Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/epnmPE8V6VmE7emdD0MHEYhVJCQ.roa
File: epnmPE8V6VmE7emdD0MHEYhVJCQ.roa (raw, json)
Hash identifier: oDqdhkNVLLsNGBTdvpHe9trZ4Nl8OVD1Dm8NUAcd/00=
Subject key identifier: 7A:99:E6:3C:4F:15:E9:59:84:ED:E9:9D:0F:43:07:11:88:55:24:24
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0197CF027070F90B6EFAA5366FC15DF59432
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/epnmPE8V6VmE7emdD0MHEYhVJCQ.roa
Signing time: Thu 03 Jul 2025 06:38:52 +0000
ROA not before: Thu 03 Jul 2025 06:38:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 31.56.88.0/24 maxlen: 24
31.56.236.0/24 maxlen: 24
31.57.11.0/24 maxlen: 24
31.57.57.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.176.0/24 maxlen: 24
31.57.183.0/24 maxlen: 24
31.57.194.0/24 maxlen: 24
31.58.59.0/24 maxlen: 24
31.58.71.0/24 maxlen: 24
31.58.146.0/24 maxlen: 24
31.59.14.0/24 maxlen: 24
31.59.30.0/24 maxlen: 24
31.59.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 16:32:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cf:02:70:70:f9:0b:6e:fa:a5:36:6f:c1:5d:f5:94:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 3 06:38:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a99e63c4f15e95984ede99d0f43071188552424
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a6:4f:2d:7e:8d:1f:5a:58:ad:fe:6f:06:b5:
b3:a1:75:d4:bd:a5:63:22:92:cb:4c:61:1d:e1:fe:
6a:32:12:40:e3:4f:55:9b:4f:12:b9:90:ee:14:53:
54:09:e2:e2:4f:30:3b:65:19:77:b5:d4:ac:2c:d4:
fd:62:ea:44:ed:89:06:31:b6:94:cc:e5:eb:d8:6e:
28:34:95:4e:af:a6:21:c2:5a:da:25:c5:80:d8:4c:
4f:7f:dd:67:7e:bd:63:95:20:25:4e:7e:ce:49:d6:
1e:95:fe:68:4d:51:bf:5e:dd:3e:13:34:10:2c:47:
51:90:7d:fd:32:f9:a9:d5:2a:c4:ff:88:f4:9e:8a:
c5:7c:88:9a:11:71:b0:94:86:c7:60:7c:d8:60:99:
49:60:7c:30:23:77:7e:e7:ae:58:6a:66:7e:69:d0:
cf:2b:34:a1:76:d5:14:7a:b7:d2:57:62:37:23:33:
a3:9c:f2:98:3e:38:6d:1d:29:40:56:fb:56:0a:50:
7f:49:77:6f:db:be:76:77:b8:10:0e:43:05:0e:ed:
49:36:c8:93:2a:7e:55:92:50:fe:a1:57:18:64:9f:
d1:bc:51:cc:0c:39:69:74:61:31:58:72:da:ad:a4:
04:37:b8:10:dc:3d:95:f1:fd:d0:36:5b:60:f6:d6:
3e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:99:E6:3C:4F:15:E9:59:84:ED:E9:9D:0F:43:07:11:88:55:24:24
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/epnmPE8V6VmE7emdD0MHEYhVJCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.88.0/24
31.56.236.0/24
31.57.11.0/24
31.57.57.0/24
31.57.131.0/24
