Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9ZPtZC9d1E389kxOWuaKNo57dL0.roa
File: 9ZPtZC9d1E389kxOWuaKNo57dL0.roa (raw, json)
Hash identifier: BDvIleUCSAX8rnCAc7HLPvGLwQ5ECWego5jBvPdIuOQ=
Subject key identifier: F5:93:ED:64:2F:5D:D4:4D:FC:F6:4C:4E:5A:E6:8A:36:8E:7B:74:BD
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01973A29A8DEFBC0595AC231AF7554623EC5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9ZPtZC9d1E389kxOWuaKNo57dL0.roa
Signing time: Wed 04 Jun 2025 08:58:18 +0000
ROA not before: Wed 04 Jun 2025 08:58:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 31.56.33.0/24 maxlen: 24
31.56.160.0/21 maxlen: 24
31.57.202.0/24 maxlen: 24
31.57.203.0/24 maxlen: 24
31.59.116.0/22 maxlen: 24
217.60.0.0/21 maxlen: 24
217.60.12.0/22 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:29:a8:de:fb:c0:59:5a:c2:31:af:75:54:62:3e:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 4 08:58:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f593ed642f5dd44dfcf64c4e5ae68a368e7b74bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:2d:f9:be:3c:3e:96:8d:ee:92:55:78:a5:14:
d3:2d:3a:19:f1:26:b5:9e:56:48:5e:d4:00:22:d4:
05:5b:ce:80:53:38:0c:54:cb:8e:2f:e0:ae:bf:b4:
7a:d1:75:5a:24:47:62:a6:b1:33:62:c9:62:b4:fe:
56:8c:ea:0f:ba:2e:f8:f9:cb:a4:1b:5b:83:36:10:
c7:31:9d:95:ce:74:cc:5b:de:64:ed:4a:e9:08:1e:
2c:08:f6:01:ef:72:be:d0:8d:2f:cb:c4:5c:4b:f5:
5e:04:06:b4:86:b3:56:95:58:05:28:e1:1b:e9:6b:
7d:dc:97:54:1b:08:3b:fd:12:37:d5:1e:c7:a4:b7:
ee:72:10:20:5f:fb:ec:8b:01:13:ef:6c:a4:15:36:
a3:40:f7:50:c6:ae:5a:ae:50:44:b2:8f:65:a9:2d:
94:00:7e:10:8e:87:d1:02:e3:9c:7f:00:a1:8f:6c:
9f:8c:9b:bd:f9:f0:d9:4f:b2:84:ba:c9:57:89:a8:
7b:a0:d4:93:8b:6a:b9:63:44:67:32:c5:5e:23:95:
18:8d:a9:5c:76:0e:57:bf:e5:b8:4a:07:2e:a8:74:
81:69:c5:ed:72:96:50:44:cd:78:be:a5:35:0a:44:
f5:41:98:ad:ac:10:ae:17:af:f1:a6:dc:a8:f2:12:
f0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:93:ED:64:2F:5D:D4:4D:FC:F6:4C:4E:5A:E6:8A:36:8E:7B:74:BD
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9ZPtZC9d1E389kxOWuaKNo57dL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.33.0/24
31.56.160.0/21
31.57.202.0/23
31.59.116.0/22
217.60.0.0/21
217.60.12.0/22
217.60.24.0/22
217.60.60.0/22
Signature Algorithm: sha256WithRSAEncryption
85:67:a8:ab:4a:23:14:56:47:bc:06:86:7f:46:ef:a4:ee:d9:
86:b9:ca:ce:fd:2b:e1:86:1b:c9:5c:c1:b1:12:71:1c:58:0c:
28:b6:14:dd:db:6b:24:b6:8e:78:47:9c:a8:a9:81:e7:f8:98:
ad:41:32:ff:08:4c:7f:0b:c6:fb:4c:29:e2:a6:9f:9b:9d:19:
0b:dc:b8:59:94:bb:ba:7d:d1:c5:dd:72:5c:cb:b8:4c:9d:66:
7e:d0:79:d1:f4:c3:12:3e:86:93:73:87:af:2f:0b:ae:95:c9:
87:79:0f:06:18:59:68:35:50:a7:a9:c9:88:f6:c9:d3:57:cc:
a9:a9:b9:5d:f1:b8:61:a3:51:2c:f6:e3:5b:ec:04:4f:36:9b:
2b:d3:37:99:fd:1c:2c:e4:fc:97:2d:6c:e4:8a:f0:c4:50:d1:
cc:b7:5a:3b:aa:6e:fc:2e:7b:48:04:c9:8a:92:e9:b8:27:f6:
6a:f1:d2:45:74:7d:ef:de:cc:b0:6f:dd:ed:5d:28:c7:02:61:
9d:8b:45:77:c1:f1:5f:86:4c:32:6d:d8:7e:98:f9:ce:fe:48:
17:e5:90:38:bb:a8:c0:46:b9:8f:fa:ab:95:13:e0:e4:ba:c7:
ff:3c:20:e2:a4:3c:09:28:eb:4c:24:48:d7:db:31:37:01:4c:
d9:67:03:4f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZc6Kaje+8BZWsIxr3VUYj7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjA0MDg1ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTkzZWQ2NDJmNWRkNDRkZmNmNjRjNGU1YWU2OGEzNjhlN2I3NGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoC35vjw+lo3uklV4pRTTLToZ8Sa1
nlZIXtQAItQFW86AUzgMVMuOL+Cuv7R60XVaJEdiprEzYslitP5WjOoPui74+cuk
G1uDNhDHMZ2VznTMW95k7UrpCB4sCPYB73K+0I0vy8RcS/VeBAa0hrNWlVgFKOEb
6Wt93JdUGwg7/RI31R7HpLfuchAgX/vsiwET72ykFTajQPdQxq5arlBEso9lqS2U
AH4QjofRAuOcfwChj2yfjJu9+fDZT7KEuslXiah7oNSTi2q5Y0RnMsVeI5UYjalc
dg5Xv+W4SgcuqHSBacXtcpZQRM14vqU1CkT1QZitrBCuF6/xptyo8hLw9QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPWT7WQvXdRN/PZMTlrmijaOe3S9MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOVpQdFpDOWQxRTM4OWt4T1d1YUtObzU3ZEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAHzghAwQD
HzigAwQBHznKAwQCHzt0AwQD2TwAAwQC2TwMAwQC2TwYAwQC2Tw8MA0GCSqGSIb3
DQEBCwUAA4IBAQCFZ6irSiMUVke8BoZ/Ru+k7tmGucrO/SvhhhvJXMGxEnEcWAwo
thTd22skto54R5yoqYHn+JitQTL/CEx/C8b7TCnipp+bnRkL3LhZlLu6fdHF3XJc
y7hMnWZ+0HnR9MMSPoaTc4evLwuulcmHeQ8GGFloNVCnqcmI9snTV8ypqbld8bhh
o1Es9uNb7ARPNpsr0zeZ/Rws5PyXLWzkivDEUNHMt1o7qm78LntIBMmKkum4J/Zq
8dJFdH3v3sywb93tXSjHAmGdi0V3wfFfhkwybdh+mPnO/kgX5ZA4u6jARrmP+quV
E+Dkusf/PCDipDwJKOtMJEjX2zE3AUzZZwNP
-----END CERTIFICATE-----
Generated at Tue Jul 1 15:08:11 2025 by rpki-client