Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BBHq_86vLceWzqDVYPn9Ee4VfmQ.roa
File: BBHq_86vLceWzqDVYPn9Ee4VfmQ.roa (raw, json)
Hash identifier: 39TydPppom33rFF88I7KNAYtOsrnTYEwggQ7RwL895s=
Subject key identifier: 04:11:EA:FF:CE:AF:2D:C7:96:CE:A0:D5:60:F9:FD:11:EE:15:7E:64
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01972A160315866A12C165F85D05110458C2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BBHq_86vLceWzqDVYPn9Ee4VfmQ.roa
Signing time: Sun 01 Jun 2025 06:02:55 +0000
ROA not before: Sun 01 Jun 2025 06:02:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 31.56.16.0/22 maxlen: 24
31.57.16.0/21 maxlen: 24
31.57.36.0/23 maxlen: 24
31.57.135.0/24 maxlen: 24
31.57.168.0/23 maxlen: 24
31.57.184.0/23 maxlen: 24
31.57.208.0/22 maxlen: 22
31.57.216.0/23 maxlen: 24
31.57.250.0/23 maxlen: 24
31.58.76.0/22 maxlen: 24
31.58.92.0/22 maxlen: 24
31.58.176.0/22 maxlen: 24
31.58.200.0/22 maxlen: 24
31.58.216.0/22 maxlen: 24
31.58.235.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.240.0/22 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.58.252.0/22 maxlen: 24
31.59.64.0/22 maxlen: 24
31.59.80.0/22 maxlen: 24
31.59.124.0/22 maxlen: 24
31.59.140.0/22 maxlen: 24
31.59.148.0/22 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/22 maxlen: 24
31.59.164.0/23 maxlen: 24
31.59.176.0/21 maxlen: 24
31.59.188.0/22 maxlen: 24
31.59.192.0/22 maxlen: 24
31.59.216.0/22 maxlen: 24
217.60.16.0/21 maxlen: 24
217.60.28.0/22 maxlen: 24
217.60.40.0/22 maxlen: 24
217.60.64.0/18 maxlen: 24
217.60.187.0/24 maxlen: 24
217.60.196.0/23 maxlen: 24
217.60.244.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2a:16:03:15:86:6a:12:c1:65:f8:5d:05:11:04:58:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 1 06:02:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0411eaffceaf2dc796cea0d560f9fd11ee157e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:80:6c:2e:9e:40:cd:d2:b1:d9:b5:4a:0e:00:
3e:f2:76:f2:a6:99:e9:03:21:02:81:86:e2:2c:d9:
28:9e:3f:2a:60:3a:ca:f6:9b:7b:d8:3c:41:7e:8f:
95:53:77:71:6e:8d:f4:3d:f7:42:79:09:a1:84:b0:
2e:ad:33:d8:fb:bb:e0:60:2e:93:e8:d2:57:ee:24:
25:46:1b:b0:67:f6:09:ad:82:47:15:ed:0b:13:58:
92:a6:e4:67:da:3d:0b:9b:49:9a:14:83:f4:5a:d3:
17:76:15:f1:50:50:42:be:bd:bf:46:7c:0d:83:8c:
3d:d3:eb:4b:c4:bd:e6:77:db:de:24:de:93:4c:ed:
6d:5c:02:b8:4f:aa:22:4c:20:3c:12:09:b5:7a:61:
d1:c5:5b:f7:37:01:ea:dd:b4:6b:40:12:40:c4:23:
26:c6:58:ba:6c:5a:d6:f2:f3:38:0a:26:ad:aa:98:
21:cd:75:96:9b:2f:7b:66:6a:ab:ae:05:72:ef:1c:
27:50:6b:07:cc:9b:cf:79:8f:72:a8:f1:78:3b:1a:
55:ca:d3:a8:d2:dd:1f:dc:ba:55:eb:06:98:27:01:
8e:5d:85:90:dd:89:53:7a:51:07:70:e6:fc:87:b0:
d4:a0:36:af:e5:b1:0a:b8:ec:89:d4:fe:e4:52:ca:
3e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:11:EA:FF:CE:AF:2D:C7:96:CE:A0:D5:60:F9:FD:11:EE:15:7E:64
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/BBHq_86vLceWzqDVYPn9Ee4VfmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.16.0/22
31.57.16.0/21
31.57.36.0/23
