Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TcyBV2yUK3KhdoU2szDkTZqE_lE.roa
File: TcyBV2yUK3KhdoU2szDkTZqE_lE.roa (raw, json)
Hash identifier: puAaNNkqaFqYqQq7NXLbopcEsZhkZe7/PTh9CeRn9hA=
Subject key identifier: 4D:CC:81:57:6C:94:2B:72:A1:76:85:36:B3:30:E4:4D:9A:84:FE:51
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0198C60D6EE9E47E574CB9F506D387F05A41
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TcyBV2yUK3KhdoU2szDkTZqE_lE.roa
Signing time: Wed 20 Aug 2025 05:57:05 +0000
ROA not before: Wed 20 Aug 2025 05:57:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397630
IP address blocks: 31.58.57.0/24 maxlen: 24
31.58.162.0/24 maxlen: 24
31.58.166.0/24 maxlen: 24
31.59.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c6:0d:6e:e9:e4:7e:57:4c:b9:f5:06:d3:87:f0:5a:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 20 05:57:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dcc81576c942b72a1768536b330e44d9a84fe51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1e:be:a7:ee:2e:17:4d:af:57:82:23:55:ec:
04:80:78:b8:78:f9:76:3b:86:81:6e:8a:f3:05:79:
eb:4e:37:a2:98:f6:cb:a7:34:c9:86:38:d4:dd:e5:
ea:99:47:a3:95:44:d3:b7:4a:04:e9:35:61:d2:60:
2b:c2:a7:d1:3f:14:6f:08:48:c6:86:fb:45:84:94:
92:8d:90:75:40:a4:2a:f2:5c:ea:9c:4b:45:e1:0f:
fc:f7:04:6b:74:45:0c:9d:3c:f0:22:a7:e4:2b:83:
d4:ec:38:9c:59:d3:a5:92:6f:b5:38:5d:31:1f:7f:
4e:ba:c6:05:43:ba:42:20:af:6e:da:01:9d:b0:b0:
63:60:3c:9c:c8:87:eb:dd:73:55:35:fb:d3:da:cb:
24:2f:c3:a5:c4:02:a0:d1:c0:13:3b:b8:4c:1f:0a:
80:87:81:c1:47:0d:ae:13:ed:87:0b:d3:1c:41:07:
3f:85:27:40:aa:97:c8:c5:f4:5a:99:5f:0a:81:c7:
8e:81:ab:95:a7:ae:d1:43:c1:1f:1e:80:d2:31:d9:
fa:5f:2f:69:30:54:ee:07:64:1e:9e:19:60:47:f9:
e8:37:df:f2:ef:81:cc:37:e3:42:e0:2f:55:ca:f3:
8c:64:e6:3e:b7:e8:d2:cc:ba:2b:81:0d:1a:d0:f4:
58:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:CC:81:57:6C:94:2B:72:A1:76:85:36:B3:30:E4:4D:9A:84:FE:51
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TcyBV2yUK3KhdoU2szDkTZqE_lE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.57.0/24
31.58.162.0/24
31.58.166.0/24
31.59.215.0/24
Signature Algorithm: sha256WithRSAEncryption
18:d9:a9:c6:cd:09:c2:42:30:67:68:d0:51:88:3a:f0:b5:b2:
9c:44:b4:cf:28:72:65:a9:59:6a:d5:17:87:4a:ef:56:bc:f3:
10:72:0f:b6:78:dc:cb:8b:07:63:21:35:7c:d6:7d:32:c3:9b:
09:f6:7c:c3:a8:e6:20:c4:b9:4b:41:a7:97:45:e4:35:0b:dc:
72:f5:69:28:31:2d:02:cb:ff:d2:c1:33:bb:11:e3:f2:e4:86:
aa:cc:69:b2:93:f6:23:82:f0:0c:2d:64:47:56:08:27:82:03:
e6:69:b6:1f:9c:05:8a:ce:36:a4:fa:d7:9d:38:dd:69:f8:56:
9c:bb:a6:6c:fa:fd:fc:82:1a:d2:a7:71:30:17:23:1e:ee:ae:
7a:6f:99:51:00:0b:ca:c0:31:86:f4:cc:93:91:8c:2e:91:11:
33:20:fd:9d:c4:f1:91:dc:48:7b:cd:b8:96:2c:60:ac:66:4b:
1b:65:00:e6:9f:c7:81:e7:e0:42:4a:7b:3c:a3:dd:d7:51:e9:
7a:ce:e4:5c:82:34:fd:7f:33:fc:50:88:81:48:93:a8:09:db:
3c:cc:02:a2:9e:3f:9c:4c:b3:4e:d8:7d:15:8f:fa:a3:74:d4:
af:5a:a3:4e:a3:fe:79:33:4d:ee:12:c3:98:21:0e:59:8c:34:
c0:73:f2:f1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZjGDW7p5H5XTLn1BtOH8FpBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwODIwMDU1NzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGNjODE1NzZjOTQyYjcyYTE3Njg1MzZiMzMwZTQ0ZDlhODRmZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiR6+p+4uF02vV4IjVewEgHi4ePl2
O4aBborzBXnrTjeimPbLpzTJhjjU3eXqmUejlUTTt0oE6TVh0mArwqfRPxRvCEjG
hvtFhJSSjZB1QKQq8lzqnEtF4Q/89wRrdEUMnTzwIqfkK4PU7DicWdOlkm+1OF0x
H39OusYFQ7pCIK9u2gGdsLBjYDycyIfr3XNVNfvT2sskL8OlxAKg0cATO7hMHwqA
h4HBRw2uE+2HC9McQQc/hSdAqpfIxfRamV8KgceOgauVp67RQ8EfHoDSMdn6Xy9p
MFTuB2QenhlgR/noN9/y74HMN+NC4C9VyvOMZOY+t+jSzLorgQ0a0PRYXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE3MgVdslCtyoXaFNrMw5E2ahP5RMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVGN5QlYyeVVLM0toZG9VMnN6RGtUWnFFX2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzo5AwQA
HzqiAwQAHzqmAwQAHzvXMA0GCSqGSIb3DQEBCwUAA4IBAQAY2anGzQnCQjBnaNBR
iDrwtbKcRLTPKHJlqVlq1ReHSu9WvPMQcg+2eNzLiwdjITV81n0yw5sJ9nzDqOYg
xLlLQaeXReQ1C9xy9WkoMS0Cy//SwTO7EePy5IaqzGmyk/YjgvAMLWRHVggnggPm
abYfnAWKzjak+tedON1p+Facu6Zs+v38ghrSp3EwFyMe7q56b5lRAAvKwDGG9MyT
kYwukREzIP2dxPGR3Eh7zbiWLGCsZksbZQDmn8eB5+BCSns8o93XUel6zuRcgjT9
fzP8UIiBSJOoCds8zAKinj+cTLNO2H0Vj/qjdNSvWqNOo/55M03uEsOYIQ5ZjDTA
c/Lx
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:48:40 2025 by rpki-client