Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/K9lEzdu1ouVdBHUQQMypfOGS1Eo.roa
File: K9lEzdu1ouVdBHUQQMypfOGS1Eo.roa (raw, json)
Hash identifier: O79HyPmjO1q/qjdK13JPJoZPlyRVHYCdkGbpuFWwNSA=
Subject key identifier: 2B:D9:44:CD:DB:B5:A2:E5:5D:04:75:10:40:CC:A9:7C:E1:92:D4:4A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01992300480307A266AD990F9E9501A9EA0E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/K9lEzdu1ouVdBHUQQMypfOGS1Eo.roa
Signing time: Sun 07 Sep 2025 07:07:24 +0000
ROA not before: Sun 07 Sep 2025 07:07:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215026
IP address blocks: 31.56.40.0/24 maxlen: 24
31.57.201.0/24 maxlen: 24
31.57.207.0/24 maxlen: 24
31.59.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 15 Sep 2025 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:00:48:03:07:a2:66:ad:99:0f:9e:95:01:a9:ea:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 7 07:07:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bd944cddbb5a2e55d04751040cca97ce192d44a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:41:1d:2f:44:74:2c:29:f9:9a:52:94:e3:ad:
5f:c7:a0:37:df:8f:53:8d:cf:36:47:bc:cb:0a:ed:
02:4d:6b:2e:a6:81:03:e1:62:38:81:50:08:fd:be:
f2:a3:f1:36:8c:95:e5:95:e0:81:37:c3:34:e7:eb:
58:ea:47:46:71:bc:03:e8:f0:7f:fa:1f:db:9a:52:
36:a5:55:e6:9a:ae:a5:4e:57:ec:84:f0:90:a4:be:
32:56:65:50:45:02:db:00:2d:51:0d:e4:dd:97:bb:
b3:3b:1a:8c:dc:09:98:09:96:46:27:51:6c:c6:96:
c6:9b:63:d2:25:db:f9:61:86:9d:0c:e9:f0:1c:2c:
b6:99:0a:26:2e:b2:3f:e2:26:a1:dd:e9:7c:d6:af:
49:b6:c3:f5:88:fd:81:5f:95:60:2d:d3:e4:f2:fb:
6c:db:59:ff:f9:f2:7a:21:c9:91:43:c2:d8:bb:96:
78:ac:ed:cf:de:77:51:eb:00:f5:cc:f0:7b:7b:c0:
50:54:95:8b:e2:fa:81:84:3f:36:5c:d6:e8:2e:85:
59:b5:65:53:5e:29:1e:d9:28:37:ca:5a:35:b7:88:
1b:5e:aa:83:d1:18:35:78:2a:cf:09:64:22:62:c3:
f7:85:a9:89:b7:c8:4f:88:63:b7:c5:b2:3f:a0:26:
64:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D9:44:CD:DB:B5:A2:E5:5D:04:75:10:40:CC:A9:7C:E1:92:D4:4A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/K9lEzdu1ouVdBHUQQMypfOGS1Eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.40.0/24
31.57.201.0/24
31.57.207.0/24
31.59.98.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:ec:fa:25:5b:2e:ff:cf:1c:c5:0d:65:1c:2c:af:0a:94:f0:
fd:fc:2c:27:40:fb:83:0c:e6:02:25:4f:3c:10:4f:d2:e5:8b:
b2:4e:b8:59:96:d5:18:e1:92:9b:e0:89:ad:81:b7:78:54:ce:
43:3e:50:7e:f1:dd:1e:95:50:34:90:c5:31:28:a1:84:06:80:
08:01:6c:99:db:24:a3:25:6d:53:1e:ad:59:b4:83:be:ca:af:
f5:6b:67:32:13:f3:44:56:a4:01:e2:0a:07:ab:56:5c:40:0d:
a3:e5:ab:d7:d2:68:6e:72:93:5b:34:d6:45:10:98:93:e5:0e:
3d:f8:13:3a:3f:45:04:70:7c:8f:ad:4c:0d:87:4b:01:dc:02:
74:d1:3d:22:e0:4c:0a:49:9e:40:65:d5:7f:ae:41:c5:0b:94:
36:42:79:28:b1:35:71:d4:40:9c:7f:66:d2:18:d0:8c:54:e4:
2d:d9:d7:78:07:13:34:c7:0f:a6:81:e6:3e:cb:74:0f:39:ac:
e1:e6:44:90:6f:9c:2a:f5:bd:5d:79:d0:b0:f1:64:a4:94:6f:
ee:23:65:30:3b:e6:24:8c:44:83:36:4e:f4:7d:23:29:11:4c:
c4:c7:f7:b3:6b:0f:f3:f0:55:29:07:bd:62:ca:41:6b:fe:e7:
04:dc:ae:d5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZkjAEgDB6JmrZkPnpUBqeoOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwOTA3MDcwNzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQ5NDRjZGRiYjVhMmU1NWQwNDc1MTA0MGNjYTk3Y2UxOTJkNDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUEdL0R0LCn5mlKU461fx6A3349T
jc82R7zLCu0CTWsupoED4WI4gVAI/b7yo/E2jJXlleCBN8M05+tY6kdGcbwD6PB/
+h/bmlI2pVXmmq6lTlfshPCQpL4yVmVQRQLbAC1RDeTdl7uzOxqM3AmYCZZGJ1Fs
xpbGm2PSJdv5YYadDOnwHCy2mQomLrI/4iah3el81q9JtsP1iP2BX5VgLdPk8vts
21n/+fJ6IcmRQ8LYu5Z4rO3P3ndR6wD1zPB7e8BQVJWL4vqBhD82XNboLoVZtWVT
Xike2Sg3ylo1t4gbXqqD0Rg1eCrPCWQiYsP3hamJt8hPiGO3xbI/oCZkSwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCvZRM3btaLlXQR1EEDMqXzhktRKMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSzlsRXpkdTFvdVZkQkhVUVFNeXBmT0dTMUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzgoAwQA
HznJAwQAHznPAwQAHztiMA0GCSqGSIb3DQEBCwUAA4IBAQBq7PolWy7/zxzFDWUc
LK8KlPD9/CwnQPuDDOYCJU88EE/S5YuyTrhZltUY4ZKb4Imtgbd4VM5DPlB+8d0e
lVA0kMUxKKGEBoAIAWyZ2ySjJW1THq1ZtIO+yq/1a2cyE/NEVqQB4goHq1ZcQA2j
5avX0mhucpNbNNZFEJiT5Q49+BM6P0UEcHyPrUwNh0sB3AJ00T0i4EwKSZ5AZdV/
rkHFC5Q2QnkosTVx1ECcf2bSGNCMVOQt2dd4BxM0xw+mgeY+y3QPOazh5kSQb5wq
9b1dedCw8WSklG/uI2UwO+YkjESDNk70fSMpEUzEx/ezaw/z8FUpB71iykFr/ucE
3K7V
-----END CERTIFICATE-----
Generated at Sun Sep 14 11:39:38 2025 by rpki-client