Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XReJHOEJSqUQagIwrmBNKUHRkdc.roa
File: XReJHOEJSqUQagIwrmBNKUHRkdc.roa (raw, json)
Hash identifier: dYO0zrw2ROkPs6EYVJH62VxadIiMgrJFr00YbMizd0A=
Subject key identifier: 5D:17:89:1C:E1:09:4A:A5:10:6A:02:30:AE:60:4D:29:41:D1:91:D7
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A7BEB6E689C6FAA0882E27BA1244D1B84
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XReJHOEJSqUQagIwrmBNKUHRkdc.roa
Signing time: Thu 13 Nov 2025 06:33:38 +0000
ROA not before: Thu 13 Nov 2025 06:33:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 31.56.49.0/24 maxlen: 24
31.56.103.0/24 maxlen: 24
31.56.210.0/24 maxlen: 24
31.56.212.0/24 maxlen: 24
31.56.223.0/24 maxlen: 24
31.56.234.0/24 maxlen: 24
31.56.235.0/24 maxlen: 24
31.57.35.0/24 maxlen: 24
31.57.121.0/24 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.206.0/24 maxlen: 24
31.57.225.0/24 maxlen: 24
31.58.90.0/24 maxlen: 24
31.58.160.0/24 maxlen: 24
31.58.168.0/24 maxlen: 24
31.58.224.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.59.108.0/24 maxlen: 24
31.59.171.0/24 maxlen: 24
31.59.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Nov 2025 15:11:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:7b:eb:6e:68:9c:6f:aa:08:82:e2:7b:a1:24:4d:1b:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 13 06:33:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d17891ce1094aa5106a0230ae604d2941d191d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d7:ff:14:de:30:f1:df:e0:0a:a6:ce:02:0e:
19:8f:5a:a8:d9:ab:6a:fe:16:d5:06:ff:55:09:6d:
51:1b:56:7e:53:38:fb:8d:cf:ba:11:8b:b9:41:08:
7b:4c:30:19:40:b8:5f:fe:f1:fa:cc:2b:b0:83:d2:
73:99:d3:4b:c2:75:4f:3c:f9:da:28:5f:f4:ca:e9:
b4:22:b3:5b:5a:42:8a:ce:35:3b:65:07:18:43:26:
7e:77:1b:f1:0b:e4:c6:d6:67:3b:0d:b0:87:7f:02:
8e:09:2e:c2:6f:ff:a8:5d:4a:65:2a:b0:0c:ca:b3:
67:14:f4:06:90:ae:84:35:00:84:e1:f8:aa:7e:66:
40:4c:9a:ee:91:a9:d6:b6:af:ec:d1:d2:a6:2a:d7:
be:39:a0:48:d5:76:b2:75:ab:42:d2:28:23:1c:ed:
e8:ad:a2:61:40:3d:b8:fa:a6:a0:3f:2d:3c:e6:7a:
1d:3c:72:b7:71:91:8e:1a:5f:67:49:8a:4b:fb:e1:
79:03:76:99:9e:4c:2e:8e:5d:82:0b:90:15:d7:4b:
5a:8e:0e:3f:60:e4:71:a4:0e:33:8f:65:f6:cd:f1:
82:65:cd:c3:6f:8b:68:08:5a:86:44:8a:7f:ce:69:
3b:ab:33:33:c5:05:22:1e:dc:56:11:0e:37:de:36:
b0:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:17:89:1C:E1:09:4A:A5:10:6A:02:30:AE:60:4D:29:41:D1:91:D7
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XReJHOEJSqUQagIwrmBNKUHRkdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.49.0/24
31.56.103.0/24
31.56.210.0/24
