Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9OGNg-KoViRsm3ya07q3isDWMR4.roa
File: 9OGNg-KoViRsm3ya07q3isDWMR4.roa (raw, json)
Hash identifier: vqU5tr/5n0NdQMnXdd4w26GqW5Pofxg3lQ5mvmWck0E=
Subject key identifier: F4:E1:8D:83:E2:A8:56:24:6C:9B:7C:9A:D3:BA:B7:8A:C0:D6:31:1E
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019972AD4D189CF9E33F2CF70EE521F45B50
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9OGNg-KoViRsm3ya07q3isDWMR4.roa
Signing time: Mon 22 Sep 2025 18:26:24 +0000
ROA not before: Mon 22 Sep 2025 18:26:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 31.56.84.0/24 maxlen: 24
31.56.91.0/24 maxlen: 24
31.57.104.0/24 maxlen: 24
31.58.88.0/24 maxlen: 24
31.58.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:72:ad:4d:18:9c:f9:e3:3f:2c:f7:0e:e5:21:f4:5b:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 22 18:26:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4e18d83e2a856246c9b7c9ad3bab78ac0d6311e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2d:b8:25:cc:74:72:b0:0f:2a:45:31:b4:01:
ff:c6:93:7f:9c:bf:0a:65:00:7f:8d:24:10:23:c7:
25:f2:ff:ce:6b:cf:14:56:09:6a:61:e4:98:11:a9:
41:52:c6:8d:f3:c7:50:9b:c1:d3:7f:84:62:9e:74:
b6:7e:82:7a:26:87:eb:01:13:7d:58:8a:6c:ad:64:
a3:cc:a4:9d:e3:71:88:bc:f1:8a:16:ec:07:a2:1d:
80:e0:4c:77:c4:35:33:64:88:e0:ab:16:97:67:4d:
11:5f:66:bd:d6:5e:d8:71:6a:da:9a:c2:43:67:9c:
b7:cb:20:96:f1:8c:77:cd:db:ae:34:ee:f7:37:63:
3f:a3:6c:13:72:9c:84:ea:d5:22:3d:e6:af:80:c0:
e7:b0:ee:06:91:a7:87:f7:4e:d6:96:73:77:e2:29:
1c:00:04:ea:37:ef:36:40:4d:71:e5:41:9e:b0:cb:
6c:99:e6:33:1f:2a:f5:69:35:d7:0a:20:f2:91:77:
a4:e8:bd:79:40:ba:20:ae:a7:30:65:f9:6a:f2:83:
2c:e3:8b:01:1e:fd:e2:b3:ea:7c:a3:ed:92:32:81:
85:02:f1:e0:96:6d:d4:38:19:29:1d:b4:08:64:b3:
06:c2:99:e5:b7:5f:c3:6c:79:db:98:28:c0:7e:bd:
e2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:E1:8D:83:E2:A8:56:24:6C:9B:7C:9A:D3:BA:B7:8A:C0:D6:31:1E
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9OGNg-KoViRsm3ya07q3isDWMR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.84.0/24
31.56.91.0/24
31.57.104.0/24
31.58.88.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:6e:fe:fb:5b:3b:64:6c:e8:6a:5b:e6:4f:5d:a4:5e:c5:aa:
de:91:4a:2c:8e:68:89:94:aa:1f:3c:cb:a9:2b:dc:00:eb:72:
01:bc:cf:65:e5:d1:21:06:a9:4e:1e:d1:ee:74:f8:17:57:1a:
69:e4:84:0c:39:5b:d1:3a:4b:d4:3c:c9:ee:0d:bf:e2:ac:19:
de:32:0b:c6:59:5d:05:83:45:65:cb:f2:70:e5:b9:43:fd:3e:
f2:e1:bd:e6:4b:96:3c:0b:a1:39:76:60:ce:88:50:39:d3:f2:
bb:6f:64:48:61:3e:57:b9:7a:3d:32:91:69:ce:5e:49:8d:43:
c0:3b:03:7e:12:c5:44:49:51:fc:ec:8e:1a:61:4a:94:c9:85:
c3:3d:45:36:51:b3:64:74:c9:fb:4c:58:fb:ef:ff:bb:0f:99:
73:8c:9b:76:e9:ac:d6:32:5c:96:9c:d2:1f:11:65:86:7c:16:
76:02:73:06:f3:3d:f7:c8:1a:d1:97:69:83:34:0f:d1:e6:2b:
5e:de:0a:dc:2f:51:f7:64:17:6f:b6:bc:b2:f2:5c:cc:89:a7:
8c:67:ab:2c:8f:bf:b3:df:b2:1d:30:1e:18:49:37:e1:fb:5e:
de:d7:68:89:0f:0b:5f:12:ec:53:3c:1d:bf:1f:a7:63:c3:fd:
b4:d2:62:88
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZlyrU0YnPnjPyz3DuUh9FtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwOTIyMTgyNjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGUxOGQ4M2UyYTg1NjI0NmM5YjdjOWFkM2JhYjc4YWMwZDYzMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti24Jcx0crAPKkUxtAH/xpN/nL8K
ZQB/jSQQI8cl8v/Oa88UVglqYeSYEalBUsaN88dQm8HTf4RinnS2foJ6JofrARN9
WIpsrWSjzKSd43GIvPGKFuwHoh2A4Ex3xDUzZIjgqxaXZ00RX2a91l7YcWramsJD
Z5y3yyCW8Yx3zduuNO73N2M/o2wTcpyE6tUiPeavgMDnsO4GkaeH907WlnN34ikc
AATqN+82QE1x5UGesMtsmeYzHyr1aTXXCiDykXek6L15QLogrqcwZflq8oMs44sB
Hv3is+p8o+2SMoGFAvHglm3UOBkpHbQIZLMGwpnlt1/DbHnbmCjAfr3iMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPThjYPiqFYkbJt8mtO6t4rA1jEeMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOU9HTmctS29WaVJzbTN5YTA3cTNpc0RXTVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzhUAwQA
HzhbAwQAHzloAwQBHzpYMA0GCSqGSIb3DQEBCwUAA4IBAQBebv77WztkbOhqW+ZP
XaRexarekUosjmiJlKofPMupK9wA63IBvM9l5dEhBqlOHtHudPgXVxpp5IQMOVvR
OkvUPMnuDb/irBneMgvGWV0Fg0Vly/Jw5blD/T7y4b3mS5Y8C6E5dmDOiFA50/K7
b2RIYT5XuXo9MpFpzl5JjUPAOwN+EsVESVH87I4aYUqUyYXDPUU2UbNkdMn7TFj7
7/+7D5lzjJt26azWMlyWnNIfEWWGfBZ2AnMG8z33yBrRl2mDNA/R5ite3grcL1H3
ZBdvtryy8lzMiaeMZ6ssj7+z37IdMB4YSTfh+17e12iJDwtfEuxTPB2/H6djw/20
0mKI
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:35 2025 by rpki-client