Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/eM2lLQA9fbZLdhuMjbLJ0ftNrsA.roa
File: eM2lLQA9fbZLdhuMjbLJ0ftNrsA.roa (raw, json)
Hash identifier: gCL9uihHAO4io26ItFR6MVgCW5OD+x1znIDYenfB3uQ=
Subject key identifier: 78:CD:A5:2D:00:3D:7D:B6:4B:76:1B:8C:8D:B2:C9:D1:FB:4D:AE:C0
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0196C49218F4C8C7500F2C23AE01E59CC424
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/eM2lLQA9fbZLdhuMjbLJ0ftNrsA.roa
Signing time: Mon 12 May 2025 12:57:11 +0000
ROA not before: Mon 12 May 2025 12:57:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.57.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.180.0/22 maxlen: 24
31.56.188.0/22 maxlen: 24
31.56.200.0/22 maxlen: 24
31.56.208.0/22 maxlen: 24
31.56.212.0/22 maxlen: 24
31.56.220.0/22 maxlen: 24
31.56.224.0/22 maxlen: 24
31.56.228.0/22 maxlen: 24
31.56.236.0/22 maxlen: 24
31.57.36.0/23 maxlen: 24
31.57.92.0/22 maxlen: 22
31.57.104.0/21 maxlen: 24
31.57.118.0/24 maxlen: 24
31.57.120.0/22 maxlen: 24
31.57.124.0/22 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.168.0/22 maxlen: 24
31.57.171.0/24 maxlen: 24
31.57.176.0/21 maxlen: 21
31.57.184.0/22 maxlen: 24
31.57.188.0/24 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.196.0/24 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.216.0/24 maxlen: 24
31.57.217.0/24 maxlen: 24
31.57.219.0/24 maxlen: 24
31.57.224.0/22 maxlen: 22
31.57.230.0/24 maxlen: 24
31.57.232.0/22 maxlen: 24
31.57.238.0/24 maxlen: 24
31.57.249.0/24 maxlen: 24
31.57.250.0/24 maxlen: 24
31.57.251.0/24 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.40.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.50.0/24 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.86.0/24 maxlen: 24
31.58.141.0/24 maxlen: 24
31.58.144.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.153.0/24 maxlen: 24
31.58.172.0/22 maxlen: 24
31.58.220.0/22 maxlen: 22
31.58.224.0/22 maxlen: 24
31.58.229.0/24 maxlen: 24
31.59.76.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.120.0/22 maxlen: 24
31.59.120.0/24 maxlen: 24
31.59.121.0/24 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
31.59.224.0/22 maxlen: 22
31.59.232.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 20:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:92:18:f4:c8:c7:50:0f:2c:23:ae:01:e5:9c:c4:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 12 12:57:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78cda52d003d7db64b761b8c8db2c9d1fb4daec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d4:e2:df:6f:60:f5:ce:0a:cb:c0:01:f7:37:
d8:b5:68:f8:34:06:ab:f2:13:9a:e1:05:c1:03:30:
ee:35:19:45:9e:b0:59:e7:e8:85:7f:61:eb:81:2b:
45:90:41:db:64:d4:6e:fc:95:e8:f1:a5:08:19:7b:
b5:73:6f:dd:eb:13:56:bd:78:77:c3:a9:5b:7f:eb:
df:20:80:b1:8f:2e:7c:3a:fb:6a:d8:34:8c:dd:1f:
c9:31:89:4f:2b:19:9f:b5:85:94:bc:a2:44:65:cb:
c3:17:94:28:34:2f:37:ba:13:ae:9d:a4:ba:4a:b7:
6f:37:b0:bc:db:c5:0d:de:55:e2:7f:b3:7c:b7:de:
b6:31:e6:0a:f7:ac:0d:63:37:94:82:3c:96:fa:69:
54:3d:07:48:f1:d5:76:a3:c1:fd:82:2c:7b:ea:b0:
57:d4:39:0c:04:fe:85:54:27:fb:9b:5a:57:ab:68:
cf:ac:e3:c1:14:d5:f9:1c:b5:97:a9:7f:64:f4:0c:
5c:2f:55:10:2f:1b:c7:1d:5d:05:76:54:70:bc:d5:
cd:6a:36:79:61:2d:0c:9b:06:73:bd:0d:56:30:b7:
6d:a2:bb:82:d7:10:21:50:02:8a:a3:c4:d9:7a:a4:
43:6e:82:c5:2e:42:b0:72:5f:ae:cd:33:47:15:39:
35:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:CD:A5:2D:00:3D:7D:B6:4B:76:1B:8C:8D:B2:C9:D1:FB:4D:AE:C0
