Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HmA0WCMW_4DzOEoiW-aGv0GkpMo.roa
File: HmA0WCMW_4DzOEoiW-aGv0GkpMo.roa (raw, json)
Hash identifier: UFeUoyf4ThCNNK+psdoOcW6Z+FWrYRQNj4sb1LmbkwI=
Subject key identifier: 1E:60:34:58:23:16:FF:80:F3:38:4A:22:5B:E6:86:BF:41:A4:A4:CA
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A59BF9371432E865D9FECE494AC399B77
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HmA0WCMW_4DzOEoiW-aGv0GkpMo.roa
Signing time: Thu 06 Nov 2025 15:18:38 +0000
ROA not before: Thu 06 Nov 2025 15:18:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 31.56.34.0/24 maxlen: 24
31.56.96.0/24 maxlen: 24
31.57.146.0/24 maxlen: 24
31.57.171.0/24 maxlen: 24
31.57.222.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 07 Nov 2025 14:56:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:59:bf:93:71:43:2e:86:5d:9f:ec:e4:94:ac:39:9b:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 6 15:18:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e6034582316ff80f3384a225be686bf41a4a4ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ad:79:1a:0a:d8:1a:7e:48:2f:b2:cc:44:49:
1e:7e:58:c9:f3:e9:ed:7c:bd:99:6f:8b:fa:60:e4:
f6:82:96:6f:a4:a7:09:e8:96:9f:af:fa:d9:f0:b5:
43:0a:cf:bb:5b:db:30:c0:b2:57:3a:db:15:7f:d7:
f7:bd:60:ab:5e:fc:82:ca:47:49:1b:10:16:b8:09:
fa:f7:fd:52:3d:d3:a5:f2:d9:ac:02:77:95:78:06:
48:e1:24:2d:cf:3a:db:82:e4:4c:a2:d7:34:3e:61:
b6:9d:54:67:a1:86:4d:d3:10:bc:e3:2e:a5:63:dd:
ee:a0:c2:81:64:89:b5:cf:d7:d6:9a:48:c2:4e:33:
64:cd:33:64:17:de:26:07:89:f4:76:f3:28:b1:da:
a9:d4:3e:6d:78:0e:3c:45:b8:06:aa:b1:73:64:b4:
ff:9a:9c:85:01:47:10:1d:52:b1:6b:1e:d3:34:b9:
d0:a8:85:8e:ff:1e:84:4d:98:46:c8:44:87:71:44:
16:32:d9:ad:ca:01:1a:26:e3:01:ff:4f:50:d6:4f:
7e:e6:70:4d:6f:c3:47:76:d8:ed:04:61:50:60:78:
16:bb:45:94:67:9f:ea:eb:27:21:3e:29:6a:24:12:
f0:82:7d:0b:1a:b6:82:cd:61:24:2a:fa:7d:ab:78:
ba:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:60:34:58:23:16:FF:80:F3:38:4A:22:5B:E6:86:BF:41:A4:A4:CA
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HmA0WCMW_4DzOEoiW-aGv0GkpMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.34.0/24
31.56.96.0/24
31.57.146.0/24
31.57.171.0/24
31.57.222.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:2b:0b:fa:ac:ba:87:92:6e:c1:b7:ae:8b:f9:8d:ea:54:85:
b4:41:55:81:2e:27:26:91:54:34:48:96:9f:9f:f4:04:7a:7c:
1c:8c:6d:d2:8e:df:9f:d9:79:e6:0c:9e:17:b6:a6:46:3b:4f:
6b:76:d3:89:8a:9a:ff:54:6b:16:ae:c6:f5:64:49:19:22:75:
68:0f:1f:66:1a:ec:1f:ae:e7:58:24:61:3e:47:a1:e8:e7:56:
0e:10:bb:16:0c:7f:c9:85:e5:8e:51:f6:91:9c:11:9e:f5:13:
5a:4c:df:ee:c4:22:17:fd:0e:0c:c1:7f:3a:32:3d:82:6b:51:
b1:af:e9:63:70:cd:f1:e6:71:dd:88:c1:41:50:27:85:52:17:
a5:12:55:ad:4a:96:67:1d:1d:22:fa:54:36:9b:72:50:3f:99:
bf:17:c7:82:8b:1b:0b:3b:15:60:b6:71:0b:8c:b8:af:5a:ee:
c3:e3:38:ef:6b:d9:9f:9e:33:c9:4c:13:aa:e7:32:22:ce:26:
18:f9:4b:f5:cd:6a:8d:f0:2d:88:bd:82:5d:49:1b:19:52:e4:
d9:35:e7:9a:ff:a8:fc:75:3d:42:19:0f:e9:a8:ea:7f:a9:32:
d2:ba:3a:b1:c3:37:32:36:6e:5b:eb:44:c4:59:9e:ee:c8:16:
78:57:e5:56
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZpZv5NxQy6GXZ/s5JSsOZt3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTA2MTUxODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTYwMzQ1ODIzMTZmZjgwZjMzODRhMjI1YmU2ODZiZjQxYTRhNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwK15GgrYGn5IL7LMREkefljJ8+nt
fL2Zb4v6YOT2gpZvpKcJ6Jafr/rZ8LVDCs+7W9swwLJXOtsVf9f3vWCrXvyCykdJ
GxAWuAn69/1SPdOl8tmsAneVeAZI4SQtzzrbguRMotc0PmG2nVRnoYZN0xC84y6l
Y93uoMKBZIm1z9fWmkjCTjNkzTNkF94mB4n0dvMosdqp1D5teA48RbgGqrFzZLT/
mpyFAUcQHVKxax7TNLnQqIWO/x6ETZhGyESHcUQWMtmtygEaJuMB/09Q1k9+5nBN
b8NHdtjtBGFQYHgWu0WUZ5/q6ychPilqJBLwgn0LGraCzWEkKvp9q3i62QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFB5gNFgjFv+A8zhKIlvmhr9BpKTKMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSG1BMFdDTVdfNER6T0VvaVctYUd2MEdrcE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzgiAwQA
HzhgAwQAHzmSAwQAHzmrAwQBHzneMA0GCSqGSIb3DQEBCwUAA4IBAQCoKwv6rLqH
km7Bt66L+Y3qVIW0QVWBLicmkVQ0SJafn/QEenwcjG3Sjt+f2XnmDJ4XtqZGO09r
dtOJipr/VGsWrsb1ZEkZInVoDx9mGuwfrudYJGE+R6Ho51YOELsWDH/JheWOUfaR
nBGe9RNaTN/uxCIX/Q4MwX86Mj2Ca1Gxr+ljcM3x5nHdiMFBUCeFUhelElWtSpZn
HR0i+lQ2m3JQP5m/F8eCixsLOxVgtnELjLivWu7D4zjva9mfnjPJTBOq5zIiziYY
+Uv1zWqN8C2IvYJdSRsZUuTZNeea/6j8dT1CGQ/pqOp/qTLSujqxwzcyNm5b60TE
WZ7uyBZ4V+VW
-----END CERTIFICATE-----
Generated at Thu Nov 6 19:46:01 2025 by rpki-client