Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tR4mBvS89zNJLMtkzQuXFXyW6qo.roa
File: tR4mBvS89zNJLMtkzQuXFXyW6qo.roa (raw, json)
Hash identifier: FQZ7csD1Q8+M+1mQiqwZTR8subbtljhwK/BF2/wRKt8=
Subject key identifier: B5:1E:26:06:F4:BC:F7:33:49:2C:CB:64:CD:0B:97:15:7C:96:EA:AA
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A88AE074F88E3748E267B4763E9E6D80F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tR4mBvS89zNJLMtkzQuXFXyW6qo.roa
Signing time: Sat 15 Nov 2025 18:01:37 +0000
ROA not before: Sat 15 Nov 2025 18:01:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 31.56.211.0/24 maxlen: 24
31.58.180.0/22 maxlen: 24
31.58.184.0/21 maxlen: 24
31.58.192.0/22 maxlen: 24
31.58.239.0/24 maxlen: 24
31.59.84.0/22 maxlen: 24
31.59.90.0/23 maxlen: 24
31.59.92.0/22 maxlen: 24
31.59.101.0/24 maxlen: 24
31.59.102.0/23 maxlen: 24
31.59.104.0/23 maxlen: 24
31.59.106.0/24 maxlen: 24
31.59.186.0/24 maxlen: 24
94.183.158.0/24 maxlen: 24
94.183.174.0/24 maxlen: 24
94.183.175.0/24 maxlen: 24
94.183.176.0/24 maxlen: 24
94.183.180.0/24 maxlen: 24
94.183.181.0/24 maxlen: 24
217.60.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Nov 2025 15:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:88:ae:07:4f:88:e3:74:8e:26:7b:47:63:e9:e6:d8:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 15 18:01:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b51e2606f4bcf733492ccb64cd0b97157c96eaaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:51:a9:00:36:65:87:8f:d7:5c:b1:a2:4f:3d:
dd:18:68:ee:7a:b9:58:5f:55:3a:93:17:bc:e9:4a:
32:b7:0f:6d:98:c7:5c:ac:38:bc:8b:35:24:65:65:
b9:63:bd:5e:5c:e2:0b:47:bc:4a:0d:16:ea:07:cc:
18:68:96:5c:42:0a:d2:0c:8e:f7:ad:e3:73:29:8e:
b3:6b:8d:d6:76:2b:06:d6:99:90:b7:fa:3c:91:7a:
8d:9b:69:62:c8:d9:95:45:b6:04:e0:56:30:f7:03:
28:95:76:20:a4:34:b5:cf:b9:bc:5e:79:9f:e8:07:
97:26:04:fd:8e:1e:f9:b8:54:c8:b8:b8:28:80:ba:
b7:88:09:f1:01:ca:7f:ea:33:7e:42:2c:a2:18:08:
fc:68:e5:c2:ad:48:14:32:b3:ac:20:88:d5:ef:30:
04:d4:2a:68:b5:b1:0b:10:0b:ff:3b:63:8d:dc:a7:
3f:b4:0d:6b:bd:99:97:21:30:0c:98:5c:9f:db:90:
a0:e3:31:ab:9d:fd:f8:41:0f:05:ec:b4:fe:38:2d:
4f:88:67:ef:f7:d8:67:d4:ad:6b:33:07:a1:30:c0:
08:71:54:2b:0c:93:18:15:75:5b:94:3c:c1:9b:c7:
56:0e:e5:36:0e:73:51:83:f3:18:ba:32:fa:23:8c:
ce:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:1E:26:06:F4:BC:F7:33:49:2C:CB:64:CD:0B:97:15:7C:96:EA:AA
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tR4mBvS89zNJLMtkzQuXFXyW6qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.211.0/24
