Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VirPNDL0GDufVktFiuSJi8y7oZ8.roa
File: VirPNDL0GDufVktFiuSJi8y7oZ8.roa (raw, json)
Hash identifier: I2gq4ZBMWsnLXARdpjg4HRPCwLX6ELHOxwtvLXJ/gyw=
Subject key identifier: 56:2A:CF:34:32:F4:18:3B:9F:56:4B:45:8A:E4:89:8B:CC:BB:A1:9F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A59F67F69BA0F75554FB7EE32187B37E3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VirPNDL0GDufVktFiuSJi8y7oZ8.roa
Signing time: Thu 06 Nov 2025 16:18:38 +0000
ROA not before: Thu 06 Nov 2025 16:18:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 31.56.211.0/24 maxlen: 24
31.58.239.0/24 maxlen: 24
31.59.186.0/24 maxlen: 24
94.183.160.0/24 maxlen: 24
94.183.174.0/24 maxlen: 24
94.183.175.0/24 maxlen: 24
94.183.176.0/24 maxlen: 24
94.183.180.0/24 maxlen: 24
94.183.181.0/24 maxlen: 24
217.60.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 07 Nov 2025 14:56:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:59:f6:7f:69:ba:0f:75:55:4f:b7:ee:32:18:7b:37:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 6 16:18:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=562acf3432f4183b9f564b458ae4898bccbba19f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c7:54:86:92:be:05:03:cc:0b:91:04:8c:a2:
86:8a:32:a9:1d:fa:84:8a:67:27:e9:73:cd:06:fd:
8d:47:3d:91:ae:7d:b9:31:ea:71:b9:de:09:f1:6d:
70:a7:92:81:84:d7:d4:b5:85:a4:e7:b2:ec:20:aa:
5e:ec:cc:5c:0d:cf:cc:8b:7d:09:ec:01:cc:f8:b0:
cc:5f:f0:b6:7c:e8:df:48:b9:6f:49:cc:2b:e5:bc:
c8:4e:bf:cc:ce:39:70:48:a6:6f:d9:74:c2:e3:cd:
bd:70:a0:2d:6f:e5:4b:16:3f:31:e9:10:ff:6a:84:
37:b4:ca:8e:e1:06:a6:da:d4:49:8a:5a:50:ad:0a:
34:ff:65:b1:85:b1:cd:53:f4:48:17:d6:aa:45:76:
db:ce:6d:54:95:57:6c:3d:30:c0:ff:5a:a4:10:78:
77:a9:f9:86:cf:30:59:59:af:78:72:fb:66:49:c8:
f2:c5:63:89:a7:6f:97:47:aa:69:54:2a:bc:65:95:
f1:be:84:79:d4:fa:4d:b7:76:bf:66:9a:f6:10:48:
f6:5e:19:24:fa:ee:eb:3c:b9:bd:60:78:f1:6f:ed:
1c:7a:92:8b:42:ed:12:6f:da:01:fd:c3:46:69:42:
84:90:b1:60:05:da:79:da:54:be:47:06:1c:9e:aa:
bb:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:2A:CF:34:32:F4:18:3B:9F:56:4B:45:8A:E4:89:8B:CC:BB:A1:9F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/VirPNDL0GDufVktFiuSJi8y7oZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.211.0/24
31.58.239.0/24
31.59.186.0/24
94.183.160.0/24
94.183.174.0-94.183.176.255
94.183.180.0/23
217.60.188.0/22
Signature Algorithm: sha256WithRSAEncryption
75:9c:e9:6e:c2:2c:dc:79:f8:7c:39:53:03:80:59:73:1f:fb:
c5:b4:1e:e3:95:1c:10:32:a0:bd:2d:4b:ca:68:b1:4d:b4:8b:
18:2a:b2:6a:4e:0a:c8:2b:fc:27:ee:57:6a:4c:5d:a6:c5:58:
42:9c:17:5d:b6:dc:13:0d:01:b9:52:6e:8b:0a:01:a5:44:74:
50:9b:dc:88:a1:ed:f3:22:12:05:86:d1:fc:56:e3:2e:3a:60:
28:9b:67:75:41:a9:22:26:22:cd:93:7b:d1:6a:f5:e5:5d:7a:
1e:68:91:26:5d:15:d3:fe:49:ec:8b:33:0c:ad:81:08:d2:bf:
6e:a7:97:c9:80:3d:43:8b:1a:01:ef:0b:df:a1:92:16:2b:45:
8c:31:87:07:95:ed:3c:05:8e:90:cb:76:c1:f7:a7:01:6d:71:
7b:73:25:b4:9d:9e:79:cc:d5:55:44:8a:1b:e3:a8:16:76:38:
3b:47:d7:a1:77:e9:7f:ec:d2:79:c2:46:67:bb:98:9c:d1:14:
e7:1a:6d:86:d8:36:24:7b:6a:87:f0:90:4d:a3:00:72:44:3e:
f4:cc:10:b8:c0:79:a7:78:ff:11:cc:68:95:33:1b:98:79:4a:
9e:a9:0f:65:65:8a:92:9f:72:af:e3:20:a7:5a:a7:de:f7:0c:
be:4f:a4:d5
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZpZ9n9pug91VU+37jIYezfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTA2MTYxODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjJhY2YzNDMyZjQxODNiOWY1NjRiNDU4YWU0ODk4YmNjYmJhMTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMdUhpK+BQPMC5EEjKKGijKpHfqE
imcn6XPNBv2NRz2Rrn25Mepxud4J8W1wp5KBhNfUtYWk57LsIKpe7MxcDc/Mi30J
7AHM+LDMX/C2fOjfSLlvScwr5bzITr/MzjlwSKZv2XTC4829cKAtb+VLFj8x6RD/
aoQ3tMqO4Qam2tRJilpQrQo0/2WxhbHNU/RIF9aqRXbbzm1UlVdsPTDA/1qkEHh3
qfmGzzBZWa94cvtmScjyxWOJp2+XR6ppVCq8ZZXxvoR51PpNt3a/Zpr2EEj2Xhkk
+u7rPLm9YHjxb+0cepKLQu0Sb9oB/cNGaUKEkLFgBdp52lS+RwYcnqq7oQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFYqzzQy9Bg7n1ZLRYrkiYvMu6GfMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVmlyUE5ETDBHRHVmVmt0Rml1U0ppOHk3b1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAHzjTAwQA
HzrvAwQAHzu6AwQAXregMAwDBAFet64DBABet7ADBAFet7QDBALZPLwwDQYJKoZI
hvcNAQELBQADggEBAHWc6W7CLNx5+Hw5UwOAWXMf+8W0HuOVHBAyoL0tS8posU20
ixgqsmpOCsgr/CfuV2pMXabFWEKcF1223BMNAblSbosKAaVEdFCb3Iih7fMiEgWG
0fxW4y46YCibZ3VBqSImIs2Te9Fq9eVdeh5okSZdFdP+SeyLMwytgQjSv26nl8mA
PUOLGgHvC9+hkhYrRYwxhweV7TwFjpDLdsH3pwFtcXtzJbSdnnnM1VVEihvjqBZ2
ODtH16F36X/s0nnCRme7mJzRFOcabYbYNiR7aofwkE2jAHJEPvTMELjAead4/xHM
aJUzG5h5Sp6pD2VlipKfcq/jIKdap973DL5PpNU=
-----END CERTIFICATE-----
Generated at Thu Nov 6 19:47:37 2025 by rpki-client