Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/f_rzHnv4jhSKL3SWSoVBkZDEq58.roa
File: f_rzHnv4jhSKL3SWSoVBkZDEq58.roa (raw, json)
Hash identifier: gg4YpA6RphSGr733GsTQM1tGAZIcgdB88tgqYhDfcOI=
Subject key identifier: 7F:FA:F3:1E:7B:F8:8E:14:8A:2F:74:96:4A:85:41:91:90:C4:AB:9F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A83412E539FC9B5B805F596C31E34988E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/f_rzHnv4jhSKL3SWSoVBkZDEq58.roa
Signing time: Fri 14 Nov 2025 16:44:38 +0000
ROA not before: Fri 14 Nov 2025 16:44:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 31.56.82.0/23 maxlen: 23
31.56.98.0/23 maxlen: 23
31.56.100.0/23 maxlen: 23
31.56.100.0/24 maxlen: 24
31.59.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Nov 2025 15:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:83:41:2e:53:9f:c9:b5:b8:05:f5:96:c3:1e:34:98:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 14 16:44:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7ffaf31e7bf88e148a2f74964a85419190c4ab9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:eb:56:58:f9:b9:27:d1:07:98:cb:fb:31:8f:
b3:58:8f:3a:52:cb:1b:63:c0:b0:20:99:b5:4f:d0:
70:27:a6:f3:7c:bc:f3:2b:2e:34:35:39:cb:b5:7f:
88:6a:6a:30:0f:b3:98:d3:1f:f1:c1:e6:ac:a3:b8:
2d:51:e6:d6:b3:4f:c1:0d:5b:a9:96:17:45:34:b3:
db:df:4f:e9:b4:a8:df:4b:85:50:ee:28:94:61:42:
ce:ae:0f:10:db:19:64:7c:f4:b6:61:1d:0f:d6:30:
c0:78:94:f3:e7:42:93:62:30:00:1f:f7:e8:e1:70:
bc:07:c3:d0:d5:f1:97:ab:26:72:4c:4a:dd:c3:a6:
ec:48:89:29:9e:79:12:dd:18:53:bb:40:0a:d6:f5:
5e:ad:3d:17:2d:b2:fb:4b:85:56:37:15:32:de:ea:
cc:47:db:5a:3c:3e:c4:bd:bc:6e:71:ca:12:be:1f:
34:43:1b:0c:cf:0a:64:62:d6:0b:5c:f4:72:9f:d1:
33:3e:85:39:22:74:a5:af:92:a6:1c:3a:51:b5:35:
a7:c1:f5:b2:7f:18:df:cb:6b:94:7d:c0:fe:18:21:
89:bf:1d:10:93:4f:84:19:a8:e2:36:36:c4:1e:3b:
52:18:4c:f6:5a:3c:b0:64:72:0f:78:24:d1:89:fc:
d5:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:FA:F3:1E:7B:F8:8E:14:8A:2F:74:96:4A:85:41:91:90:C4:AB:9F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/f_rzHnv4jhSKL3SWSoVBkZDEq58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.82.0/23
31.56.98.0-31.56.101.255
31.59.173.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:12:99:4c:71:ce:6f:1c:0e:7c:d7:76:4b:19:05:d8:f2:44:
0f:17:37:a4:51:f3:c6:4c:56:4b:54:1e:ce:d9:5a:70:17:fb:
62:b9:52:b6:a8:97:82:8a:0f:7b:95:53:99:a4:c1:00:15:6d:
83:9c:35:00:8e:1a:d1:7d:6c:dd:16:f5:d7:0f:23:96:99:b7:
3e:33:b2:ae:f2:75:f0:bd:8c:37:b8:9e:12:48:69:c2:6b:58:
84:31:3b:0a:65:48:ce:d8:e9:d2:13:2e:a9:14:e0:16:d6:25:
3d:3e:4b:b1:70:e7:d7:b1:83:a2:29:b8:87:bc:52:cd:6e:56:
92:3f:30:22:50:2b:5a:31:ec:2d:a4:37:c5:39:29:f6:25:3b:
ee:a0:d2:36:83:f9:c2:71:8a:e6:42:f6:51:dd:ae:c1:0d:74:
77:af:65:77:35:db:40:c8:bc:e3:90:19:3b:fb:42:a0:e5:01:
d7:a2:02:f2:fd:f5:1d:40:23:90:a3:44:2e:46:7d:50:cb:e6:
10:e3:40:71:03:13:e7:48:5c:5b:14:ad:05:0e:f2:5e:8f:78:
34:e7:1b:d8:d7:54:08:c8:b2:7e:96:85:fb:0c:64:54:f0:e7:
b6:21:9e:1e:ea:9f:89:bb:17:47:76:a1:37:cf:78:dc:ed:53:
f3:7f:b3:39
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZqDQS5Tn8m1uAX1lsMeNJiOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTE0MTY0NDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmZhZjMxZTdiZjg4ZTE0OGEyZjc0OTY0YTg1NDE5MTkwYzRhYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmutWWPm5J9EHmMv7MY+zWI86Ussb
Y8CwIJm1T9BwJ6bzfLzzKy40NTnLtX+IamowD7OY0x/xweaso7gtUebWs0/BDVup
lhdFNLPb30/ptKjfS4VQ7iiUYULOrg8Q2xlkfPS2YR0P1jDAeJTz50KTYjAAH/fo
4XC8B8PQ1fGXqyZyTErdw6bsSIkpnnkS3RhTu0AK1vVerT0XLbL7S4VWNxUy3urM
R9taPD7EvbxuccoSvh80QxsMzwpkYtYLXPRyn9EzPoU5InSlr5KmHDpRtTWnwfWy
fxjfy2uUfcD+GCGJvx0Qk0+EGajiNjbEHjtSGEz2WjywZHIPeCTRifzVRQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFH/68x57+I4Uii90lkqFQZGQxKufMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZl9yekhudjRqaFNLTDNTV1NvVkJrWkRFcTU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBHzhSMAwD
BAEfOGIDBAEfOGQDBAAfO60wDQYJKoZIhvcNAQELBQADggEBADsSmUxxzm8cDnzX
dksZBdjyRA8XN6RR88ZMVktUHs7ZWnAX+2K5Uraol4KKD3uVU5mkwQAVbYOcNQCO
GtF9bN0W9dcPI5aZtz4zsq7ydfC9jDe4nhJIacJrWIQxOwplSM7Y6dITLqkU4BbW
JT0+S7Fw59exg6IpuIe8Us1uVpI/MCJQK1ox7C2kN8U5KfYlO+6g0jaD+cJxiuZC
9lHdrsENdHevZXc120DIvOOQGTv7QqDlAdeiAvL99R1AI5CjRC5GfVDL5hDjQHED
E+dIXFsUrQUO8l6PeDTnG9jXVAjIsn6WhfsMZFTw57Yhnh7qn4m7F0d2oTfPeNzt
U/N/szk=
-----END CERTIFICATE-----
Generated at Mon Nov 17 00:44:03 2025 by rpki-client