Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/xBTWAMomx26PvXfuRA-PzA4WIWw.roa
File: xBTWAMomx26PvXfuRA-PzA4WIWw.roa (raw, json)
Hash identifier: ciwTVKrCUZUguD1GaIYvCa/KFTEuznSIuMQdVvsPBe8=
Subject key identifier: C4:14:D6:00:CA:26:C7:6E:8F:BD:77:EE:44:0F:8F:CC:0E:16:21:6C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01972FA3D3EE540F8AFFFCBDA05DB327968C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/xBTWAMomx26PvXfuRA-PzA4WIWw.roa
Signing time: Mon 02 Jun 2025 07:55:55 +0000
ROA not before: Mon 02 Jun 2025 07:55:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 31.56.66.0/24 maxlen: 24
31.57.35.0/24 maxlen: 24
31.57.100.0/24 maxlen: 24
31.57.228.0/24 maxlen: 24
31.59.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:a3:d3:ee:54:0f:8a:ff:fc:bd:a0:5d:b3:27:96:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 2 07:55:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c414d600ca26c76e8fbd77ee440f8fcc0e16216c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f0:bf:9e:4b:87:92:5d:3d:70:79:fb:f2:47:
90:0a:41:a8:2a:d0:56:b8:b1:b8:88:c2:fe:09:67:
69:51:96:b0:a3:5d:16:73:07:27:29:0b:c5:77:9a:
eb:31:c1:80:00:be:19:18:ca:cb:37:34:81:f9:3f:
2d:85:19:60:bf:f4:6d:c3:05:33:a8:45:71:2a:4f:
f4:04:6d:70:62:61:6b:e6:9d:88:c2:a7:3d:da:67:
97:bd:1c:29:47:8a:89:d1:79:80:a9:1b:20:3f:0f:
13:81:fe:bb:ca:95:74:d2:08:cc:7d:d8:2d:1f:59:
ea:b1:35:03:14:3c:5c:cd:87:44:23:23:67:7c:9c:
6a:12:7d:a6:e3:cc:74:50:fa:5d:8e:7f:64:37:21:
74:a0:3f:da:db:cd:79:8b:5e:6a:c2:aa:c1:54:16:
50:ba:04:32:44:3e:ed:86:56:e6:95:89:5c:21:58:
e7:98:43:0e:cf:bb:ee:6b:59:18:fb:07:86:a7:61:
aa:ab:c5:bc:a6:91:e8:7f:e3:8d:e8:03:81:7b:d9:
7a:41:23:cf:18:8c:4c:0f:ab:84:0e:b4:d1:c6:26:
e6:f4:8b:1f:65:dd:7a:9a:af:33:af:4c:66:bf:d9:
19:8d:57:35:b3:56:c1:5e:a0:40:bd:11:6e:cf:d8:
fe:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:14:D6:00:CA:26:C7:6E:8F:BD:77:EE:44:0F:8F:CC:0E:16:21:6C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/xBTWAMomx26PvXfuRA-PzA4WIWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.66.0/24
31.57.35.0/24
31.57.100.0/24
31.57.228.0/24
31.59.167.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:70:d5:44:de:6d:14:d3:db:44:72:02:37:e0:83:e9:9b:df:
11:21:7a:dc:91:a8:9e:8b:84:0b:20:0e:f6:b1:d9:ef:2f:3e:
b0:b2:3e:51:30:01:b8:d5:fd:07:c1:ac:a5:95:ef:fa:ac:5d:
ce:d0:c5:5d:7b:31:fe:6a:06:ab:8d:38:f5:87:2d:9a:93:b9:
b6:c6:47:fb:e3:e1:15:84:44:4e:13:30:f5:f2:e2:ac:a8:9d:
86:8c:8e:80:54:ef:30:8a:12:89:a9:7a:b9:50:1e:15:f8:4c:
45:29:be:2b:07:03:20:40:99:cb:21:a3:77:ce:d0:46:69:b2:
0e:db:2c:62:f2:58:5d:26:16:38:b6:bb:92:21:4e:49:3a:65:
62:57:1a:cd:d9:a9:9d:d3:97:5f:d7:63:47:1c:31:ca:08:b8:
0b:61:f7:1c:d3:5d:48:0c:81:4c:f6:88:eb:45:8d:6d:c8:77:
0c:a1:30:5e:c7:71:ff:a5:4a:7c:e5:2d:a7:25:c4:04:7a:3f:
ec:49:ec:dd:f6:6a:1a:61:29:e1:0e:68:30:d1:bc:b6:3f:b1:
49:8c:20:89:8a:aa:0e:a7:e4:c9:7a:1f:b3:39:79:c8:82:18:
ad:48:95:c4:90:a6:e6:21:a5:0e:13:bd:58:e2:1a:3e:6d:e2:
f0:e9:0e:9f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZcvo9PuVA+K//y9oF2zJ5aMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjAyMDc1NTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDE0ZDYwMGNhMjZjNzZlOGZiZDc3ZWU0NDBmOGZjYzBlMTYyMTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvC/nkuHkl09cHn78keQCkGoKtBW
uLG4iML+CWdpUZawo10WcwcnKQvFd5rrMcGAAL4ZGMrLNzSB+T8thRlgv/RtwwUz
qEVxKk/0BG1wYmFr5p2Iwqc92meXvRwpR4qJ0XmAqRsgPw8Tgf67ypV00gjMfdgt
H1nqsTUDFDxczYdEIyNnfJxqEn2m48x0UPpdjn9kNyF0oD/a2815i15qwqrBVBZQ
ugQyRD7thlbmlYlcIVjnmEMOz7vua1kY+weGp2Gqq8W8ppHof+ON6AOBe9l6QSPP
GIxMD6uEDrTRxibm9IsfZd16mq8zr0xmv9kZjVc1s1bBXqBAvRFuz9j+uQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMQU1gDKJsduj7137kQPj8wOFiFsMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEveEJUV0FNb214MjZQdlhmdVJBLVB6QTRXSVd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzhCAwQA
HzkjAwQAHzlkAwQAHznkAwQAHzunMA0GCSqGSIb3DQEBCwUAA4IBAQBLcNVE3m0U
09tEcgI34IPpm98RIXrckaiei4QLIA72sdnvLz6wsj5RMAG41f0Hwaylle/6rF3O
0MVdezH+agarjTj1hy2ak7m2xkf74+EVhEROEzD18uKsqJ2GjI6AVO8wihKJqXq5
UB4V+ExFKb4rBwMgQJnLIaN3ztBGabIO2yxi8lhdJhY4truSIU5JOmViVxrN2amd
05df12NHHDHKCLgLYfcc011IDIFM9ojrRY1tyHcMoTBex3H/pUp85S2nJcQEej/s
Sezd9moaYSnhDmgw0by2P7FJjCCJiqoOp+TJeh+zOXnIghitSJXEkKbmIaUOE71Y
4ho+beLw6Q6f
-----END CERTIFICATE-----
Generated at Thu Jun 5 03:58:54 2025 by rpki-client