Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/kpL_fqfP_cx5JtJIfuE3rdEo0oQ.roa
File: kpL_fqfP_cx5JtJIfuE3rdEo0oQ.roa (raw, json)
Hash identifier: FnWkiKQ/83j1AvolimI29Msrhnm9eDKZXa4SvrKSWFw=
Subject key identifier: 92:92:FF:7E:A7:CF:FD:CC:79:26:D2:48:7E:E1:37:AD:D1:28:D2:84
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0199E1E3AE2F865F7CE769DEE80E90CA5C1F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/kpL_fqfP_cx5JtJIfuE3rdEo0oQ.roa
Signing time: Tue 14 Oct 2025 08:43:38 +0000
ROA not before: Tue 14 Oct 2025 08:43:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213069
IP address blocks: 31.59.168.0/24 maxlen: 24
94.183.151.0/24 maxlen: 24
217.60.15.0/24 maxlen: 24
2a14:6e40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Oct 2025 16:28:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e1:e3:ae:2f:86:5f:7c:e7:69:de:e8:0e:90:ca:5c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 14 08:43:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9292ff7ea7cffdcc7926d2487ee137add128d284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4a:01:aa:c3:24:e9:03:cf:b4:78:7e:a5:3d:
a2:e3:4e:31:93:97:a3:af:b1:de:f5:0e:d3:43:c2:
30:26:3c:02:7f:ee:4b:4a:0c:00:fa:00:3e:c7:32:
fc:39:b7:5a:cd:7b:ef:86:ec:9b:25:f9:4e:ab:b3:
47:27:1a:3d:be:95:5f:22:44:9e:45:05:c4:cf:42:
96:9c:15:44:0f:9b:e2:a3:07:9e:1a:c0:dd:a4:50:
52:be:04:ac:cc:b1:b8:d9:af:95:c0:c3:8e:68:2e:
e4:97:dc:60:b9:01:8b:c1:8c:da:ff:1a:87:2c:e2:
49:47:f2:91:e0:d3:2d:5c:e8:02:b5:5d:5b:7e:0c:
61:a6:c9:cb:8c:e9:c6:35:5e:7e:6b:0d:a4:4d:db:
03:51:0c:45:67:f5:f8:a1:e8:a9:8a:5e:ab:b0:f9:
21:18:0c:e5:45:b0:0b:2f:e3:8c:ec:2b:0f:68:62:
41:d1:f6:07:16:ee:5e:7b:6d:7d:2e:2e:6c:ac:fb:
b6:de:48:78:f8:64:a1:8f:98:dd:d1:ad:d8:6c:b3:
69:7e:59:f9:86:93:fd:7d:ed:d2:63:38:4d:96:43:
df:45:e7:9a:dd:a4:06:e6:6a:bf:8c:17:f9:a9:12:
2a:74:5a:54:69:7c:a9:c6:0b:27:37:cb:37:5a:c1:
0e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:92:FF:7E:A7:CF:FD:CC:79:26:D2:48:7E:E1:37:AD:D1:28:D2:84
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/kpL_fqfP_cx5JtJIfuE3rdEo0oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.59.168.0/24
94.183.151.0/24
217.60.15.0/24
IPv6:
2a14:6e40:1::/48
Signature Algorithm: sha256WithRSAEncryption
23:6d:13:6d:df:07:ef:19:34:53:dc:13:12:04:5d:c7:dc:35:
dc:b9:cf:32:c3:e9:c0:6f:75:fe:2a:ed:b1:34:bf:15:77:9d:
39:6f:f9:ec:8c:97:d1:21:d6:9a:b0:a5:f7:0f:f8:1c:22:4c:
7d:cc:b0:19:ca:52:cf:a4:26:c1:3f:b7:36:f8:c5:08:ef:0a:
ee:84:8e:47:08:44:6d:df:ab:e1:51:71:77:4f:1b:5e:8a:3d:
5f:d4:92:c7:f3:b1:a6:4c:28:fc:67:3b:29:de:fe:b8:ef:2e:
5d:87:f7:db:4a:72:3a:47:2a:f7:e5:a2:3a:24:0c:0b:4d:b6:
5a:e6:77:34:3b:59:6c:60:18:cc:c4:aa:31:51:28:54:aa:0b:
26:f9:21:56:c8:07:87:48:00:79:37:b3:21:8d:39:91:b3:2e:
65:da:6f:99:5c:f5:4d:52:8b:e1:66:60:fd:c5:f2:d0:fe:54:
8f:bf:0f:32:f4:a6:19:e7:05:81:97:54:b3:bb:eb:76:6e:eb:
4b:88:d8:65:4c:04:4f:60:ab:2e:4f:0c:e5:eb:11:92:d5:e3:
fc:2b:4a:26:45:ea:ed:e5:3b:77:7c:76:ff:c0:fc:74:2a:57:
0b:a8:c6:3c:73:ee:7c:91:5c:a5:c7:6f:d8:31:9b:02:e4:24:
cd:58:90:f2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZnh464vhl9852ne6A6QylwfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMDE0MDg0MzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjkyZmY3ZWE3Y2ZmZGNjNzkyNmQyNDg3ZWUxMzdhZGQxMjhkMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUoBqsMk6QPPtHh+pT2i404xk5ej
r7He9Q7TQ8IwJjwCf+5LSgwA+gA+xzL8ObdazXvvhuybJflOq7NHJxo9vpVfIkSe
RQXEz0KWnBVED5vioweeGsDdpFBSvgSszLG42a+VwMOOaC7kl9xguQGLwYza/xqH
LOJJR/KR4NMtXOgCtV1bfgxhpsnLjOnGNV5+aw2kTdsDUQxFZ/X4oeipil6rsPkh
GAzlRbALL+OM7CsPaGJB0fYHFu5ee219Li5srPu23kh4+GShj5jd0a3YbLNpfln5
hpP9fe3SYzhNlkPfReea3aQG5mq/jBf5qRIqdFpUaXypxgsnN8s3WsEOaQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJKS/36nz/3MeSbSSH7hN63RKNKEMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEva3BMX2ZxZlBfY3g1SnRKSWZ1RTNyZEVvMG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAHzuoAwQA
XreXAwQA2TwPMA8EAgACMAkDBwAqFG5AAAEwDQYJKoZIhvcNAQELBQADggEBACNt
E23fB+8ZNFPcExIEXcfcNdy5zzLD6cBvdf4q7bE0vxV3nTlv+eyMl9Eh1pqwpfcP
+BwiTH3MsBnKUs+kJsE/tzb4xQjvCu6EjkcIRG3fq+FRcXdPG16KPV/UksfzsaZM
KPxnOyne/rjvLl2H99tKcjpHKvflojokDAtNtlrmdzQ7WWxgGMzEqjFRKFSqCyb5
IVbIB4dIAHk3syGNOZGzLmXab5lc9U1Si+FmYP3F8tD+VI+/DzL0phnnBYGXVLO7
63Zu60uI2GVMBE9gqy5PDOXrEZLV4/wrSiZF6u3lO3d8dv/A/HQqVwuoxjxz7nyR
XKXHb9gxmwLkJM1YkPI=
-----END CERTIFICATE-----
Generated at Sat Oct 18 22:40:37 2025 by rpki-client