Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/O7CnWrLyGAT5fTFiXYl5XsuPQ1g.roa
File: O7CnWrLyGAT5fTFiXYl5XsuPQ1g.roa (raw, json)
Hash identifier: O4By6ntTJOW3di72nZAZVOXRvGXsjrBXuSR4Kp8y6eE=
Subject key identifier: 3B:B0:A7:5A:B2:F2:18:04:F9:7D:31:62:5D:89:79:5E:CB:8F:43:58
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0197D64878231679DA5F793D20F4B66595E0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/O7CnWrLyGAT5fTFiXYl5XsuPQ1g.roa
Signing time: Fri 04 Jul 2025 16:32:42 +0000
ROA not before: Fri 04 Jul 2025 16:32:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.28.0/22 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.77.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.117.0/24 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.180.0/22 maxlen: 24
31.56.180.0/23 maxlen: 23
31.56.188.0/22 maxlen: 24
31.56.190.0/23 maxlen: 23
31.56.198.0/23 maxlen: 24
31.56.200.0/22 maxlen: 24
31.56.208.0/22 maxlen: 24
31.56.212.0/22 maxlen: 24
31.56.220.0/23 maxlen: 23
31.56.224.0/23 maxlen: 23
31.56.228.0/22 maxlen: 24
31.56.230.0/23 maxlen: 23
31.56.233.0/24 maxlen: 24
31.56.236.0/22 maxlen: 24
31.56.236.0/23 maxlen: 23
31.57.12.0/23 maxlen: 24
31.57.36.0/23 maxlen: 24
31.57.38.0/23 maxlen: 23
31.57.52.0/22 maxlen: 24
31.57.56.0/22 maxlen: 24
31.57.60.0/22 maxlen: 24
31.57.60.0/24 maxlen: 24
31.57.94.0/23 maxlen: 23
31.57.104.0/21 maxlen: 24
31.57.120.0/22 maxlen: 24
31.57.120.0/23 maxlen: 23
31.57.124.0/22 maxlen: 24
31.57.126.0/23 maxlen: 23
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.168.0/22 maxlen: 24
31.57.176.0/21 maxlen: 21
31.57.184.0/22 maxlen: 24
31.57.186.0/23 maxlen: 23
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.216.0/24 maxlen: 24
31.57.217.0/24 maxlen: 24
31.57.224.0/22 maxlen: 22
31.57.225.0/24 maxlen: 24
31.57.231.0/24 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.250.0/24 maxlen: 24
31.57.251.0/24 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.64.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.172.0/22 maxlen: 24
31.58.220.0/22 maxlen: 22
31.58.224.0/22 maxlen: 24
31.58.226.0/24 maxlen: 24
31.59.76.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.128.0/24 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.136.0/24 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.212.0/22 maxlen: 24
31.59.212.0/24 maxlen: 24
31.59.213.0/24 maxlen: 24
31.59.224.0/22 maxlen: 22
31.59.232.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d6:48:78:23:16:79:da:5f:79:3d:20:f4:b6:65:95:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 4 16:32:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bb0a75ab2f21804f97d31625d89795ecb8f4358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d3:b3:59:89:65:d1:76:f8:ec:89:c7:96:3c:
25:f3:59:53:da:67:97:bd:38:04:e3:54:8f:eb:7a:
30:39:e7:05:dc:e6:c8:4a:09:9a:c0:29:10:e7:6a:
b7:cb:dd:fa:94:92:47:1a:b9:60:83:a1:d4:fb:60:
02:e2:f1:43:cd:f8:7d:d9:78:20:53:7b:b9:d4:66:
35:ea:53:a7:a0:7d:24:6d:e0:e7:9b:62:66:5f:69:
e4:1c:86:c4:4a:38:87:f3:ef:4f:d9:5f:60:63:7d:
e8:87:b8:8f:39:71:1b:d2:2f:1c:34:f6:f2:fb:45:
44:d6:a7:9f:d3:af:a5:b2:21:52:aa:fd:15:54:6d:
b5:80:b2:d3:30:83:e9:d9:e0:c8:67:ed:bc:f4:5b:
db:2b:ff:c2:74:e0:75:1b:36:c7:fc:6d:32:e6:3d:
73:77:a3:dd:23:ee:09:ed:78:f1:e6:5c:46:ff:f0:
45:8a:ab:72:33:08:f2:3c:66:c5:cf:4c:5a:43:d3:
29:54:2f:5d:f3:bb:f3:bb:97:bb:2e:62:db:31:53:
ad:1b:4d:4d:95:b9:6a:81:5b:34:4c:10:3e:1b:9f:
99:a1:d5:48:2a:fc:98:ae:7a:5b:21:c3:68:68:51:
45:d3:e7:e8:da:e8:2f:89:f6:c8:56:17:4f:83:49:
4e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B0:A7:5A:B2:F2:18:04:F9:7D:31:62:5D:89:79:5E:CB:8F:43:58
