Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/AK9HXU-xy6njNOaEs5wtNzkiOMM.roa
File: AK9HXU-xy6njNOaEs5wtNzkiOMM.roa (raw, json)
Hash identifier: 4y9siOK4N/I134TOmPqCIsS1a289f2fuXNVsCWx3iBU=
Subject key identifier: 00:AF:47:5D:4F:B1:CB:A9:E3:34:E6:84:B3:9C:2D:37:39:22:38:C3
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019875B4A827BFF105130A320DE7F504A1E5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/AK9HXU-xy6njNOaEs5wtNzkiOMM.roa
Signing time: Mon 04 Aug 2025 15:30:30 +0000
ROA not before: Mon 04 Aug 2025 15:30:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 31.56.43.0/24 maxlen: 24
31.56.66.0/24 maxlen: 24
31.57.35.0/24 maxlen: 24
31.57.100.0/24 maxlen: 24
31.57.120.0/24 maxlen: 24
31.57.228.0/24 maxlen: 24
31.59.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:75:b4:a8:27:bf:f1:05:13:0a:32:0d:e7:f5:04:a1:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 4 15:30:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00af475d4fb1cba9e334e684b39c2d37392238c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:56:7c:3d:dd:4d:d5:f2:aa:be:8c:11:ce:77:
64:da:ef:79:43:90:5e:ff:6b:0c:af:49:6b:9e:25:
ce:bd:31:24:8e:49:bc:90:8d:95:ce:f3:51:70:b9:
a1:74:71:59:9e:f3:09:50:80:3c:58:07:b5:c3:86:
ff:68:6e:df:10:7c:52:fa:a0:17:23:f4:0b:eb:df:
bf:98:ed:4b:78:e5:dc:5a:c4:5c:38:a9:71:f4:22:
eb:5f:33:2e:22:e5:82:b6:5a:c1:92:52:27:ca:b0:
a5:03:69:d2:0c:f1:4f:e2:71:ee:9c:16:a3:03:b3:
73:52:04:66:e2:75:25:1e:b3:ff:cb:87:f0:3c:dc:
62:36:cd:7d:54:b0:4e:f9:66:21:08:1d:ea:bc:ee:
18:55:f9:b1:ad:fe:4c:47:d2:f0:1d:48:de:17:ea:
d6:b1:01:c8:27:0d:d7:21:61:fa:8e:8d:01:67:b2:
46:0e:37:22:62:43:95:bc:fc:88:28:09:29:82:1d:
69:83:e9:72:f7:3a:e0:d4:c7:9c:9e:eb:8f:c1:fe:
e9:54:25:cd:0a:f3:e9:f7:85:53:17:ab:24:1f:e2:
e7:00:01:a3:90:0d:42:ab:65:a3:ec:76:97:cb:2a:
ea:58:8d:34:ff:ac:7f:5f:b9:39:74:98:7d:e5:3b:
64:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:AF:47:5D:4F:B1:CB:A9:E3:34:E6:84:B3:9C:2D:37:39:22:38:C3
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/AK9HXU-xy6njNOaEs5wtNzkiOMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.43.0/24
31.56.66.0/24
31.57.35.0/24
31.57.100.0/24
31.57.120.0/24
31.57.228.0/24
31.59.167.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:9b:49:60:34:cf:01:66:cb:35:7d:c1:34:e4:3b:f9:83:c3:
8a:77:78:af:f1:22:18:65:43:05:ad:10:e9:3c:74:ad:78:1b:
64:4b:23:1a:b0:ab:a0:4b:70:b8:6f:03:0d:25:c6:05:03:7a:
09:4e:cd:b2:98:c8:b4:1a:9a:13:0a:ce:9c:2c:d9:34:ee:3e:
9a:03:d1:c7:09:e5:84:b6:d6:1c:81:d9:f0:06:a1:40:5d:85:
5b:f5:88:8d:37:e1:76:44:b5:50:77:bd:e3:83:8f:ed:f8:68:
e8:77:62:72:4a:74:00:05:d3:f0:c3:ce:6a:32:d8:79:84:2e:
9f:69:51:fb:24:10:1d:68:25:e9:3b:ef:12:ed:03:65:79:5d:
94:bc:f4:ab:26:82:89:f8:9d:46:ba:36:43:1d:dc:5d:d7:60:
32:c3:69:74:a5:24:7d:fe:14:e8:16:62:4a:6a:c6:9e:68:61:
88:58:7c:e0:47:13:c3:94:3f:45:3f:88:4d:97:51:0a:07:ed:
7c:98:4d:ee:f8:aa:4a:21:6d:62:bd:7a:69:82:d5:c4:9b:01:
ff:b8:b8:96:43:34:69:5c:62:77:8f:b2:f2:82:65:f1:70:25:
b5:b6:87:ea:a2:9e:98:d3:74:ac:02:9e:da:f0:9f:b7:4f:ea:
30:a2:bc:d0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZh1tKgnv/EFEwoyDef1BKHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwODA0MTUzMDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGFmNDc1ZDRmYjFjYmE5ZTMzNGU2ODRiMzljMmQzNzM5MjIzOGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVZ8Pd1N1fKqvowRzndk2u95Q5Be
/2sMr0lrniXOvTEkjkm8kI2VzvNRcLmhdHFZnvMJUIA8WAe1w4b/aG7fEHxS+qAX
I/QL69+/mO1LeOXcWsRcOKlx9CLrXzMuIuWCtlrBklInyrClA2nSDPFP4nHunBaj
A7NzUgRm4nUlHrP/y4fwPNxiNs19VLBO+WYhCB3qvO4YVfmxrf5MR9LwHUjeF+rW
sQHIJw3XIWH6jo0BZ7JGDjciYkOVvPyIKAkpgh1pg+ly9zrg1MecnuuPwf7pVCXN
CvPp94VTF6skH+LnAAGjkA1Cq2Wj7HaXyyrqWI00/6x/X7k5dJh95TtkjQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFACvR11Pscup4zTmhLOcLTc5IjjDMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQUs5SFhVLXh5Nm5qTk9hRXM1d3ROemtpT01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAHzgrAwQA
HzhCAwQAHzkjAwQAHzlkAwQAHzl4AwQAHznkAwQAHzunMA0GCSqGSIb3DQEBCwUA
A4IBAQCcm0lgNM8BZss1fcE05Dv5g8OKd3iv8SIYZUMFrRDpPHSteBtkSyMasKug
S3C4bwMNJcYFA3oJTs2ymMi0GpoTCs6cLNk07j6aA9HHCeWEttYcgdnwBqFAXYVb
9YiNN+F2RLVQd73jg4/t+Gjod2JySnQABdPww85qMth5hC6faVH7JBAdaCXpO+8S
7QNleV2UvPSrJoKJ+J1GujZDHdxd12Ayw2l0pSR9/hToFmJKasaeaGGIWHzgRxPD
lD9FP4hNl1EKB+18mE3u+KpKIW1ivXppgtXEmwH/uLiWQzRpXGJ3j7LygmXxcCW1
tofqop6Y03SsAp7a8J+3T+oworzQ
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:52:31 2025 by rpki-client