Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MoU7LLbWsCxvDfUwFe2Iy5dqlnk.roa
File: MoU7LLbWsCxvDfUwFe2Iy5dqlnk.roa (raw, json)
Hash identifier: wQFlyyje1RREhn4hc+06fO4nVy0peaO/GR1q/zHPz6M=
Subject key identifier: 32:85:3B:2C:B6:D6:B0:2C:6F:0D:F5:30:15:ED:88:CB:97:6A:96:79
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0198FF439BBD88D255A4E4D53C208A6A1CD0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MoU7LLbWsCxvDfUwFe2Iy5dqlnk.roa
Signing time: Sun 31 Aug 2025 08:34:37 +0000
ROA not before: Sun 31 Aug 2025 08:34:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 31.56.86.0/24 maxlen: 24
31.57.31.0/24 maxlen: 24
31.57.122.0/24 maxlen: 24
31.57.124.0/24 maxlen: 24
31.57.125.0/24 maxlen: 24
31.57.140.0/24 maxlen: 24
31.57.162.0/23 maxlen: 24
31.57.164.0/23 maxlen: 24
31.57.180.0/24 maxlen: 24
31.57.221.0/24 maxlen: 24
31.58.41.0/24 maxlen: 24
31.58.42.0/24 maxlen: 24
31.58.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Sep 2025 11:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ff:43:9b:bd:88:d2:55:a4:e4:d5:3c:20:8a:6a:1c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 31 08:34:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32853b2cb6d6b02c6f0df53015ed88cb976a9679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:57:95:f2:58:9f:ca:d4:c1:61:e0:fc:ee:02:
80:b6:3d:b9:d3:33:7c:e9:fd:83:0a:f6:66:d3:d3:
cc:69:40:63:4f:5f:35:71:27:16:30:ab:80:b5:a9:
51:68:58:d6:cd:8f:90:4f:d7:0b:7f:70:16:3f:c6:
97:8e:94:6c:f5:f7:de:1c:5a:01:3d:a4:ec:7a:41:
ce:4f:11:99:31:4b:63:04:df:9b:e9:bf:0a:9c:40:
65:d2:b0:ec:a2:5a:95:ef:41:bf:30:60:3b:96:2d:
01:9c:f3:69:83:08:0a:f2:48:18:05:09:13:93:62:
67:9a:53:93:a6:d8:00:9c:e0:f0:3e:3a:a5:4a:8b:
94:df:dc:e5:76:2a:f4:f1:a2:ba:99:46:35:f9:f1:
e3:51:b2:85:7e:55:d4:bf:e5:82:1e:c5:09:43:bf:
d5:ab:b0:b8:ba:a4:aa:c7:fd:75:e4:b6:3f:6c:b3:
7b:b9:c5:aa:e5:b0:e1:f9:75:f8:4f:46:55:53:7c:
db:3e:61:8b:b1:8b:13:3b:87:7c:3b:29:54:56:b4:
a1:17:02:d2:a9:34:1e:39:96:f0:84:ec:84:72:7b:
aa:8b:46:9a:77:bf:48:40:cc:d0:6d:6a:58:25:f3:
bf:ee:2f:be:a1:b8:25:a0:80:66:98:ff:71:59:2d:
d5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:85:3B:2C:B6:D6:B0:2C:6F:0D:F5:30:15:ED:88:CB:97:6A:96:79
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MoU7LLbWsCxvDfUwFe2Iy5dqlnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.86.0/24
31.57.31.0/24
31.57.122.0/24
31.57.124.0/23
