Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IZNDpeKL8fwRZJy87pgbQyZLOgM.roa
File: IZNDpeKL8fwRZJy87pgbQyZLOgM.roa (raw, json)
Hash identifier: GtA99r41DFjgccfM74NpiKOqM10NCH1MoTUdZGkP3N4=
Subject key identifier: 21:93:43:A5:E2:8B:F1:FC:11:64:9C:BC:EE:98:1B:43:26:4B:3A:03
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0198C6881CED296B64ECB603711236934013
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IZNDpeKL8fwRZJy87pgbQyZLOgM.roa
Signing time: Wed 20 Aug 2025 08:11:05 +0000
ROA not before: Wed 20 Aug 2025 08:11:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43641
IP address blocks: 31.56.115.0/24 maxlen: 24
31.56.116.0/24 maxlen: 24
31.56.127.0/24 maxlen: 24
31.57.192.0/24 maxlen: 24
31.57.193.0/24 maxlen: 24
31.57.195.0/24 maxlen: 24
31.57.232.0/24 maxlen: 24
31.57.233.0/24 maxlen: 24
31.57.234.0/24 maxlen: 24
31.57.235.0/24 maxlen: 24
31.58.141.0/24 maxlen: 24
31.58.145.0/24 maxlen: 24
31.58.148.0/24 maxlen: 24
31.58.149.0/24 maxlen: 24
31.58.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 07:32:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c6:88:1c:ed:29:6b:64:ec:b6:03:71:12:36:93:40:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 20 08:11:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=219343a5e28bf1fc11649cbcee981b43264b3a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:13:8c:0b:0c:c8:58:aa:70:19:34:f6:08:00:
d8:6b:e7:01:9c:4e:0c:e1:98:b1:a3:e8:e2:26:11:
60:b1:a9:e2:07:7d:c2:05:3c:32:50:ec:b3:43:6e:
61:9b:d7:98:2d:84:e2:15:33:a0:68:b8:5a:a0:31:
a3:cb:2c:d1:f6:67:bc:df:27:28:5b:5a:4e:ae:b4:
7a:6a:40:a1:4b:19:db:5d:04:8e:27:4f:15:d5:14:
60:ea:2a:2d:35:84:a0:b0:15:fb:7c:6b:14:6b:5d:
c6:0e:2a:e8:37:a6:41:e7:23:da:22:49:f2:8f:62:
60:11:af:b1:e3:67:74:40:4b:7b:cb:7c:7d:2e:93:
1e:03:e4:03:45:83:e4:f5:c1:51:88:06:89:27:11:
3e:73:11:92:0d:16:c1:e8:68:7c:b4:3e:5a:a4:47:
5f:a1:b1:ab:ac:7c:4a:40:33:d7:75:73:64:96:5b:
72:a1:01:e5:b6:fe:57:61:c8:66:be:16:cd:51:c3:
76:a0:3d:85:77:79:76:70:ad:65:5a:2f:47:53:00:
97:37:fa:d4:e6:71:1c:d2:76:4c:1b:38:34:a8:92:
50:bd:2b:ec:ec:ab:81:1c:b1:71:99:5b:e1:0a:76:
bc:1e:fa:26:84:6d:99:f9:10:26:58:67:67:3e:e3:
33:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:93:43:A5:E2:8B:F1:FC:11:64:9C:BC:EE:98:1B:43:26:4B:3A:03
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IZNDpeKL8fwRZJy87pgbQyZLOgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.115.0-31.56.116.255
31.56.127.0/24
31.57.192.0/23
31.57.195.0/24
31.57.232.0/22
31.58.141.0/24
31.58.145.0/24
31.58.148.0/23
31.58.151.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:5c:f1:c8:5d:0f:c5:03:5b:76:22:39:44:4f:87:89:8a:e4:
0f:4b:8e:a7:71:e0:95:52:83:32:b6:bf:d5:3f:dd:59:1b:1d:
ec:f7:51:ee:dd:19:ec:fb:97:cc:77:1e:f3:c5:ec:75:25:c0:
89:f2:26:64:e8:ef:b1:9f:74:c0:5c:6e:32:37:0f:fd:87:ed:
2b:78:23:b2:8c:98:b8:63:69:cc:b0:70:96:68:13:b8:b6:7e:
ab:e9:e2:44:e0:ca:d0:16:fe:aa:ab:f9:40:a9:c7:51:31:cb:
c9:63:3f:8d:6a:3f:c4:38:8f:52:11:b3:35:d0:60:ab:db:00:
1c:70:10:db:35:f7:db:ed:14:c7:1f:72:6f:35:1f:1d:1d:34:
dd:b7:ee:54:3b:61:40:d3:c9:ed:d1:90:0e:5e:f5:75:3d:6c:
67:6e:dd:46:e0:40:ac:bb:c4:15:df:45:62:47:b6:ec:4e:73:
78:b3:05:35:65:fe:c1:55:3d:9f:2d:cb:1f:dc:ae:cf:5f:09:
6f:fc:94:01:c5:91:c0:4c:10:7a:bd:c4:68:38:cd:a6:af:77:
ce:dd:0e:62:aa:c8:f8:83:27:ce:96:1c:ca:fd:b3:ac:a6:ef:
33:1b:e3:5d:84:73:45:4e:d4:8f:4b:98:c0:b5:c9:6f:8d:a6:
79:5c:c5:b1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZjGiBztKWtk7LYDcRI2k0ATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwODIwMDgxMTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTkzNDNhNWUyOGJmMWZjMTE2NDljYmNlZTk4MWI0MzI2NGIzYTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhOMCwzIWKpwGTT2CADYa+cBnE4M
4Zixo+jiJhFgsaniB33CBTwyUOyzQ25hm9eYLYTiFTOgaLhaoDGjyyzR9me83yco
W1pOrrR6akChSxnbXQSOJ08V1RRg6iotNYSgsBX7fGsUa13GDiroN6ZB5yPaIkny
j2JgEa+x42d0QEt7y3x9LpMeA+QDRYPk9cFRiAaJJxE+cxGSDRbB6Gh8tD5apEdf
obGrrHxKQDPXdXNklltyoQHltv5XYchmvhbNUcN2oD2Fd3l2cK1lWi9HUwCXN/rU
5nEc0nZMGzg0qJJQvSvs7KuBHLFxmVvhCna8HvomhG2Z+RAmWGdnPuMzhwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFCGTQ6Xii/H8EWScvO6YG0MmSzoDMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSVpORHBlS0w4ZndSWkp5ODdwZ2JReVpMT2dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBAAfOHMD
BAAfOHQDBAAfOH8DBAEfOcADBAAfOcMDBAIfOegDBAAfOo0DBAAfOpEDBAEfOpQD
BAAfOpcwDQYJKoZIhvcNAQELBQADggEBAA1c8chdD8UDW3YiOURPh4mK5A9Ljqdx
4JVSgzK2v9U/3VkbHez3Ue7dGez7l8x3HvPF7HUlwInyJmTo77GfdMBcbjI3D/2H
7St4I7KMmLhjacywcJZoE7i2fqvp4kTgytAW/qqr+UCpx1Exy8ljP41qP8Q4j1IR
szXQYKvbABxwENs199vtFMcfcm81Hx0dNN237lQ7YUDTye3RkA5e9XU9bGdu3Ubg
QKy7xBXfRWJHtuxOc3izBTVl/sFVPZ8tyx/crs9fCW/8lAHFkcBMEHq9xGg4zaav
d87dDmKqyPiDJ86WHMr9s6ym7zMb412Ec0VO1I9LmMC1yW+NpnlcxbE=
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:26:33 2025 by rpki-client