Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9B7XluJcecENDTEkLovCxcNqSjQ.roa
File: 9B7XluJcecENDTEkLovCxcNqSjQ.roa (raw, json)
Hash identifier: xpwhxrWdFtevkd/iiYuNPcn3AUnS4Fx41UVq0FCqF+A=
Subject key identifier: F4:1E:D7:96:E2:5C:79:C1:0D:0D:31:24:2E:8B:C2:C5:C3:6A:4A:34
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0199B565F39AE4A6C0FBD7C6C69FFF8AA697
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9B7XluJcecENDTEkLovCxcNqSjQ.roa
Signing time: Sun 05 Oct 2025 17:23:01 +0000
ROA not before: Sun 05 Oct 2025 17:23:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 31.56.80.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.58.88.0/24 maxlen: 24
31.58.89.0/24 maxlen: 24
31.58.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b5:65:f3:9a:e4:a6:c0:fb:d7:c6:c6:9f:ff:8a:a6:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 5 17:23:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f41ed796e25c79c10d0d31242e8bc2c5c36a4a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:60:90:a2:b5:61:5f:98:72:10:14:b3:66:29:
25:43:0c:e7:12:28:29:f7:61:62:3c:57:c2:66:b9:
57:c3:4b:0d:2f:1b:4b:9d:8e:64:13:c7:2b:98:4a:
35:25:5b:9e:de:09:95:4c:07:75:6f:65:5e:63:d5:
dc:bb:4b:dd:b4:fb:9f:2a:f9:32:73:ff:0a:bd:67:
68:9f:1c:9e:77:18:de:b1:41:a0:cf:bb:1a:4a:d1:
e4:df:48:c7:2f:d0:2b:25:1b:e1:db:c7:54:cb:c3:
e0:0f:fb:45:76:d9:b6:e6:0c:62:8a:5b:4b:d8:11:
2a:e5:08:d5:ca:28:67:94:9f:47:eb:0e:ef:dd:9e:
19:f7:3d:0d:2b:20:e6:ba:04:24:1b:49:08:a5:ee:
ba:19:64:86:1e:51:13:88:5a:1e:49:24:7f:60:6b:
4a:21:25:b0:62:b2:28:5d:74:45:06:6d:f4:4b:85:
34:17:db:90:8a:4c:d9:c9:fc:52:30:52:bc:24:2b:
3f:ba:79:9b:f5:65:ec:e2:10:cd:5c:8d:f1:95:8b:
5c:ca:41:c9:ac:9f:90:41:96:56:91:1c:8d:88:2b:
a4:32:f8:e2:a1:7e:08:35:ad:e0:5f:f2:20:54:41:
d8:fb:17:83:43:f8:e7:d9:99:af:36:03:ca:f4:90:
b0:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:1E:D7:96:E2:5C:79:C1:0D:0D:31:24:2E:8B:C2:C5:C3:6A:4A:34
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9B7XluJcecENDTEkLovCxcNqSjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.80.0/24
31.56.84.0/24
31.58.88.0/23
31.58.131.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:17:0f:8d:71:50:95:ea:6c:e4:14:2f:eb:28:d8:81:55:bf:
2f:1c:f2:10:f2:48:26:0e:c9:72:31:c9:d1:9b:93:7a:b3:05:
45:41:51:ef:c3:78:eb:ca:eb:76:af:7a:9f:16:5a:99:13:6a:
03:e0:a9:e4:89:f8:39:1d:2c:2a:95:74:f1:d1:21:55:b1:56:
8a:72:55:e3:64:2c:16:23:93:c1:4b:7b:9e:66:c5:4c:7e:ec:
3f:bf:da:e5:11:05:d1:d0:6f:b8:17:ef:26:4f:de:0b:fc:b8:
10:8f:dc:09:c4:82:37:f1:b6:e9:fc:5b:38:f1:89:f9:3f:87:
79:49:5e:b0:47:5f:1c:22:6d:20:3f:d3:fe:ea:ec:16:a0:27:
7a:33:ec:35:a9:5a:38:c8:cc:4a:df:55:ec:88:ae:1a:aa:05:
1b:75:9b:e0:6d:51:b6:66:37:aa:c2:ab:b9:ee:92:15:68:41:
20:a3:b9:75:fd:47:f9:2d:94:e5:e7:65:30:8e:13:99:2d:4a:
47:cf:e2:50:9e:87:43:b9:0e:80:45:b9:45:b8:80:f9:eb:02:
40:ad:77:f7:05:a8:ea:58:5a:c1:f4:94:77:e4:82:b7:fc:c5:
2d:be:a6:21:75:06:d2:db:a8:e9:6e:f9:76:47:ec:51:bb:80:
d8:4b:75:c5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZm1ZfOa5KbA+9fGxp//iqaXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMDA1MTcyMzAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDFlZDc5NmUyNWM3OWMxMGQwZDMxMjQyZThiYzJjNWMzNmE0YTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomCQorVhX5hyEBSzZiklQwznEigp
92FiPFfCZrlXw0sNLxtLnY5kE8crmEo1JVue3gmVTAd1b2VeY9Xcu0vdtPufKvky
c/8KvWdonxyedxjesUGgz7saStHk30jHL9ArJRvh28dUy8PgD/tFdtm25gxiiltL
2BEq5QjVyihnlJ9H6w7v3Z4Z9z0NKyDmugQkG0kIpe66GWSGHlETiFoeSSR/YGtK
ISWwYrIoXXRFBm30S4U0F9uQikzZyfxSMFK8JCs/unmb9WXs4hDNXI3xlYtcykHJ
rJ+QQZZWkRyNiCukMvjioX4INa3gX/IgVEHY+xeDQ/jn2ZmvNgPK9JCwrwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPQe15biXHnBDQ0xJC6LwsXDako0MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOUI3WGx1SmNlY0VORFRFa0xvdkN4Y05xU2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzhQAwQA
HzhUAwQBHzpYAwQAHzqDMA0GCSqGSIb3DQEBCwUAA4IBAQAuFw+NcVCV6mzkFC/r
KNiBVb8vHPIQ8kgmDslyMcnRm5N6swVFQVHvw3jryut2r3qfFlqZE2oD4Knkifg5
HSwqlXTx0SFVsVaKclXjZCwWI5PBS3ueZsVMfuw/v9rlEQXR0G+4F+8mT94L/LgQ
j9wJxII38bbp/Fs48Yn5P4d5SV6wR18cIm0gP9P+6uwWoCd6M+w1qVo4yMxK31Xs
iK4aqgUbdZvgbVG2Zjeqwqu57pIVaEEgo7l1/Uf5LZTl52UwjhOZLUpHz+JQnodD
uQ6ARblFuID56wJArXf3BajqWFrB9JR35IK3/MUtvqYhdQbS26jpbvl2R+xRu4DY
S3XF
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:50:47 2025 by rpki-client