Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CC56RrJqRE1SNAdUUTbvhXRfIsk.roa
File: CC56RrJqRE1SNAdUUTbvhXRfIsk.roa (raw, json)
Hash identifier: 2IJrtLmod8BMa2aj+HRn7Ad/vFLmIn+iZMgOWKES5Mo=
Subject key identifier: 08:2E:7A:46:B2:6A:44:4D:52:34:07:54:51:36:EF:85:74:5F:22:C9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0199E1E3ADF4C41071E32C9ABB4AEF8CB19F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CC56RrJqRE1SNAdUUTbvhXRfIsk.roa
Signing time: Tue 14 Oct 2025 08:43:38 +0000
ROA not before: Tue 14 Oct 2025 08:43:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210064
IP address blocks: 31.59.168.0/24 maxlen: 24
94.183.151.0/24 maxlen: 24
217.60.15.0/24 maxlen: 24
2a14:6e40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e1:e3:ad:f4:c4:10:71:e3:2c:9a:bb:4a:ef:8c:b1:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 14 08:43:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=082e7a46b26a444d523407545136ef85745f22c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:79:f3:ee:07:59:02:6a:cc:27:93:50:b6:ec:
1a:e6:4a:f1:bc:e4:ad:1d:37:f3:e7:2f:c4:c3:d2:
d3:43:b4:b7:4b:db:3c:79:2c:79:ea:99:c2:16:bd:
40:79:01:c9:b8:52:dc:d9:f9:2b:43:95:79:ce:76:
d3:e8:8a:a1:9d:16:96:11:11:89:0d:b3:d1:3d:a7:
7c:64:69:45:5e:15:96:02:92:f1:a0:1a:8d:0a:08:
87:be:35:71:36:20:60:af:4a:d9:36:01:d7:55:d0:
d2:c1:a4:7c:61:6f:2f:4f:21:82:63:1d:31:dc:d1:
2b:ea:c0:3f:bf:58:76:40:43:93:65:38:29:33:89:
92:99:0d:aa:e2:30:d7:ee:8b:34:bc:21:0c:40:d8:
d4:bc:e0:50:41:7a:e5:a6:fa:de:ae:6a:4c:84:ea:
da:8a:4b:14:15:b2:e6:a6:83:a0:26:82:9f:5a:34:
30:98:f7:29:d4:b1:a7:5c:f8:7d:c3:47:e8:fa:9f:
89:db:c0:e2:1f:69:12:9d:84:b3:b2:ad:6d:7e:44:
1d:05:54:30:a6:f5:4e:b9:f9:93:97:22:51:8e:37:
aa:b0:01:da:c7:96:cd:1d:21:ff:68:4e:47:e7:90:
5a:48:75:3e:70:ad:89:1a:68:b8:e5:fb:4f:ed:8a:
a9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:2E:7A:46:B2:6A:44:4D:52:34:07:54:51:36:EF:85:74:5F:22:C9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CC56RrJqRE1SNAdUUTbvhXRfIsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.59.168.0/24
94.183.151.0/24
217.60.15.0/24
IPv6:
2a14:6e40:1::/48
Signature Algorithm: sha256WithRSAEncryption
97:40:a0:a7:21:18:06:97:59:5e:db:36:00:0a:cc:69:fd:a8:
e3:8d:34:3f:ee:f9:62:e4:05:25:b8:d4:da:25:df:9c:26:ab:
63:58:c6:15:6a:17:fa:3c:88:6e:e0:bd:7a:de:15:96:6b:d0:
a2:ad:05:a0:7b:b5:f4:12:87:cf:8e:1d:48:28:f1:bd:38:a9:
ef:54:93:2e:2e:b6:90:99:38:39:d9:cc:ce:22:a7:7e:d7:9d:
f3:45:26:1f:c9:6d:b1:c4:a4:d0:52:21:9a:8c:34:e6:bf:c1:
bd:4d:cb:e2:6f:b8:82:74:65:95:84:a0:51:a2:57:08:e1:34:
66:5f:e9:40:e7:12:aa:59:e4:be:b8:12:00:4a:b4:cb:62:82:
3c:21:7d:1b:42:ca:45:8d:5c:e0:fd:e8:f1:d2:46:18:e6:8d:
b7:19:29:46:90:73:e8:22:de:5c:97:c7:71:6a:4d:fc:58:7c:
35:72:94:a6:8e:92:3a:c2:18:95:15:a7:15:5b:08:e9:a8:ee:
2d:a4:75:cf:98:90:bd:cf:bd:dc:2f:cc:3d:08:11:c1:6c:2c:
47:1c:dd:7b:7e:d0:b4:b2:55:b9:14:ca:61:31:df:3f:ce:f1:
8d:88:2f:39:d5:ac:f2:e8:9e:92:6e:a7:e3:f9:48:f3:0e:88:
79:63:f0:e1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZnh4630xBBx4yyau0rvjLGfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMDE0MDg0MzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODJlN2E0NmIyNmE0NDRkNTIzNDA3NTQ1MTM2ZWY4NTc0NWYyMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXnz7gdZAmrMJ5NQtuwa5krxvOSt
HTfz5y/Ew9LTQ7S3S9s8eSx56pnCFr1AeQHJuFLc2fkrQ5V5znbT6IqhnRaWERGJ
DbPRPad8ZGlFXhWWApLxoBqNCgiHvjVxNiBgr0rZNgHXVdDSwaR8YW8vTyGCYx0x
3NEr6sA/v1h2QEOTZTgpM4mSmQ2q4jDX7os0vCEMQNjUvOBQQXrlpvrermpMhOra
iksUFbLmpoOgJoKfWjQwmPcp1LGnXPh9w0fo+p+J28DiH2kSnYSzsq1tfkQdBVQw
pvVOufmTlyJRjjeqsAHax5bNHSH/aE5H55BaSHU+cK2JGmi45ftP7YqpbwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAguekayakRNUjQHVFE274V0XyLJMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQ0M1NlJySnFSRTFTTkFkVVVUYnZoWFJmSXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAHzuoAwQA
XreXAwQA2TwPMA8EAgACMAkDBwAqFG5AAAEwDQYJKoZIhvcNAQELBQADggEBAJdA
oKchGAaXWV7bNgAKzGn9qOONND/u+WLkBSW41Nol35wmq2NYxhVqF/o8iG7gvXre
FZZr0KKtBaB7tfQSh8+OHUgo8b04qe9Uky4utpCZODnZzM4ip37XnfNFJh/JbbHE
pNBSIZqMNOa/wb1Ny+JvuIJ0ZZWEoFGiVwjhNGZf6UDnEqpZ5L64EgBKtMtigjwh
fRtCykWNXOD96PHSRhjmjbcZKUaQc+gi3lyXx3FqTfxYfDVylKaOkjrCGJUVpxVb
COmo7i2kdc+YkL3PvdwvzD0IEcFsLEcc3Xt+0LSyVbkUymEx3z/O8Y2ILznVrPLo
npJup+P5SPMOiHlj8OE=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:58 2025 by rpki-client