Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zaM0lmMJGUdu_iKZxrD92DhuLB8.roa
File: zaM0lmMJGUdu_iKZxrD92DhuLB8.roa (raw, json)
Hash identifier: 3XCaPOyhIQfgGdwb2M8KrWXhwos4sdPWvgKbJvE6vlk=
Subject key identifier: CD:A3:34:96:63:09:19:47:6E:FE:22:99:C6:B0:FD:D8:38:6E:2C:1F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195FFB8675F791CEE034E57C227EED15E03
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zaM0lmMJGUdu_iKZxrD92DhuLB8.roa
Signing time: Fri 04 Apr 2025 07:33:49 +0000
ROA not before: Fri 04 Apr 2025 07:33:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.23.0/24 maxlen: 24
31.56.24.0/24 maxlen: 24
31.56.32.0/24 maxlen: 24
31.56.34.0/24 maxlen: 24
31.56.36.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.121.0/24 maxlen: 24
31.56.200.0/22 maxlen: 24
31.56.200.0/24 maxlen: 24
31.56.202.0/24 maxlen: 24
31.56.204.0/22 maxlen: 24
31.56.204.0/23 maxlen: 24
31.56.206.0/23 maxlen: 24
31.57.103.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.113.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.120.0/22 maxlen: 24
31.57.124.0/22 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.143.0/24 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.168.0/22 maxlen: 24
31.57.168.0/23 maxlen: 23
31.57.176.0/21 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.184.0/22 maxlen: 24
31.57.186.0/23 maxlen: 23
31.57.192.0/22 maxlen: 24
31.57.196.0/24 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.215.0/24 maxlen: 24
31.57.219.0/24 maxlen: 24
31.57.221.0/24 maxlen: 24
31.57.224.0/22 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.252.0/22 maxlen: 24
31.57.252.0/24 maxlen: 24
31.57.253.0/24 maxlen: 24
31.57.255.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.40.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.76.0/24 maxlen: 24
31.58.77.0/24 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.92.0/22 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.172.0/22 maxlen: 24
31.58.220.0/22 maxlen: 22
31.58.224.0/22 maxlen: 24
31.59.71.0/24 maxlen: 24
31.59.76.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
31.59.224.0/22 maxlen: 22
31.59.232.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ff:b8:67:5f:79:1c:ee:03:4e:57:c2:27:ee:d1:5e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 4 07:33:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cda33496630919476efe2299c6b0fdd8386e2c1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6f:ad:2c:45:f8:db:64:8c:80:e6:c0:1e:1f:
e8:c4:84:b7:4d:76:53:d8:85:42:3e:ed:58:73:da:
1e:6d:71:12:26:ed:2b:f4:1f:28:df:ae:25:e1:0e:
be:2e:db:5c:05:5d:18:c6:34:05:3f:b0:ad:d8:d5:
1c:ba:fd:19:f0:89:67:91:33:97:73:8e:74:e5:c0:
b7:39:11:e9:87:29:b3:8c:0f:60:68:28:67:f4:23:
e9:36:6a:9a:ec:53:9a:da:4d:71:7d:41:cd:f3:b6:
12:d6:b5:de:a4:b4:60:f0:ba:e5:c4:6b:04:ef:af:
30:3b:cb:20:4a:78:19:8a:03:ac:c0:4b:1e:34:d7:
52:6a:30:e7:2d:69:46:6c:47:3e:50:69:21:8a:3d:
a7:d7:09:c5:41:85:2e:3e:c7:90:8c:a8:61:2f:8b:
86:50:0a:a7:a1:04:29:7a:94:30:32:60:04:68:86:
ac:e9:46:87:2c:94:ab:bc:86:76:c9:63:8f:36:1a:
31:80:f9:81:3b:d5:b7:d2:47:f7:52:c7:a9:a2:11:
d0:b9:d8:e9:18:7a:aa:3a:f6:55:94:3c:de:db:38:
2b:ef:d7:21:11:ca:4f:36:25:bf:f5:b9:0a:0d:8a:
75:90:07:61:d4:f9:cf:ce:3f:0e:54:59:ec:1e:b0:
d9:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A3:34:96:63:09:19:47:6E:FE:22:99:C6:B0:FD:D8:38:6E:2C:1F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zaM0lmMJGUdu_iKZxrD92DhuLB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.23.0-31.56.24.255
