Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MkALYcje1LjiicybcBHZ9U8i1vw.roa
File: MkALYcje1LjiicybcBHZ9U8i1vw.roa (raw, json)
Hash identifier: H2KNbN7JDN6hQJFiyLtDVGigv1tK97qrCeVvJsa6X0w=
Subject key identifier: 32:40:0B:61:C8:DE:D4:B8:E2:89:CC:9B:70:11:D9:F5:4F:22:D6:FC
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0198C60E55F55C8CB086D0DD5329116EC63D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MkALYcje1LjiicybcBHZ9U8i1vw.roa
Signing time: Wed 20 Aug 2025 05:58:05 +0000
ROA not before: Wed 20 Aug 2025 05:58:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 31.56.4.0/24 maxlen: 24
31.58.57.0/24 maxlen: 24
31.58.162.0/24 maxlen: 24
31.58.166.0/24 maxlen: 24
31.59.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c6:0e:55:f5:5c:8c:b0:86:d0:dd:53:29:11:6e:c6:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 20 05:58:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32400b61c8ded4b8e289cc9b7011d9f54f22d6fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f7:78:25:af:61:37:62:c6:bf:11:78:76:ff:
48:53:33:61:ec:30:64:36:d5:e3:eb:29:4d:a0:e9:
ce:d8:9a:a3:c5:d4:77:68:47:58:24:7b:ce:fc:07:
29:89:d3:b0:0f:2b:4d:19:ee:fc:f5:d8:cd:24:ea:
6e:f6:2c:08:a4:ab:00:91:75:cb:9a:0b:10:14:74:
55:3e:69:33:02:6b:73:bf:4d:83:2c:83:04:28:71:
99:61:25:c2:67:77:d6:27:ab:7b:49:31:f8:6b:5d:
45:12:e6:2b:b8:cd:d8:71:49:ea:84:d8:0b:0b:d2:
c3:b6:cf:3c:2f:ca:51:8b:a3:36:33:88:a3:ad:ac:
0b:d6:1f:29:05:a7:41:10:8a:0c:8d:8b:93:8a:e5:
7e:64:7e:81:12:49:cb:97:0e:78:52:1e:da:49:29:
52:07:29:5c:3f:39:8c:94:4d:7f:bd:0f:af:b7:61:
fc:07:86:ab:a7:c0:95:71:77:4f:c8:4d:e5:44:55:
1e:72:03:db:46:6b:57:85:02:a7:a4:0f:68:12:2e:
5e:47:12:a3:4d:10:e4:51:9e:da:8e:a4:2c:e3:eb:
c7:6b:d0:e1:39:dd:04:20:98:dd:f9:9e:de:e7:60:
81:f8:01:4f:1c:a7:64:15:9b:df:65:b7:ea:78:93:
2b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:40:0B:61:C8:DE:D4:B8:E2:89:CC:9B:70:11:D9:F5:4F:22:D6:FC
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MkALYcje1LjiicybcBHZ9U8i1vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/24
31.58.57.0/24
31.58.162.0/24
31.58.166.0/24
31.59.215.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:57:ca:38:e5:07:15:f0:b1:a8:df:10:f1:f4:47:d6:8e:39:
60:1a:d6:a5:fd:81:ac:b7:d8:c8:d4:a6:85:29:06:2d:d5:7b:
10:ec:bd:e0:21:07:6a:fc:b3:f4:63:4a:c9:eb:50:0d:15:43:
bb:72:ea:cb:ef:d6:10:92:c9:33:fc:9a:7b:62:54:fb:d8:5b:
8f:c9:34:a3:07:a4:1a:64:83:19:13:4e:22:d0:5e:86:c0:72:
53:91:72:07:ee:d1:cd:65:76:dd:90:64:f5:cb:52:95:4b:8c:
79:e8:18:16:9e:ed:e4:9d:e4:6a:d4:c6:e2:1d:83:40:39:66:
59:df:48:f3:5f:44:09:60:8e:1c:9d:18:97:75:25:7c:51:b4:
ad:c0:87:72:8a:ff:f4:bc:04:6d:dc:57:61:c6:f1:f0:b5:36:
21:64:b8:ed:80:db:32:c3:16:a5:e7:76:50:ee:12:17:4f:82:
64:90:80:04:06:16:2f:4d:28:59:78:15:38:81:be:d6:3f:9c:
67:05:a0:2f:f5:8f:8b:89:c5:ea:89:58:79:34:cb:7d:42:38:
04:60:21:d9:e2:10:a2:46:1d:59:1d:ee:ba:f1:0b:fe:a0:62:
3c:5c:f2:83:e7:2a:2e:12:85:3d:19:68:03:09:a8:58:ee:1f:
3b:6b:89:22
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZjGDlX1XIywhtDdUykRbsY9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwODIwMDU1ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQwMGI2MWM4ZGVkNGI4ZTI4OWNjOWI3MDExZDlmNTRmMjJkNmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPd4Ja9hN2LGvxF4dv9IUzNh7DBk
NtXj6ylNoOnO2JqjxdR3aEdYJHvO/AcpidOwDytNGe789djNJOpu9iwIpKsAkXXL
mgsQFHRVPmkzAmtzv02DLIMEKHGZYSXCZ3fWJ6t7STH4a11FEuYruM3YcUnqhNgL
C9LDts88L8pRi6M2M4ijrawL1h8pBadBEIoMjYuTiuV+ZH6BEknLlw54Uh7aSSlS
BylcPzmMlE1/vQ+vt2H8B4arp8CVcXdPyE3lRFUecgPbRmtXhQKnpA9oEi5eRxKj
TRDkUZ7ajqQs4+vHa9DhOd0EIJjd+Z7e52CB+AFPHKdkFZvfZbfqeJMrQQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDJAC2HI3tS44onMm3AR2fVPItb8MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTWtBTFljamUxTGppaWN5YmNCSFo5VThpMXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzgEAwQA
Hzo5AwQAHzqiAwQAHzqmAwQAHzvXMA0GCSqGSIb3DQEBCwUAA4IBAQCNV8o45QcV
8LGo3xDx9EfWjjlgGtal/YGst9jI1KaFKQYt1XsQ7L3gIQdq/LP0Y0rJ61ANFUO7
curL79YQkskz/Jp7YlT72FuPyTSjB6QaZIMZE04i0F6GwHJTkXIH7tHNZXbdkGT1
y1KVS4x56BgWnu3kneRq1MbiHYNAOWZZ30jzX0QJYI4cnRiXdSV8UbStwIdyiv/0
vARt3FdhxvHwtTYhZLjtgNsywxal53ZQ7hIXT4JkkIAEBhYvTShZeBU4gb7WP5xn
BaAv9Y+LicXqiVh5NMt9QjgEYCHZ4hCiRh1ZHe668Qv+oGI8XPKD5youEoU9GWgD
CahY7h87a4ki
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:40:15 2025 by rpki-client