Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zwGZuY31wdhWP_XhFgx9M9CGL_g.roa
File: zwGZuY31wdhWP_XhFgx9M9CGL_g.roa (raw, json)
Hash identifier: wCHhLUbUXXDsuEoYWXlm+rC4suDaS5CUbFVcZtIToyQ=
Subject key identifier: CF:01:99:B9:8D:F5:C1:D8:56:3F:F5:E1:16:0C:7D:33:D0:86:2F:F8
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01999BAD8288510C2E4F363A90030E79DFE3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zwGZuY31wdhWP_XhFgx9M9CGL_g.roa
Signing time: Tue 30 Sep 2025 17:31:03 +0000
ROA not before: Tue 30 Sep 2025 17:31:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 31.56.49.0/24 maxlen: 24
31.56.103.0/24 maxlen: 24
31.56.156.0/24 maxlen: 24
31.56.210.0/24 maxlen: 24
31.56.212.0/24 maxlen: 24
31.56.223.0/24 maxlen: 24
31.56.234.0/24 maxlen: 24
31.56.235.0/24 maxlen: 24
31.57.35.0/24 maxlen: 24
31.57.121.0/24 maxlen: 24
31.57.129.0/24 maxlen: 24
31.57.132.0/24 maxlen: 24
31.57.142.0/24 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.191.0/24 maxlen: 24
31.57.206.0/24 maxlen: 24
31.57.225.0/24 maxlen: 24
31.58.33.0/24 maxlen: 24
31.58.90.0/24 maxlen: 24
31.58.157.0/24 maxlen: 24
31.58.160.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.168.0/24 maxlen: 24
31.58.224.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.58.231.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.108.0/24 maxlen: 24
31.59.109.0/24 maxlen: 24
31.59.110.0/24 maxlen: 24
31.59.171.0/24 maxlen: 24
31.59.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9b:ad:82:88:51:0c:2e:4f:36:3a:90:03:0e:79:df:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 30 17:31:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf0199b98df5c1d8563ff5e1160c7d33d0862ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4c:a3:5c:a2:e1:8f:69:7f:46:5b:7d:de:ed:
32:91:93:67:54:5e:59:6a:ec:ac:76:bd:ef:ab:f8:
7d:3e:ec:ab:54:ee:d8:d6:39:ca:0d:53:1c:9f:b3:
cc:b3:7c:6b:82:0a:4c:10:d0:12:d5:3e:02:bb:26:
01:73:89:0b:4d:c4:46:ac:e5:7f:cb:c6:2a:dc:ce:
0e:b8:01:fa:fe:9e:33:19:27:db:90:0b:66:2b:70:
fb:9a:61:d8:4d:dc:65:27:7b:80:ad:d5:d5:55:49:
de:bf:ce:b1:ac:40:dd:45:af:72:5a:e6:5e:c5:52:
69:12:12:de:b0:b2:a9:f8:f8:fe:ff:2e:05:b6:35:
83:23:2c:eb:ee:df:f8:7e:d5:0a:56:95:10:c9:69:
da:d6:aa:22:b4:6a:f2:9b:24:07:75:2b:78:56:1a:
43:45:39:0a:91:05:79:8e:3e:aa:24:80:58:22:e3:
2b:4b:cd:56:3c:ae:d4:c8:03:09:67:b8:ea:fe:bd:
56:a7:3d:6f:b1:60:c1:f1:a9:0a:0a:5b:56:63:79:
89:00:a9:cc:c6:84:3f:65:d4:17:3e:7c:3b:50:b7:
df:74:23:67:d3:34:ad:3d:b2:d2:0a:5d:2c:05:a4:
b1:d1:15:24:bf:c0:2b:36:3a:60:1d:32:9a:9d:78:
2c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:01:99:B9:8D:F5:C1:D8:56:3F:F5:E1:16:0C:7D:33:D0:86:2F:F8
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zwGZuY31wdhWP_XhFgx9M9CGL_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.49.0/24
31.56.103.0/24
