Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Rigz5qqvbXuD17tyHGSJrhhAyB8.roa
File: Rigz5qqvbXuD17tyHGSJrhhAyB8.roa (raw, json)
Hash identifier: hVjZ3tLFwMDwlBC6JdIfgefsRhC7LwKZdFiQUkdpSjs=
Subject key identifier: 46:28:33:E6:AA:AF:6D:7B:83:D7:BB:72:1C:64:89:AE:18:40:C8:1F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019716584E23C807F88C7204FB68F77D835C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Rigz5qqvbXuD17tyHGSJrhhAyB8.roa
Signing time: Wed 28 May 2025 10:02:55 +0000
ROA not before: Wed 28 May 2025 10:02:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 31.58.36.0/22 maxlen: 24
31.58.44.0/22 maxlen: 24
31.58.52.0/22 maxlen: 24
31.58.60.0/22 maxlen: 24
31.59.196.0/22 maxlen: 24
31.59.200.0/22 maxlen: 24
31.59.204.0/22 maxlen: 24
31.59.208.0/22 maxlen: 24
31.59.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:16:58:4e:23:c8:07:f8:8c:72:04:fb:68:f7:7d:83:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 28 10:02:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=462833e6aaaf6d7b83d7bb721c6489ae1840c81f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:34:1e:8a:7b:37:08:d1:b2:02:37:e9:73:50:
83:d7:d2:7c:9a:9f:61:0c:07:9b:6c:d8:81:66:0c:
66:a3:e2:5b:ee:e1:bb:b5:08:90:e3:52:0d:bf:d4:
b4:5f:c4:fc:76:ce:cd:40:5f:b8:67:d6:24:77:dd:
01:a1:ec:d4:c6:0b:d8:16:a6:34:15:01:65:c7:5b:
ad:3e:63:58:40:09:32:8d:e4:ab:46:77:fb:eb:32:
b3:64:ca:5c:84:88:c1:50:a1:06:2b:31:a8:3a:3f:
d4:7f:e9:94:ff:c1:7d:ab:85:a7:f8:d7:bf:f0:69:
14:38:5e:6b:cd:84:10:02:49:cd:8f:1e:2f:ff:a4:
d6:c1:d0:80:81:01:10:9e:c5:22:ff:96:fd:b7:99:
d8:ba:93:ef:18:61:f6:eb:f9:3d:a1:fa:f6:24:dc:
a6:5a:9b:28:36:9a:7e:04:a8:53:c7:a0:16:dd:2d:
c9:58:13:8d:ac:41:b7:03:47:5c:ea:0c:02:f2:23:
65:58:a8:21:74:1e:db:a7:d4:5d:cd:83:71:79:43:
8e:d2:5d:e5:13:01:df:45:e2:b3:77:c4:c6:88:1d:
e0:46:f9:cd:e7:f7:9b:8c:18:1d:d5:79:80:8a:dc:
db:4a:47:82:f3:96:d7:47:00:48:4b:7e:e9:bc:48:
62:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:28:33:E6:AA:AF:6D:7B:83:D7:BB:72:1C:64:89:AE:18:40:C8:1F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Rigz5qqvbXuD17tyHGSJrhhAyB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.36.0/22
31.58.44.0/22
31.58.52.0/22
31.58.60.0/22
31.59.196.0-31.59.211.255
31.59.220.0/22
Signature Algorithm: sha256WithRSAEncryption
39:8e:dc:52:ed:00:7c:82:6d:18:82:00:28:4e:2b:77:c7:76:
0b:b5:dc:44:32:b9:ab:8e:b9:2e:01:40:f3:35:22:b5:04:87:
74:21:2a:ca:f0:1f:de:b0:2e:b3:a6:43:5d:4e:5a:cf:b6:c8:
75:f1:27:96:74:13:e8:da:37:bf:0b:e7:51:b8:12:ff:eb:e6:
f6:6d:1b:68:03:23:c9:8e:54:f8:8e:17:38:e7:68:3c:bc:6b:
ac:cf:01:a2:c6:4d:32:9e:33:d5:3d:dd:25:b1:ce:dd:3e:ac:
94:63:b9:e5:bc:cb:05:07:94:47:cc:2f:5e:5e:9f:29:60:1c:
7e:ba:df:3b:27:cc:da:83:ba:ad:19:d7:a3:6f:c4:eb:de:a7:
3d:b9:97:99:7c:af:ca:01:b1:88:47:f1:14:10:51:5a:a4:c9:
6f:dd:e3:05:47:2c:8b:73:c7:21:fb:5a:7b:1e:89:1e:d8:cb:
61:81:88:8f:6c:c1:47:39:43:dc:9c:0d:9c:84:1e:a8:12:70:
12:a5:3c:e4:44:b0:a2:61:1a:60:97:b5:14:0e:3c:92:db:bc:
86:55:c8:a9:7f:12:de:0c:e0:6a:ee:8f:7f:0c:f5:a7:62:6e:
e0:db:8f:bb:cc:4a:12:a7:5e:f7:12:df:72:26:30:de:a9:dd:
4d:29:2a:ac
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZcWWE4jyAf4jHIE+2j3fYNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTI4MTAwMjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjI4MzNlNmFhYWY2ZDdiODNkN2JiNzIxYzY0ODlhZTE4NDBjODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDQeins3CNGyAjfpc1CD19J8mp9h
DAebbNiBZgxmo+Jb7uG7tQiQ41INv9S0X8T8ds7NQF+4Z9Ykd90BoezUxgvYFqY0
FQFlx1utPmNYQAkyjeSrRnf76zKzZMpchIjBUKEGKzGoOj/Uf+mU/8F9q4Wn+Ne/
8GkUOF5rzYQQAknNjx4v/6TWwdCAgQEQnsUi/5b9t5nYupPvGGH26/k9ofr2JNym
WpsoNpp+BKhTx6AW3S3JWBONrEG3A0dc6gwC8iNlWKghdB7bp9RdzYNxeUOO0l3l
EwHfReKzd8TGiB3gRvnN5/ebjBgd1XmAitzbSkeC85bXRwBIS37pvEhi6wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFEYoM+aqr217g9e7chxkia4YQMgfMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUmlnejVxcXZiWHVEMTd0eUhHU0pyaGhBeUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCHzokAwQC
HzosAwQCHzo0AwQCHzo8MAwDBAIfO8QDBAIfO9ADBAIfO9wwDQYJKoZIhvcNAQEL
BQADggEBADmO3FLtAHyCbRiCAChOK3fHdgu13EQyuauOuS4BQPM1IrUEh3QhKsrw
H96wLrOmQ11OWs+2yHXxJ5Z0E+jaN78L51G4Ev/r5vZtG2gDI8mOVPiOFzjnaDy8
a6zPAaLGTTKeM9U93SWxzt0+rJRjueW8ywUHlEfML15enylgHH663zsnzNqDuq0Z
16NvxOvepz25l5l8r8oBsYhH8RQQUVqkyW/d4wVHLItzxyH7WnseiR7Yy2GBiI9s
wUc5Q9ycDZyEHqgScBKlPOREsKJhGmCXtRQOPJLbvIZVyKl/Et4M4Gruj38M9adi
buDbj7vMShKnXvcS33ImMN6p3U0pKqw=
-----END CERTIFICATE-----
Generated at Thu Jun 5 04:17:11 2025 by rpki-client