31.56.212.0/24
31.56.223.0/24
31.56.234.0/23
31.57.35.0/24
31.57.121.0/24
31.57.151.0/24
31.57.206.0/24
31.57.225.0/24
31.58.90.0/24
31.58.160.0/24
31.58.168.0/24
31.58.224.0/24
31.58.230.0/23
31.59.108.0/24
31.59.171.0/24
31.59.236.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:f0:c3:d0:3f:4b:69:1f:16:8a:f0:bb:22:ae:bf:82:16:f1:
ab:24:df:2e:54:58:7d:fd:31:1c:cb:44:05:99:42:12:9d:35:
ed:8d:09:a9:19:8c:1c:b0:2b:a2:75:30:18:c8:13:1c:83:2b:
44:79:7f:8d:9e:6c:4f:8d:9d:be:9d:78:32:c5:bf:59:a8:eb:
73:03:ee:b3:d3:c8:84:69:ce:6e:af:cd:9f:36:2d:a8:2e:6f:
4d:b0:31:48:ab:0c:62:3c:a8:f7:b6:4f:c7:09:78:44:db:30:
0d:25:42:45:9f:16:55:ea:02:98:96:20:39:48:ee:1b:20:66:
bc:6a:0c:d2:9f:0b:fd:be:ff:a7:d0:aa:6a:94:02:2a:c1:12:
79:80:58:c6:6d:1d:1b:db:68:96:6e:fa:9e:68:bd:02:1f:88:
f1:6d:f3:d4:b9:b9:7d:39:24:8b:7b:28:9b:f7:aa:35:a5:e9:
33:3d:68:95:50:f9:1c:00:b2:81:01:cc:fa:d9:bb:de:3c:02:
e4:b8:35:77:79:2a:fd:45:f5:d3:fc:8d:6d:94:b3:d4:75:76:
50:3e:d0:f9:58:76:02:5e:71:7c:c3:ec:c8:d1:f6:2d:e6:de:
40:89:d4:9d:d5:2b:2b:02:8c:fe:16:95:48:2e:00:75:e3:32:
01:5f:1f:4b
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZp7625onG+qCILie6EkTRuEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTEzMDYzMzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDE3ODkxY2UxMDk0YWE1MTA2YTAyMzBhZTYwNGQyOTQxZDE5MWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtf/FN4w8d/gCqbOAg4Zj1qo2atq
/hbVBv9VCW1RG1Z+Uzj7jc+6EYu5QQh7TDAZQLhf/vH6zCuwg9JzmdNLwnVPPPna
KF/0yum0IrNbWkKKzjU7ZQcYQyZ+dxvxC+TG1mc7DbCHfwKOCS7Cb/+oXUplKrAM
yrNnFPQGkK6ENQCE4fiqfmZATJrukanWtq/s0dKmKte+OaBI1XaydatC0igjHO3o
raJhQD24+qagPy085nodPHK3cZGOGl9nSYpL++F5A3aZnkwujl2CC5AV10tajg4/
YORxpA4zj2X2zfGCZc3Db4toCFqGRIp/zmk7qzMzxQUiHtxWEQ433jaw5wIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFF0XiRzhCUqlEGoCMK5gTSlB0ZHXMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWFJlSkhPRUpTcVVRYWdJd3JtQk5LVUhSa2RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAB84MQME
AB84ZwMEAB840gMEAB841AMEAB843wMEAR846gMEAB85IwMEAB85eQMEAB85lwME
AB85zgMEAB854QMEAB86WgMEAB86oAMEAB86qAMEAB864AMEAR865gMEAB87bAME
AB87qwMEAh877DANBgkqhkiG9w0BAQsFAAOCAQEAufDD0D9LaR8WivC7Iq6/ghbx
qyTfLlRYff0xHMtEBZlCEp017Y0JqRmMHLAronUwGMgTHIMrRHl/jZ5sT42dvp14
MsW/WajrcwPus9PIhGnObq/NnzYtqC5vTbAxSKsMYjyo97ZPxwl4RNswDSVCRZ8W
VeoCmJYgOUjuGyBmvGoM0p8L/b7/p9CqapQCKsESeYBYxm0dG9tolm76nmi9Ah+I
8W3z1Lm5fTkki3som/eqNaXpMz1olVD5HACygQHM+tm73jwC5Lg1d3kq/UX10/yN
bZSz1HV2UD7Q+Vh2Al5xfMPsyNH2LebeQInUndUrKwKM/haVSC4AdeMyAV8fSw==
-----END CERTIFICATE-----
Generated at Thu Nov 13 20:50:43 2025 by rpki-client