Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XnZWpVYBkvPg2rDi4U1cPt6ZZmU.roa
File: XnZWpVYBkvPg2rDi4U1cPt6ZZmU.roa (raw, json)
Hash identifier: PNSDSSuhqXf4K8Qk3YVaBL/hLAf4YE3vBX0surro5Ks=
Subject key identifier: 5E:76:56:A5:56:01:92:F3:E0:DA:B0:E2:E1:4D:5C:3E:DE:99:66:65
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A6530561238AC8EE980734CFFD481EB94
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XnZWpVYBkvPg2rDi4U1cPt6ZZmU.roa
Signing time: Sat 08 Nov 2025 20:37:37 +0000
ROA not before: Sat 08 Nov 2025 20:37:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215242
IP address blocks: 31.56.213.0/24 maxlen: 24
31.56.214.0/24 maxlen: 24
31.58.211.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
217.60.251.0/24 maxlen: 24
217.60.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Nov 2025 15:11:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:65:30:56:12:38:ac:8e:e9:80:73:4c:ff:d4:81:eb:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 8 20:37:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e7656a5560192f3e0dab0e2e14d5c3ede996665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3e:fa:78:dd:73:d8:d8:32:06:cb:8c:ab:07:
1c:2b:64:42:ff:99:60:29:ea:83:b8:6b:82:fb:2f:
13:26:f1:2a:3b:71:cb:05:ab:9e:1d:58:bd:da:82:
bc:ec:c2:ea:42:9b:92:ae:35:4c:2b:ce:59:95:06:
9d:bd:c1:00:03:31:bd:66:9e:c4:a9:1f:b9:59:dc:
95:d3:99:d9:c8:c6:a9:99:44:f1:ab:fb:ae:19:c3:
14:a9:b6:9a:86:45:c9:87:52:27:66:41:44:e2:13:
d7:72:e9:f0:50:ad:da:3f:b2:4b:ac:9c:11:72:ff:
7c:7c:bd:67:33:bb:09:d7:c7:2a:15:35:03:c9:a9:
15:03:86:54:6e:fc:39:d8:35:59:7e:55:93:22:4a:
f0:93:22:3c:ff:c0:d7:78:85:1a:92:99:77:6e:3c:
92:16:53:6d:43:28:6c:01:1f:f0:35:11:0b:4a:f2:
bc:ae:df:cd:2e:d1:47:52:7f:2e:39:06:b0:f5:53:
18:e7:9f:e2:e3:b2:de:56:39:f5:8a:63:12:1b:b2:
3c:a6:02:64:af:1d:73:bc:29:22:ff:b4:f0:a9:b9:
1c:78:77:ce:55:eb:1c:9b:49:c4:d9:eb:7f:9f:01:
56:a2:28:21:2b:6a:51:bb:41:81:bd:50:97:43:b5:
aa:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:76:56:A5:56:01:92:F3:E0:DA:B0:E2:E1:4D:5C:3E:DE:99:66:65
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XnZWpVYBkvPg2rDi4U1cPt6ZZmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.213.0-31.56.214.255
31.58.211.0/24
31.58.236.0/24
31.58.246.0/23
31.58.249.0-31.58.251.255
217.60.251.0/24
217.60.254.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:75:d9:7d:03:1e:90:b9:57:b1:6d:47:48:bd:f0:e7:a0:82:
6c:a6:57:db:0f:3a:0d:03:06:25:da:ed:11:fa:cc:e3:a5:a4:
18:cd:86:b1:8a:a1:e2:9f:30:b8:e9:f8:2d:da:0b:85:95:90:
50:a9:71:cb:6a:8f:e1:52:b1:75:3a:99:55:d8:a3:3c:37:e8:
da:68:71:63:b8:1d:5e:60:5f:0c:ea:eb:f1:f2:32:59:1c:3f:
39:87:84:bf:9d:2d:99:be:85:a7:79:5f:2d:2a:9f:a9:2b:02:
db:3f:86:44:e8:7c:25:65:c5:62:ec:17:a3:ab:5d:0c:1f:1c:
f7:05:a3:5e:9a:9d:0b:18:a3:89:cb:20:ba:60:c8:a1:81:f4:
ed:c8:f3:b5:32:89:d2:33:ac:51:58:39:90:44:31:b4:9b:eb:
a7:11:5d:58:aa:fd:a0:0f:4c:e0:0a:71:53:65:fc:68:66:92:
06:2f:95:c3:3b:22:ec:b1:86:98:26:d7:6d:1b:09:a9:1a:f4:
5f:a1:c4:22:3b:25:ab:cc:31:60:14:b9:2b:d9:9e:ec:b5:3c:
57:c2:8f:c2:52:ae:2f:f2:be:ce:e1:9c:e1:f7:0c:5d:82:f0:
1f:19:af:5a:28:2e:77:76:3a:38:35:d0:52:29:54:44:a7:39:
4b:56:29:d9
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZplMFYSOKyO6YBzTP/UgeuUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTA4MjAzNzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc2NTZhNTU2MDE5MmYzZTBkYWIwZTJlMTRkNWMzZWRlOTk2NjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0D76eN1z2NgyBsuMqwccK2RC/5lg
KeqDuGuC+y8TJvEqO3HLBaueHVi92oK87MLqQpuSrjVMK85ZlQadvcEAAzG9Zp7E
qR+5WdyV05nZyMapmUTxq/uuGcMUqbaahkXJh1InZkFE4hPXcunwUK3aP7JLrJwR
cv98fL1nM7sJ18cqFTUDyakVA4ZUbvw52DVZflWTIkrwkyI8/8DXeIUakpl3bjyS
FlNtQyhsAR/wNRELSvK8rt/NLtFHUn8uOQaw9VMY55/i47LeVjn1imMSG7I8pgJk
rx1zvCki/7TwqbkceHfOVescm0nE2et/nwFWoighK2pRu0GBvVCXQ7WqdwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFF52VqVWAZLz4Nqw4uFNXD7emWZlMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWG5aV3BWWUJrdlBnMnJEaTRVMWNQdDZaWm1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6MAwDBAAfONUD
BAAfONYDBAAfOtMDBAAfOuwDBAEfOvYwDAMEAB86+QMEAh86+AMEANk8+wMEANk8
/jANBgkqhkiG9w0BAQsFAAOCAQEAvHXZfQMekLlXsW1HSL3w56CCbKZX2w86DQMG
JdrtEfrM46WkGM2GsYqh4p8wuOn4LdoLhZWQUKlxy2qP4VKxdTqZVdijPDfo2mhx
Y7gdXmBfDOrr8fIyWRw/OYeEv50tmb6Fp3lfLSqfqSsC2z+GROh8JWXFYuwXo6td
DB8c9wWjXpqdCxijicsgumDIoYH07cjztTKJ0jOsUVg5kEQxtJvrpxFdWKr9oA9M
4ApxU2X8aGaSBi+Vwzsi7LGGmCbXbRsJqRr0X6HEIjslq8wxYBS5K9me7LU8V8KP
wlKuL/K+zuGc4fcMXYLwHxmvWigud3Y6ODXQUilURKc5S1Yp2Q==
-----END CERTIFICATE-----
Generated at Thu Nov 13 20:52:54 2025 by rpki-client