31.57.150.0/24
31.57.176.0/24
31.57.183.0/24
31.57.194.0/24
31.58.59.0/24
31.58.71.0/24
31.58.146.0/24
31.59.14.0/24
31.59.30.0/24
31.59.215.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:99:27:16:ec:15:29:ac:2e:6e:38:0e:ec:1d:39:d3:7a:b5:
b7:73:1c:1e:9d:08:0a:9c:f7:f2:f2:64:51:a3:be:a7:39:8f:
4b:48:19:0b:c3:03:7e:17:85:28:b6:6f:93:65:28:38:e9:13:
f3:fd:2b:f8:ba:c1:94:8f:1a:b1:9a:e3:fe:13:52:05:a8:65:
ad:9e:04:68:d7:52:a2:68:f2:fc:a1:c7:3c:c2:c1:7c:4b:cc:
89:73:bf:60:83:e1:80:f9:59:7f:d3:9a:fb:42:89:d0:3e:62:
12:fd:df:cb:97:11:65:3e:8e:4e:08:f7:28:e1:8c:37:de:57:
21:17:13:aa:f0:b4:44:12:b9:a5:1b:e3:e2:32:e0:9d:23:3c:
72:88:23:d6:fd:c0:32:15:8d:68:66:dc:c2:81:aa:c8:4d:90:
d7:27:04:c7:db:44:59:59:c0:d9:4d:f2:bc:00:36:10:7b:ff:
ba:11:5e:a0:65:57:c7:dc:95:5e:28:d3:84:87:0c:d6:de:8a:
07:dc:86:5e:fe:d4:a4:4d:75:0c:fa:0e:20:61:29:19:0c:36:
a7:5a:33:4c:21:b3:12:7c:31:81:f1:ef:62:65:5e:7d:00:c1:
6d:eb:c0:57:dd:c1:58:a2:c8:06:a2:72:63:22:30:ed:4a:8b:
09:c3:1b:ed
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZfPAnBw+Qtu+qU2b8Fd9ZQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzAzMDYzODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTk5ZTYzYzRmMTVlOTU5ODRlZGU5OWQwZjQzMDcxMTg4NTUyNDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16ZPLX6NH1pYrf5vBrWzoXXUvaVj
IpLLTGEd4f5qMhJA409Vm08SuZDuFFNUCeLiTzA7ZRl3tdSsLNT9YupE7YkGMbaU
zOXr2G4oNJVOr6YhwlraJcWA2ExPf91nfr1jlSAlTn7OSdYelf5oTVG/Xt0+EzQQ
LEdRkH39Mvmp1SrE/4j0norFfIiaEXGwlIbHYHzYYJlJYHwwI3d+565YamZ+adDP
KzShdtUUerfSV2I3IzOjnPKYPjhtHSlAVvtWClB/SXdv2752d7gQDkMFDu1JNsiT
Kn5VklD+oVcYZJ/RvFHMDDlpdGExWHLaraQEN7gQ3D2V8f3QNltg9tY+xwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFHqZ5jxPFelZhO3pnQ9DBxGIVSQkMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZXBubVBFOFY2Vm1FN2VtZEQwTUhFWWhWSkNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAHzhYAwQA
HzjsAwQAHzkLAwQAHzk5AwQAHzmDAwQAHzmWAwQAHzmwAwQAHzm3AwQAHznCAwQA
Hzo7AwQAHzpHAwQAHzqSAwQAHzsOAwQAHzseAwQAHzvXMA0GCSqGSIb3DQEBCwUA
A4IBAQClmScW7BUprC5uOA7sHTnTerW3cxwenQgKnPfy8mRRo76nOY9LSBkLwwN+
F4Uotm+TZSg46RPz/Sv4usGUjxqxmuP+E1IFqGWtngRo11KiaPL8occ8wsF8S8yJ
c79gg+GA+Vl/05r7QonQPmIS/d/LlxFlPo5OCPco4Yw33lchFxOq8LREErmlG+Pi
MuCdIzxyiCPW/cAyFY1oZtzCgarITZDXJwTH20RZWcDZTfK8ADYQe/+6EV6gZVfH
3JVeKNOEhwzW3ooH3IZe/tSkTXUM+g4gYSkZDDanWjNMIbMSfDGB8e9iZV59AMFt
68BX3cFYosgGonJjIjDtSosJwxvt
-----END CERTIFICATE-----
Generated at Fri Jul 4 19:34:27 2025 by rpki-client