Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/aXfXqFZhw-qocSaDWYMNSteGzlY.roa
File: aXfXqFZhw-qocSaDWYMNSteGzlY.roa (raw, json)
Hash identifier: wrgDc3twWD9VSZqygSxI9B/fX33TzuaSX9u6PtrYli4=
Subject key identifier: 69:77:D7:A8:56:61:C3:EA:A8:71:26:83:59:83:0D:4A:D7:86:CE:56
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A790E185D950C2B49D52429EE40870DC2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/aXfXqFZhw-qocSaDWYMNSteGzlY.roa
Signing time: Wed 12 Nov 2025 17:12:38 +0000
ROA not before: Wed 12 Nov 2025 17:12:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 31.56.211.0/24 maxlen: 24
31.58.180.0/22 maxlen: 24
31.58.184.0/21 maxlen: 24
31.58.192.0/22 maxlen: 24
31.58.239.0/24 maxlen: 24
31.59.84.0/22 maxlen: 24
31.59.90.0/23 maxlen: 24
31.59.92.0/22 maxlen: 24
31.59.101.0/24 maxlen: 24
31.59.102.0/23 maxlen: 24
31.59.104.0/23 maxlen: 24
31.59.106.0/24 maxlen: 24
31.59.186.0/24 maxlen: 24
94.183.158.0/24 maxlen: 24
94.183.160.0/24 maxlen: 24
94.183.164.0/24 maxlen: 24
94.183.174.0/24 maxlen: 24
94.183.175.0/24 maxlen: 24
94.183.176.0/24 maxlen: 24
94.183.180.0/24 maxlen: 24
94.183.181.0/24 maxlen: 24
217.60.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Nov 2025 15:11:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:79:0e:18:5d:95:0c:2b:49:d5:24:29:ee:40:87:0d:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 12 17:12:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6977d7a85661c3eaa871268359830d4ad786ce56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7b:57:2d:d9:28:74:90:c0:c2:75:33:64:e9:
1c:68:f0:78:12:b5:76:c2:b6:59:79:e9:84:c6:b3:
47:94:fe:8c:62:7e:da:3b:cf:3f:9b:4d:08:9d:d6:
19:5b:01:3b:99:2f:2d:f8:12:aa:81:00:6e:c4:aa:
e9:b1:f2:21:9f:bc:b6:d7:5e:33:48:fe:3f:9a:d6:
3c:0e:11:9d:c8:8e:57:46:dc:b5:05:72:4d:a7:e2:
69:cd:ae:f7:e4:07:8b:fb:ca:0a:7f:3e:07:d5:c6:
13:32:3b:1b:2b:1b:95:43:67:a6:e8:9a:24:c2:99:
28:c2:c9:1c:22:d0:80:69:b4:1c:29:62:59:34:97:
3f:87:11:79:5b:82:d7:db:5e:4d:07:c9:58:4e:87:
1e:55:8e:45:79:09:6c:cf:4f:b3:b7:cc:5a:bb:e6:
b5:95:39:21:9f:b3:74:b5:55:fc:a7:93:00:f6:2d:
db:e4:b5:1e:65:55:3a:d8:42:82:14:3b:f8:97:58:
70:d4:b7:3a:c8:9c:18:33:85:b4:73:88:6b:5a:cf:
c2:c5:c8:e3:df:7b:29:6f:82:71:d0:07:06:c2:2d:
40:f9:e4:d0:99:14:21:7b:d3:ad:9a:3f:af:fa:8c:
22:d8:e3:bf:0f:00:ea:74:19:49:90:9f:df:e8:de:
fb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:77:D7:A8:56:61:C3:EA:A8:71:26:83:59:83:0D:4A:D7:86:CE:56
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/aXfXqFZhw-qocSaDWYMNSteGzlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.211.0/24
