Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/l5gAWTkdMSzBfxoZu9UCr-gxz5g.roa
File: l5gAWTkdMSzBfxoZu9UCr-gxz5g.roa (raw, json)
Hash identifier: QeQzOL1mH1zT6BszfLsNnUiuUz+hoZlD2F9ePYcHeHA=
Subject key identifier: 97:98:00:59:39:1D:31:2C:C1:7F:1A:19:BB:D5:02:AF:E8:31:CF:98
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0199E1E3ACC989F7724DC6EE5DF5DE3EB088
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/l5gAWTkdMSzBfxoZu9UCr-gxz5g.roa
Signing time: Tue 14 Oct 2025 08:43:38 +0000
ROA not before: Tue 14 Oct 2025 08:43:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 31.56.89.0/24 maxlen: 24
31.56.211.0/24 maxlen: 24
31.56.213.0/24 maxlen: 24
31.56.214.0/24 maxlen: 24
31.58.239.0/24 maxlen: 24
31.59.186.0/24 maxlen: 24
94.183.158.0/24 maxlen: 24
94.183.160.0/24 maxlen: 24
94.183.174.0/24 maxlen: 24
94.183.175.0/24 maxlen: 24
94.183.176.0/24 maxlen: 24
94.183.178.0/24 maxlen: 24
94.183.181.0/24 maxlen: 24
217.60.14.0/24 maxlen: 24
217.60.198.0/24 maxlen: 24
217.60.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e1:e3:ac:c9:89:f7:72:4d:c6:ee:5d:f5:de:3e:b0:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 14 08:43:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97980059391d312cc17f1a19bbd502afe831cf98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1a:4a:25:8e:0b:a8:6e:96:e4:d6:63:fb:27:
9b:bc:0b:bb:24:91:24:83:d1:0f:19:99:1d:37:c7:
86:93:eb:59:3a:cd:8e:e2:85:f2:d7:0c:9f:96:30:
f8:9a:b1:cb:9c:a5:e2:53:00:96:56:46:86:db:6c:
f7:17:41:5f:63:6e:3f:85:05:72:d0:dd:f9:fb:bc:
98:42:4c:a8:d2:37:4c:61:2f:4b:b4:cc:a5:55:9e:
a9:07:27:e1:d6:01:81:f4:86:de:19:01:19:bb:20:
d6:78:cc:4d:30:1d:ed:49:2d:53:70:43:ce:ed:97:
66:b8:c8:a1:3e:b9:2b:fb:83:18:b1:ae:38:08:8b:
76:e4:ab:c7:76:29:5c:eb:5a:7f:a6:47:65:d6:05:
12:1a:c6:42:6f:a9:35:fa:8c:0f:f7:f0:e3:03:44:
0c:b3:19:6a:09:cd:a1:cf:ac:b8:6e:88:d2:69:c2:
45:eb:10:ab:61:b2:2b:67:c6:04:ae:d8:6b:14:ce:
b4:fc:a8:a3:b7:c5:56:a9:c7:2b:4a:90:ea:ba:47:
0b:f2:22:ef:fe:c6:ad:7d:62:51:02:6b:d8:39:0c:
97:11:90:c0:65:12:e4:d7:f8:e0:03:32:67:8b:5f:
8d:c7:e0:f9:73:63:54:9e:5c:ec:d2:74:55:31:d4:
4b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:98:00:59:39:1D:31:2C:C1:7F:1A:19:BB:D5:02:AF:E8:31:CF:98
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/l5gAWTkdMSzBfxoZu9UCr-gxz5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.89.0/24
31.56.211.0/24
31.56.213.0-31.56.214.255
31.58.239.0/24
31.59.186.0/24
