Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Buy-Jm-9tDR0kr7iXMjdMFr4Fis.roa
File: Buy-Jm-9tDR0kr7iXMjdMFr4Fis.roa (raw, json)
Hash identifier: KjJG/5zFceee8c9GTm+g52E3p8H0+YC6PppWU4BMS0U=
Subject key identifier: 06:EC:BE:26:6F:BD:B4:34:74:92:BE:E2:5C:C8:DD:30:5A:F8:16:2B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019994916F015A87E8CD6EAE6EB6A1907041
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Buy-Jm-9tDR0kr7iXMjdMFr4Fis.roa
Signing time: Mon 29 Sep 2025 08:23:03 +0000
ROA not before: Mon 29 Sep 2025 08:23:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.59.79.0/24 maxlen: 24
31.59.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:94:91:6f:01:5a:87:e8:cd:6e:ae:6e:b6:a1:90:70:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 29 08:23:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06ecbe266fbdb4347492bee25cc8dd305af8162b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:22:c1:48:09:8b:cd:1f:1d:15:a8:5c:03:bf:
51:b6:70:d3:c5:08:c8:23:ae:27:82:d7:08:96:cf:
cc:63:5d:d3:d0:5d:80:dd:25:7a:c8:3d:5d:ea:24:
96:c0:35:8f:b1:9b:75:0b:d4:2a:f9:79:b4:c2:c1:
e5:67:e9:84:08:4b:5c:ea:df:a5:55:49:10:4a:26:
7e:ab:bc:9b:26:25:39:fb:3d:3e:fe:5f:ab:43:87:
cd:2c:11:e2:b9:f3:b0:b4:59:2d:61:b0:df:af:ca:
d3:25:15:59:25:93:02:b8:76:7b:2a:fb:aa:a6:e7:
bb:fd:4e:55:cd:a6:28:ab:ec:15:49:05:eb:c4:2d:
85:97:76:03:d7:b0:2d:81:cb:b1:36:7b:ff:fc:39:
1f:26:e0:fa:17:b0:35:64:ab:42:88:5b:1f:ac:13:
72:2b:88:45:54:04:bf:12:92:48:68:ef:18:1c:dd:
3e:a7:4f:cf:82:4f:17:8f:4e:91:61:ae:89:81:54:
ff:f4:71:e6:50:b6:f6:1d:a2:52:fe:92:46:c2:a9:
7c:62:23:0e:53:13:4c:4b:a1:36:24:5b:a2:9f:30:
aa:bd:27:d3:ad:de:91:67:90:2e:3c:29:11:ef:bf:
e4:86:57:3c:e7:93:f9:bb:02:15:7f:17:c8:66:91:
3f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:EC:BE:26:6F:BD:B4:34:74:92:BE:E2:5C:C8:DD:30:5A:F8:16:2B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Buy-Jm-9tDR0kr7iXMjdMFr4Fis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.126.0/24
31.56.142.0/23
31.56.148.0/22
31.57.114.0/24
31.57.116.0/24
31.59.79.0/24
31.59.228.0/24
Signature Algorithm: sha256WithRSAEncryption
86:18:0d:1f:a3:a6:d3:3d:09:78:a2:7f:c4:a1:f6:17:34:42:
12:a9:a8:fc:ed:b2:36:96:fe:1f:7f:4c:23:e9:d7:17:99:d0:
fc:91:a9:2b:99:1d:95:4a:ac:ca:79:82:46:0b:b5:83:e7:c0:
92:5a:f1:35:94:7a:8d:8e:e3:6a:94:bf:04:6d:a1:eb:86:aa:
d2:04:44:25:f0:df:57:ea:ef:88:c6:47:e5:c7:ef:24:8e:1f:
bc:0d:87:b1:6f:02:16:96:44:98:df:95:7a:1c:a2:ef:47:bf:
ee:e8:b8:49:a1:ed:46:ec:a1:e3:ca:e5:1a:24:c3:14:4e:49:
04:15:42:f5:55:17:78:dc:fc:1b:4c:1f:e2:17:02:30:0a:3d:
60:b1:df:ad:7e:b9:ad:10:d2:8b:db:dd:b2:23:14:0d:11:35:
61:9f:7a:bf:87:38:f6:57:c8:c0:e5:77:48:f7:21:05:36:98:
09:53:24:9a:4b:e2:96:a4:41:4d:51:f7:9d:b5:d9:ef:70:32:
11:60:56:05:94:54:f4:fa:a4:b3:96:75:6d:36:40:d6:59:5f:
6b:db:5b:7b:cf:8c:5c:c7:5c:a4:2c:40:f4:f0:e6:16:57:18:
8f:d3:e1:2a:6d:7b:25:f9:ee:dc:10:22:6b:51:7c:cf:f4:03:
0f:d3:c4:e7
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZmUkW8BWofozW6ubrahkHBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwOTI5MDgyMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmVjYmUyNjZmYmRiNDM0NzQ5MmJlZTI1Y2M4ZGQzMDVhZjgxNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1iLBSAmLzR8dFahcA79RtnDTxQjI
I64ngtcIls/MY13T0F2A3SV6yD1d6iSWwDWPsZt1C9Qq+Xm0wsHlZ+mECEtc6t+l
VUkQSiZ+q7ybJiU5+z0+/l+rQ4fNLBHiufOwtFktYbDfr8rTJRVZJZMCuHZ7Kvuq
pue7/U5VzaYoq+wVSQXrxC2Fl3YD17AtgcuxNnv//DkfJuD6F7A1ZKtCiFsfrBNy
K4hFVAS/EpJIaO8YHN0+p0/Pgk8Xj06RYa6JgVT/9HHmULb2HaJS/pJGwql8YiMO
UxNMS6E2JFuinzCqvSfTrd6RZ5AuPCkR77/khlc855P5uwIVfxfIZpE/kwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAbsviZvvbQ0dJK+4lzI3TBa+BYrMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQnV5LUptLTl0RFIwa3I3aVhNamRNRnI0RmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDHzgIAwQA
Hzh+AwQBHziOAwQCHziUAwQAHzlyAwQAHzl0AwQAHztPAwQAHzvkMA0GCSqGSIb3
DQEBCwUAA4IBAQCGGA0fo6bTPQl4on/EofYXNEISqaj87bI2lv4ff0wj6dcXmdD8
kakrmR2VSqzKeYJGC7WD58CSWvE1lHqNjuNqlL8EbaHrhqrSBEQl8N9X6u+Ixkfl
x+8kjh+8DYexbwIWlkSY35V6HKLvR7/u6LhJoe1G7KHjyuUaJMMUTkkEFUL1VRd4
3PwbTB/iFwIwCj1gsd+tfrmtENKL292yIxQNETVhn3q/hzj2V8jA5XdI9yEFNpgJ
UySaS+KWpEFNUfedtdnvcDIRYFYFlFT0+qSzlnVtNkDWWV9r21t7z4xcx1ykLED0
8OYWVxiP0+EqbXsl+e7cECJrUXzP9AMP08Tn
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:44 2025 by rpki-client