Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VdUT4tLZyP7N9rSTrruTz20CWIY.roa
File: VdUT4tLZyP7N9rSTrruTz20CWIY.roa (raw, json)
Hash identifier: 8Bt6LQpgGRe+/nM3Eqn6g0k3N5N/eWWmRRxSNetm6HU=
Subject key identifier: 55:D5:13:E2:D2:D9:C8:FE:CD:F6:B4:93:AE:BB:93:CF:6D:02:58:86
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019716584E57DB75E775F20FB40BA200A033
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VdUT4tLZyP7N9rSTrruTz20CWIY.roa
Signing time: Wed 28 May 2025 10:02:55 +0000
ROA not before: Wed 28 May 2025 10:02:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 31.56.73.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.56.239.0/24 maxlen: 24
31.57.113.0/24 maxlen: 24
31.57.153.0/24 maxlen: 24
31.57.236.0/24 maxlen: 24
31.58.43.0/24 maxlen: 24
31.58.128.0/24 maxlen: 24
31.58.162.0/24 maxlen: 24
31.58.164.0/24 maxlen: 24
31.58.166.0/24 maxlen: 24
31.59.88.0/24 maxlen: 24
31.59.122.0/24 maxlen: 24
31.59.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:16:58:4e:57:db:75:e7:75:f2:0f:b4:0b:a2:00:a0:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 28 10:02:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55d513e2d2d9c8fecdf6b493aebb93cf6d025886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:81:6e:43:10:bd:3d:5a:95:cd:70:5d:f4:0c:
a5:1a:b7:f2:c3:ff:40:b9:11:4e:43:c3:02:d5:b3:
bb:2b:81:e4:b7:ba:3f:be:ac:05:6d:e8:46:c0:19:
7c:27:ae:a9:f0:77:dc:15:bd:15:75:4d:7c:30:fb:
f6:4b:1e:57:de:28:38:1d:d9:0d:a3:f0:44:08:62:
08:22:55:47:ac:26:ee:43:fb:dd:05:ad:d7:5d:a6:
0a:40:cb:6a:19:d9:0f:7c:ae:14:7e:cc:c2:1a:f3:
17:99:67:8c:d9:32:63:d0:84:50:c9:37:69:ed:88:
98:4d:ea:d2:a8:e9:63:e5:69:ba:fc:64:e5:83:6c:
6c:08:15:67:18:41:cf:cb:a8:44:c7:15:46:6e:9f:
57:76:ae:9f:94:32:cd:97:33:1c:40:34:c5:d8:0e:
d6:69:f9:12:16:80:52:30:3f:54:60:e3:00:77:a5:
c1:69:a8:7d:c9:8a:9c:a7:8b:be:fd:56:0a:a3:80:
0f:a2:4b:22:79:02:5b:7d:df:33:06:f6:09:e5:d1:
bb:31:43:fb:b0:b9:98:22:e1:e7:e7:31:80:81:51:
a8:6a:1f:47:de:3f:82:60:98:80:0e:47:26:b1:91:
57:80:b4:ab:ba:2a:0f:bf:b8:67:06:76:2a:04:ec:
8f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:D5:13:E2:D2:D9:C8:FE:CD:F6:B4:93:AE:BB:93:CF:6D:02:58:86
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VdUT4tLZyP7N9rSTrruTz20CWIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.73.0/24
31.56.85.0/24
31.56.239.0/24
31.57.113.0/24
31.57.153.0/24
31.57.236.0/24
