Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-ptCLq5jt_7IBPNkCKeVqyi82A0.roa
File: 1-ptCLq5jt_7IBPNkCKeVqyi82A0.roa (raw, json)
Hash identifier: YVc+Jzuu7OkQai+7DyO6jCtz1AENOsvlKe0OEigJa9k=
Subject key identifier: FA:9B:42:2E:AE:63:B7:FE:C8:04:F3:64:08:A7:95:AB:28:BC:D8:0D
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01987EE1E4D15279881919CE9540FC796D8B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-ptCLq5jt_7IBPNkCKeVqyi82A0.roa
Signing time: Wed 06 Aug 2025 10:16:29 +0000
ROA not before: Wed 06 Aug 2025 10:16:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205463
IP address blocks: 31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7e:e1:e4:d1:52:79:88:19:19:ce:95:40:fc:79:6d:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 6 10:16:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa9b422eae63b7fec804f36408a795ab28bcd80d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bd:b3:f9:44:68:8c:00:13:bb:74:d5:9a:b6:
dc:06:1a:04:48:a7:79:8b:ed:ae:e4:54:58:a0:b5:
66:b6:b7:8e:a3:e5:52:33:22:78:28:b0:67:ef:ce:
35:ce:5d:fb:11:66:66:7d:88:9a:19:c6:75:32:7b:
da:4e:4e:aa:22:ed:9e:1f:17:df:ae:4a:83:8c:f0:
a8:fe:76:18:2b:ac:91:c7:c9:91:52:2f:e7:c9:c7:
e6:ef:39:71:29:df:76:57:3a:ac:04:d1:e8:4d:9d:
cc:23:f3:20:fd:51:94:57:90:92:8a:69:12:18:93:
80:97:40:5d:c2:7b:2a:4b:21:ce:c9:f6:ed:21:a6:
f9:33:a7:4e:6c:f1:aa:ab:d6:32:99:aa:94:ff:91:
1f:10:9c:fd:a8:db:97:1d:37:94:4d:a6:cf:c4:03:
9e:34:6d:28:f5:bc:d1:b2:1c:b1:e1:a0:21:da:48:
0a:db:c7:36:e6:d1:6b:93:a9:2f:9e:46:93:9e:48:
dd:8e:06:f3:f9:ed:cd:60:96:2a:57:bc:09:7b:5b:
36:16:c4:ff:b7:0b:94:d8:85:75:63:4a:5f:51:75:
06:b7:ac:e7:a1:ad:53:42:4f:89:fe:85:1f:9e:f0:
8f:50:96:e8:10:17:9c:6e:84:61:b2:01:ad:ae:ea:
3e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:9B:42:2E:AE:63:B7:FE:C8:04:F3:64:08:A7:95:AB:28:BC:D8:0D
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-ptCLq5jt_7IBPNkCKeVqyi82A0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.244.0/23
31.58.249.0-31.58.251.255
Signature Algorithm: sha256WithRSAEncryption
43:93:b3:a5:f6:39:8a:c0:6a:55:58:20:e8:ea:26:23:6e:c1:
8e:c5:88:74:18:c2:0b:2c:c4:1c:18:ac:02:7c:49:ac:8a:64:
ec:4e:e0:29:ab:60:19:41:9f:1b:02:56:76:b3:48:7e:a8:a9:
95:78:0b:f8:7e:f8:39:c3:de:6c:d2:45:d2:0c:e5:c6:59:0c:
81:4e:b3:45:40:0a:ac:35:79:8b:98:09:c0:03:1b:b6:c1:fd:
01:65:30:1a:35:ad:e1:08:8f:4c:bb:1a:11:b7:c9:53:bc:01:
1b:02:e5:d4:60:51:1d:ef:ff:65:31:b3:cf:84:e4:e6:e4:2e:
52:d0:3e:d2:4a:f8:a7:e0:19:05:d2:8e:5b:62:c9:e6:4d:f9:
81:44:63:f8:0a:9c:f7:8b:e6:70:49:03:53:09:74:76:2d:c8:
75:8a:f5:42:a4:e6:c0:17:fc:e9:96:ff:36:57:f0:cb:53:20:
d9:31:21:00:09:52:e3:df:b6:6e:c1:37:ae:b6:32:61:02:9b:
e9:32:48:15:6a:43:50:4c:fe:cd:52:62:4e:c6:41:7f:31:5e:
4e:20:5f:70:4d:ca:6b:f2:0b:a0:d8:9d:fe:b3:a5:69:02:c8:
db:a1:d3:59:1b:07:81:60:8c:b7:04:c7:99:48:0e:8e:10:d2:
8f:1d:5d:c8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZh+4eTRUnmIGRnOlUD8eW2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwODA2MTAxNjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTliNDIyZWFlNjNiN2ZlYzgwNGYzNjQwOGE3OTVhYjI4YmNkODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuL2z+URojAATu3TVmrbcBhoESKd5
i+2u5FRYoLVmtreOo+VSMyJ4KLBn7841zl37EWZmfYiaGcZ1MnvaTk6qIu2eHxff
rkqDjPCo/nYYK6yRx8mRUi/nycfm7zlxKd92VzqsBNHoTZ3MI/Mg/VGUV5CSimkS
GJOAl0BdwnsqSyHOyfbtIab5M6dObPGqq9YymaqU/5EfEJz9qNuXHTeUTabPxAOe
NG0o9bzRshyx4aAh2kgK28c25tFrk6kvnkaTnkjdjgbz+e3NYJYqV7wJe1s2FsT/
twuU2IV1Y0pfUXUGt6znoa1TQk+J/oUfnvCPUJboEBecboRhsgGtruo+ZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPqbQi6uY7f+yATzZAinlasovNgNMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMS1wdENMcTVqdF83SUJQTmtDS2VWcXlpODJBMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTIvNTExZjk1LWU0YmYtNDNmMS1hZjJmLWI4MTFjZmNiOWZk
NS8xL1R4c0pYNnRuWXp3Qko5WWY5b1Y0Wk9wckpjVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAR869DAM
AwQAHzr5AwQCHzr4MA0GCSqGSIb3DQEBCwUAA4IBAQBDk7Ol9jmKwGpVWCDo6iYj
bsGOxYh0GMILLMQcGKwCfEmsimTsTuApq2AZQZ8bAlZ2s0h+qKmVeAv4fvg5w95s
0kXSDOXGWQyBTrNFQAqsNXmLmAnAAxu2wf0BZTAaNa3hCI9MuxoRt8lTvAEbAuXU
YFEd7/9lMbPPhOTm5C5S0D7SSvin4BkF0o5bYsnmTfmBRGP4Cpz3i+ZwSQNTCXR2
Lch1ivVCpObAF/zplv82V/DLUyDZMSEACVLj37ZuwTeutjJhApvpMkgVakNQTP7N
UmJOxkF/MV5OIF9wTcpr8gug2J3+s6VpAsjbodNZGweBYIy3BMeZSA6OENKPHV3I
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:46:05 2025 by rpki-client