Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8AoEyYdYeSC0rlFmv-8astg9xnY.roa
File: 8AoEyYdYeSC0rlFmv-8astg9xnY.roa (raw, json)
Hash identifier: 9eBc/TB/6vYwQYOw0fx4fIakMXQ3NlFgi5Af6dPni7A=
Subject key identifier: F0:0A:04:C9:87:58:79:20:B4:AE:51:66:BF:EF:1A:B2:D8:3D:C6:76
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01986E922C51880249A90F67EA826B6E48A9
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8AoEyYdYeSC0rlFmv-8astg9xnY.roa
Signing time: Sun 03 Aug 2025 06:15:30 +0000
ROA not before: Sun 03 Aug 2025 06:15:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 31.57.196.0/24 maxlen: 24
31.57.238.0/24 maxlen: 24
31.58.169.0/24 maxlen: 24
31.59.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:6e:92:2c:51:88:02:49:a9:0f:67:ea:82:6b:6e:48:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 3 06:15:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f00a04c987587920b4ae5166bfef1ab2d83dc676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2d:d2:a9:ee:57:2d:05:c0:01:b4:fb:0c:31:
0a:44:c7:69:cd:06:65:82:ca:70:b4:49:32:af:2a:
86:20:ed:16:07:79:a2:bb:66:34:30:30:48:3c:51:
9c:ff:38:56:79:86:ba:9b:99:a6:e1:ce:3f:fe:fc:
07:44:5f:7c:3e:0a:a5:97:e8:36:d3:48:4b:0b:d4:
94:4e:1b:2d:9f:e1:c1:d5:f7:24:9b:30:8f:08:4b:
2a:ea:e1:33:da:18:d6:04:3a:57:e0:19:7c:40:ff:
26:50:f2:1d:95:d0:e6:13:ce:4a:85:7c:2a:93:ba:
a4:17:bd:77:d0:9c:a1:e2:e0:85:d7:d1:cc:07:25:
65:9c:89:68:da:02:36:f0:72:3e:ba:d9:71:a3:17:
43:2d:13:6c:32:c3:4c:2b:d9:09:79:3f:75:30:f7:
23:5d:ec:5d:c1:d4:38:a4:dc:b7:45:4f:83:0c:33:
43:12:4b:7d:49:d3:83:7f:d9:ae:1d:34:3a:81:b4:
59:16:e5:76:e0:99:c6:32:73:a4:d8:f3:00:ac:7a:
f0:75:ec:50:3b:17:ef:e0:92:a3:6d:3f:c2:79:bd:
8a:ca:66:f3:b9:a8:0a:6e:95:c1:2c:7f:a4:51:c2:
64:79:fa:b6:d9:7c:fe:61:e1:f4:82:0b:3f:05:67:
74:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:0A:04:C9:87:58:79:20:B4:AE:51:66:BF:EF:1A:B2:D8:3D:C6:76
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8AoEyYdYeSC0rlFmv-8astg9xnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.196.0/24
31.57.238.0/24
31.58.169.0/24
31.59.172.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:44:99:ee:fd:a4:ce:e9:08:57:4b:a5:17:d7:87:51:84:07:
d2:7b:04:b5:c6:84:0f:56:40:5b:aa:fc:9b:24:6d:1c:ce:11:
a8:fa:26:28:4e:92:b3:92:9e:80:b4:e0:c2:c1:b8:33:ea:18:
a0:2e:37:2f:3c:c4:40:35:79:9f:66:c6:4b:f8:8f:4a:25:eb:
50:a4:c8:64:61:d5:d1:97:84:35:b1:10:42:5d:09:0d:fa:b5:
78:25:ea:b9:09:24:1a:1e:16:c0:ec:8b:f0:bf:10:50:d6:aa:
dc:f4:82:98:d9:bc:b3:33:5c:ba:28:ab:af:38:27:60:f3:2c:
20:28:20:ce:d0:28:0e:a9:5c:db:8b:4c:ef:7c:41:2a:e3:57:
c7:a0:8b:35:5a:a3:e5:b5:17:f6:6e:1c:dd:85:e7:e3:76:3c:
3f:5b:f0:30:9a:36:d8:7a:8f:b6:1f:e5:c7:0d:cc:6f:16:8e:
f4:df:41:1a:62:76:e6:6c:ea:62:59:ad:69:12:e6:a9:35:b9:
c9:24:e9:8b:1d:d7:55:59:f7:61:4b:e1:b7:f0:98:9e:50:f7:
a0:e4:fa:9c:49:3d:a8:93:db:4f:08:24:13:f5:fd:38:59:5c:
70:d2:f1:8c:12:fe:98:00:09:76:f7:4f:92:11:38:99:3b:f6:
ab:f5:bf:53
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZhukixRiAJJqQ9n6oJrbkipMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwODAzMDYxNTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDBhMDRjOTg3NTg3OTIwYjRhZTUxNjZiZmVmMWFiMmQ4M2RjNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy3Sqe5XLQXAAbT7DDEKRMdpzQZl
gspwtEkyryqGIO0WB3miu2Y0MDBIPFGc/zhWeYa6m5mm4c4//vwHRF98Pgqll+g2
00hLC9SUThstn+HB1fckmzCPCEsq6uEz2hjWBDpX4Bl8QP8mUPIdldDmE85KhXwq
k7qkF7130Jyh4uCF19HMByVlnIlo2gI28HI+utlxoxdDLRNsMsNMK9kJeT91MPcj
XexdwdQ4pNy3RU+DDDNDEkt9SdODf9muHTQ6gbRZFuV24JnGMnOk2PMArHrwdexQ
Oxfv4JKjbT/Ceb2KymbzuagKbpXBLH+kUcJkefq22Xz+YeH0ggs/BWd0XwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPAKBMmHWHkgtK5RZr/vGrLYPcZ2MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOEFvRXlZZFllU0MwcmxGbXYtOGFzdGc5eG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHznEAwQA
HznuAwQAHzqpAwQAHzusMA0GCSqGSIb3DQEBCwUAA4IBAQBORJnu/aTO6QhXS6UX
14dRhAfSewS1xoQPVkBbqvybJG0czhGo+iYoTpKzkp6AtODCwbgz6higLjcvPMRA
NXmfZsZL+I9KJetQpMhkYdXRl4Q1sRBCXQkN+rV4Jeq5CSQaHhbA7IvwvxBQ1qrc
9IKY2byzM1y6KKuvOCdg8ywgKCDO0CgOqVzbi0zvfEEq41fHoIs1WqPltRf2bhzd
hefjdjw/W/AwmjbYeo+2H+XHDcxvFo7030EaYnbmbOpiWa1pEuapNbnJJOmLHddV
WfdhS+G38JieUPeg5PqcST2ok9tPCCQT9f04WVxw0vGMEv6YAAl290+SETiZO/ar
9b9T
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:17:17 2025 by rpki-client