Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MzhbtxGf30OLfYeJPmDgXE99xeQ.roa
File: MzhbtxGf30OLfYeJPmDgXE99xeQ.roa (raw, json)
Hash identifier: krLUZPcjw5Hoe7o0X2qZv78EzySUJuWKlVCXy42gg9U=
Subject key identifier: 33:38:5B:B7:11:9F:DF:43:8B:7D:87:89:3E:60:E0:5C:4F:7D:C5:E4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01990ED310C2C7825047E4235D21AB09B5D3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MzhbtxGf30OLfYeJPmDgXE99xeQ.roa
Signing time: Wed 03 Sep 2025 09:05:37 +0000
ROA not before: Wed 03 Sep 2025 09:05:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.57.31.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.59.79.0/24 maxlen: 24
31.59.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 15 Sep 2025 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0e:d3:10:c2:c7:82:50:47:e4:23:5d:21:ab:09:b5:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 3 09:05:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33385bb7119fdf438b7d87893e60e05c4f7dc5e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5d:c2:38:66:39:84:fc:15:aa:ed:5a:4f:f3:
5c:4f:b2:0a:3e:9f:76:40:45:09:93:0c:51:3b:e6:
6c:2a:6a:9f:0b:4f:b2:02:a5:73:d4:a5:16:f1:85:
d4:0d:de:28:d1:4e:bd:c6:e2:ed:58:f3:af:e6:f3:
5d:24:6c:ad:0e:38:0b:e6:3f:af:28:91:2e:9b:7f:
bf:1d:1c:48:57:7a:6b:2f:22:c2:96:3e:2f:80:df:
97:04:1c:10:8e:30:59:00:55:c9:42:86:83:fc:5f:
48:a8:54:3d:a8:7e:82:0d:f7:74:c9:a6:ba:e1:c7:
ec:98:0d:17:b4:9e:15:6f:b5:13:b2:7a:02:3f:bc:
d0:1c:06:8c:79:52:79:df:5e:46:2c:84:9e:47:de:
ad:96:3a:1e:07:82:b3:89:fc:31:da:dd:87:e5:41:
3c:a1:79:0d:a6:d0:4f:93:6f:bd:07:d1:a0:22:0b:
04:41:da:69:07:64:33:46:84:30:83:ef:8f:e5:18:
71:c1:0e:d5:2c:16:03:cc:d0:db:19:22:82:9e:fa:
3e:c6:a2:ad:5f:bc:d9:96:0d:ba:31:bd:16:11:f8:
3b:80:3d:67:ad:12:5e:d3:a1:60:03:81:31:7a:e7:
b0:1c:76:7e:ce:bd:83:95:27:3b:36:fb:3a:b4:86:
0d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:38:5B:B7:11:9F:DF:43:8B:7D:87:89:3E:60:E0:5C:4F:7D:C5:E4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MzhbtxGf30OLfYeJPmDgXE99xeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.126.0/24
31.56.142.0/23
31.56.148.0/22
31.57.31.0/24
31.57.114.0/24
31.57.116.0/24
31.59.79.0/24
31.59.228.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:9a:4f:29:f3:e5:09:c5:0a:49:c1:59:50:66:73:fa:71:ec:
45:5e:03:ce:9b:64:97:3b:24:03:2f:06:26:04:ea:c5:fc:9c:
95:e5:b8:e3:93:7d:08:98:60:b8:8b:d3:64:9b:70:d4:0b:99:
30:6d:19:c6:75:ae:7f:02:85:eb:23:86:f5:c2:5a:03:d3:c2:
7a:27:50:98:55:b1:17:8c:09:f0:76:3f:bd:4e:a0:e4:12:03:
c5:9c:6f:a8:bb:2b:e0:57:60:70:b2:b4:92:fd:31:9e:72:21:
e4:f4:c3:88:f5:d3:63:10:ac:57:2e:d9:f3:89:3f:9f:64:48:
4f:31:d8:54:a1:0c:e8:f4:2d:98:95:8a:3f:ec:3b:84:e7:f4:
1b:8a:61:24:b4:0d:f5:f7:39:d3:af:b7:29:9a:83:47:2f:ae:
b1:94:a8:ce:17:77:bf:bd:48:ae:d9:f5:a4:8c:ee:c9:3c:3a:
30:52:93:8e:c6:ff:26:91:3f:0f:ef:c2:aa:67:54:8f:50:0d:
a4:c5:57:7a:c9:43:1c:8d:f3:de:5e:8b:42:5e:48:9d:41:1b:
6e:8a:03:eb:da:2d:92:16:1f:a3:d9:ec:23:a4:cc:f4:79:03:
33:d7:1e:30:5e:73:3b:c7:71:cc:be:ab:8f:9d:0e:df:fe:5f:
00:af:9c:5f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZkO0xDCx4JQR+QjXSGrCbXTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwOTAzMDkwNTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzM4NWJiNzExOWZkZjQzOGI3ZDg3ODkzZTYwZTA1YzRmN2RjNWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy13COGY5hPwVqu1aT/NcT7IKPp92
QEUJkwxRO+ZsKmqfC0+yAqVz1KUW8YXUDd4o0U69xuLtWPOv5vNdJGytDjgL5j+v
KJEum3+/HRxIV3prLyLClj4vgN+XBBwQjjBZAFXJQoaD/F9IqFQ9qH6CDfd0yaa6
4cfsmA0XtJ4Vb7UTsnoCP7zQHAaMeVJ5315GLISeR96tljoeB4Kzifwx2t2H5UE8
oXkNptBPk2+9B9GgIgsEQdppB2QzRoQwg++P5RhxwQ7VLBYDzNDbGSKCnvo+xqKt
X7zZlg26Mb0WEfg7gD1nrRJe06FgA4ExeuewHHZ+zr2DlSc7Nvs6tIYNAwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDM4W7cRn99Di32HiT5g4FxPfcXkMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTXpoYnR4R2YzME9MZlllSlBtRGdYRTk5eGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDHzgIAwQA
Hzh+AwQBHziOAwQCHziUAwQAHzkfAwQAHzlyAwQAHzl0AwQAHztPAwQAHzvkMA0G
CSqGSIb3DQEBCwUAA4IBAQC1mk8p8+UJxQpJwVlQZnP6cexFXgPOm2SXOyQDLwYm
BOrF/JyV5bjjk30ImGC4i9Nkm3DUC5kwbRnGda5/AoXrI4b1wloD08J6J1CYVbEX
jAnwdj+9TqDkEgPFnG+ouyvgV2BwsrSS/TGeciHk9MOI9dNjEKxXLtnziT+fZEhP
MdhUoQzo9C2YlYo/7DuE5/QbimEktA319znTr7cpmoNHL66xlKjOF3e/vUiu2fWk
jO7JPDowUpOOxv8mkT8P78KqZ1SPUA2kxVd6yUMcjfPeXotCXkidQRtuigPr2i2S
Fh+j2ewjpMz0eQMz1x4wXnM7x3HMvquPnQ7f/l8Ar5xf
-----END CERTIFICATE-----
Generated at Sun Sep 14 11:35:27 2025 by rpki-client