31.58.180.0-31.58.195.255
31.58.239.0/24
31.59.84.0/22
31.59.90.0-31.59.95.255
31.59.101.0-31.59.106.255
31.59.186.0/24
94.183.158.0/24
94.183.174.0-94.183.176.255
94.183.180.0/23
217.60.188.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:dc:3b:31:14:4f:f4:98:02:24:a2:0e:60:22:bd:da:80:b0:
5e:51:78:b7:e2:6f:21:20:05:aa:08:8e:88:ae:8b:d6:f4:9a:
d1:6e:c3:94:49:53:94:0d:21:34:58:5e:7c:34:a8:56:84:bf:
91:2d:9c:ca:6c:f2:e6:26:03:21:07:40:ee:3b:1b:e5:91:f6:
24:09:d1:9d:68:9c:89:3c:1d:34:02:98:fb:f8:6c:5c:5d:bc:
e8:b0:10:ef:95:7e:4b:02:da:ea:01:dc:e5:d9:21:97:b8:fe:
4d:df:eb:36:80:45:c5:ff:0d:39:23:b3:a1:16:a1:4e:73:0e:
18:e9:fa:b8:81:a6:a6:6a:51:67:21:21:92:3b:d1:1c:70:85:
e5:94:70:ad:57:00:56:0e:12:a9:27:8e:f6:48:5e:fd:37:32:
1a:c4:01:9e:95:9b:6c:ff:18:b0:b9:d3:0e:80:70:83:11:48:
41:3b:32:2b:8f:a9:f0:55:61:9c:0d:1c:75:d5:4b:63:ff:53:
37:03:18:58:23:36:25:00:2f:ce:94:8c:3d:d7:b5:e5:e6:9d:
04:28:fd:ce:33:f0:e7:4b:02:b2:10:30:3e:95:55:91:01:b1:
7c:9f:3e:b0:79:dd:43:c2:cc:aa:9b:a8:aa:f2:e8:03:cd:5e:
d8:e4:56:b4
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZqIrgdPiON0jiZ7R2Pp5tgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTE1MTgwMTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTFlMjYwNmY0YmNmNzMzNDkyY2NiNjRjZDBiOTcxNTdjOTZlYWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlGpADZlh4/XXLGiTz3dGGjuerlY
X1U6kxe86Uoytw9tmMdcrDi8izUkZWW5Y71eXOILR7xKDRbqB8wYaJZcQgrSDI73
reNzKY6za43WdisG1pmQt/o8kXqNm2liyNmVRbYE4FYw9wMolXYgpDS1z7m8Xnmf
6AeXJgT9jh75uFTIuLgogLq3iAnxAcp/6jN+QiyiGAj8aOXCrUgUMrOsIIjV7zAE
1CpotbELEAv/O2ON3Kc/tA1rvZmXITAMmFyf25Cg4zGrnf34QQ8F7LT+OC1PiGfv
99hn1K1rMwehMMAIcVQrDJMYFXVblDzBm8dWDuU2DnNRg/MYujL6I4zO2wIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFLUeJgb0vPczSSzLZM0LlxV8luqqMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdFI0bUJ2Uzg5ek5KTE10a3pRdVhGWHlXNnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAHzjTMAwD
BAIfOrQDBAIfOsADBAAfOu8DBAIfO1QwDAMEAR87WgMEBR87QDAMAwQAHztlAwQA
HztqAwQAHzu6AwQAXreeMAwDBAFet64DBABet7ADBAFet7QDBALZPLwwDQYJKoZI
hvcNAQELBQADggEBAA7cOzEUT/SYAiSiDmAivdqAsF5ReLfibyEgBaoIjoiui9b0
mtFuw5RJU5QNITRYXnw0qFaEv5EtnMps8uYmAyEHQO47G+WR9iQJ0Z1onIk8HTQC
mPv4bFxdvOiwEO+VfksC2uoB3OXZIZe4/k3f6zaARcX/DTkjs6EWoU5zDhjp+riB
pqZqUWchIZI70RxwheWUcK1XAFYOEqknjvZIXv03MhrEAZ6Vm2z/GLC50w6AcIMR
SEE7MiuPqfBVYZwNHHXVS2P/UzcDGFgjNiUAL86UjD3XteXmnQQo/c4z8OdLArIQ
MD6VVZEBsXyfPrB53UPCzKqbqKry6APNXtjkVrQ=
-----END CERTIFICATE-----
Generated at Mon Nov 17 00:44:55 2025 by rpki-client