Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jqlKzimtaRk05cRyZA5jqnAV-2c.roa
File: jqlKzimtaRk05cRyZA5jqnAV-2c.roa (raw, json)
Hash identifier: Zh/aLa6A37X7tmYA6J65Q6OkQ3M8dKpadFd2pK9Dj1c=
Subject key identifier: 8E:A9:4A:CE:29:AD:69:19:34:E5:C4:72:64:0E:63:AA:70:15:FB:67
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0197405D300C37A218BABE4A76E6B8FC891B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jqlKzimtaRk05cRyZA5jqnAV-2c.roa
Signing time: Thu 05 Jun 2025 13:52:18 +0000
ROA not before: Thu 05 Jun 2025 13:52:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215242
IP address blocks: 31.58.211.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
217.60.251.0/24 maxlen: 24
217.60.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:5d:30:0c:37:a2:18:ba:be:4a:76:e6:b8:fc:89:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 5 13:52:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ea94ace29ad691934e5c472640e63aa7015fb67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6c:dc:11:81:40:38:4f:d0:fe:82:55:21:86:
dd:86:20:04:a5:6b:d9:bf:55:11:4e:5c:a7:59:cc:
d8:53:7e:3b:cf:50:d3:28:85:e7:90:b0:fd:66:c6:
f1:08:45:d9:f3:dd:dd:eb:cc:53:ad:ff:c3:c6:6a:
e0:0a:0a:f3:09:1d:e7:5e:6b:34:cf:3a:49:08:5d:
30:66:93:01:35:29:7f:38:a4:e6:88:d1:09:8f:40:
d1:10:ec:31:cc:77:5d:79:11:11:7b:81:7e:98:71:
60:fa:df:21:b5:ce:48:d3:47:91:54:a3:58:ad:29:
9e:47:a9:55:04:88:64:c6:11:54:36:ca:1b:8c:24:
49:c4:84:82:46:74:bc:b7:02:7a:55:57:e5:e1:bf:
33:ed:e2:d9:8b:32:8d:49:fd:fb:c2:ac:a8:8e:86:
92:46:99:70:1b:c8:3a:ab:a7:8a:3b:85:14:7d:49:
6e:cb:69:1b:ad:b5:f3:77:2b:a7:38:16:fe:cf:9b:
f6:d2:73:83:3a:21:35:89:93:4d:19:71:46:54:3e:
c0:4c:24:89:42:d2:82:4f:81:94:0a:e4:a0:8e:cc:
85:a5:af:df:55:ee:35:14:6a:b8:72:84:02:0b:68:
5d:ef:55:de:f3:00:5e:36:2f:c8:77:8c:99:d3:2e:
f9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A9:4A:CE:29:AD:69:19:34:E5:C4:72:64:0E:63:AA:70:15:FB:67
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jqlKzimtaRk05cRyZA5jqnAV-2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.211.0/24
31.58.236.0/24
31.58.247.0/24
31.58.249.0-31.58.251.255
217.60.251.0/24
217.60.254.0/24
Signature Algorithm: sha256WithRSAEncryption
20:29:84:6f:46:c0:a5:76:70:1b:9d:72:e4:cd:eb:2c:ec:02:
95:6b:d3:4c:dc:17:21:3d:45:77:07:1b:e1:49:89:01:7f:9e:
77:a4:89:49:6e:fa:cf:17:99:02:33:41:ec:d8:67:04:f1:24:
c8:e7:da:4e:b4:8a:dc:87:7b:6b:63:a1:6c:8f:a8:4e:49:ab:
f4:eb:3a:1f:c7:1a:04:25:5b:d1:3b:ff:bb:17:86:63:67:2a:
2d:e8:42:5a:f4:58:96:e5:9c:5b:b1:3b:19:3d:48:8f:55:ff:
42:91:3a:4c:87:03:bb:64:02:a0:69:ca:18:73:ad:d3:8d:5a:
38:dd:08:1b:16:f3:0e:39:74:f1:c0:cc:78:00:e0:02:e9:0b:
79:9a:20:c2:60:62:49:8d:52:2f:bb:1d:97:29:98:c9:9e:40:
75:c7:2e:71:ce:34:dd:38:b8:62:6d:41:eb:16:63:90:fe:d7:
59:51:66:4f:ce:b6:ab:ac:bc:98:82:80:96:8f:41:84:fc:be:
34:df:0c:1e:fe:85:f8:ef:1a:7c:94:f1:19:4d:bf:23:49:97:
66:21:96:04:b8:64:63:82:a6:d2:09:57:37:93:45:82:51:95:
6d:dc:ef:27:7f:96:54:d5:13:a7:58:ad:87:64:21:4c:5e:ca:
4d:f5:b1:93
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZdAXTAMN6IYur5Kdua4/IkbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjA1MTM1MjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWE5NGFjZTI5YWQ2OTE5MzRlNWM0NzI2NDBlNjNhYTcwMTVmYjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WzcEYFAOE/Q/oJVIYbdhiAEpWvZ
v1URTlynWczYU347z1DTKIXnkLD9ZsbxCEXZ893d68xTrf/DxmrgCgrzCR3nXms0
zzpJCF0wZpMBNSl/OKTmiNEJj0DREOwxzHddeRERe4F+mHFg+t8htc5I00eRVKNY
rSmeR6lVBIhkxhFUNsobjCRJxISCRnS8twJ6VVfl4b8z7eLZizKNSf37wqyojoaS
RplwG8g6q6eKO4UUfUluy2kbrbXzdyunOBb+z5v20nODOiE1iZNNGXFGVD7ATCSJ
QtKCT4GUCuSgjsyFpa/fVe41FGq4coQCC2hd71Xe8wBeNi/Id4yZ0y755QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFI6pSs4prWkZNOXEcmQOY6pwFftnMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvanFsS3ppbXRhUmswNWNSeVpBNWpxbkFWLTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAHzrTAwQA
HzrsAwQAHzr3MAwDBAAfOvkDBAIfOvgDBADZPPsDBADZPP4wDQYJKoZIhvcNAQEL
BQADggEBACAphG9GwKV2cBudcuTN6yzsApVr00zcFyE9RXcHG+FJiQF/nnekiUlu
+s8XmQIzQezYZwTxJMjn2k60ityHe2tjoWyPqE5Jq/TrOh/HGgQlW9E7/7sXhmNn
Ki3oQlr0WJblnFuxOxk9SI9V/0KROkyHA7tkAqBpyhhzrdONWjjdCBsW8w45dPHA
zHgA4ALpC3maIMJgYkmNUi+7HZcpmMmeQHXHLnHONN04uGJtQesWY5D+11lRZk/O
tqusvJiCgJaPQYT8vjTfDB7+hfjvGnyU8RlNvyNJl2YhlgS4ZGOCptIJVzeTRYJR
lW3c7yd/llTVE6dYrYdkIUxeyk31sZM=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:15:37 2025 by rpki-client