31.58.43.0/24
31.58.128.0/24
31.58.162.0/24
31.58.164.0/24
31.58.166.0/24
31.59.88.0/24
31.59.122.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:e8:9a:dc:fc:55:02:dc:df:35:85:af:07:4c:89:bf:ab:02:
0b:8a:3d:1e:18:50:89:a5:88:2c:3c:f1:f5:cc:3a:79:c4:8b:
53:e6:d6:dd:5c:7e:88:4f:47:47:20:a1:b3:5d:6c:61:40:a5:
43:bc:79:c7:2d:d5:b4:42:47:1c:3e:8c:a6:4c:5e:73:78:90:
9b:12:ee:3f:1e:33:54:e0:88:10:31:d5:72:b8:dc:52:ee:3e:
3a:62:5e:18:3d:a9:07:22:ae:c2:79:e1:91:93:6f:a6:10:c1:
ed:f0:e6:87:fd:b7:d6:ed:ef:f7:03:64:30:82:36:53:b0:a8:
f5:9c:c7:af:d0:c0:49:c0:a8:3b:c6:04:09:48:65:f3:07:cb:
27:fc:26:90:76:d0:0e:f5:5a:3e:11:ab:03:64:f8:9b:95:4a:
d0:59:69:62:6f:19:e5:21:c6:a1:b2:e9:7d:09:cf:0e:aa:d1:
92:2d:78:27:18:58:3d:ac:44:82:42:28:eb:07:ec:cb:93:5e:
3c:f6:d7:9a:f5:ec:2a:30:f6:be:b1:6c:e6:9f:70:84:e9:1a:
d8:3b:5d:00:60:64:e3:d9:28:a7:4b:fa:03:f1:ef:7f:6f:61:
36:f5:9d:3f:42:57:7a:d4:24:58:8f:30:17:d9:2d:4c:89:09:
e9:b8:59:87
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZcWWE5X23XndfIPtAuiAKAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTI4MTAwMjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWQ1MTNlMmQyZDljOGZlY2RmNmI0OTNhZWJiOTNjZjZkMDI1ODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIFuQxC9PVqVzXBd9AylGrfyw/9A
uRFOQ8MC1bO7K4Hkt7o/vqwFbehGwBl8J66p8HfcFb0VdU18MPv2Sx5X3ig4HdkN
o/BECGIIIlVHrCbuQ/vdBa3XXaYKQMtqGdkPfK4UfszCGvMXmWeM2TJj0IRQyTdp
7YiYTerSqOlj5Wm6/GTlg2xsCBVnGEHPy6hExxVGbp9Xdq6flDLNlzMcQDTF2A7W
afkSFoBSMD9UYOMAd6XBaah9yYqcp4u+/VYKo4APoksieQJbfd8zBvYJ5dG7MUP7
sLmYIuHn5zGAgVGoah9H3j+CYJiADkcmsZFXgLSruioPv7hnBnYqBOyPGwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFFXVE+LS2cj+zfa0k667k89tAliGMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVmRVVDR0TFp5UDdOOXJTVHJydVR6MjBDV0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAHzhJAwQA
HzhVAwQAHzjvAwQAHzlxAwQAHzmZAwQAHznsAwQAHzorAwQAHzqAAwQAHzqiAwQA
HzqkAwQAHzqmAwQAHztYAwQBHzt6MA0GCSqGSIb3DQEBCwUAA4IBAQBe6Jrc/FUC
3N81ha8HTIm/qwILij0eGFCJpYgsPPH1zDp5xItT5tbdXH6IT0dHIKGzXWxhQKVD
vHnHLdW0QkccPoymTF5zeJCbEu4/HjNU4IgQMdVyuNxS7j46Yl4YPakHIq7CeeGR
k2+mEMHt8OaH/bfW7e/3A2QwgjZTsKj1nMev0MBJwKg7xgQJSGXzB8sn/CaQdtAO
9Vo+EasDZPiblUrQWWlibxnlIcahsul9Cc8OqtGSLXgnGFg9rESCQijrB+zLk148
9tea9ewqMPa+sWzmn3CE6RrYO10AYGTj2SinS/oD8e9/b2E29Z0/Qld61CRYjzAX
2S1MiQnpuFmH
-----END CERTIFICATE-----
Generated at Thu Jun 5 03:45:35 2025 by rpki-client