
a7:c0:32:08:c4:fc:0b:eb:d0:1e:6d:53:48:5d:86:8c:c8:6b:
bb:1b:05:09:3a:9e:11:32:3b:54:e3:fa:a0:7c:96:95:69:59:
a0:3b:39:47:dc:97:01:26:a0:fb:8b:0b:bb:ee:1e:a7:08:10:
b9:59:e2:ad:b4:e7:cf:a7:51:7b:72:21:d3:bf:67:f7:90:12:
5f:2e:5e:24:7b:d9:9d:af:11:c6:78:44:5a:61:57:ff:ae:66:
8d:bb:66:c4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZpS5c6zcA1sIMN0tIPys22GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTA1MDcyMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2M5YTRmYWQ4OGIzODE1MjI5ZmY4NGU3OTZiOWY1MDViNmFhODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmnOeumR3kA4my0EF1/NQlY22Wga
0dgtum5aCDtZTRRTlH5JgFYAqQj9WtMsvTgbJXlwMh53NPxkNnXsK6CPHffVonHz
RTh+18OvUHMcHLLvCpbpd8/cfh/pC1pUCqaesfTWlcwwcHahE9vXIEdKldMa23T8
HzKnIh1u4MM5gaNAUNPTdRLoBJpkXBKxrlYMdxfEFFE3Oaos/vISLJwtIMMVEJ3/
K2d0k0gwFRZe4YsjL21AvhgdymuYk9puW8zQDugKh9n4K/ojLPiIrkWmFaxz9x6F
bgPwwtLQcNmBZkduVWdkf8Bcv2VBAE9h2twneRhejE3bZwjHHd+mtJAb5QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOPJpPrYizgVIp/4Tnlrn1Bbaqh2MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNDhtay10aUxPQlVpbl9oT2VXdWZVRnRxcUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzjnAwQA
HzkfAwQAHznNAwQAHzn5MA0GCSqGSIb3DQEBCwUAA4IBAQBqoY5Q4IY78PujdQAO
8WZWdvsALVhQBqIY0G611Npr55TseCbBYp7oemVmFRx5rHl13B9q4F8WWRdliS6y
iBESqndZInzSlwIKdu6pj2Q4LuvgM9UYqkqyqwTSv9b3/j+gvNS4vXaFWddFkQaZ
KzfFTTDdu4pLPUqoEjn/gn3K2Whu6gbfU+TO2gAme3s3G/2IukwWaci3BFmzz7K5
fhNfJ72nwDIIxPwL69AebVNIXYaMyGu7GwUJOp4RMjtU4/qgfJaVaVmgOzlH3JcB
JqD7iwu77h6nCBC5WeKttOfPp1F7ciHTv2f3kBJfLl4ke9mdrxHGeERaYVf/rmaN
u2bE
-----END CERTIFICATE-----
Generated at Thu Nov 6 19:47:36 2025 by rpki-client