94.183.158.0/24
94.183.160.0/24
94.183.174.0-94.183.176.255
94.183.178.0/24
94.183.181.0/24
217.60.14.0/24
217.60.198.0/24
217.60.242.0/24
Signature Algorithm: sha256WithRSAEncryption
82:81:57:e1:6d:a4:25:0f:80:51:07:fb:ea:83:7b:a1:21:13:
37:5a:92:bb:e5:7a:c2:aa:27:b3:a0:18:e0:f4:94:f1:12:c7:
bc:17:65:d0:ce:8b:8e:63:22:cd:0e:0c:c1:ee:d7:ed:9e:48:
b6:73:89:54:f7:68:78:33:f8:38:b7:b5:6a:e2:fb:ea:52:9f:
83:74:9a:a4:57:ba:89:b5:37:ef:9e:b8:6f:1b:80:a9:20:6b:
3d:6b:53:d8:b2:f5:ec:7e:66:a4:3b:ab:0f:8c:7f:ce:1c:b0:
92:35:3c:8a:5b:e9:36:1b:aa:de:60:ca:bf:63:0a:0f:79:2f:
d9:5e:c4:f0:dd:30:db:d6:a0:34:0c:09:ea:a5:c5:39:2d:5f:
d2:c0:f8:c5:8f:9b:9b:ee:21:68:20:e6:e6:c3:b4:5f:0e:b3:
3d:29:8a:d7:da:56:51:dc:b6:e8:d2:27:47:b3:a8:2d:fb:e6:
4b:bb:50:83:ca:35:48:2d:d8:fe:b6:2f:f3:04:b8:aa:82:c7:
2a:91:3b:29:df:63:d2:a3:90:23:02:85:5d:a0:b7:41:08:91:
59:eb:e4:ea:19:cc:99:fb:b5:ff:a3:98:d2:b7:b5:61:76:8b:
03:4c:e5:98:c4:f3:b8:21:46:0f:fb:40:7c:5c:17:6d:ba:1d:
80:e1:6c:f9
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZnh46zJifdyTcbuXfXePrCIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMDE0MDg0MzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzk4MDA1OTM5MWQzMTJjYzE3ZjFhMTliYmQ1MDJhZmU4MzFjZjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphpKJY4LqG6W5NZj+yebvAu7JJEk
g9EPGZkdN8eGk+tZOs2O4oXy1wyfljD4mrHLnKXiUwCWVkaG22z3F0FfY24/hQVy
0N35+7yYQkyo0jdMYS9LtMylVZ6pByfh1gGB9IbeGQEZuyDWeMxNMB3tSS1TcEPO
7ZdmuMihPrkr+4MYsa44CIt25KvHdilc61p/pkdl1gUSGsZCb6k1+owP9/DjA0QM
sxlqCc2hz6y4bojSacJF6xCrYbIrZ8YErthrFM60/Kijt8VWqccrSpDqukcL8iLv
/satfWJRAmvYOQyXEZDAZRLk1/jgAzJni1+Nx+D5c2NUnlzs0nRVMdRL5wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFJeYAFk5HTEswX8aGbvVAq/oMc+YMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvbDVnQVdUa2RNU3pCZnhvWnU5VUNyLWd4ejVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQAHzhZAwQA
HzjTMAwDBAAfONUDBAAfONYDBAAfOu8DBAAfO7oDBABet54DBABet6AwDAMEAV63
rgMEAF63sAMEAF63sgMEAF63tQMEANk8DgMEANk8xgMEANk88jANBgkqhkiG9w0B
AQsFAAOCAQEAgoFX4W2kJQ+AUQf76oN7oSETN1qSu+V6wqons6AY4PSU8RLHvBdl
0M6LjmMizQ4Mwe7X7Z5ItnOJVPdoeDP4OLe1auL76lKfg3SapFe6ibU37564bxuA
qSBrPWtT2LL17H5mpDurD4x/zhywkjU8ilvpNhuq3mDKv2MKD3kv2V7E8N0w29ag
NAwJ6qXFOS1f0sD4xY+bm+4haCDm5sO0Xw6zPSmK19pWUdy26NInR7OoLfvmS7tQ
g8o1SC3Y/rYv8wS4qoLHKpE7Kd9j0qOQIwKFXaC3QQiRWevk6hnMmfu1/6OY0re1
YXaLA0zlmMTzuCFGD/tAfFwXbbodgOFs+Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:05:04 2025 by rpki-client