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/O7CnWrLyGAT5fTFiXYl5XsuPQ1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.28.0/22
31.56.57.0/24
31.56.77.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.117.0-31.56.123.255
31.56.180.0/22
31.56.188.0/22
31.56.198.0-31.56.203.255
31.56.208.0/21
31.56.220.0/23
31.56.224.0/23
31.56.228.0/22
31.56.233.0/24
31.56.236.0/22
31.57.12.0/23
31.57.36.0/22
31.57.52.0-31.57.63.255
31.57.94.0/23
31.57.104.0/21
31.57.120.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.168.0/22
31.57.176.0-31.57.187.255
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.231.0-31.57.235.255
31.57.250.0-31.57.255.255
31.58.34.0/23
31.58.50.0/23
31.58.64.0/23
31.58.68.0/22
31.58.84.0/22
31.58.152.0/22
31.58.172.0/22
31.58.220.0-31.58.227.255
31.59.76.0/22
31.59.96.0/22
31.59.112.0/22
31.59.128.0/24
31.59.136.0-31.59.151.255
31.59.160.0/21
31.59.212.0/22
31.59.224.0/22
31.59.232.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:ee:b8:fa:85:26:24:87:57:27:1a:09:fc:d8:35:3b:bd:cf:
57:c6:a6:9c:53:a7:e7:29:05:1f:0b:90:be:55:d5:e1:23:b9:
21:b8:b2:ea:3b:cf:cb:65:36:e9:a9:91:41:d2:f3:ca:58:36:
da:52:47:f1:5f:13:9d:01:08:21:4d:d0:3b:70:44:18:77:76:
ef:2d:21:6a:71:40:b3:67:5e:7a:12:30:b1:5b:ff:43:b8:a8:
b6:3a:7c:0e:fb:58:49:fb:8c:d1:32:43:f2:03:c2:d0:c8:58:
6b:22:6b:6f:05:ef:a0:f1:35:ac:96:c7:ca:26:b4:1d:38:88:
58:2f:1c:1b:13:72:88:72:25:72:e6:56:7e:77:90:fc:76:c5:
62:b0:bb:dd:2d:8e:4b:a4:f6:83:2b:ca:4b:c3:ac:51:ad:c2:
c8:8b:63:58:59:b8:f1:b2:93:89:51:c8:8f:8e:e7:eb:ba:9f:
11:2e:6d:8f:db:75:3a:2a:61:c4:b2:49:2f:01:b1:7b:9c:50:
b2:4c:98:8e:67:b0:2c:2a:80:22:9e:8e:cd:ef:68:61:d1:a5:
51:3c:8a:c3:ab:d3:ab:15:c9:6e:d9:28:4c:8a:ec:f8:4a:52:
3c:d4:75:5b:a7:bd:f8:b2:b3:0c:b8:c7:c6:23:63:68:38:06:
2a:c9:b9:99
-----BEGIN CERTIFICATE-----
MIIGdDCCBVygAwIBAgISAZfWSHgjFnnaX3k9IPS2ZZXgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzA0MTYzMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmIwYTc1YWIyZjIxODA0Zjk3ZDMxNjI1ZDg5Nzk1ZWNiOGY0MzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9OzWYll0Xb47InHljwl81lT2meX
vTgE41SP63owOecF3ObISgmawCkQ52q3y936lJJHGrlgg6HU+2AC4vFDzfh92Xgg
U3u51GY16lOnoH0kbeDnm2JmX2nkHIbESjiH8+9P2V9gY33oh7iPOXEb0i8cNPby
+0VE1qef06+lsiFSqv0VVG21gLLTMIPp2eDIZ+289FvbK//CdOB1GzbH/G0y5j1z
d6PdI+4J7Xjx5lxG//BFiqtyMwjyPGbFz0xaQ9MpVC9d87vzu5e7LmLbMVOtG01N
lblqgVs0TBA+G5+ZodVIKvyYrnpbIcNoaFFF0+fo2ugvifbIVhdPg0lOTwIDAQAB
o4IDgDCCA3wwHQYDVR0OBBYEFDuwp1qy8hgE+X0xYl2JeV7Lj0NYMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTzdDbldyTHlHQVQ1ZlRGaVhZbDVYc3VQUTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlAYIKwYBBQUHAQcBAf8EggGDMIIBfzCCAXsEAgABMIIB
cwMEAR84BAMEAh84HAMEAB84OQMEAB84TQMEAR84WgMEAx84aAMEAR84cjAMAwQA
Hzh1AwQCHzh4AwQCHzi0AwQCHzi8MAwDBAEfOMYDBAIfOMgDBAMfONADBAEfONwD
BAEfOOADBAIfOOQDBAAfOOkDBAIfOOwDBAEfOQwDBAIfOSQwDAMEAh85NAMEBh85
AAMEAR85XgMEAx85aAMEAx85eAMEAR85hAMEAx85iAMEAR85kgMEAh85qDAMAwQE
HzmwAwQCHzm4AwQCHznAAwQBHznIMAwDBAQfOdADBAIfOeAwDAMEAB855wMEAh85
6DALAwQBHzn6AwMBHzgDBAEfOiIDBAEfOjIDBAEfOkADBAIfOkQDBAIfOlQDBAIf
OpgDBAIfOqwwDAMEAh863AMEAh864AMEAh87TAMEAh87YAMEAh87cAMEAB87gDAM
AwQDHzuIAwQDHzuQAwQDHzugAwQCHzvUAwQCHzvgAwQCHzvoMA0GCSqGSIb3DQEB
CwUAA4IBAQBL7rj6hSYkh1cnGgn82DU7vc9XxqacU6fnKQUfC5C+VdXhI7khuLLq
O8/LZTbpqZFB0vPKWDbaUkfxXxOdAQghTdA7cEQYd3bvLSFqcUCzZ156EjCxW/9D
uKi2OnwO+1hJ+4zRMkPyA8LQyFhrImtvBe+g8TWslsfKJrQdOIhYLxwbE3KIciVy
5lZ+d5D8dsVisLvdLY5LpPaDK8pLw6xRrcLIi2NYWbjxspOJUciPjufrup8RLm2P
23U6KmHEskkvAbF7nFCyTJiOZ7AsKoAino7N72hh0aVRPIrDq9OrFclu2ShMiuz4
SlI81HVbp734srMMuMfGI2NoOAYqybmZ
-----END CERTIFICATE-----
Generated at Sat Jul 5 20:59:38 2025 by rpki-client