31.56.32.0/24
31.56.34.0/24
31.56.36.0/24
31.56.57.0/24
31.56.71.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.200.0/21
31.57.103.0-31.57.111.255
31.57.113.0-31.57.114.255
31.57.120.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.168.0/22
31.57.176.0-31.57.187.255
31.57.192.0-31.57.196.255
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.252.0/22
31.58.34.0/23
31.58.40.0/24
31.58.50.0/23
31.58.68.0/22
31.58.76.0/23
31.58.84.0/22
31.58.92.0/22
31.58.152.0/22
31.58.172.0/22
31.58.220.0-31.58.227.255
31.59.71.0/24
31.59.76.0/22
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.136.0-31.59.175.255
31.59.224.0/22
31.59.232.0/22
Signature Algorithm: sha256WithRSAEncryption
57:07:37:a4:2f:09:89:5b:47:8d:44:a1:a9:ed:97:d6:14:b8:
58:5b:f4:f6:43:8a:e4:17:46:3b:23:6a:e2:71:c4:e0:24:e6:
0c:e7:8d:6b:59:2a:00:4b:30:62:b8:2d:22:5a:cd:86:0d:2d:
6a:ec:a3:3a:da:1a:a9:32:3c:a1:c2:bd:6e:10:37:55:9f:41:
b1:b0:12:b3:85:0b:97:77:0e:7f:a8:ea:e2:79:61:3a:1c:df:
59:07:69:21:bc:c0:9b:ec:bd:87:64:c5:4a:72:21:51:a7:d1:
9c:ae:31:9c:eb:53:64:fc:d7:46:24:22:80:c4:34:46:91:2f:
16:ef:b9:a3:e4:a0:c9:fe:58:2d:80:62:9c:24:97:2c:86:b0:
18:37:0f:6d:8d:1b:1f:11:fd:da:f5:a3:0f:37:d9:aa:15:fb:
0e:29:7d:34:5a:fc:6a:70:89:f5:3d:98:7c:f8:c0:17:1c:13:
42:45:f5:74:11:32:cd:40:f9:4d:a9:40:49:dd:68:78:52:20:
fc:60:ef:20:b9:a4:66:30:2a:ec:ef:7a:f8:c3:8c:f7:2b:7d:
0c:4f:0d:68:ac:de:ec:93:ea:83:8c:79:b0:9f:2c:62:c5:a9:
19:3c:12:22:02:2a:6d:77:db:19:12:02:2e:44:79:3a:df:7c:
c1:a6:e4:71
-----BEGIN CERTIFICATE-----
MIIGSzCCBTOgAwIBAgISAZX/uGdfeRzuA05Xwifu0V4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDA0MDczMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGEzMzQ5NjYzMDkxOTQ3NmVmZTIyOTljNmIwZmRkODM4NmUyYzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2+tLEX422SMgObAHh/oxIS3TXZT
2IVCPu1Yc9oebXESJu0r9B8o364l4Q6+LttcBV0YxjQFP7Ct2NUcuv0Z8IlnkTOX
c4505cC3ORHphymzjA9gaChn9CPpNmqa7FOa2k1xfUHN87YS1rXepLRg8LrlxGsE
768wO8sgSngZigOswEseNNdSajDnLWlGbEc+UGkhij2n1wnFQYUuPseQjKhhL4uG
UAqnoQQpepQwMmAEaIas6UaHLJSrvIZ2yWOPNhoxgPmBO9W30kf3UsepohHQudjp
GHqqOvZVlDze2zgr79chEcpPNiW/9bkKDYp1kAdh1PnPzj8OVFnsHrDZ7wIDAQAB
o4IDVzCCA1MwHQYDVR0OBBYEFM2jNJZjCRlHbv4imcaw/dg4biwfMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvemFNMGxtTUpHVWR1X2lLWnhyRDkyRGh1TEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBawYIKwYBBQUHAQcBAf8EggFaMIIBVjCCAVIEAgABMIIB
SgMEAR84BDAMAwQAHzgXAwQAHzgYAwQAHzggAwQAHzgiAwQAHzgkAwQAHzg5AwQA
HzhHAwQBHzhaAwQDHzhoAwQBHzhyMAwDBAEfOHYDBAIfOHgDBAMfOMgwDAMEAB85
ZwMEBB85YDAMAwQAHzlxAwQAHzlyAwQDHzl4AwQBHzmEAwQDHzmIAwQBHzmSAwQC
HzmoMAwDBAQfObADBAIfObgwDAMEBh85wAMEAB85xAMEAR85yDAMAwQEHznQAwQC
HzngAwQCHznoAwQCHzn8AwQBHzoiAwQAHzooAwQBHzoyAwQCHzpEAwQBHzpMAwQC
HzpUAwQCHzpcAwQCHzqYAwQCHzqsMAwDBAIfOtwDBAIfOuADBAAfO0cDBAIfO0wD
BAIfO2ADBAIfO3ADBAIfO3gwDAMEAx87iAMEBB87oAMEAh874AMEAh876DANBgkq
hkiG9w0BAQsFAAOCAQEAVwc3pC8JiVtHjUShqe2X1hS4WFv09kOK5BdGOyNq4nHE
4CTmDOeNa1kqAEswYrgtIlrNhg0tauyjOtoaqTI8ocK9bhA3VZ9BsbASs4ULl3cO
f6jq4nlhOhzfWQdpIbzAm+y9h2TFSnIhUafRnK4xnOtTZPzXRiQigMQ0RpEvFu+5
o+Sgyf5YLYBinCSXLIawGDcPbY0bHxH92vWjDzfZqhX7Dil9NFr8anCJ9T2YfPjA
FxwTQkX1dBEyzUD5TalASd1oeFIg/GDvILmkZjAq7O96+MOM9yt9DE8NaKze7JPq
g4x5sJ8sYsWpGTwSIgIqbXfbGRICLkR5Ot98wabkcQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:36 2025 by rpki-client