Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_lD9qXhYN5NFWAIy-GWNwGOtEFo.roa
File: _lD9qXhYN5NFWAIy-GWNwGOtEFo.roa (raw, json)
Hash identifier: +wtUN133sdeUQYDoh8z0GiaNpoDrlzTQhbgnXRVHDZs=
Subject key identifier: FE:50:FD:A9:78:58:37:93:45:58:02:32:F8:65:8D:C0:63:AD:10:5A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0198803D09771167B15D474F010F0FD8701F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_lD9qXhYN5NFWAIy-GWNwGOtEFo.roa
Signing time: Wed 06 Aug 2025 16:35:40 +0000
ROA not before: Wed 06 Aug 2025 16:35:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.57.31.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.59.79.0/24 maxlen: 24
31.59.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:80:3d:09:77:11:67:b1:5d:47:4f:01:0f:0f:d8:70:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 6 16:35:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe50fda97858379345580232f8658dc063ad105a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:af:41:f7:3f:4d:e4:d4:72:e2:29:53:af:db:
c8:99:89:aa:8a:30:42:51:78:a5:11:f5:51:69:8d:
a2:1b:58:60:b7:4c:30:5e:d8:19:b5:fe:df:79:e2:
16:fe:e5:ba:f0:d5:5a:70:a9:d4:b2:7f:bd:56:73:
f8:c6:48:82:10:c2:ce:45:a0:3e:7f:5a:bc:cc:da:
2b:18:00:10:62:74:f5:db:4a:60:a9:94:6c:7b:87:
1a:66:fc:62:3b:db:e9:fd:2a:17:c8:dc:74:a6:77:
98:45:cf:b7:8e:49:34:f4:1e:df:f0:42:9a:e3:3c:
69:a4:d4:c1:d7:df:9b:39:9c:d0:61:65:57:e6:2e:
75:ca:a3:6e:95:f7:09:5f:3e:11:97:02:8f:bb:8a:
db:33:dd:82:da:4a:53:39:6e:ef:a9:7b:07:37:4a:
55:3e:7e:5f:5b:e0:f0:75:d1:1a:f4:b2:7f:25:d3:
16:60:fe:f8:4c:93:0b:43:8b:c9:65:83:b3:d7:db:
45:52:31:65:be:fd:df:77:56:07:a4:a7:49:a6:6a:
0e:8f:03:0b:81:93:4c:c5:1b:6e:0f:41:20:40:07:
57:9e:e2:08:68:2b:2b:99:4d:eb:85:03:61:52:35:
a7:f6:6e:bf:76:a9:7f:15:d5:ab:65:a8:1b:90:2a:
1c:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:50:FD:A9:78:58:37:93:45:58:02:32:F8:65:8D:C0:63:AD:10:5A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_lD9qXhYN5NFWAIy-GWNwGOtEFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.126.0/24
31.56.142.0/23
31.56.148.0/22
31.57.31.0/24
31.57.114.0/24
31.57.116.0/24
31.59.79.0/24
31.59.228.0/24
Signature Algorithm: sha256WithRSAEncryption
04:9f:1c:70:fc:4e:a7:78:07:8f:bc:a1:a1:f7:ab:f5:41:db:
2a:5b:1f:85:52:76:04:e8:2f:72:7d:40:77:95:12:23:18:d4:
e6:99:a3:7e:cb:bf:73:ba:c9:84:93:cf:42:8d:3d:01:2d:82:
6b:b6:04:08:48:f6:84:63:ed:fd:20:7c:38:39:b5:14:b5:39:
f8:08:51:df:9a:e1:09:b7:5b:a3:37:8b:0d:6a:e0:8b:60:4b:
6d:db:94:cc:e2:91:63:2f:da:5f:42:55:23:2d:5f:34:33:d2:
13:b3:f8:0e:91:ce:88:a3:2b:9f:c8:2f:e7:48:d6:3f:c8:ac:
96:de:29:c7:2c:25:38:f2:31:a1:81:c9:04:83:a2:aa:13:6d:
7d:12:82:83:6b:6a:2c:ab:75:4d:62:21:d1:0b:dd:87:d9:aa:
4b:c8:c9:7f:67:f5:18:ce:93:5c:69:c4:f1:bc:dc:bf:5f:08:
82:a0:41:b4:83:42:9d:5b:86:a5:12:18:24:52:60:d0:fa:35:
33:37:85:97:db:00:53:2a:92:19:0b:be:43:47:86:e2:2c:be:
9b:45:17:9f:f4:1e:0f:fe:e2:ac:8e:cd:6d:7e:35:92:81:4b:
2f:d8:91:e0:0b:a0:f1:87:05:9d:fd:72:02:82:2a:dc:2c:ac:
2b:ec:d5:f9
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZiAPQl3EWexXUdPAQ8P2HAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwODA2MTYzNTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTUwZmRhOTc4NTgzNzkzNDU1ODAyMzJmODY1OGRjMDYzYWQxMDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl69B9z9N5NRy4ilTr9vImYmqijBC
UXilEfVRaY2iG1hgt0wwXtgZtf7feeIW/uW68NVacKnUsn+9VnP4xkiCEMLORaA+
f1q8zNorGAAQYnT120pgqZRse4caZvxiO9vp/SoXyNx0pneYRc+3jkk09B7f8EKa
4zxppNTB19+bOZzQYWVX5i51yqNulfcJXz4RlwKPu4rbM92C2kpTOW7vqXsHN0pV
Pn5fW+DwddEa9LJ/JdMWYP74TJMLQ4vJZYOz19tFUjFlvv3fd1YHpKdJpmoOjwML
gZNMxRtuD0EgQAdXnuIIaCsrmU3rhQNhUjWn9m6/dql/FdWrZagbkCocMQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFP5Q/al4WDeTRVgCMvhljcBjrRBaMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvX2xEOXFYaFlONU5GV0FJeS1HV053R090RUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDHzgIAwQA
Hzh+AwQBHziOAwQCHziUAwQAHzkfAwQAHzlyAwQAHzl0AwQAHztPAwQAHzvkMA0G
CSqGSIb3DQEBCwUAA4IBAQAEnxxw/E6neAePvKGh96v1QdsqWx+FUnYE6C9yfUB3
lRIjGNTmmaN+y79zusmEk89CjT0BLYJrtgQISPaEY+39IHw4ObUUtTn4CFHfmuEJ
t1ujN4sNauCLYEtt25TM4pFjL9pfQlUjLV80M9ITs/gOkc6IoyufyC/nSNY/yKyW
3inHLCU48jGhgckEg6KqE219EoKDa2osq3VNYiHRC92H2apLyMl/Z/UYzpNcacTx
vNy/XwiCoEG0g0KdW4alEhgkUmDQ+jUzN4WX2wBTKpIZC75DR4biLL6bRRef9B4P
/uKsjs1tfjWSgUsv2JHgC6DxhwWd/XICgircLKwr7NX5
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:45:19 2025 by rpki-client