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/eM2lLQA9fbZLdhuMjbLJ0ftNrsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.57.0/24
31.56.71.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.180.0/22
31.56.188.0/22
31.56.200.0/22
31.56.208.0/21
31.56.220.0-31.56.231.255
31.56.236.0/22
31.57.36.0/23
31.57.92.0/22
31.57.104.0/21
31.57.118.0/24
31.57.120.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.168.0/22
31.57.176.0-31.57.188.255
31.57.192.0-31.57.196.255
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.230.0/24
31.57.232.0/22
31.57.238.0/24
31.57.249.0-31.57.255.255
31.58.34.0/23
31.58.40.0/24
31.58.50.0/23
31.58.68.0/22
31.58.84.0/22
31.58.141.0/24
31.58.144.0/24
31.58.152.0/22
31.58.172.0/22
31.58.220.0-31.58.227.255
31.58.229.0/24
31.59.76.0/22
31.59.96.0/22
31.59.112.0/22
31.59.120.0/22
31.59.136.0-31.59.151.255
31.59.160.0/20
31.59.224.0/22
31.59.232.0/22
Signature Algorithm: sha256WithRSAEncryption
11:1a:22:f1:48:24:60:84:a9:00:83:c1:cb:30:35:ca:e0:30:
cc:bb:47:aa:36:12:05:fe:09:ac:7d:f5:40:cc:f3:31:e2:28:
73:06:38:e7:d2:8c:81:bc:05:b7:ba:e5:7e:ba:ac:ce:e0:5e:
ae:a6:a8:24:7c:66:3f:b1:c5:6d:ae:e3:89:d6:84:eb:0a:8a:
42:1e:3a:e5:45:93:26:b7:66:31:50:81:26:6c:c3:72:77:28:
82:12:ed:76:83:65:60:8a:aa:a9:fe:6a:02:2f:9e:4d:76:eb:
3d:dd:50:c3:cf:b5:63:8c:43:1d:17:44:5c:22:71:14:82:97:
ff:b1:e6:b5:25:71:6b:84:d0:4e:a1:0b:72:cd:cc:d5:e5:74:
54:ce:d1:75:a6:6d:a9:04:c1:9e:f8:8e:8c:c2:6b:0a:1f:2d:
5e:35:d0:b5:81:a2:d1:1a:4a:c4:47:74:d2:4f:94:cf:eb:ea:
f4:a5:de:61:d9:64:b2:99:97:7e:a0:5c:6c:85:71:06:aa:df:
cb:3c:61:70:e9:03:bf:78:63:82:a5:10:25:07:8c:45:04:97:
84:3e:18:34:43:ad:c5:e4:17:f8:56:54:bb:f1:67:0b:2e:b9:
ea:cf:38:43:81:d7:4d:c3:1e:bf:41:fb:52:e2:11:03:47:88:
86:c4:66:bc
-----BEGIN CERTIFICATE-----
MIIGZjCCBU6gAwIBAgISAZbEkhj0yMdQDywjrgHlnMQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTEyMTI1NzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGNkYTUyZDAwM2Q3ZGI2NGI3NjFiOGM4ZGIyYzlkMWZiNGRhZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtTi329g9c4Ky8AB9zfYtWj4NAar
8hOa4QXBAzDuNRlFnrBZ5+iFf2HrgStFkEHbZNRu/JXo8aUIGXu1c2/d6xNWvXh3
w6lbf+vfIICxjy58Ovtq2DSM3R/JMYlPKxmftYWUvKJEZcvDF5QoNC83uhOunaS6
SrdvN7C828UN3lXif7N8t962MeYK96wNYzeUgjyW+mlUPQdI8dV2o8H9gix76rBX
1DkMBP6FVCf7m1pXq2jPrOPBFNX5HLWXqX9k9AxcL1UQLxvHHV0FdlRwvNXNajZ5
YS0MmwZzvQ1WMLdtoruC1xAhUAKKo8TZeqRDboLFLkKwcl+uzTNHFTk1oQIDAQAB
o4IDcjCCA24wHQYDVR0OBBYEFHjNpS0APX22S3YbjI2yydH7Ta7AMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZU0ybExRQTlmYlpMZGh1TWpiTEowZnROcnNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhgYIKwYBBQUHAQcBAf8EggF1MIIBcTCCAW0EAgABMIIB
ZQMEAR84BAMEAB84OQMEAB84RwMEAR84WgMEAx84aAMEAR84cjAMAwQBHzh2AwQC
Hzh4AwQCHzi0AwQCHzi8AwQCHzjIAwQDHzjQMAwDBAIfONwDBAMfOOADBAIfOOwD
BAEfOSQDBAIfOVwDBAMfOWgDBAAfOXYDBAMfOXgDBAEfOYQDBAMfOYgDBAEfOZID
BAIfOagwDAMEBB85sAMEAB85vDAMAwQGHznAAwQAHznEAwQBHznIMAwDBAQfOdAD
BAIfOeADBAAfOeYDBAIfOegDBAAfOe4wCwMEAB85+QMDAR84AwQBHzoiAwQAHzoo
AwQBHzoyAwQCHzpEAwQCHzpUAwQAHzqNAwQAHzqQAwQCHzqYAwQCHzqsMAwDBAIf
OtwDBAIfOuADBAAfOuUDBAIfO0wDBAIfO2ADBAIfO3ADBAIfO3gwDAMEAx87iAME
Ax87kAMEBB87oAMEAh874AMEAh876DANBgkqhkiG9w0BAQsFAAOCAQEAERoi8Ugk
YISpAIPByzA1yuAwzLtHqjYSBf4JrH31QMzzMeIocwY459KMgbwFt7rlfrqszuBe
rqaoJHxmP7HFba7jidaE6wqKQh465UWTJrdmMVCBJmzDcncoghLtdoNlYIqqqf5q
Ai+eTXbrPd1Qw8+1Y4xDHRdEXCJxFIKX/7HmtSVxa4TQTqELcs3M1eV0VM7RdaZt
qQTBnviOjMJrCh8tXjXQtYGi0RpKxEd00k+Uz+vq9KXeYdlkspmXfqBcbIVxBqrf
yzxhcOkDv3hjgqUQJQeMRQSXhD4YNEOtxeQX+FZUu/FnCy656s84Q4HXTcMev0H7
UuIRA0eIhsRmvA==
-----END CERTIFICATE-----
Generated at Tue May 13 02:52:33 2025 by rpki-client