Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/RuK7xj11xHrXb_juuW4u8_eJs3E.roa
File: RuK7xj11xHrXb_juuW4u8_eJs3E.roa (raw, json)
Hash identifier: vsg5UXE32UdXa7d8gcvgKr12yktXn73dFHIW1654RB4=
Subject key identifier: 46:E2:BB:C6:3D:75:C4:7A:D7:6F:F8:EE:B9:6E:2E:F3:F7:89:B3:71
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0199910191B88CBCA2379DD3207C887E6133
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/RuK7xj11xHrXb_juuW4u8_eJs3E.roa
Signing time: Sun 28 Sep 2025 15:47:03 +0000
ROA not before: Sun 28 Sep 2025 15:47:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 31.58.36.0/22 maxlen: 24
31.58.44.0/22 maxlen: 24
31.58.60.0/22 maxlen: 24
31.59.196.0/22 maxlen: 24
31.59.200.0/22 maxlen: 24
31.59.204.0/22 maxlen: 24
31.59.208.0/22 maxlen: 24
31.59.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:91:01:91:b8:8c:bc:a2:37:9d:d3:20:7c:88:7e:61:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 28 15:47:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46e2bbc63d75c47ad76ff8eeb96e2ef3f789b371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1f:19:23:ac:07:04:3f:87:b2:7c:e9:2f:f3:
79:8b:b7:c8:f9:c0:bc:34:8c:7a:99:33:62:00:ee:
11:72:5d:c4:6c:c3:c0:ec:5f:f3:b8:0b:3b:4d:97:
5a:af:67:6e:e8:c9:56:cc:e4:13:6b:ff:9c:4c:60:
5a:90:fe:c9:b1:99:51:48:02:26:3a:27:d3:1a:8c:
ab:ed:75:51:4b:a1:60:7f:a6:f4:15:8e:a9:6e:cf:
26:fd:3b:0c:6a:d9:5f:48:8d:c0:23:be:6d:91:fe:
22:5a:9f:bb:50:e7:97:46:17:ab:db:43:b6:5f:83:
02:8d:4e:8c:f7:a1:d3:0b:17:64:e5:f2:ac:6b:07:
b4:72:ae:a7:40:b3:d5:b2:e9:e5:5c:58:c3:ad:a5:
21:43:dd:2a:76:54:55:ef:5f:fd:36:c8:68:14:2e:
fa:d1:14:1a:58:95:2d:36:56:e6:e5:ad:3f:5e:85:
2f:70:12:60:67:bf:67:8b:58:dc:1b:5c:99:73:c5:
6f:6a:83:70:43:67:2a:98:24:80:80:6b:3e:95:ed:
36:9c:49:f4:95:14:0e:ee:35:0f:4c:8b:8b:1f:88:
81:0d:ee:12:a6:5f:dd:13:db:2f:1a:78:cb:ef:93:
e9:3c:93:5f:7e:71:fb:bd:02:e7:ee:c8:93:6a:fc:
e6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E2:BB:C6:3D:75:C4:7A:D7:6F:F8:EE:B9:6E:2E:F3:F7:89:B3:71
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/RuK7xj11xHrXb_juuW4u8_eJs3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.36.0/22
31.58.44.0/22
31.58.60.0/22
31.59.196.0-31.59.211.255
31.59.220.0/22
Signature Algorithm: sha256WithRSAEncryption
81:3b:37:e6:82:d9:b8:b7:6f:35:84:b7:43:0e:3b:66:a0:b2:
d8:36:74:ca:74:29:1b:70:e0:06:7f:bc:be:04:eb:9d:8f:fd:
a6:71:36:73:72:d9:06:e6:41:e1:b5:69:dd:7a:18:4a:6f:e0:
5f:0d:3f:a3:19:38:47:0e:35:1d:e1:7b:99:cd:90:5c:b1:e8:
f3:7f:9e:ac:d7:52:4d:1d:8c:e7:83:9b:82:6c:9b:76:d7:a4:
2b:16:e1:b4:67:c7:49:26:31:ea:e1:ea:40:b3:35:c5:37:94:
96:ea:b2:2d:d6:74:09:4c:e0:6c:f0:18:0b:cd:09:d8:db:5c:
ec:3e:86:a8:fe:36:1e:da:90:56:fb:af:e2:2f:af:ca:d2:d8:
c8:79:84:83:71:c4:af:91:f3:07:8a:e9:5a:37:a9:b7:58:c6:
8b:9c:1f:1b:cf:ad:d3:ce:dd:b5:54:96:d9:b3:f7:32:05:7f:
5d:a1:f2:58:ef:cc:ea:c8:cd:1c:7a:0f:91:93:75:8a:ca:12:
9a:80:54:78:23:c0:f5:bb:57:05:81:7d:03:00:68:96:6e:89:
a7:31:23:e8:79:87:33:ab:be:1e:d8:78:b7:f9:4a:df:68:ba:
e5:ea:68:61:47:75:96:95:7b:e2:88:ae:f1:31:f5:78:bb:f0:
f7:40:0c:4b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZmRAZG4jLyiN53TIHyIfmEzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwOTI4MTU0NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmUyYmJjNjNkNzVjNDdhZDc2ZmY4ZWViOTZlMmVmM2Y3ODliMzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB8ZI6wHBD+HsnzpL/N5i7fI+cC8
NIx6mTNiAO4Rcl3EbMPA7F/zuAs7TZdar2du6MlWzOQTa/+cTGBakP7JsZlRSAIm
OifTGoyr7XVRS6Fgf6b0FY6pbs8m/TsMatlfSI3AI75tkf4iWp+7UOeXRher20O2
X4MCjU6M96HTCxdk5fKsawe0cq6nQLPVsunlXFjDraUhQ90qdlRV71/9NshoFC76
0RQaWJUtNlbm5a0/XoUvcBJgZ79ni1jcG1yZc8VvaoNwQ2cqmCSAgGs+le02nEn0
lRQO7jUPTIuLH4iBDe4Spl/dE9svGnjL75PpPJNffnH7vQLn7siTavzmLwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEbiu8Y9dcR612/47rluLvP3ibNxMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUnVLN3hqMTF4SHJYYl9qdXVXNHU4X2VKczNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCHzokAwQC
HzosAwQCHzo8MAwDBAIfO8QDBAIfO9ADBAIfO9wwDQYJKoZIhvcNAQELBQADggEB
AIE7N+aC2bi3bzWEt0MOO2agstg2dMp0KRtw4AZ/vL4E652P/aZxNnNy2QbmQeG1
ad16GEpv4F8NP6MZOEcONR3he5nNkFyx6PN/nqzXUk0djOeDm4Jsm3bXpCsW4bRn
x0kmMerh6kCzNcU3lJbqsi3WdAlM4GzwGAvNCdjbXOw+hqj+Nh7akFb7r+Ivr8rS
2Mh5hINxxK+R8weK6Vo3qbdYxoucHxvPrdPO3bVUltmz9zIFf12h8ljvzOrIzRx6
D5GTdYrKEpqAVHgjwPW7VwWBfQMAaJZuiacxI+h5hzOrvh7YeLf5St9ouuXqaGFH
dZaVe+KIrvEx9Xi78PdADEs=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:57 2025 by rpki-client