Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/vAVKnjqiGFaYGyUT0iw5FRQoBgw.roa
File: vAVKnjqiGFaYGyUT0iw5FRQoBgw.roa (raw, json)
Hash identifier: 2bRXggXOimjqOYPxzGmu3oDlbrW9k5cfMJ6ot+Gia0A=
Subject key identifier: BC:05:4A:9E:3A:A2:18:56:98:1B:25:13:D2:2C:39:15:14:28:06:0C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A652F6BE1A20C87FC0A0D9626E64C67F0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/vAVKnjqiGFaYGyUT0iw5FRQoBgw.roa
Signing time: Sat 08 Nov 2025 20:36:37 +0000
ROA not before: Sat 08 Nov 2025 20:36:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 31.56.16.0/22 maxlen: 24
31.56.214.0/24 maxlen: 24
31.57.16.0/21 maxlen: 24
31.57.36.0/23 maxlen: 24
31.57.135.0/24 maxlen: 24
31.57.168.0/23 maxlen: 24
31.57.184.0/23 maxlen: 24
31.57.208.0/22 maxlen: 22
31.57.216.0/23 maxlen: 24
31.57.250.0/23 maxlen: 24
31.58.76.0/22 maxlen: 24
31.58.92.0/22 maxlen: 24
31.58.176.0/22 maxlen: 24
31.58.200.0/22 maxlen: 24
31.58.216.0/22 maxlen: 24
31.58.240.0/22 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.58.252.0/22 maxlen: 24
31.59.64.0/22 maxlen: 24
31.59.80.0/22 maxlen: 24
31.59.124.0/22 maxlen: 24
31.59.140.0/22 maxlen: 24
31.59.148.0/22 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/22 maxlen: 24
31.59.164.0/23 maxlen: 24
31.59.176.0/21 maxlen: 24
31.59.188.0/22 maxlen: 24
31.59.192.0/22 maxlen: 24
31.59.216.0/22 maxlen: 24
94.183.152.0/22 maxlen: 22
94.183.192.0/22 maxlen: 22
94.183.196.0/22 maxlen: 22
94.183.200.0/22 maxlen: 22
94.183.204.0/22 maxlen: 22
94.183.208.0/22 maxlen: 22
94.183.212.0/22 maxlen: 22
94.183.216.0/22 maxlen: 22
94.183.220.0/22 maxlen: 22
94.183.224.0/22 maxlen: 22
94.183.228.0/22 maxlen: 22
94.183.236.0/22 maxlen: 22
94.183.240.0/22 maxlen: 22
94.183.244.0/22 maxlen: 22
94.183.248.0/22 maxlen: 22
94.183.252.0/22 maxlen: 22
217.60.16.0/21 maxlen: 24
217.60.28.0/22 maxlen: 24
217.60.40.0/22 maxlen: 24
217.60.64.0/18 maxlen: 24
217.60.187.0/24 maxlen: 24
217.60.196.0/23 maxlen: 24
217.60.244.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Nov 2025 15:11:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:65:2f:6b:e1:a2:0c:87:fc:0a:0d:96:26:e6:4c:67:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 8 20:36:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc054a9e3aa21856981b2513d22c39151428060c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b0:af:ee:c4:ae:d1:d5:9e:47:e1:29:41:73:
83:b8:dd:1f:6e:70:c2:40:22:c2:29:2a:85:68:3e:
aa:33:7a:a5:ed:fe:0c:e5:7d:35:97:22:7f:ee:b5:
19:fe:06:90:5a:46:77:7a:91:e3:a8:80:25:2d:04:
11:11:3e:5c:1d:eb:7b:44:59:93:d4:df:14:64:0c:
26:4b:42:48:e1:f5:3e:5c:cb:72:27:98:b8:4f:88:
5d:32:e9:91:25:13:3a:68:79:64:14:e7:22:f3:e2:
84:e0:37:63:0c:55:29:b3:bd:be:72:67:52:d8:02:
a4:09:d2:84:14:e5:54:2a:c9:4c:57:d0:01:21:f8:
82:3e:b4:d8:27:61:98:48:f5:e7:48:86:72:0c:72:
4d:60:f8:e2:eb:9e:d7:bb:12:74:dc:37:02:47:41:
b8:1c:8c:88:19:09:2e:61:04:88:db:8f:c4:86:fb:
df:49:1e:02:52:c7:a3:c8:68:a7:6a:9e:1e:6b:8e:
7d:56:c4:d8:aa:c1:cb:05:5e:91:b7:2a:2a:c7:8d:
f4:6c:ed:9c:c6:6c:e6:e7:fd:4d:c0:f9:e1:bc:fe:
69:67:43:d1:4c:6b:4a:2a:3a:d1:26:05:ab:57:5f:
1b:13:e2:aa:07:69:2a:5b:fd:2c:6f:98:81:d6:52:
3d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:05:4A:9E:3A:A2:18:56:98:1B:25:13:D2:2C:39:15:14:28:06:0C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/vAVKnjqiGFaYGyUT0iw5FRQoBgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.16.0/22
31.56.214.0/24
31.57.16.0/21
31.57.36.0/23
31.57.135.0/24
31.57.168.0/23
31.57.184.0/23
31.57.208.0/22
31.57.216.0/23
31.57.250.0/23
31.58.76.0/22
31.58.92.0/22
31.58.176.0/22
31.58.200.0/22
31.58.216.0/22
31.58.240.0-31.58.244.255
31.58.249.0-31.58.255.255
31.59.64.0/22
31.59.80.0/22
31.59.124.0/22
31.59.140.0/22
31.59.148.0-31.59.165.255
31.59.176.0/21
31.59.188.0-31.59.195.255
31.59.216.0/22
94.183.152.0/22
94.183.192.0-94.183.231.255
94.183.236.0-94.183.255.255
217.60.16.0/21
217.60.28.0/22
217.60.40.0/22
217.60.64.0/18
217.60.187.0/24
217.60.196.0/23
217.60.244.0/23
Signature Algorithm: sha256WithRSAEncryption
06:41:a7:33:58:e0:d7:af:bc:bd:2d:b9:16:be:a6:13:f6:18:
6b:34:5d:a3:b0:26:da:b6:af:aa:61:46:23:90:a3:03:c8:d8:
e7:9b:9d:ce:c3:9f:a5:df:07:70:41:2a:e4:62:95:72:3a:ff:
04:63:36:57:f8:65:09:41:14:a9:e6:8d:eb:28:eb:82:99:78:
91:a5:a9:40:b0:37:24:8e:e9:00:6e:b6:cb:4a:08:b8:6e:6b:
80:85:d6:7c:28:84:56:08:8e:25:6b:c4:47:bf:a3:b5:b6:76:
ae:3d:27:06:6e:bf:3c:37:43:54:6c:80:1d:cf:64:c8:33:ba:
f6:01:71:15:df:ad:fe:2d:87:67:f5:a3:48:b9:b6:50:ab:6b:
a0:ee:89:d9:fe:2e:21:0c:a7:01:6f:9d:fa:d5:a6:ad:9e:51:
8e:a2:6d:2b:a5:f1:7b:03:06:ed:d7:7c:1a:99:15:6c:c3:3d:
8b:de:7e:5a:3f:3f:ea:9c:2a:5e:2c:ab:b0:e3:20:3f:6e:9e:
cc:30:a7:bb:2a:bb:24:bc:13:31:eb:7a:35:01:02:5e:0b:47:
7b:fb:75:ff:cb:ea:47:a4:26:84:44:97:c8:d6:97:00:f1:b0:
b7:f1:36:d2:1f:e0:30:a5:01:03:5e:a8:1b:07:94:9d:ae:d2:
53:38:68:c0
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAZplL2vhogyH/AoNlibmTGfwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTA4MjAzNjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzA1NGE5ZTNhYTIxODU2OTgxYjI1MTNkMjJjMzkxNTE0MjgwNjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7Cv7sSu0dWeR+EpQXODuN0fbnDC
QCLCKSqFaD6qM3ql7f4M5X01lyJ/7rUZ/gaQWkZ3epHjqIAlLQQRET5cHet7RFmT
1N8UZAwmS0JI4fU+XMtyJ5i4T4hdMumRJRM6aHlkFOci8+KE4DdjDFUps72+cmdS
2AKkCdKEFOVUKslMV9ABIfiCPrTYJ2GYSPXnSIZyDHJNYPji657XuxJ03DcCR0G4
HIyIGQkuYQSI24/EhvvfSR4CUsejyGinap4ea459VsTYqsHLBV6Rtyoqx430bO2c
xmzm5/1NwPnhvP5pZ0PRTGtKKjrRJgWrV18bE+KqB2kqW/0sb5iB1lI9nwIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFLwFSp46ohhWmBslE9IsORUUKAYMMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdkFWS25qcWlHRmFZR3lVVDBpdzVGUlFvQmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCCAQgEAgABMIIB
AAMEAh84EAMEAB841gMEAx85EAMEAR85JAMEAB85hwMEAR85qAMEAR85uAMEAh85
0AMEAR852AMEAR85+gMEAh86TAMEAh86XAMEAh86sAMEAh86yAMEAh862DAMAwQE
HzrwAwQAHzr0MAsDBAAfOvkDAwAfOgMEAh87QAMEAh87UAMEAh87fAMEAh87jDAM
AwQCHzuUAwQBHzukAwQDHzuwMAwDBAIfO7wDBAIfO8ADBAIfO9gDBAJet5gwDAME
Bl63wAMEA1634DALAwQCXrfsAwMDXrADBAPZPBADBALZPBwDBALZPCgDBAbZPEAD
BADZPLsDBAHZPMQDBAHZPPQwDQYJKoZIhvcNAQELBQADggEBAAZBpzNY4NevvL0t
uRa+phP2GGs0XaOwJtq2r6phRiOQowPI2Oebnc7Dn6XfB3BBKuRilXI6/wRjNlf4
ZQlBFKnmjeso64KZeJGlqUCwNySO6QButstKCLhua4CF1nwohFYIjiVrxEe/o7W2
dq49JwZuvzw3Q1RsgB3PZMgzuvYBcRXfrf4th2f1o0i5tlCra6Duidn+LiEMpwFv
nfrVpq2eUY6ibSul8XsDBu3XfBqZFWzDPYveflo/P+qcKl4sq7DjID9unswwp7sq
uyS8EzHrejUBAl4LR3v7df/L6kekJoREl8jWlwDxsLfxNtIf4DClAQNeqBsHlJ2u
0lM4aMA=
-----END CERTIFICATE-----
Generated at Thu Nov 13 20:50:43 2025 by rpki-client