Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/UkfIBY57NvgHFjR3wLdMSV9PT7E.roa
File: UkfIBY57NvgHFjR3wLdMSV9PT7E.roa (raw, json)
Hash identifier: aYcv5u2El5bF6AgkgFYGYDinT7JoWu7RSyk4qf1aO8Y=
Subject key identifier: 52:47:C8:05:8E:7B:36:F8:07:16:34:77:C0:B7:4C:49:5F:4F:4F:B1
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01989F24CD98CA7512392EA7E6809C2345EB
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/UkfIBY57NvgHFjR3wLdMSV9PT7E.roa
Signing time: Tue 12 Aug 2025 16:37:25 +0000
ROA not before: Tue 12 Aug 2025 16:37:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 31.56.88.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.176.0/24 maxlen: 24
31.57.194.0/24 maxlen: 24
31.58.59.0/24 maxlen: 24
31.58.71.0/24 maxlen: 24
31.58.146.0/24 maxlen: 24
31.59.14.0/24 maxlen: 24
31.59.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9f:24:cd:98:ca:75:12:39:2e:a7:e6:80:9c:23:45:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 12 16:37:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5247c8058e7b36f807163477c0b74c495f4f4fb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:dd:d6:35:4d:5c:1b:a5:b9:b5:c7:23:42:89:
a7:84:c8:72:b6:ce:3d:fe:90:14:0a:97:82:49:c6:
9f:72:0d:c0:48:95:a0:1a:ba:d8:33:9e:ba:a8:f2:
5a:9b:3c:6a:ef:ce:4a:aa:91:6b:45:2c:cb:e0:b0:
ac:ea:78:c7:21:59:3b:62:75:b8:3d:b2:bf:05:f3:
ee:e2:91:c5:b7:04:50:4e:a0:87:d3:fc:82:54:6c:
f1:73:ab:d6:6f:6d:c9:bf:27:40:c4:5b:d5:41:5a:
98:a4:de:cd:6c:2a:e8:46:20:23:63:fa:d3:64:68:
58:c0:72:f3:6e:1b:cf:78:9c:6b:2a:de:cf:32:87:
0c:81:63:ca:f9:6f:b5:40:0e:e3:ed:38:b6:f3:22:
0e:03:f1:45:3c:4f:88:bc:4b:c6:67:d7:3b:0b:e2:
9c:ec:a7:09:e1:9c:51:41:45:4f:d3:a4:1f:18:99:
95:3d:cd:d2:cb:9f:22:dd:cf:a8:12:50:46:cf:c2:
e3:74:8c:19:7e:4c:03:8f:e8:b1:d1:fa:14:3c:fc:
c9:dd:3f:2b:ec:0f:75:6b:af:79:77:e8:22:e5:0a:
c6:49:6d:78:1b:c4:c5:5c:89:0e:83:4a:63:a1:78:
6e:4a:ea:f3:d6:22:dc:ce:b3:ca:d5:7a:4a:bb:6d:
6f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:47:C8:05:8E:7B:36:F8:07:16:34:77:C0:B7:4C:49:5F:4F:4F:B1
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/UkfIBY57NvgHFjR3wLdMSV9PT7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.88.0/24
31.57.131.0/24
31.57.150.0/24
31.57.176.0/24
31.57.194.0/24
31.58.59.0/24
31.58.71.0/24
31.58.146.0/24
31.59.14.0/24
31.59.30.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:b0:02:bc:56:30:32:85:0d:bc:03:b3:93:93:dc:95:f4:3f:
6e:0b:1f:ff:ec:59:04:4a:ad:b9:15:23:94:ac:2d:81:c1:fa:
46:e8:a5:bb:0b:4b:d9:4c:63:8e:9b:95:52:5b:37:4d:4b:77:
3f:bc:d9:2d:03:57:f5:f8:a4:21:55:42:0b:5a:c2:dd:a6:e2:
4f:fa:9b:04:ce:55:ed:6c:9a:2c:7c:d2:15:18:21:39:1f:3b:
b0:1e:b3:0e:92:6a:00:75:3c:7c:b5:4e:93:0b:cd:d3:10:ad:
2b:c2:60:c0:41:f5:e1:3c:f9:87:0f:e1:05:0d:08:e5:c0:1a:
85:d2:6b:14:97:4f:e9:11:7a:2f:5c:2e:22:bd:ed:fa:51:4f:
18:d0:c0:55:7f:5d:0f:3d:cb:f8:6c:9d:86:83:b3:1a:e0:cb:
65:24:c0:39:3f:d4:16:39:89:ab:85:31:20:a2:c6:29:5d:42:
71:88:05:c8:b4:b4:42:fc:31:ae:6c:b1:a5:fe:d4:dd:85:5f:
70:9d:6b:90:db:40:37:9a:95:c2:86:4a:94:81:a8:ad:2e:8c:
2a:26:8b:7d:57:1d:0c:ab:03:b2:b7:17:03:1a:e3:02:59:7b:
b9:c9:85:73:92:25:8d:53:16:a9:7f:50:91:d9:a6:c4:72:87:
c0:12:03:43
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZifJM2YynUSOS6n5oCcI0XrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwODEyMTYzNzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQ3YzgwNThlN2IzNmY4MDcxNjM0NzdjMGI3NGM0OTVmNGY0ZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwt3WNU1cG6W5tccjQomnhMhyts49
/pAUCpeCScafcg3ASJWgGrrYM566qPJamzxq785KqpFrRSzL4LCs6njHIVk7YnW4
PbK/BfPu4pHFtwRQTqCH0/yCVGzxc6vWb23JvydAxFvVQVqYpN7NbCroRiAjY/rT
ZGhYwHLzbhvPeJxrKt7PMocMgWPK+W+1QA7j7Ti28yIOA/FFPE+IvEvGZ9c7C+Kc
7KcJ4ZxRQUVP06QfGJmVPc3Sy58i3c+oElBGz8LjdIwZfkwDj+ix0foUPPzJ3T8r
7A91a695d+gi5QrGSW14G8TFXIkOg0pjoXhuSurz1iLczrPK1XpKu21vqQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFFJHyAWOezb4BxY0d8C3TElfT0+xMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVWtmSUJZNTdOdmdIRmpSM3dMZE1TVjlQVDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAHzhYAwQA
HzmDAwQAHzmWAwQAHzmwAwQAHznCAwQAHzo7AwQAHzpHAwQAHzqSAwQAHzsOAwQA
HzseMA0GCSqGSIb3DQEBCwUAA4IBAQCisAK8VjAyhQ28A7OTk9yV9D9uCx//7FkE
Sq25FSOUrC2BwfpG6KW7C0vZTGOOm5VSWzdNS3c/vNktA1f1+KQhVUILWsLdpuJP
+psEzlXtbJosfNIVGCE5HzuwHrMOkmoAdTx8tU6TC83TEK0rwmDAQfXhPPmHD+EF
DQjlwBqF0msUl0/pEXovXC4ive36UU8Y0MBVf10PPcv4bJ2Gg7Ma4MtlJMA5P9QW
OYmrhTEgosYpXUJxiAXItLRC/DGubLGl/tTdhV9wnWuQ20A3mpXChkqUgaitLowq
Jot9Vx0MqwOytxcDGuMCWXu5yYVzkiWNUxapf1CR2abEcofAEgND
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:56:32 2025 by rpki-client