Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8aeZNRG3FcIh58yIsZhoMfWuTXg.roa
File: 8aeZNRG3FcIh58yIsZhoMfWuTXg.roa (raw, json)
Hash identifier: aeMBjz/8eE3mRzqMzZP4FDpWIY+Xr2OyBf1eHCRKI1I=
Subject key identifier: F1:A7:99:35:11:B7:15:C2:21:E7:CC:88:B1:98:68:31:F5:AE:4D:78
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0199C4035BBFB462C7A3A752D81F0EB8A96A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8aeZNRG3FcIh58yIsZhoMfWuTXg.roa
Signing time: Wed 08 Oct 2025 13:29:38 +0000
ROA not before: Wed 08 Oct 2025 13:29:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204104
IP address blocks: 31.58.237.0/24 maxlen: 24
94.183.150.0/24 maxlen: 24
94.183.162.0/24 maxlen: 24
94.183.169.0/24 maxlen: 24
94.183.180.0/24 maxlen: 24
217.60.199.0/24 maxlen: 24
217.60.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c4:03:5b:bf:b4:62:c7:a3:a7:52:d8:1f:0e:b8:a9:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 8 13:29:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1a7993511b715c221e7cc88b1986831f5ae4d78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1f:51:68:61:ff:ee:fa:5c:a4:2c:a0:ed:5c:
c5:b8:bf:b3:16:09:db:69:d6:4e:58:c8:6c:82:ec:
d3:b5:6e:95:e5:6d:1f:57:cc:bb:87:7f:1c:55:a4:
a7:45:a9:b4:62:5c:c9:3e:55:76:ed:d4:84:12:e1:
36:c7:a3:4e:a9:20:12:54:ef:f9:b4:07:5b:f9:0a:
13:db:4d:e0:0c:8c:20:d4:20:13:83:4c:0b:17:60:
86:12:49:47:84:0e:55:b2:38:5a:f8:f4:a1:20:1d:
ea:a3:80:a7:b1:af:47:e0:ae:62:82:69:a6:59:13:
d9:b2:9d:7a:40:f6:4f:55:92:8c:54:6b:be:d3:36:
1d:4e:26:ea:71:28:0f:75:d8:a7:65:47:ba:cd:59:
60:97:a4:39:7b:23:88:a4:17:93:b9:65:95:6c:bd:
fe:f5:82:b0:96:61:ca:60:e6:79:12:d2:b2:61:51:
f5:47:40:25:17:7f:15:cd:70:2b:10:c3:f7:e3:08:
14:15:59:ab:70:82:77:d6:11:86:81:11:b0:73:9e:
5c:76:6c:0f:d4:67:f8:cb:99:38:54:84:7e:79:db:
ff:f0:e9:2f:1e:3a:04:52:94:5c:b3:29:00:c0:37:
5f:df:4f:28:3d:e5:3f:2a:88:7e:97:37:16:0a:dd:
e5:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A7:99:35:11:B7:15:C2:21:E7:CC:88:B1:98:68:31:F5:AE:4D:78
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8aeZNRG3FcIh58yIsZhoMfWuTXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.237.0/24
94.183.150.0/24
94.183.162.0/24
94.183.169.0/24
94.183.180.0/24
217.60.199.0/24
217.60.238.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:69:7a:c4:8a:9e:2f:13:a1:eb:80:54:67:b9:5c:3b:12:e5:
95:01:89:97:16:1c:10:cf:70:89:64:63:40:62:65:89:59:21:
3d:29:2c:03:61:55:09:40:09:2f:2b:ea:cf:3b:c6:77:f2:64:
37:a3:1b:18:b1:2f:68:b0:d4:d8:66:5c:e7:21:f9:85:7f:f7:
99:ac:bf:3c:ef:ea:b8:eb:01:bd:c3:c9:91:bb:f7:88:65:88:
9b:0b:bb:3c:3c:b7:f8:c9:34:20:5e:e6:52:aa:3b:2f:05:ff:
ca:48:c1:f1:ca:81:7c:91:50:32:87:15:55:bf:72:05:2f:2b:
07:63:4a:10:0a:57:22:64:fa:be:0c:1d:38:58:a3:4d:7e:4f:
df:be:86:6e:9e:1d:cf:99:65:ee:d1:a3:db:ae:cf:6d:d5:87:
10:3b:fe:db:55:70:11:a3:58:38:a2:53:aa:88:c3:9b:f0:30:
9c:df:f8:c8:58:d6:72:71:4c:15:2e:13:90:31:15:15:2b:f5:
7a:71:ee:e2:eb:04:26:1a:3d:f5:a4:c6:0a:76:2c:87:4b:52:
bf:1f:e0:74:01:56:d2:8f:92:16:8c:3b:a8:18:98:a8:52:a9:
32:ce:31:65:d1:ec:fa:c0:df:df:a9:5b:0f:02:8a:53:26:c7:
2d:ce:8e:ae
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZnEA1u/tGLHo6dS2B8OuKlqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMDA4MTMyOTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWE3OTkzNTExYjcxNWMyMjFlN2NjODhiMTk4NjgzMWY1YWU0ZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyx9RaGH/7vpcpCyg7VzFuL+zFgnb
adZOWMhsguzTtW6V5W0fV8y7h38cVaSnRam0YlzJPlV27dSEEuE2x6NOqSASVO/5
tAdb+QoT203gDIwg1CATg0wLF2CGEklHhA5Vsjha+PShIB3qo4Cnsa9H4K5igmmm
WRPZsp16QPZPVZKMVGu+0zYdTibqcSgPddinZUe6zVlgl6Q5eyOIpBeTuWWVbL3+
9YKwlmHKYOZ5EtKyYVH1R0AlF38VzXArEMP34wgUFVmrcIJ31hGGgRGwc55cdmwP
1Gf4y5k4VIR+edv/8OkvHjoEUpRcsykAwDdf308oPeU/Koh+lzcWCt3lKwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPGnmTURtxXCIefMiLGYaDH1rk14MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOGFlWk5SRzNGY0loNTh5SXNaaG9NZld1VFhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAHzrtAwQA
XreWAwQAXreiAwQAXrepAwQAXre0AwQA2TzHAwQA2TzuMA0GCSqGSIb3DQEBCwUA
A4IBAQCfaXrEip4vE6HrgFRnuVw7EuWVAYmXFhwQz3CJZGNAYmWJWSE9KSwDYVUJ
QAkvK+rPO8Z38mQ3oxsYsS9osNTYZlznIfmFf/eZrL887+q46wG9w8mRu/eIZYib
C7s8PLf4yTQgXuZSqjsvBf/KSMHxyoF8kVAyhxVVv3IFLysHY0oQClciZPq+DB04
WKNNfk/fvoZunh3PmWXu0aPbrs9t1YcQO/7bVXARo1g4olOqiMOb8DCc3/jIWNZy
cUwVLhOQMRUVK/V6ce7i6wQmGj31pMYKdiyHS1K/H+B0AVbSj5IWjDuoGJioUqky
zjFl0ez6wN/fqVsPAopTJsctzo6u
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:51 2025 by rpki-client