31.56.156.0/24
31.56.210.0/24
31.56.212.0/24
31.56.223.0/24
31.56.234.0/23
31.57.35.0/24
31.57.121.0/24
31.57.129.0/24
31.57.132.0/24
31.57.142.0/24
31.57.151.0/24
31.57.191.0/24
31.57.206.0/24
31.57.225.0/24
31.58.33.0/24
31.58.90.0/24
31.58.157.0/24
31.58.160.0/24
31.58.163.0/24
31.58.168.0/24
31.58.224.0/24
31.58.230.0/23
31.59.57.0/24
31.59.108.0-31.59.110.255
31.59.171.0/24
31.59.236.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:05:64:47:77:b9:9c:36:13:96:68:c1:d0:c9:63:90:98:a5:
f3:ca:fe:58:1d:29:28:29:37:5e:16:b3:2a:48:80:4e:b0:9c:
c7:34:d7:bb:dd:76:7e:2b:e5:78:f1:f9:eb:00:ee:db:63:df:
b8:86:58:cb:9a:93:a2:37:5e:af:91:ca:7a:65:04:63:e7:1b:
0c:21:6d:4f:4a:65:41:68:db:22:82:33:34:94:1f:93:8d:fb:
0e:03:0c:15:c7:9f:d5:09:d6:c3:c6:e7:08:1b:91:9b:5c:ba:
2a:0e:16:25:90:f1:c1:81:93:39:f6:55:d5:7b:53:f8:c9:54:
0a:eb:b5:59:d5:16:c7:a5:df:8c:d5:b5:75:16:1c:f5:fe:a2:
58:b7:67:4c:9f:4f:07:b3:8a:55:a9:67:9b:ad:ab:9b:22:32:
ba:ad:d2:a4:ac:24:e2:ab:cf:06:a7:09:4e:7d:60:0f:cc:25:
44:91:c3:0c:c8:4c:63:d2:3b:20:88:b7:bc:19:cd:bc:06:ec:
8a:48:05:62:38:eb:27:9f:c8:d0:86:b1:bb:90:c1:be:12:c2:
b2:77:66:00:be:89:32:e1:00:23:9c:8d:d4:87:d5:8d:8f:b3:
ef:f5:66:17:a7:eb:53:27:cd:30:58:87:cf:7e:e2:c9:97:b6:
f4:a6:cb:ab
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZmbrYKIUQwuTzY6kAMOed/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwOTMwMTczMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjAxOTliOThkZjVjMWQ4NTYzZmY1ZTExNjBjN2QzM2QwODYyZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kyjXKLhj2l/Rlt93u0ykZNnVF5Z
auysdr3vq/h9PuyrVO7Y1jnKDVMcn7PMs3xrggpMENAS1T4CuyYBc4kLTcRGrOV/
y8Yq3M4OuAH6/p4zGSfbkAtmK3D7mmHYTdxlJ3uArdXVVUnev86xrEDdRa9yWuZe
xVJpEhLesLKp+Pj+/y4FtjWDIyzr7t/4ftUKVpUQyWna1qoitGrymyQHdSt4VhpD
RTkKkQV5jj6qJIBYIuMrS81WPK7UyAMJZ7jq/r1Wpz1vsWDB8akKCltWY3mJAKnM
xoQ/ZdQXPnw7ULffdCNn0zStPbLSCl0sBaSx0RUkv8ArNjpgHTKanXgs+wIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFM8BmbmN9cHYVj/14RYMfTPQhi/4MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvendHWnVZMzF3ZGhXUF9YaEZneDlNOUNHTF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAf
ODEDBAAfOGcDBAAfOJwDBAAfONIDBAAfONQDBAAfON8DBAEfOOoDBAAfOSMDBAAf
OXkDBAAfOYEDBAAfOYQDBAAfOY4DBAAfOZcDBAAfOb8DBAAfOc4DBAAfOeEDBAAf
OiEDBAAfOloDBAAfOp0DBAAfOqADBAAfOqMDBAAfOqgDBAAfOuADBAEfOuYDBAAf
OzkwDAMEAh87bAMEAB87bgMEAB87qwMEAh877DANBgkqhkiG9w0BAQsFAAOCAQEA
rQVkR3e5nDYTlmjB0MljkJil88r+WB0pKCk3XhazKkiATrCcxzTXu912fivlePH5
6wDu22PfuIZYy5qTojder5HKemUEY+cbDCFtT0plQWjbIoIzNJQfk437DgMMFcef
1QnWw8bnCBuRm1y6Kg4WJZDxwYGTOfZV1XtT+MlUCuu1WdUWx6XfjNW1dRYc9f6i
WLdnTJ9PB7OKValnm62rmyIyuq3SpKwk4qvPBqcJTn1gD8wlRJHDDMhMY9I7IIi3
vBnNvAbsikgFYjjrJ5/I0Iaxu5DBvhLCsndmAL6JMuEAI5yN1IfVjY+z7/VmF6fr
UyfNMFiHz37iyZe29KbLqw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:29:09 2025 by rpki-client