Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/sQFf5vYie5-p5_xpwTASw86JSuE.roa
File: sQFf5vYie5-p5_xpwTASw86JSuE.roa (raw, json)
Hash identifier: XQ11bmbeiAd9M6ehi08mOz93vkPTZ1oTeYwQlh9u7sI=
Subject key identifier: B1:01:5F:E6:F6:22:7B:9F:A9:E7:FC:69:C1:30:12:C3:CE:89:4A:E1
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A88AA5E7C04C64B0103A02064F739CE22
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/sQFf5vYie5-p5_xpwTASw86JSuE.roa
Signing time: Sat 15 Nov 2025 17:57:37 +0000
ROA not before: Sat 15 Nov 2025 17:57:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205886
IP address blocks: 31.56.112.0/24 maxlen: 24
31.56.231.0/24 maxlen: 24
31.57.31.0/24 maxlen: 24
31.57.132.0/24 maxlen: 24
31.57.191.0/24 maxlen: 24
31.57.205.0/24 maxlen: 24
31.57.237.0/24 maxlen: 24
31.57.249.0/24 maxlen: 24
31.58.157.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Nov 2025 15:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:88:aa:5e:7c:04:c6:4b:01:03:a0:20:64:f7:39:ce:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 15 17:57:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1015fe6f6227b9fa9e7fc69c13012c3ce894ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:48:dc:89:d6:16:74:32:35:0c:1c:a7:14:2b:
df:bc:4d:55:6f:8b:10:90:76:bf:d3:05:02:09:bf:
b2:54:be:42:a1:cc:1a:69:1e:be:3a:b1:0f:32:20:
f1:51:43:25:06:e7:db:e0:5c:69:d7:ec:3a:a3:c2:
0b:15:1c:9f:bb:0c:17:ca:d2:88:c2:7f:50:86:85:
8e:ca:3e:b7:68:02:83:b8:35:51:e1:f4:9f:66:f7:
3e:a9:d7:9c:31:db:f3:1b:e9:bb:b0:8b:ab:ad:cf:
a6:31:6c:72:0f:89:61:b3:b7:19:5b:fb:a4:63:34:
67:6c:ea:b6:c1:da:c5:30:9e:65:a8:09:7d:80:14:
02:b5:5b:63:01:43:00:c8:6d:89:1f:06:55:69:71:
00:92:e6:b7:c1:ce:5e:6f:a2:6b:ff:d5:e3:70:2d:
e6:28:cf:68:00:41:c0:ef:3e:0e:4b:83:75:cd:36:
49:8a:7d:be:34:3d:6d:63:89:20:cc:09:6a:a1:41:
e0:f6:e5:5b:8d:aa:11:ae:4f:e6:61:9e:a6:41:fb:
71:d9:aa:5d:11:c6:6d:7d:15:73:82:a5:d4:83:83:
fe:b7:64:99:bc:3a:66:05:a1:b2:97:2c:45:e0:2d:
f4:28:d3:a2:f3:7b:9f:89:18:02:25:ef:fa:bc:a6:
33:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:01:5F:E6:F6:22:7B:9F:A9:E7:FC:69:C1:30:12:C3:CE:89:4A:E1
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/sQFf5vYie5-p5_xpwTASw86JSuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.112.0/24
31.56.231.0/24
31.57.31.0/24
31.57.132.0/24
31.57.191.0/24
31.57.205.0/24
31.57.237.0/24
31.57.249.0/24
31.58.157.0/24
31.58.163.0/24
31.59.57.0/24
Signature Algorithm: sha256WithRSAEncryption
91:1a:07:94:11:32:ca:dd:62:37:0f:56:3b:4c:63:33:f2:c3:
5d:41:ec:b2:a3:84:be:fd:e7:72:e9:1f:df:71:99:22:22:87:
37:db:74:9d:fb:0e:39:11:13:25:64:49:b7:fd:6a:45:11:8a:
33:ff:42:7d:ac:85:05:bd:50:f1:b2:e9:97:5b:8c:29:18:b1:
50:75:7a:ac:d8:6f:f8:55:b5:ed:ba:07:58:ea:2f:8f:11:55:
2d:2a:54:c2:a4:f4:4a:15:b6:a9:7a:9a:6a:2c:0c:64:e9:24:
e8:ad:d4:cc:b4:2e:05:61:dc:d9:8b:47:fc:2b:27:c9:19:32:
de:7e:8e:a0:41:1e:4b:b3:a1:af:24:43:52:e1:d0:82:bb:f2:
ec:83:b3:11:e6:d8:13:52:01:17:fb:7c:17:da:60:4e:d5:7a:
26:78:cf:63:d5:cc:7f:65:de:93:01:4e:73:51:8d:50:5f:2c:
ba:50:28:e9:63:b0:17:39:a0:d6:49:09:9d:26:ce:52:f8:5b:
86:cf:53:b9:11:d5:78:c9:95:2a:7c:75:46:86:ba:ac:78:0e:
e4:21:ec:52:95:2d:53:fe:ca:10:5f:cd:e9:67:94:56:d1:fa:
c9:22:42:a3:9c:68:e5:08:1c:e5:66:e5:97:3c:cd:e7:30:31:
bf:e9:4b:2c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZqIql58BMZLAQOgIGT3Oc4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTE1MTc1NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTAxNWZlNmY2MjI3YjlmYTllN2ZjNjljMTMwMTJjM2NlODk0YWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEjcidYWdDI1DBynFCvfvE1Vb4sQ
kHa/0wUCCb+yVL5CocwaaR6+OrEPMiDxUUMlBufb4Fxp1+w6o8ILFRyfuwwXytKI
wn9QhoWOyj63aAKDuDVR4fSfZvc+qdecMdvzG+m7sIurrc+mMWxyD4lhs7cZW/uk
YzRnbOq2wdrFMJ5lqAl9gBQCtVtjAUMAyG2JHwZVaXEAkua3wc5eb6Jr/9XjcC3m
KM9oAEHA7z4OS4N1zTZJin2+ND1tY4kgzAlqoUHg9uVbjaoRrk/mYZ6mQftx2apd
EcZtfRVzgqXUg4P+t2SZvDpmBaGylyxF4C30KNOi83ufiRgCJe/6vKYz4wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFLEBX+b2Inufqef8acEwEsPOiUrhMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvc1FGZjV2WWllNS1wNV94cHdUQVN3ODZKU3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAHzhwAwQA
HzjnAwQAHzkfAwQAHzmEAwQAHzm/AwQAHznNAwQAHzntAwQAHzn5AwQAHzqdAwQA
HzqjAwQAHzs5MA0GCSqGSIb3DQEBCwUAA4IBAQCRGgeUETLK3WI3D1Y7TGMz8sNd
Qeyyo4S+/edy6R/fcZkiIoc323Sd+w45ERMlZEm3/WpFEYoz/0J9rIUFvVDxsumX
W4wpGLFQdXqs2G/4VbXtugdY6i+PEVUtKlTCpPRKFbapeppqLAxk6STordTMtC4F
YdzZi0f8KyfJGTLefo6gQR5Ls6GvJENS4dCCu/Lsg7MR5tgTUgEX+3wX2mBO1Xom
eM9j1cx/Zd6TAU5zUY1QXyy6UCjpY7AXOaDWSQmdJs5S+FuGz1O5EdV4yZUqfHVG
hrqseA7kIexSlS1T/soQX83pZ5RW0frJIkKjnGjlCBzlZuWXPM3nMDG/6Uss
-----END CERTIFICATE-----
Generated at Mon Nov 17 00:47:15 2025 by rpki-client