Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ffpuiepiTicLD3KWkYYMjzYA57c.roa
File: ffpuiepiTicLD3KWkYYMjzYA57c.roa (raw, json)
Hash identifier: 2vxFTthmTAW3RfExyzO+FWqJGObZBrIvv7ZIibx0zY0=
Subject key identifier: 7D:FA:6E:89:EA:62:4E:27:0B:0F:72:96:91:86:0C:8F:36:00:E7:B7
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0199139E22A4168E19611DB84BA112D8D7B3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ffpuiepiTicLD3KWkYYMjzYA57c.roa
Signing time: Thu 04 Sep 2025 07:25:54 +0000
ROA not before: Thu 04 Sep 2025 07:25:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 31.56.88.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.176.0/24 maxlen: 24
31.57.194.0/24 maxlen: 24
31.58.59.0/24 maxlen: 24
31.58.71.0/24 maxlen: 24
31.58.146.0/24 maxlen: 24
31.59.14.0/24 maxlen: 24
31.59.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 15 Sep 2025 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:13:9e:22:a4:16:8e:19:61:1d:b8:4b:a1:12:d8:d7:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 4 07:25:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7dfa6e89ea624e270b0f729691860c8f3600e7b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:26:62:5e:ea:59:44:4b:22:a3:0a:f5:dc:d1:
cb:cc:4b:7d:f1:bd:ba:1a:62:73:6d:92:0e:21:e6:
d1:09:97:89:91:16:78:82:7c:47:96:e0:c0:7a:5b:
47:41:84:c9:5f:4d:a7:11:3a:f2:80:be:53:ad:04:
1c:ef:70:39:72:90:6a:6e:96:2a:ad:30:c5:75:4e:
ef:dd:20:25:05:fd:8c:46:7d:97:7e:f6:57:8f:15:
43:58:c5:d0:69:d8:b7:58:9b:fc:8b:67:7e:5d:03:
40:a8:1b:3a:06:37:55:92:b4:dd:47:5c:d9:33:9f:
91:24:2f:27:80:9d:bd:ad:79:e7:8b:b9:2d:76:27:
b4:ec:d5:78:1c:94:0d:c2:19:c5:b3:0a:29:56:cd:
50:fd:2b:9c:6f:cd:46:75:19:c8:e3:d3:fe:3f:dc:
85:21:b3:d8:ab:1f:45:7b:5b:32:3f:28:f4:a1:ef:
3a:5c:22:47:8b:08:72:d8:3a:1e:73:44:14:be:3f:
06:1f:58:70:0a:41:d0:60:f5:db:bc:52:d4:3d:49:
83:07:50:ea:24:66:4a:4f:fd:ea:28:96:b6:92:3d:
c8:80:95:f3:48:a7:36:12:45:be:ac:a2:5a:d6:54:
05:6a:49:f0:7d:e8:1d:ee:d1:f2:7c:7f:32:ba:47:
9c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:FA:6E:89:EA:62:4E:27:0B:0F:72:96:91:86:0C:8F:36:00:E7:B7
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ffpuiepiTicLD3KWkYYMjzYA57c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.88.0/24
31.57.131.0/24
31.57.150.0/24
31.57.176.0/24
31.57.194.0/24
31.58.59.0/24
31.58.71.0/24
31.58.146.0/24
31.59.14.0/24
31.59.30.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:50:f8:ec:00:7d:0d:71:b5:5b:45:72:06:18:42:2c:65:8c:
d9:2f:91:5f:72:e2:8b:0b:c8:5c:81:0e:d8:68:e9:ca:5f:7e:
84:21:80:f9:91:e1:de:87:c9:94:74:48:66:bd:34:d0:a0:0b:
05:c0:48:82:9a:04:49:00:6a:30:cd:cc:b8:4e:82:62:5d:f1:
f6:cb:50:52:af:54:32:b9:14:8d:eb:06:af:b1:38:81:d6:2c:
ae:91:10:25:13:f9:0c:7a:c3:89:f4:2b:95:31:3a:0a:1f:fb:
d7:14:1d:28:55:ca:3f:6b:23:e8:1e:58:6e:c8:a0:bb:c0:02:
fe:96:6b:8e:68:da:13:36:b8:e4:da:a7:b7:ac:40:e8:65:45:
ce:37:8b:7e:4a:dd:69:be:98:b0:d4:cf:9b:17:93:96:a7:20:
15:6c:21:77:44:e5:3e:b6:8d:96:77:a1:52:5d:92:1b:5b:9a:
6b:7f:08:cd:28:f6:3f:9d:66:51:55:9b:a2:1f:b0:49:9c:16:
f6:d3:5b:3c:c8:eb:7c:01:4c:c7:00:ae:0e:a2:68:13:bb:29:
66:a9:47:3b:5a:0f:a9:41:05:c8:08:70:7e:93:c1:d8:76:91:
ff:e2:9d:df:10:b4:38:82:00:70:46:8d:3a:4f:26:dd:c1:a9:
ae:36:a9:5b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZkTniKkFo4ZYR24S6ES2NezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwOTA0MDcyNTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGZhNmU4OWVhNjI0ZTI3MGIwZjcyOTY5MTg2MGM4ZjM2MDBlN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSZiXupZREsiowr13NHLzEt98b26
GmJzbZIOIebRCZeJkRZ4gnxHluDAeltHQYTJX02nETrygL5TrQQc73A5cpBqbpYq
rTDFdU7v3SAlBf2MRn2XfvZXjxVDWMXQadi3WJv8i2d+XQNAqBs6BjdVkrTdR1zZ
M5+RJC8ngJ29rXnni7ktdie07NV4HJQNwhnFswopVs1Q/Sucb81GdRnI49P+P9yF
IbPYqx9Fe1syPyj0oe86XCJHiwhy2Doec0QUvj8GH1hwCkHQYPXbvFLUPUmDB1Dq
JGZKT/3qKJa2kj3IgJXzSKc2EkW+rKJa1lQFaknwfegd7tHyfH8yukecRwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFH36bonqYk4nCw9ylpGGDI82AOe3MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZmZwdWllcGlUaWNMRDNLV2tZWU1qellBNTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAHzhYAwQA
HzmDAwQAHzmWAwQAHzmwAwQAHznCAwQAHzo7AwQAHzpHAwQAHzqSAwQAHzsOAwQA
HzseMA0GCSqGSIb3DQEBCwUAA4IBAQCwUPjsAH0NcbVbRXIGGEIsZYzZL5FfcuKL
C8hcgQ7YaOnKX36EIYD5keHeh8mUdEhmvTTQoAsFwEiCmgRJAGowzcy4ToJiXfH2
y1BSr1QyuRSN6wavsTiB1iyukRAlE/kMesOJ9CuVMToKH/vXFB0oVco/ayPoHlhu
yKC7wAL+lmuOaNoTNrjk2qe3rEDoZUXON4t+St1pvpiw1M+bF5OWpyAVbCF3ROU+
to2Wd6FSXZIbW5prfwjNKPY/nWZRVZuiH7BJnBb201s8yOt8AUzHAK4OomgTuylm
qUc7Wg+pQQXICHB+k8HYdpH/4p3fELQ4ggBwRo06TybdwamuNqlb
-----END CERTIFICATE-----
Generated at Sun Sep 14 09:51:12 2025 by rpki-client