31.57.135.0/24
31.57.168.0/23
31.57.184.0/23
31.57.208.0/22
31.57.216.0/23
31.57.250.0/23
31.58.76.0/22
31.58.92.0/22
31.58.176.0/22
31.58.200.0/22
31.58.216.0/22
31.58.235.0-31.58.236.255
31.58.240.0-31.58.244.255
31.58.250.0-31.58.255.255
31.59.64.0/22
31.59.80.0/22
31.59.124.0/22
31.59.140.0/22
31.59.148.0-31.59.165.255
31.59.176.0/21
31.59.188.0-31.59.195.255
31.59.216.0/22
217.60.16.0/21
217.60.28.0/22
217.60.40.0/22
217.60.64.0/18
217.60.187.0/24
217.60.196.0/23
217.60.244.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:e6:ec:bd:cc:9d:53:d6:59:2e:82:da:7e:39:e1:47:2a:e6:
54:e0:52:27:ac:da:f7:1d:37:b5:b2:ed:24:fe:6d:7e:de:7d:
1d:df:69:20:80:5c:f1:c0:77:7f:c6:14:99:2f:4e:57:83:8b:
33:7a:b9:fa:7b:b1:86:76:50:b5:f3:7b:ee:db:8a:9e:c2:81:
d7:c2:ed:df:1f:e7:ee:88:d6:38:2b:8b:eb:d0:f6:ec:17:13:
c2:e6:fb:0c:0c:98:cd:d3:d8:ff:ba:c4:7e:91:83:32:c7:10:
04:47:a4:f7:46:b1:0c:c8:db:2f:b1:e0:66:c3:89:02:57:5a:
d9:e3:a4:83:21:95:39:3a:39:c3:65:3b:06:88:69:ef:2b:a3:
35:13:11:17:20:c7:00:ec:8b:96:1a:58:dd:9c:a1:03:2f:d3:
b4:b0:2a:2a:24:09:34:2f:63:30:2f:26:cf:0a:eb:a6:09:03:
6e:e0:d3:e8:1c:ce:1c:54:ff:6f:c0:21:a9:f1:d3:76:0b:75:
8c:45:cc:57:35:ea:24:6c:62:bd:2c:8d:e4:f4:24:9c:8d:77:
a4:38:e5:a7:54:7e:4c:5f:73:41:e3:42:c7:7e:e7:e0:7a:dd:
26:2c:67:74:d4:2d:58:2a:97:62:8a:8d:35:e4:e2:1d:55:3b:
6a:ca:58:db
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAZcqFgMVhmoSwWX4XQURBFjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjAxMDYwMjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDExZWFmZmNlYWYyZGM3OTZjZWEwZDU2MGY5ZmQxMWVlMTU3ZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oBsLp5AzdKx2bVKDgA+8nbyppnp
AyECgYbiLNkonj8qYDrK9pt72DxBfo+VU3dxbo30PfdCeQmhhLAurTPY+7vgYC6T
6NJX7iQlRhuwZ/YJrYJHFe0LE1iSpuRn2j0Lm0maFIP0WtMXdhXxUFBCvr2/RnwN
g4w90+tLxL3md9veJN6TTO1tXAK4T6oiTCA8Egm1emHRxVv3NwHq3bRrQBJAxCMm
xli6bFrW8vM4CiatqpghzXWWmy97ZmqrrgVy7xwnUGsHzJvPeY9yqPF4OxpVytOo
0t0f3LpV6waYJwGOXYWQ3YlTelEHcOb8h7DUoDav5bEKuOyJ1P7kUso+3QIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFAQR6v/Ory3Hls6g1WD5/RHuFX5kMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQkJIcV84NnZMY2VXenFEVllQbjlFZTRWZm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwge4EAgABMIHnAwQC
HzgQAwQDHzkQAwQBHzkkAwQAHzmHAwQBHzmoAwQBHzm4AwQCHznQAwQBHznYAwQB
Hzn6AwQCHzpMAwQCHzpcAwQCHzqwAwQCHzrIAwQCHzrYMAwDBAAfOusDBAAfOuww
DAMEBB868AMEAB869DALAwQBHzr6AwMAHzoDBAIfO0ADBAIfO1ADBAIfO3wDBAIf
O4wwDAMEAh87lAMEAR87pAMEAx87sDAMAwQCHzu8AwQCHzvAAwQCHzvYAwQD2TwQ
AwQC2TwcAwQC2TwoAwQG2TxAAwQA2Ty7AwQB2TzEAwQB2Tz0MA0GCSqGSIb3DQEB
CwUAA4IBAQAO5uy9zJ1T1lkugtp+OeFHKuZU4FInrNr3HTe1su0k/m1+3n0d32kg
gFzxwHd/xhSZL05Xg4szern6e7GGdlC183vu24qewoHXwu3fH+fuiNY4K4vr0Pbs
FxPC5vsMDJjN09j/usR+kYMyxxAER6T3RrEMyNsvseBmw4kCV1rZ46SDIZU5OjnD
ZTsGiGnvK6M1ExEXIMcA7IuWGljdnKEDL9O0sCoqJAk0L2MwLybPCuumCQNu4NPo
HM4cVP9vwCGp8dN2C3WMRcxXNeokbGK9LI3k9CScjXekOOWnVH5MX3NB40LHfufg
et0mLGd01C1YKpdiio015OIdVTtqyljb
-----END CERTIFICATE-----
Generated at Thu Jun 5 04:35:07 2025 by rpki-client