Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pQndaAeziOR9oa5wcsU3b_ONkiI.roa
File: pQndaAeziOR9oa5wcsU3b_ONkiI.roa (raw, json)
Hash identifier: e4GMTnKmcfcCjFiec65rwbnYiHn7RKQ7BYEsRRisb3E=
Subject key identifier: A5:09:DD:68:07:B3:88:E4:7D:A1:AE:70:72:C5:37:6F:F3:8D:92:22
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01995672034825BF5551A79128726598C232
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pQndaAeziOR9oa5wcsU3b_ONkiI.roa
Signing time: Wed 17 Sep 2025 06:52:16 +0000
ROA not before: Wed 17 Sep 2025 06:52:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.28.0/22 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.67.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.180.0/22 maxlen: 24
31.56.180.0/23 maxlen: 23
31.56.188.0/22 maxlen: 24
31.56.190.0/23 maxlen: 23
31.56.192.0/22 maxlen: 22
31.56.192.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.56.208.0/22 maxlen: 24
31.56.212.0/22 maxlen: 24
31.56.220.0/23 maxlen: 23
31.56.220.0/24 maxlen: 24
31.56.224.0/23 maxlen: 23
31.56.228.0/22 maxlen: 24
31.56.230.0/23 maxlen: 23
31.56.236.0/22 maxlen: 24
31.56.236.0/23 maxlen: 23
31.57.12.0/23 maxlen: 24
31.57.14.0/23 maxlen: 24
31.57.24.0/22 maxlen: 24
31.57.28.0/22 maxlen: 24
31.57.32.0/24 maxlen: 24
31.57.36.0/23 maxlen: 24
31.57.38.0/23 maxlen: 23
31.57.52.0/22 maxlen: 24
31.57.56.0/22 maxlen: 24
31.57.60.0/22 maxlen: 24
31.57.94.0/23 maxlen: 23
31.57.119.0/24 maxlen: 24
31.57.120.0/22 maxlen: 24
31.57.120.0/23 maxlen: 23
31.57.124.0/22 maxlen: 24
31.57.126.0/23 maxlen: 23
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.168.0/22 maxlen: 24
31.57.176.0/21 maxlen: 21
31.57.184.0/22 maxlen: 24
31.57.186.0/23 maxlen: 23
31.57.186.0/24 maxlen: 24
31.57.187.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.216.0/24 maxlen: 24
31.57.217.0/24 maxlen: 24
31.57.224.0/22 maxlen: 22
31.57.232.0/22 maxlen: 24
31.57.250.0/24 maxlen: 24
31.57.251.0/24 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.64.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.172.0/22 maxlen: 24
31.58.220.0/22 maxlen: 22
31.58.224.0/22 maxlen: 24
31.59.71.0/24 maxlen: 24
31.59.76.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.224.0/22 maxlen: 22
31.59.232.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 19:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:56:72:03:48:25:bf:55:51:a7:91:28:72:65:98:c2:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 17 06:52:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a509dd6807b388e47da1ae7072c5376ff38d9222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:34:0a:d1:7b:2c:ae:80:ee:58:14:f3:22:97:
b5:00:b4:6c:7c:c0:9a:57:3f:36:85:64:47:94:a9:
e9:20:e6:95:2b:cb:b6:ab:d4:40:07:49:bf:34:82:
6e:37:4c:6a:56:3d:09:b6:8c:e9:89:53:0f:32:5c:
b7:4e:ec:3c:5b:10:eb:28:48:c3:09:da:8e:70:03:
31:12:48:6a:16:9b:5c:b0:89:04:bd:a6:b3:47:0d:
46:c0:86:ba:2d:44:04:be:af:52:38:ad:06:00:fe:
5d:ae:57:35:59:46:d9:a0:27:35:09:cf:aa:29:e6:
11:96:92:8a:77:06:00:48:53:1c:de:e0:40:79:49:
a0:ab:f6:b7:71:6a:38:58:f1:00:0e:16:19:ed:26:
9c:7f:96:44:ea:1b:7e:68:53:68:db:90:55:b0:dc:
fd:95:71:31:8e:2e:e8:d2:46:9d:fb:1a:e5:46:a4:
47:5b:ea:79:d6:8c:0f:38:1d:fe:88:18:9b:0d:9b:
4b:b1:66:3e:9a:60:4f:6c:87:72:15:43:48:ec:f2:
8b:5c:96:7f:69:79:e7:c7:c8:1c:ab:76:3d:8d:ed:
12:6d:98:2f:04:9a:24:44:76:5c:41:5d:f5:c0:cf:
75:96:a5:99:ba:49:a0:56:de:28:1e:2b:dd:e3:ff:
46:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:09:DD:68:07:B3:88:E4:7D:A1:AE:70:72:C5:37:6F:F3:8D:92:22
