Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jnrnjP7UNSjX3Z8TMvVOxlWo4dQ.roa
File: jnrnjP7UNSjX3Z8TMvVOxlWo4dQ.roa (raw, json)
Hash identifier: Q/rUzK5Cg3VNK5Ye6mAEgUIXMQn2OyGLtzHt3Elu27s=
Subject key identifier: 8E:7A:E7:8C:FE:D4:35:28:D7:DD:9F:13:32:F5:4E:C6:55:A8:E1:D4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01972196B8F37095A73043E3C8D53897488A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jnrnjP7UNSjX3Z8TMvVOxlWo4dQ.roa
Signing time: Fri 30 May 2025 14:26:55 +0000
ROA not before: Fri 30 May 2025 14:26:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215242
IP address blocks: 31.58.211.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
217.60.251.0/24 maxlen: 24
217.60.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:21:96:b8:f3:70:95:a7:30:43:e3:c8:d5:38:97:48:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 30 14:26:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e7ae78cfed43528d7dd9f1332f54ec655a8e1d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:03:b3:65:0d:2e:f8:93:8b:81:5f:9d:1c:9a:
46:af:c2:98:4d:5b:2f:34:68:86:fb:f6:43:62:f0:
86:d1:ed:82:86:cb:3f:a9:c0:4a:33:3a:ca:8c:d1:
6a:1c:f9:fc:48:95:36:97:22:25:2b:5e:99:f3:1f:
0d:11:44:91:c6:8f:0f:4e:0d:da:0b:e9:01:42:7c:
65:4c:f0:e4:0c:1c:0e:f1:bd:a3:ea:8f:06:91:ee:
4d:95:cc:c3:a3:40:46:e0:4c:b2:70:cb:0a:76:f2:
07:ac:aa:15:cd:98:60:ab:f1:17:27:dd:32:e6:cb:
37:75:59:8d:e4:43:4a:74:4d:a2:aa:2d:30:e1:e7:
6c:6f:30:d3:c3:f7:a6:78:7c:26:30:8b:1a:98:ce:
ad:13:e9:c8:cc:5d:9b:c2:0c:82:54:a9:7a:4e:f8:
08:7e:f5:20:2d:ec:7d:56:67:81:51:22:71:d3:7b:
a6:a4:6b:11:06:31:15:16:19:b4:cf:e9:da:0d:d6:
95:c4:4b:fb:7e:0c:a7:a9:45:ca:f0:81:ee:9a:98:
0e:2f:2e:f5:a0:03:93:84:66:29:1c:dc:ea:68:5e:
61:5d:0b:8c:14:be:40:a6:f3:3e:b3:dd:c1:c8:9e:
65:d1:c5:00:17:c8:49:d0:15:6a:75:fa:89:0a:38:
c6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:7A:E7:8C:FE:D4:35:28:D7:DD:9F:13:32:F5:4E:C6:55:A8:E1:D4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jnrnjP7UNSjX3Z8TMvVOxlWo4dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.211.0/24
31.58.247.0/24
31.58.249.0-31.58.251.255
217.60.251.0/24
217.60.254.0/24
Signature Algorithm: sha256WithRSAEncryption
af:ea:3d:50:f0:6c:28:84:b3:44:04:b1:dc:ba:19:08:4a:3e:
21:f4:18:70:80:f4:6e:90:b3:1b:48:8e:3e:b5:00:2a:4c:42:
a6:99:26:17:33:a0:02:e9:10:4b:15:64:45:37:97:7b:75:82:
d4:91:3a:9e:ad:52:0b:53:d2:90:02:42:09:2d:51:ab:0e:6d:
16:83:90:e1:b9:47:50:3d:a8:da:33:c8:45:a9:ea:b4:89:8f:
78:e3:2b:8c:47:ff:ab:2b:a5:fe:7c:f1:89:f0:60:fc:93:c0:
6d:71:4e:3f:43:bb:dd:a4:b0:e1:e1:a7:5e:c3:23:b4:c1:30:
b1:c4:e9:88:29:ea:8f:fa:cb:9f:7e:1b:8b:95:48:35:0f:b5:
49:8c:05:44:f4:43:8b:3a:bc:d2:42:5f:0e:48:99:1b:fe:4f:
15:d4:03:27:fa:0e:69:56:b0:bf:77:b0:dd:de:d0:26:46:36:
a8:eb:a5:36:8a:22:7c:09:94:de:76:83:c2:7d:42:d7:08:a8:
28:cd:f3:75:33:89:8c:95:e9:7b:38:4a:e2:fe:3b:e5:53:8b:
82:ec:3c:b4:13:94:aa:34:13:68:08:fc:6a:51:c3:29:8e:51:
3a:c6:4f:d5:8b:fa:9f:96:d7:12:7c:05:d0:c4:9d:ad:7f:74:
ca:6d:6d:81
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZchlrjzcJWnMEPjyNU4l0iKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTMwMTQyNjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTdhZTc4Y2ZlZDQzNTI4ZDdkZDlmMTMzMmY1NGVjNjU1YThlMWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QOzZQ0u+JOLgV+dHJpGr8KYTVsv
NGiG+/ZDYvCG0e2Chss/qcBKMzrKjNFqHPn8SJU2lyIlK16Z8x8NEUSRxo8PTg3a
C+kBQnxlTPDkDBwO8b2j6o8Gke5NlczDo0BG4EyycMsKdvIHrKoVzZhgq/EXJ90y
5ss3dVmN5ENKdE2iqi0w4edsbzDTw/emeHwmMIsamM6tE+nIzF2bwgyCVKl6TvgI
fvUgLex9VmeBUSJx03umpGsRBjEVFhm0z+naDdaVxEv7fgynqUXK8IHumpgOLy71
oAOThGYpHNzqaF5hXQuMFL5ApvM+s93ByJ5l0cUAF8hJ0BVqdfqJCjjGNQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFI5654z+1DUo192fEzL1TsZVqOHUMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvam5ybmpQN1VOU2pYM1o4VE12Vk94bFdvNGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAHzrTAwQA
Hzr3MAwDBAAfOvkDBAIfOvgDBADZPPsDBADZPP4wDQYJKoZIhvcNAQELBQADggEB
AK/qPVDwbCiEs0QEsdy6GQhKPiH0GHCA9G6QsxtIjj61ACpMQqaZJhczoALpEEsV
ZEU3l3t1gtSROp6tUgtT0pACQgktUasObRaDkOG5R1A9qNozyEWp6rSJj3jjK4xH
/6srpf588YnwYPyTwG1xTj9Du92ksOHhp17DI7TBMLHE6Ygp6o/6y59+G4uVSDUP
tUmMBUT0Q4s6vNJCXw5ImRv+TxXUAyf6DmlWsL93sN3e0CZGNqjrpTaKInwJlN52
g8J9QtcIqCjN83UziYyV6Xs4SuL+O+VTi4LsPLQTlKo0E2gI/GpRwymOUTrGT9WL
+p+W1xJ8BdDEna1/dMptbYE=
-----END CERTIFICATE-----
Generated at Thu Jun 5 04:14:31 2025 by rpki-client