Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2UcpNxxK11dAKwZbl4jeuGtaWbs.roa
File: 2UcpNxxK11dAKwZbl4jeuGtaWbs.roa (raw, json)
Hash identifier: Isl3jFbbYlEoc46FyHPH5+1fCue1XLexQk+C/iawHGM=
Subject key identifier: D9:47:29:37:1C:4A:D7:57:40:2B:06:5B:97:88:DE:B8:6B:5A:59:BB
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0199F22628635FD3ACB30B1E4268B9E57951
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2UcpNxxK11dAKwZbl4jeuGtaWbs.roa
Signing time: Fri 17 Oct 2025 12:30:10 +0000
ROA not before: Fri 17 Oct 2025 12:30:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205886
IP address blocks: 31.56.231.0/24 maxlen: 24
31.57.31.0/24 maxlen: 24
31.57.249.0/24 maxlen: 24
31.58.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f2:26:28:63:5f:d3:ac:b3:0b:1e:42:68:b9:e5:79:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 17 12:30:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d94729371c4ad757402b065b9788deb86b5a59bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7a:65:ca:f5:b1:39:78:48:8d:80:6c:51:61:
82:0b:bc:bd:e0:f9:65:0f:4c:bf:29:88:90:2c:7b:
ba:97:3a:58:89:58:b2:82:d5:70:f6:40:32:93:22:
88:47:bd:1a:6e:c8:7f:8e:37:c3:56:47:a3:4e:ec:
43:b0:c8:f6:8b:5f:6c:0f:56:d0:f5:b6:a5:8b:97:
8e:42:f0:f9:77:8f:35:8d:9e:07:ce:3b:19:43:31:
43:99:3d:c3:a8:b6:ad:52:b5:92:b6:92:75:91:04:
0d:dd:54:fd:af:a9:0c:72:45:3c:29:1c:bd:22:1c:
d1:df:f8:93:9c:ec:e4:c8:6d:94:b9:6f:52:6d:3f:
2f:79:7d:e1:60:2e:a8:84:3c:9d:e8:93:0e:1b:ba:
75:c7:3b:10:73:da:b5:de:e4:8c:e8:ea:4b:6a:38:
91:0d:50:0e:09:c1:cd:fa:9e:d6:21:41:b2:35:46:
04:e1:d8:69:22:8f:58:5b:51:90:39:ea:4d:e6:7c:
3c:3b:23:b2:5e:e4:b6:ea:af:ea:b1:e2:70:3f:31:
6b:26:89:db:7f:2a:0d:f3:26:1d:86:42:84:ab:17:
05:c7:66:7c:00:06:87:69:50:e1:ad:49:51:ea:6d:
bf:43:9b:51:64:27:e4:e2:10:b0:3d:00:98:5a:19:
7b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:47:29:37:1C:4A:D7:57:40:2B:06:5B:97:88:DE:B8:6B:5A:59:BB
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2UcpNxxK11dAKwZbl4jeuGtaWbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.231.0/24
31.57.31.0/24
31.57.249.0/24
31.58.213.0/24
Signature Algorithm: sha256WithRSAEncryption
66:50:54:2c:a9:e1:a7:19:b1:3b:85:e7:c7:36:90:af:aa:3d:
c9:bd:11:2d:4d:ba:86:3d:15:bb:34:5d:31:a5:25:2a:3c:58:
eb:7a:20:9e:53:d0:d7:cf:5d:22:5c:87:36:74:0e:0a:a6:fe:
bf:a5:87:a2:e5:09:b7:70:32:f8:db:fe:e0:a2:7e:7b:63:ad:
a1:2d:47:08:80:35:5c:aa:69:92:78:83:93:2c:a3:6e:9d:88:
5e:db:33:16:ab:89:7e:63:28:0f:4f:9b:42:a3:40:fe:7d:a8:
cf:6a:55:11:a1:ef:2e:53:36:ae:89:a1:62:8c:ab:8a:2c:52:
4e:78:ed:ad:51:0f:de:00:9a:97:5a:5f:06:32:9e:a9:a8:55:
0b:3a:29:fd:83:c2:1e:69:4c:83:36:40:d5:75:e6:08:f8:86:
2d:86:2c:37:53:50:fe:1d:12:28:92:5d:38:a1:35:bc:b7:1e:
14:f0:f4:28:04:86:6d:1a:f0:64:27:77:e0:ff:4d:c8:04:34:
7a:b8:75:00:d2:c9:65:bb:46:93:3c:a3:82:b0:b2:cf:de:da:
dd:68:e9:8f:f8:f0:97:04:be:aa:7f:20:0c:55:90:d2:de:57:
34:b3:25:b5:b6:89:79:c4:d9:b9:dc:5b:0c:99:a8:00:a0:88:
c2:b1:62:1c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZnyJihjX9OsswseQmi55XlRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMDE3MTIzMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTQ3MjkzNzFjNGFkNzU3NDAyYjA2NWI5Nzg4ZGViODZiNWE1OWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3plyvWxOXhIjYBsUWGCC7y94Pll
D0y/KYiQLHu6lzpYiViygtVw9kAykyKIR70absh/jjfDVkejTuxDsMj2i19sD1bQ
9bali5eOQvD5d481jZ4HzjsZQzFDmT3DqLatUrWStpJ1kQQN3VT9r6kMckU8KRy9
IhzR3/iTnOzkyG2UuW9SbT8veX3hYC6ohDyd6JMOG7p1xzsQc9q13uSM6OpLajiR
DVAOCcHN+p7WIUGyNUYE4dhpIo9YW1GQOepN5nw8OyOyXuS26q/qseJwPzFrJonb
fyoN8yYdhkKEqxcFx2Z8AAaHaVDhrUlR6m2/Q5tRZCfk4hCwPQCYWhl7iQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNlHKTccStdXQCsGW5eI3rhrWlm7MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMlVjcE54eEsxMWRBS3daYmw0amV1R3RhV2JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzjnAwQA
HzkfAwQAHzn5AwQAHzrVMA0GCSqGSIb3DQEBCwUAA4IBAQBmUFQsqeGnGbE7hefH
NpCvqj3JvREtTbqGPRW7NF0xpSUqPFjreiCeU9DXz10iXIc2dA4Kpv6/pYei5Qm3
cDL42/7gon57Y62hLUcIgDVcqmmSeIOTLKNunYhe2zMWq4l+YygPT5tCo0D+fajP
alURoe8uUzauiaFijKuKLFJOeO2tUQ/eAJqXWl8GMp6pqFULOin9g8IeaUyDNkDV
deYI+IYthiw3U1D+HRIokl04oTW8tx4U8PQoBIZtGvBkJ3fg/03IBDR6uHUA0sll
u0aTPKOCsLLP3trdaOmP+PCXBL6qfyAMVZDS3lc0syW1tol5xNm53FsMmagAoIjC
sWIc
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:11 2025 by rpki-client