Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/unJDGLfmftSNp9UeIO0FF6kxD5g.roa
File: unJDGLfmftSNp9UeIO0FF6kxD5g.roa (raw, json)
Hash identifier: jhFc9oK6cVRXzS4nYPlQlQbFqnos7qnROfOgg8ggV8Y=
Subject key identifier: BA:72:43:18:B7:E6:7E:D4:8D:A7:D5:1E:20:ED:05:17:A9:31:0F:98
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0197D40D2E042D7C389ABC1F3226B9B6F2C8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/unJDGLfmftSNp9UeIO0FF6kxD5g.roa
Signing time: Fri 04 Jul 2025 06:08:42 +0000
ROA not before: Fri 04 Jul 2025 06:08:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 31.56.86.0/24 maxlen: 24
31.56.107.0/24 maxlen: 24
31.57.120.0/24 maxlen: 24
31.57.122.0/24 maxlen: 24
31.57.124.0/24 maxlen: 24
31.57.125.0/24 maxlen: 24
31.57.140.0/24 maxlen: 24
31.57.162.0/23 maxlen: 24
31.57.164.0/23 maxlen: 24
31.57.180.0/24 maxlen: 24
31.57.196.0/24 maxlen: 24
31.57.221.0/24 maxlen: 24
31.58.41.0/24 maxlen: 24
31.58.42.0/24 maxlen: 24
31.58.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Jul 2025 16:32:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:0d:2e:04:2d:7c:38:9a:bc:1f:32:26:b9:b6:f2:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 4 06:08:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba724318b7e67ed48da7d51e20ed0517a9310f98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8e:5b:b2:84:96:4f:91:62:75:4f:59:f0:57:
6c:71:80:ca:e8:8c:e9:4f:0e:86:9d:34:f9:ca:54:
78:7f:9b:0c:0e:ce:c8:17:50:50:fc:d1:60:81:95:
63:82:d1:5e:59:38:a0:e0:7b:15:c5:cc:3d:4a:a0:
3a:05:ef:27:40:61:fa:d8:08:ab:f8:d0:1e:86:7f:
8d:f9:d3:6e:3c:6f:77:95:71:d2:be:76:2b:2d:1d:
53:e7:bf:e1:8e:4f:b6:74:20:75:98:67:68:67:3d:
11:5e:77:20:a3:31:e4:0b:6c:76:6d:e2:0b:39:2f:
35:f0:df:66:b0:7b:29:a1:77:13:a0:69:cf:f4:e1:
b2:88:63:23:18:b8:6c:27:18:97:34:0a:63:a0:53:
21:7e:e2:40:0f:60:04:c2:53:ec:0f:6a:6e:ba:d0:
0b:b7:ce:66:24:97:3b:72:b1:f6:e6:d9:42:c4:6a:
ac:6d:da:c8:9b:ae:0d:c5:55:38:ca:4c:cb:e9:47:
e0:65:a6:fe:6f:b5:8d:c0:96:7e:e2:e0:de:e8:48:
3e:e6:e4:e7:03:6c:4c:70:c0:d7:1a:7f:85:de:5b:
c8:08:9a:7e:03:01:e2:af:56:7a:9e:55:c6:f6:05:
56:9f:fd:bb:45:d2:29:88:53:73:f8:37:ba:e4:a8:
2f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:72:43:18:B7:E6:7E:D4:8D:A7:D5:1E:20:ED:05:17:A9:31:0F:98
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/unJDGLfmftSNp9UeIO0FF6kxD5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.86.0/24
31.56.107.0/24
31.57.120.0/24
31.57.122.0/24
