Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/m08qkN-bZUrSgp7pONDpFdB6TKM.roa
File: m08qkN-bZUrSgp7pONDpFdB6TKM.roa (raw, json)
Hash identifier: cbJjKcr3tYXI1YaE5t3h/VpGkHpGNzrgkWDjX1Ufii8=
Subject key identifier: 9B:4F:2A:90:DF:9B:65:4A:D2:82:9E:E9:38:D0:E9:15:D0:7A:4C:A3
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0199ED69D38E1FF944F5C904F342BC93048A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/m08qkN-bZUrSgp7pONDpFdB6TKM.roa
Signing time: Thu 16 Oct 2025 14:25:59 +0000
ROA not before: Thu 16 Oct 2025 14:25:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 31.56.66.0/24 maxlen: 24
31.57.35.0/24 maxlen: 24
31.57.100.0/24 maxlen: 24
31.57.120.0/24 maxlen: 24
31.57.170.0/24 maxlen: 24
31.57.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ed:69:d3:8e:1f:f9:44:f5:c9:04:f3:42:bc:93:04:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 16 14:25:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b4f2a90df9b654ad2829ee938d0e915d07a4ca3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:65:76:4f:2e:34:c3:0d:7a:c8:67:59:cd:20:
a1:4a:c6:d9:a5:25:8d:c2:7c:ad:48:16:b8:52:55:
b7:d9:77:ef:8f:6a:f3:be:16:b8:44:aa:01:2f:40:
67:45:59:48:3e:8e:6d:f3:39:3d:9b:52:43:8e:d3:
e0:0c:82:d2:43:8a:67:82:2f:96:d1:05:90:ee:ed:
05:71:0b:c0:86:2d:ac:07:21:e2:b1:db:0d:e1:37:
f9:97:a5:b8:b4:0a:ee:80:7f:e7:68:26:1d:ff:06:
20:ea:93:06:4d:cb:48:66:ab:1c:98:94:9d:19:ca:
43:0d:2f:f5:46:0c:12:a0:55:05:bf:1e:8d:06:d5:
99:cf:84:07:bf:62:a9:fb:a5:69:c1:9c:c1:73:00:
b6:e5:0b:ed:42:1d:af:78:3b:a3:74:80:69:7c:81:
cc:e3:2b:75:9c:a0:36:22:07:ff:5e:00:ac:99:64:
aa:e7:ac:1a:04:ab:61:c2:85:d5:fb:95:50:42:8f:
14:a2:d2:1f:89:ca:3a:d7:26:5a:4f:0a:1a:d2:e6:
36:c7:c2:37:64:2f:b7:3e:96:a7:d2:ef:a7:df:49:
ce:d8:16:6f:42:eb:76:d0:f5:f4:a8:39:1d:46:6c:
0c:8d:4e:35:6b:03:02:b7:1a:ce:38:1f:05:ae:b3:
ea:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:4F:2A:90:DF:9B:65:4A:D2:82:9E:E9:38:D0:E9:15:D0:7A:4C:A3
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/m08qkN-bZUrSgp7pONDpFdB6TKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.66.0/24
31.57.35.0/24
31.57.100.0/24
31.57.120.0/24
31.57.170.0/24
31.57.228.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:4e:fb:e4:90:24:8c:1c:6c:60:23:d4:2f:d6:fc:09:a7:0a:
d8:43:5f:aa:7c:a1:01:8e:e7:22:a9:70:74:19:f7:7b:a1:aa:
72:d4:f4:2a:b9:2d:8e:8e:d5:9b:a8:60:11:af:c7:16:78:7b:
ea:be:a4:f6:b0:24:ff:c3:e4:6e:bd:ff:ed:97:72:b3:6e:84:
ef:03:0f:22:26:f7:d4:72:1f:b5:fb:21:20:c0:a4:ca:9f:85:
a5:62:4a:00:a1:63:57:fe:f1:7a:06:e4:2e:17:28:d7:4b:f4:
d2:98:06:ed:6d:67:bf:6f:de:74:1b:00:eb:06:7c:19:04:c6:
30:4c:c7:d8:39:42:f4:08:02:d4:b0:ce:3c:20:eb:4f:a8:f0:
36:a1:f2:63:ef:10:09:6d:11:02:91:30:5c:d0:78:dd:b3:e5:
70:c0:7a:10:f9:90:60:c3:a5:64:71:c3:2c:ec:2f:89:76:4c:
05:9a:4e:b1:34:7a:3a:d9:77:61:e3:a9:51:0a:97:7c:73:35:
c6:92:49:ab:80:28:dd:b7:42:90:22:19:5b:c7:34:d3:d9:fd:
12:e7:66:d5:26:50:98:65:1a:dc:c5:70:1d:d1:de:fb:c0:fa:
81:4e:0d:e4:90:d5:5c:14:a5:8e:64:06:93:9e:b7:f3:d8:49:
21:fc:f8:49
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZntadOOH/lE9ckE80K8kwSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMDE2MTQyNTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjRmMmE5MGRmOWI2NTRhZDI4MjllZTkzOGQwZTkxNWQwN2E0Y2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA82V2Ty40ww16yGdZzSChSsbZpSWN
wnytSBa4UlW32Xfvj2rzvha4RKoBL0BnRVlIPo5t8zk9m1JDjtPgDILSQ4pngi+W
0QWQ7u0FcQvAhi2sByHisdsN4Tf5l6W4tArugH/naCYd/wYg6pMGTctIZqscmJSd
GcpDDS/1RgwSoFUFvx6NBtWZz4QHv2Kp+6VpwZzBcwC25QvtQh2veDujdIBpfIHM
4yt1nKA2Igf/XgCsmWSq56waBKthwoXV+5VQQo8UotIfico61yZaTwoa0uY2x8I3
ZC+3Ppan0u+n30nO2BZvQut20PX0qDkdRmwMjU41awMCtxrOOB8FrrPq8QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJtPKpDfm2VK0oKe6TjQ6RXQekyjMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvbTA4cWtOLWJaVXJTZ3A3cE9ORHBGZEI2VEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAHzhCAwQA
HzkjAwQAHzlkAwQAHzl4AwQAHzmqAwQAHznkMA0GCSqGSIb3DQEBCwUAA4IBAQCx
TvvkkCSMHGxgI9Qv1vwJpwrYQ1+qfKEBjuciqXB0Gfd7oapy1PQquS2OjtWbqGAR
r8cWeHvqvqT2sCT/w+Ruvf/tl3KzboTvAw8iJvfUch+1+yEgwKTKn4WlYkoAoWNX
/vF6BuQuFyjXS/TSmAbtbWe/b950GwDrBnwZBMYwTMfYOUL0CALUsM48IOtPqPA2
ofJj7xAJbRECkTBc0Hjds+VwwHoQ+ZBgw6VkccMs7C+JdkwFmk6xNHo62Xdh46lR
Cpd8czXGkkmrgCjdt0KQIhlbxzTT2f0S52bVJlCYZRrcxXAd0d77wPqBTg3kkNVc
FKWOZAaTnrfz2Ekh/PhJ
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:25 2025 by rpki-client