Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/7bdAToRC8n4DdjjTTca_b7iJFmM.roa
File: 7bdAToRC8n4DdjjTTca_b7iJFmM.roa (raw, json)
Hash identifier: qAoYY74qvLbWcl+hDDEqBqiHt3Vn/x2ryYIfR5cbyDA=
Subject key identifier: ED:B7:40:4E:84:42:F2:7E:03:76:38:D3:4D:C6:BF:6F:B8:89:16:63
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A528C15AD436E0041802F53C4C5827C5E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/7bdAToRC8n4DdjjTTca_b7iJFmM.roa
Signing time: Wed 05 Nov 2025 05:45:03 +0000
ROA not before: Wed 05 Nov 2025 05:45:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.107.0/24 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.59.79.0/24 maxlen: 24
31.59.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 07 Nov 2025 14:56:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:8c:15:ad:43:6e:00:41:80:2f:53:c4:c5:82:7c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 5 05:45:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=edb7404e8442f27e037638d34dc6bf6fb8891663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:b4:ab:03:27:f2:b1:ba:a5:0f:10:76:73:c0:
39:b6:ff:ef:5d:42:3e:8a:30:bd:d7:ce:41:2f:ba:
a6:7a:a5:08:e9:54:db:37:de:ee:9e:5f:d5:81:f3:
ce:64:34:c4:c8:c4:c5:a6:dc:b4:c5:93:cf:45:35:
e2:cc:9f:22:72:3e:d5:b3:73:ee:78:6e:45:08:8b:
76:24:e8:7d:80:c0:1e:8a:46:fd:da:d8:58:56:68:
15:3e:de:68:66:c6:6d:17:d8:64:a7:03:06:2e:9f:
1d:4a:96:5b:f5:93:e5:41:83:4d:9b:0b:c6:a7:8a:
1e:e6:84:7b:0c:5c:00:1f:82:4f:37:fd:3f:ea:8c:
20:73:e9:a7:5e:6a:f6:8d:43:67:1d:a1:58:bf:b3:
85:fd:35:d5:57:35:07:a3:cf:2f:66:33:1d:6e:3b:
54:26:a6:de:95:5a:09:b8:6e:73:fb:7f:68:7f:40:
24:7c:55:9d:4e:15:a4:1c:e1:ec:25:a9:dc:f6:21:
bd:55:ea:5d:a0:6f:ad:95:4e:fc:44:28:bc:14:fe:
60:f4:11:bf:31:62:0c:43:de:74:dd:0d:a7:39:e7:
8f:78:ae:e3:33:eb:e5:b1:ab:10:37:9f:e3:d0:b0:
1b:73:5c:f8:86:1c:0d:b1:ff:7a:63:6f:dc:21:d6:
af:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:B7:40:4E:84:42:F2:7E:03:76:38:D3:4D:C6:BF:6F:B8:89:16:63
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/7bdAToRC8n4DdjjTTca_b7iJFmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.107.0/24
31.56.126.0/24
31.56.142.0/23
31.56.148.0/22
31.57.114.0/24
31.57.116.0/24
31.59.79.0/24
31.59.228.0/24
Signature Algorithm: sha256WithRSAEncryption
47:ae:8f:a0:3e:4d:f6:f9:9e:13:9b:89:82:20:ce:d0:9f:98:
9e:1d:7f:63:04:bb:41:e6:86:48:a4:85:e0:b1:25:6d:cd:80:
a9:56:94:28:88:91:81:97:13:d8:0a:7b:52:28:fd:d3:a0:4e:
50:f6:a5:cc:1c:c5:45:7b:f9:05:ca:ef:7b:eb:46:76:4e:a4:
0b:f7:a3:a0:3d:f3:d4:1b:f5:e9:56:f6:f2:cd:e5:63:c8:e6:
7e:01:cc:93:ad:e6:19:0b:a6:3b:7e:13:95:93:10:82:5c:c7:
ac:cb:68:d2:e6:f1:e8:13:08:a2:8d:24:0e:c9:11:8b:0c:d3:
af:7d:6c:99:b4:9e:5d:a4:fd:23:74:60:ee:d7:93:a2:20:93:
4b:33:f3:09:9c:3b:c6:7a:af:80:30:29:f5:16:a7:1b:0f:bd:
5b:c9:6d:36:27:bc:2d:95:62:fb:6e:1f:8e:fd:57:a3:f2:53:
fe:05:b1:2a:a9:d3:f4:2f:74:bd:ab:9b:c9:66:78:a5:48:dd:
55:44:ae:e7:74:2c:03:4a:61:a7:c6:38:6b:c6:c1:5f:c0:18:
de:7a:23:ce:c0:21:1e:49:52:77:d7:0b:1d:8c:46:f2:a8:e6:
45:14:ed:e8:33:d2:60:a1:b3:bd:bc:ac:52:92:16:33:52:34:
74:c9:31:aa
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZpSjBWtQ24AQYAvU8TFgnxeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTA1MDU0NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGI3NDA0ZTg0NDJmMjdlMDM3NjM4ZDM0ZGM2YmY2ZmI4ODkxNjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+7SrAyfysbqlDxB2c8A5tv/vXUI+
ijC9185BL7qmeqUI6VTbN97unl/VgfPOZDTEyMTFpty0xZPPRTXizJ8icj7Vs3Pu
eG5FCIt2JOh9gMAeikb92thYVmgVPt5oZsZtF9hkpwMGLp8dSpZb9ZPlQYNNmwvG
p4oe5oR7DFwAH4JPN/0/6owgc+mnXmr2jUNnHaFYv7OF/TXVVzUHo88vZjMdbjtU
JqbelVoJuG5z+39of0AkfFWdThWkHOHsJanc9iG9VepdoG+tlU78RCi8FP5g9BG/
MWIMQ9503Q2nOeePeK7jM+vlsasQN5/j0LAbc1z4hhwNsf96Y2/cIdavrwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFO23QE6EQvJ+A3Y4003Gv2+4iRZjMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvN2JkQVRvUkM4bjREZGpqVFRjYV9iN2lKRm1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDHzgIAwQA
HzhrAwQAHzh+AwQBHziOAwQCHziUAwQAHzlyAwQAHzl0AwQAHztPAwQAHzvkMA0G
CSqGSIb3DQEBCwUAA4IBAQBHro+gPk32+Z4Tm4mCIM7Qn5ieHX9jBLtB5oZIpIXg
sSVtzYCpVpQoiJGBlxPYCntSKP3ToE5Q9qXMHMVFe/kFyu9760Z2TqQL96OgPfPU
G/XpVvbyzeVjyOZ+AcyTreYZC6Y7fhOVkxCCXMesy2jS5vHoEwiijSQOyRGLDNOv
fWyZtJ5dpP0jdGDu15OiIJNLM/MJnDvGeq+AMCn1FqcbD71byW02J7wtlWL7bh+O
/Vej8lP+BbEqqdP0L3S9q5vJZnilSN1VRK7ndCwDSmGnxjhrxsFfwBjeeiPOwCEe
SVJ31wsdjEbyqOZFFO3oM9JgobO9vKxSkhYzUjR0yTGq
-----END CERTIFICATE-----
Generated at Thu Nov 6 19:45:59 2025 by rpki-client