31.57.140.0/24
31.57.162.0-31.57.165.255
31.57.180.0/24
31.57.221.0/24
31.58.41.0-31.58.42.255
31.58.48.0/24
Signature Algorithm: sha256WithRSAEncryption
70:c4:19:e8:81:cd:c2:35:3f:29:04:4a:85:88:4e:76:a2:d6:
90:6a:91:18:6a:ca:8a:45:8d:1b:e1:a5:7c:d6:f8:d4:36:5b:
65:46:fd:2b:7f:7c:7c:b0:48:2a:33:1b:b1:08:2c:7d:a3:ac:
fa:ac:84:2e:37:77:93:8d:40:fa:c3:b0:d0:f3:cb:56:eb:da:
b6:93:81:40:ae:8e:75:97:be:68:e2:f4:27:cd:02:65:b3:d0:
1b:ef:34:59:c6:7c:22:0c:4d:2b:a4:07:9a:b0:34:27:11:e7:
08:8a:89:70:f4:71:9a:e0:5d:71:42:0f:5a:6f:00:a3:b9:cf:
1d:38:17:3c:27:e9:4a:1a:8b:58:4a:b8:66:fb:8a:12:84:14:
7e:a7:a7:23:f8:29:f9:24:c0:6f:66:f6:11:0d:08:60:a0:29:
8c:a7:46:2f:b7:34:f9:a1:0b:53:c0:53:c0:03:8b:05:7d:0c:
69:bf:32:6b:b1:25:97:f3:c3:be:7c:c4:1e:c9:fb:1f:3d:8e:
1a:9c:90:4d:66:94:f9:cc:e8:a7:5b:a3:e1:71:d9:4d:94:3b:
8a:8f:b2:dd:ac:6f:a4:9f:1f:9e:fc:6e:63:8d:c3:b1:e1:b4:
8f:2d:db:a0:c7:02:2a:8c:ca:a5:a8:63:31:4e:dd:99:60:5e:
4e:21:dd:d5
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZj/Q5u9iNJVpOTVPCCKahzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwODMxMDgzNDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjg1M2IyY2I2ZDZiMDJjNmYwZGY1MzAxNWVkODhjYjk3NmE5Njc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVeV8lifytTBYeD87gKAtj250zN8
6f2DCvZm09PMaUBjT181cScWMKuAtalRaFjWzY+QT9cLf3AWP8aXjpRs9ffeHFoB
PaTsekHOTxGZMUtjBN+b6b8KnEBl0rDsolqV70G/MGA7li0BnPNpgwgK8kgYBQkT
k2JnmlOTptgAnODwPjqlSouU39zldir08aK6mUY1+fHjUbKFflXUv+WCHsUJQ7/V
q7C4uqSqx/115LY/bLN7ucWq5bDh+XX4T0ZVU3zbPmGLsYsTO4d8OylUVrShFwLS
qTQeOZbwhOyEcnuqi0aad79IQMzQbWpYJfO/7i++obgloIBmmP9xWS3VSwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFDKFOyy21rAsbw31MBXtiMuXapZ5MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTW9VN0xMYldzQ3h2RGZVd0ZlMkl5NWRxbG5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAHzhWAwQA
HzkfAwQAHzl6AwQBHzl8AwQAHzmMMAwDBAEfOaIDBAEfOaQDBAAfObQDBAAfOd0w
DAMEAB86KQMEAB86KgMEAB86MDANBgkqhkiG9w0BAQsFAAOCAQEAcMQZ6IHNwjU/
KQRKhYhOdqLWkGqRGGrKikWNG+GlfNb41DZbZUb9K398fLBIKjMbsQgsfaOs+qyE
Ljd3k41A+sOw0PPLVuvatpOBQK6OdZe+aOL0J80CZbPQG+80WcZ8IgxNK6QHmrA0
JxHnCIqJcPRxmuBdcUIPWm8Ao7nPHTgXPCfpShqLWEq4ZvuKEoQUfqenI/gp+STA
b2b2EQ0IYKApjKdGL7c0+aELU8BTwAOLBX0Mab8ya7Ell/PDvnzEHsn7Hz2OGpyQ
TWaU+czop1uj4XHZTZQ7io+y3axvpJ8fnvxuY43DseG0jy3boMcCKozKpahjMU7d
mWBeTiHd1Q==
-----END CERTIFICATE-----
Generated at Sat Sep 13 19:44:18 2025 by rpki-client