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/pQndaAeziOR9oa5wcsU3b_ONkiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.28.0/22
31.56.57.0/24
31.56.67.0/24
31.56.71.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.180.0/22
31.56.188.0-31.56.195.255
31.56.200.0/22
31.56.208.0/21
31.56.220.0/23
31.56.224.0/23
31.56.228.0/22
31.56.236.0/22
31.57.12.0/22
31.57.24.0-31.57.32.255
31.57.36.0/22
31.57.52.0-31.57.63.255
31.57.94.0/23
31.57.119.0-31.57.127.255
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.168.0/22
31.57.176.0-31.57.187.255
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.250.0-31.57.255.255
31.58.34.0/23
31.58.50.0/23
31.58.64.0/23
31.58.68.0/22
31.58.84.0/22
31.58.152.0/22
31.58.172.0/22
31.58.220.0-31.58.227.255
31.59.71.0/24
31.59.76.0/22
31.59.96.0/22
31.59.112.0/22
31.59.136.0-31.59.151.255
31.59.160.0/21
31.59.224.0/22
31.59.232.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:48:d0:17:a5:f5:de:df:6a:6d:56:dd:59:7c:12:aa:cf:d7:
03:3f:43:58:60:29:40:94:9d:4d:62:24:f6:15:15:12:06:45:
e0:1b:d3:07:4e:10:85:90:8b:3d:87:40:b2:a4:e3:35:32:0e:
53:92:be:7b:87:a9:4a:5c:41:c2:a3:2a:e2:cd:aa:76:4a:9e:
f6:01:d4:2c:a9:34:6c:20:a7:c0:00:72:9f:c2:56:7f:c6:55:
f5:01:f0:1f:76:8b:54:70:2a:a9:92:42:39:0b:35:f2:38:56:
47:6d:e3:23:0f:43:ee:e6:38:f4:a7:3d:cd:cf:98:13:49:7c:
cf:31:da:57:b5:be:32:5c:0c:86:f3:b1:ae:78:d7:e1:87:2d:
39:99:28:87:28:37:f7:20:13:97:b6:52:97:5c:ed:e4:42:5b:
04:d8:2e:e7:47:a9:61:f6:a2:25:28:d6:a3:06:ed:71:10:9e:
60:8d:5a:cc:36:91:eb:41:3a:9a:5c:5a:ff:bc:76:bd:ba:e9:
56:f9:f8:71:60:8a:a1:94:5c:a3:c0:89:56:93:ee:a8:9a:5e:
73:c0:81:f1:7f:51:6d:7c:38:53:6d:12:4f:58:46:00:5d:4b:
0b:da:98:b9:78:e3:77:98:d5:01:0f:0f:f5:0a:89:4c:fd:5a:
5a:b6:69:2b
-----BEGIN CERTIFICATE-----
MIIGdjCCBV6gAwIBAgISAZlWcgNIJb9VUaeRKHJlmMIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwOTE3MDY1MjE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTA5ZGQ2ODA3YjM4OGU0N2RhMWFlNzA3MmM1Mzc2ZmYzOGQ5MjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzQK0XssroDuWBTzIpe1ALRsfMCa
Vz82hWRHlKnpIOaVK8u2q9RAB0m/NIJuN0xqVj0JtozpiVMPMly3Tuw8WxDrKEjD
CdqOcAMxEkhqFptcsIkEvaazRw1GwIa6LUQEvq9SOK0GAP5drlc1WUbZoCc1Cc+q
KeYRlpKKdwYASFMc3uBAeUmgq/a3cWo4WPEADhYZ7Sacf5ZE6ht+aFNo25BVsNz9
lXExji7o0kad+xrlRqRHW+p51owPOB3+iBibDZtLsWY+mmBPbIdyFUNI7PKLXJZ/
aXnnx8gcq3Y9je0SbZgvBJokRHZcQV31wM91lqWZukmgVt4oHivd4/9G4wIDAQAB
o4IDgjCCA34wHQYDVR0OBBYEFKUJ3WgHs4jkfaGucHLFN2/zjZIiMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvcFFuZGFBZXppT1I5b2E1d2NzVTNiX09Oa2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlgYIKwYBBQUHAQcBAf8EggGFMIIBgTCCAX0EAgABMIIB
dQMEAR84BAMEAh84HAMEAB84OQMEAB84QwMEAB84RwMEAR84WgMEAx84aAMEAR84
cjAMAwQBHzh2AwQCHzh4AwQCHzi0MAwDBAIfOLwDBAIfOMADBAIfOMgDBAMfONAD
BAEfONwDBAEfOOADBAIfOOQDBAIfOOwDBAIfOQwwDAMEAx85GAMEAB85IAMEAh85
JDAMAwQCHzk0AwQGHzkAAwQBHzleMAwDBAAfOXcDBAcfOQADBAEfOYQDBAMfOYgD
BAEfOZIDBAIfOagwDAMEBB85sAMEAh85uAMEAh85wAMEAR85yDAMAwQEHznQAwQC
HzngAwQCHznoMAsDBAEfOfoDAwEfOAMEAR86IgMEAR86MgMEAR86QAMEAh86RAME
Ah86VAMEAh86mAMEAh86rDAMAwQCHzrcAwQCHzrgAwQAHztHAwQCHztMAwQCHztg
AwQCHztwMAwDBAMfO4gDBAMfO5ADBAMfO6ADBAIfO+ADBAIfO+gwDQYJKoZIhvcN
AQELBQADggEBAKhI0Bel9d7fam1W3Vl8EqrP1wM/Q1hgKUCUnU1iJPYVFRIGReAb
0wdOEIWQiz2HQLKk4zUyDlOSvnuHqUpcQcKjKuLNqnZKnvYB1CypNGwgp8AAcp/C
Vn/GVfUB8B92i1RwKqmSQjkLNfI4Vkdt4yMPQ+7mOPSnPc3PmBNJfM8x2le1vjJc
DIbzsa541+GHLTmZKIcoN/cgE5e2Updc7eRCWwTYLudHqWH2oiUo1qMG7XEQnmCN
Wsw2ketBOppcWv+8dr266Vb5+HFgiqGUXKPAiVaT7qiaXnPAgfF/UW18OFNtEk9Y
RgBdSwvamLl443eY1QEPD/UKiUz9Wlq2aSs=
-----END CERTIFICATE-----
Generated at Thu Sep 18 03:35:04 2025 by rpki-client