31.57.124.0/23
31.57.140.0/24
31.57.162.0-31.57.165.255
31.57.180.0/24
31.57.196.0/24
31.57.221.0/24
31.58.41.0-31.58.42.255
31.58.48.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:e7:47:3b:5b:27:9b:7e:ce:d3:a3:e8:6b:0a:b7:29:ec:1a:
f5:1c:c0:53:3c:9e:e0:45:0a:b0:3c:fa:78:84:68:aa:49:d7:
54:42:d6:7c:aa:23:90:ca:9a:a1:d3:59:ea:c4:80:c3:9e:b6:
d5:24:9e:22:01:3b:69:a0:df:46:3c:3c:e9:1b:cb:68:5d:01:
de:83:63:0d:0c:84:9b:ae:a4:63:a2:f4:74:71:33:90:9a:02:
22:23:a7:6a:43:02:1d:cd:90:3a:42:25:15:e4:4d:15:e7:91:
a4:2c:20:3f:62:de:ec:e9:f4:f6:48:5d:ad:da:a7:9f:6a:16:
e3:d8:8f:d0:96:5b:40:15:8d:f4:c4:0e:83:c9:76:25:88:38:
51:a9:39:68:a0:33:71:87:b2:cc:f0:b0:1c:a8:b1:8f:85:06:
f2:9b:09:87:5d:e3:47:13:5f:fa:92:68:fd:a3:51:58:5e:83:
ad:11:c7:ee:25:85:6e:4d:8d:c4:46:1e:91:64:66:e7:a7:a8:
4c:ff:f4:19:3c:4e:62:cd:32:ae:99:3f:7f:56:2a:83:42:13:
55:fc:b2:80:4a:8d:41:99:66:35:5b:29:3e:44:c4:d3:be:5b:
20:d2:a2:12:4a:4c:e3:ec:10:72:48:b7:cf:63:52:6a:ce:50:
11:7a:71:78
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZfUDS4ELXw4mrwfMia5tvLIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzA0MDYwODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTcyNDMxOGI3ZTY3ZWQ0OGRhN2Q1MWUyMGVkMDUxN2E5MzEwZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxI5bsoSWT5FidU9Z8FdscYDK6Izp
Tw6GnTT5ylR4f5sMDs7IF1BQ/NFggZVjgtFeWTig4HsVxcw9SqA6Be8nQGH62Air
+NAehn+N+dNuPG93lXHSvnYrLR1T57/hjk+2dCB1mGdoZz0RXncgozHkC2x2beIL
OS818N9msHspoXcToGnP9OGyiGMjGLhsJxiXNApjoFMhfuJAD2AEwlPsD2puutAL
t85mJJc7crH25tlCxGqsbdrIm64NxVU4ykzL6UfgZab+b7WNwJZ+4uDe6Eg+5uTn
A2xMcMDXGn+F3lvICJp+AwHir1Z6nlXG9gVWn/27RdIpiFNz+De65Kgv6wIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFLpyQxi35n7UjafVHiDtBRepMQ+YMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdW5KREdMZm1mdFNOcDlVZUlPMEZGNmt4RDVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAHzhWAwQA
HzhrAwQAHzl4AwQAHzl6AwQBHzl8AwQAHzmMMAwDBAEfOaIDBAEfOaQDBAAfObQD
BAAfOcQDBAAfOd0wDAMEAB86KQMEAB86KgMEAB86MDANBgkqhkiG9w0BAQsFAAOC
AQEAfudHO1snm37O06Poawq3Kewa9RzAUzye4EUKsDz6eIRoqknXVELWfKojkMqa
odNZ6sSAw5621SSeIgE7aaDfRjw86RvLaF0B3oNjDQyEm66kY6L0dHEzkJoCIiOn
akMCHc2QOkIlFeRNFeeRpCwgP2Le7On09khdrdqnn2oW49iP0JZbQBWN9MQOg8l2
JYg4Uak5aKAzcYeyzPCwHKixj4UG8psJh13jRxNf+pJo/aNRWF6DrRHH7iWFbk2N
xEYekWRm56eoTP/0GTxOYs0yrpk/f1Yqg0ITVfyygEqNQZlmNVspPkTE075bINKi
EkpM4+wQcki3z2NSas5QEXpxeA==
-----END CERTIFICATE-----
Generated at Fri Jul 4 19:15:02 2025 by rpki-client