31.58.180.0-31.58.195.255
31.58.239.0/24
31.59.84.0/22
31.59.90.0-31.59.95.255
31.59.101.0-31.59.106.255
31.59.186.0/24
94.183.158.0/24
94.183.160.0/24
94.183.164.0/24
94.183.174.0-94.183.176.255
94.183.180.0/23
217.60.188.0/22
Signature Algorithm: sha256WithRSAEncryption
17:e0:43:67:95:af:a9:f7:9f:ad:f9:64:43:97:37:55:a3:c9:
15:75:0a:ed:eb:bc:fc:a7:45:cc:53:ea:f2:cb:06:c8:6b:d2:
36:f1:9e:79:3d:af:39:ef:af:28:0f:18:3a:9e:ee:5d:bd:46:
88:59:21:9b:02:06:2c:2d:dc:2c:5f:86:d0:b7:b3:e5:2b:07:
41:54:80:c7:ce:0d:6b:99:58:9d:50:79:c1:ff:fc:eb:46:6b:
c4:7a:28:db:90:63:24:68:3d:e0:19:47:d1:1c:94:50:70:13:
43:bf:f3:11:cf:a9:3c:2c:fd:d8:73:f1:d1:5f:e6:66:39:44:
48:55:46:ca:33:c8:d8:b0:6b:82:ab:fd:40:e4:ac:cd:6c:75:
30:b6:2a:b8:48:8e:87:6b:48:3d:9e:a6:c6:b1:00:b7:1f:de:
a4:73:37:53:cc:ea:9d:a0:48:1c:3f:22:1c:5c:f5:e9:c9:72:
98:75:0d:24:dc:be:95:77:e9:2f:b1:88:54:6c:e1:20:34:25:
15:bd:2d:0b:61:d1:d9:72:10:2d:2a:eb:b3:2f:67:01:59:ab:
34:2f:16:6f:82:45:5a:53:df:e6:73:4a:08:d7:4c:1a:ba:6b:
ef:65:22:0a:35:30:70:bb:35:87:63:5d:8f:18:be:99:9f:75:
11:02:d2:ef
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZp5DhhdlQwrSdUkKe5Ahw3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTEyMTcxMjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTc3ZDdhODU2NjFjM2VhYTg3MTI2ODM1OTgzMGQ0YWQ3ODZjZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXtXLdkodJDAwnUzZOkcaPB4ErV2
wrZZeemExrNHlP6MYn7aO88/m00IndYZWwE7mS8t+BKqgQBuxKrpsfIhn7y2114z
SP4/mtY8DhGdyI5XRty1BXJNp+Jpza735AeL+8oKfz4H1cYTMjsbKxuVQ2em6Jok
wpkowskcItCAabQcKWJZNJc/hxF5W4LX215NB8lYToceVY5FeQlsz0+zt8xau+a1
lTkhn7N0tVX8p5MA9i3b5LUeZVU62EKCFDv4l1hw1Lc6yJwYM4W0c4hrWs/Cxcjj
33spb4Jx0AcGwi1A+eTQmRQhe9Otmj+v+owi2OO/DwDqdBlJkJ/f6N77SwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFGl316hWYcPqqHEmg1mDDUrXhs5WMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYVhmWHFGWmh3LXFvY1NhRFdZTU5TdGVHemxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAB840zAM
AwQCHzq0AwQCHzrAAwQAHzrvAwQCHztUMAwDBAEfO1oDBAUfO0AwDAMEAB87ZQME
AB87agMEAB87ugMEAF63ngMEAF63oAMEAF63pDAMAwQBXreuAwQAXrewAwQBXre0
AwQC2Ty8MA0GCSqGSIb3DQEBCwUAA4IBAQAX4ENnla+p95+t+WRDlzdVo8kVdQrt
67z8p0XMU+ryywbIa9I28Z55Pa85768oDxg6nu5dvUaIWSGbAgYsLdwsX4bQt7Pl
KwdBVIDHzg1rmVidUHnB//zrRmvEeijbkGMkaD3gGUfRHJRQcBNDv/MRz6k8LP3Y
c/HRX+ZmOURIVUbKM8jYsGuCq/1A5KzNbHUwtiq4SI6Ha0g9nqbGsQC3H96kczdT
zOqdoEgcPyIcXPXpyXKYdQ0k3L6Vd+kvsYhUbOEgNCUVvS0LYdHZchAtKuuzL2cB
Was0LxZvgkVaU9/mc0oI10waumvvZSIKNTBwuzWHY12PGL6Zn3URAtLv
-----END CERTIFICATE-----
Generated at Thu Nov 13 20:52:53 2025 by rpki-client