Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/H-6dXwh5T56xsvWOSO4JIkdSASc.roa
File: H-6dXwh5T56xsvWOSO4JIkdSASc.roa (raw, json)
Hash identifier: Oy+yeJiKlM82JsACuRPlxxWTDWFs9kqKYw5CP3XbSeA=
Subject key identifier: 1F:EE:9D:5F:08:79:4F:9E:B1:B2:F5:8E:48:EE:09:22:47:52:01:27
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A7BEA843F5EF873A635BD29951465B574
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/H-6dXwh5T56xsvWOSO4JIkdSASc.roa
Signing time: Thu 13 Nov 2025 06:32:38 +0000
ROA not before: Thu 13 Nov 2025 06:32:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 31.56.66.0/24 maxlen: 24
31.56.220.0/24 maxlen: 24
31.57.35.0/24 maxlen: 24
31.57.100.0/24 maxlen: 24
31.57.228.0/24 maxlen: 24
31.57.239.0/24 maxlen: 24
31.59.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Nov 2025 15:11:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:7b:ea:84:3f:5e:f8:73:a6:35:bd:29:95:14:65:b5:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 13 06:32:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fee9d5f08794f9eb1b2f58e48ee092247520127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:df:ec:06:ce:59:38:e1:b0:63:dc:aa:d3:b7:
32:8b:d6:00:30:58:09:9f:8e:f1:25:d5:31:33:05:
66:27:6f:79:25:d8:ca:71:3e:87:da:f2:f3:49:e3:
68:54:bf:33:08:c7:0e:13:cf:97:25:54:e5:95:2a:
7e:9d:4e:a3:4e:ed:2b:db:16:0d:e5:eb:e4:52:cd:
1f:c9:d4:3f:fe:e2:00:d0:ba:ca:a4:9c:37:a6:6a:
16:22:e7:6a:a3:66:3c:fc:8f:d8:80:0d:e7:c1:14:
7d:91:05:d0:62:15:f5:ce:f0:af:96:e2:92:1a:84:
b5:2c:0a:31:ef:a8:13:26:79:82:ae:c3:73:44:82:
31:e1:d8:40:55:d1:24:fd:3f:6e:02:bb:0a:dd:35:
7e:06:6d:e1:c5:83:45:23:e5:0f:81:d4:69:25:91:
00:74:72:63:34:f6:64:d2:7d:df:f2:bb:5d:5e:19:
09:68:4c:c0:9f:d0:b6:62:32:e0:07:ed:c9:e6:78:
68:3f:4a:98:63:1f:6e:cc:83:ef:64:4e:b6:24:d4:
e4:95:b8:eb:8b:9e:0c:73:06:fc:28:0b:c7:3e:69:
0f:82:09:d7:55:4c:6c:91:33:9d:a7:04:f0:00:50:
3e:20:6d:18:34:69:5f:c7:07:cc:4f:74:f2:a2:e3:
ea:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:EE:9D:5F:08:79:4F:9E:B1:B2:F5:8E:48:EE:09:22:47:52:01:27
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/H-6dXwh5T56xsvWOSO4JIkdSASc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.66.0/24
31.56.220.0/24
31.57.35.0/24
31.57.100.0/24
31.57.228.0/24
31.57.239.0/24
31.59.116.0/24
Signature Algorithm: sha256WithRSAEncryption
63:d9:f0:b7:45:f9:a2:42:0a:70:9f:30:bb:87:48:68:5f:5c:
0b:ac:a4:cd:82:67:61:86:ba:37:4e:5f:38:18:ba:b3:05:26:
74:58:08:5a:a9:66:b1:3f:e8:d6:8e:bb:e8:5e:c9:a2:bd:1a:
6c:f0:38:e7:af:d9:0a:42:e3:72:33:0b:88:75:9e:31:ed:5e:
cb:2f:65:c5:b6:c3:14:4a:aa:da:36:72:03:7e:0a:0b:bf:06:
e7:6a:29:d2:ef:2d:97:9f:ac:f6:7d:cd:97:2d:7d:b1:41:68:
8c:3c:c9:76:44:b3:5a:9e:d9:1a:e7:9a:a9:c5:90:04:c1:36:
ca:de:77:5f:ae:c9:b3:00:6f:14:3a:e8:04:f7:bf:9a:5f:38:
ee:16:f3:5a:04:30:cc:93:5f:39:40:e0:50:8c:36:bd:db:f0:
9f:70:43:c9:fd:8c:95:31:97:bd:22:4f:c0:70:a9:fd:5d:3d:
2f:59:f2:c1:d0:87:5b:25:66:73:cb:48:1b:57:47:61:61:0d:
89:f1:18:47:41:42:25:d7:99:64:64:c2:f8:fd:80:59:54:cd:
9d:e9:33:38:09:4f:51:91:52:9a:5b:33:15:14:de:3c:c8:3f:
e7:bf:c1:cc:5d:05:26:f7:0b:44:b1:9e:21:56:89:d7:a1:07:
3a:17:0e:a8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZp76oQ/XvhzpjW9KZUUZbV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTEzMDYzMjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmVlOWQ1ZjA4Nzk0ZjllYjFiMmY1OGU0OGVlMDkyMjQ3NTIwMTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9/sBs5ZOOGwY9yq07cyi9YAMFgJ
n47xJdUxMwVmJ295JdjKcT6H2vLzSeNoVL8zCMcOE8+XJVTllSp+nU6jTu0r2xYN
5evkUs0fydQ//uIA0LrKpJw3pmoWIudqo2Y8/I/YgA3nwRR9kQXQYhX1zvCvluKS
GoS1LAox76gTJnmCrsNzRIIx4dhAVdEk/T9uArsK3TV+Bm3hxYNFI+UPgdRpJZEA
dHJjNPZk0n3f8rtdXhkJaEzAn9C2YjLgB+3J5nhoP0qYYx9uzIPvZE62JNTklbjr
i54Mcwb8KAvHPmkPggnXVUxskTOdpwTwAFA+IG0YNGlfxwfMT3TyouPqmwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFB/unV8IeU+esbL1jkjuCSJHUgEnMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSC02ZFh3aDVUNTZ4c3ZXT1NPNEpJa2RTQVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAHzhCAwQA
HzjcAwQAHzkjAwQAHzlkAwQAHznkAwQAHznvAwQAHzt0MA0GCSqGSIb3DQEBCwUA
A4IBAQBj2fC3RfmiQgpwnzC7h0hoX1wLrKTNgmdhhro3Tl84GLqzBSZ0WAhaqWax
P+jWjrvoXsmivRps8Djnr9kKQuNyMwuIdZ4x7V7LL2XFtsMUSqraNnIDfgoLvwbn
ainS7y2Xn6z2fc2XLX2xQWiMPMl2RLNantka55qpxZAEwTbK3ndfrsmzAG8UOugE
97+aXzjuFvNaBDDMk185QOBQjDa92/CfcEPJ/YyVMZe9Ik/AcKn9XT0vWfLB0Idb
JWZzy0gbV0dhYQ2J8RhHQUIl15lkZML4/YBZVM2d6TM4CU9RkVKaWzMVFN48yD/n
v8HMXQUm9wtEsZ4hVonXoQc6Fw6o
-----END CERTIFICATE-----
Generated at Thu Nov 13 20:49:42 2025 by rpki-client