Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tnGmUOPRuK5-gKnjjSzXPq2TDzA.roa
File: tnGmUOPRuK5-gKnjjSzXPq2TDzA.roa (raw, json)
Hash identifier: rltpRZfd7Ga6zKsz/CvqFZ/UvVk6u+N/slgm41hpPCs=
Subject key identifier: B6:71:A6:50:E3:D1:B8:AE:7E:80:A9:E3:8D:2C:D7:3E:AD:93:0F:30
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01978820DA11564B6DEC748985AD861AA3E1
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tnGmUOPRuK5-gKnjjSzXPq2TDzA.roa
Signing time: Thu 19 Jun 2025 12:19:03 +0000
ROA not before: Thu 19 Jun 2025 12:19:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 31.56.16.0/22 maxlen: 24
31.57.16.0/21 maxlen: 24
31.57.36.0/23 maxlen: 24
31.57.135.0/24 maxlen: 24
31.57.168.0/23 maxlen: 24
31.57.184.0/23 maxlen: 24
31.57.208.0/22 maxlen: 22
31.57.216.0/23 maxlen: 24
31.57.250.0/23 maxlen: 24
31.58.76.0/22 maxlen: 24
31.58.92.0/22 maxlen: 24
31.58.176.0/22 maxlen: 24
31.58.200.0/22 maxlen: 24
31.58.216.0/22 maxlen: 24
31.58.235.0/24 maxlen: 24
31.58.240.0/22 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.58.252.0/22 maxlen: 24
31.59.64.0/22 maxlen: 24
31.59.80.0/22 maxlen: 24
31.59.124.0/22 maxlen: 24
31.59.140.0/22 maxlen: 24
31.59.148.0/22 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/22 maxlen: 24
31.59.164.0/23 maxlen: 24
31.59.176.0/21 maxlen: 24
31.59.188.0/22 maxlen: 24
31.59.192.0/22 maxlen: 24
31.59.216.0/22 maxlen: 24
217.60.16.0/21 maxlen: 24
217.60.28.0/22 maxlen: 24
217.60.40.0/22 maxlen: 24
217.60.64.0/18 maxlen: 24
217.60.187.0/24 maxlen: 24
217.60.196.0/23 maxlen: 24
217.60.244.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:09:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:88:20:da:11:56:4b:6d:ec:74:89:85:ad:86:1a:a3:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 19 12:19:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b671a650e3d1b8ae7e80a9e38d2cd73ead930f30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c4:19:88:49:37:af:df:79:ca:7d:22:aa:d8:
04:31:74:27:d0:4a:0c:eb:48:44:87:23:91:90:64:
d0:f5:02:e1:c4:a0:c9:e9:29:48:ef:53:98:eb:d8:
27:35:8e:73:75:05:ef:85:9b:af:27:99:25:51:cd:
17:67:7d:40:6b:03:c5:82:b8:4a:bd:7c:28:35:fc:
25:fa:30:c1:6a:73:8a:97:88:4b:cc:74:47:6c:58:
f4:07:2f:8f:00:3d:20:02:27:91:cd:1e:cc:62:23:
1c:de:9c:6a:10:31:09:08:b8:0e:d8:c6:85:d6:c0:
a7:7c:61:58:15:2d:26:fa:ef:69:82:9d:07:0c:50:
1c:d1:0f:a1:19:e2:bc:ec:70:e7:70:b8:d1:ca:3e:
14:2d:a7:07:45:2b:c8:f3:c8:44:40:64:52:12:64:
2f:d6:6c:95:11:77:65:40:34:73:38:7a:bc:97:4d:
22:6c:05:73:0d:ba:5f:c1:9e:f3:9f:c5:64:c8:8b:
3a:d9:fc:10:88:06:43:3f:fe:d1:5c:99:56:c7:d3:
d9:f0:cb:34:9a:ef:f2:f4:d6:6f:67:6c:29:22:5a:
00:80:72:56:ed:56:fe:b2:1d:c9:c5:10:7e:e3:5d:
e1:f1:96:ab:2d:99:76:ff:0c:e7:17:49:0c:21:04:
d4:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:71:A6:50:E3:D1:B8:AE:7E:80:A9:E3:8D:2C:D7:3E:AD:93:0F:30
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tnGmUOPRuK5-gKnjjSzXPq2TDzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.16.0/22
31.57.16.0/21
31.57.36.0/23
31.57.135.0/24
31.57.168.0/23
31.57.184.0/23
31.57.208.0/22
31.57.216.0/23
31.57.250.0/23
31.58.76.0/22
31.58.92.0/22
31.58.176.0/22
31.58.200.0/22
31.58.216.0/22
31.58.235.0/24
31.58.240.0-31.58.244.255
31.58.249.0-31.58.255.255
31.59.64.0/22
31.59.80.0/22
31.59.124.0/22
31.59.140.0/22
31.59.148.0-31.59.165.255
31.59.176.0/21
31.59.188.0-31.59.195.255
31.59.216.0/22
217.60.16.0/21
217.60.28.0/22
217.60.40.0/22
217.60.64.0/18
217.60.187.0/24
217.60.196.0/23
217.60.244.0/23
Signature Algorithm: sha256WithRSAEncryption
83:3e:e1:75:54:58:4e:a8:12:de:1b:c1:4d:26:85:98:1e:71:
2b:b9:5e:6b:a9:e1:a9:dd:eb:8f:27:01:47:f2:af:03:4f:15:
ac:23:86:79:54:ad:e6:85:92:8f:b9:9d:34:e1:4f:d7:7e:c6:
a3:a5:2e:0a:b1:3d:8a:00:9b:de:6d:b2:51:bc:a4:9e:fe:83:
51:8a:c8:89:9c:32:09:bd:c4:61:4f:21:ea:7c:03:ce:1a:0a:
21:a3:6e:b5:47:eb:35:35:fe:01:61:b7:9f:8a:f0:c2:5c:9c:
ed:74:72:58:94:40:fc:c7:b1:49:34:37:df:90:c7:0e:34:dc:
b5:5d:0a:10:83:57:1a:83:69:75:58:bd:4a:87:b0:ab:74:f0:
cd:c8:c7:a3:52:c3:4e:6d:ad:3f:66:0a:55:70:b8:76:62:a1:
81:5c:81:17:f5:e1:7d:87:6c:5e:a4:c6:78:2f:a4:b9:1c:0e:
cd:85:9e:4a:83:82:44:2d:52:0f:1b:96:1b:f3:4f:e2:82:60:
4a:6b:36:b3:22:f7:a6:4a:31:0c:65:9f:da:1e:bb:78:83:3c:
32:37:65:96:9b:69:79:de:22:05:d2:a3:62:4e:4b:63:88:00:
84:2f:1d:44:dc:2f:ed:68:b7:36:a7:e0:30:22:71:b0:dc:7b:
cd:ff:06:16
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAZeIINoRVktt7HSJha2GGqPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjE5MTIxOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjcxYTY1MGUzZDFiOGFlN2U4MGE5ZTM4ZDJjZDczZWFkOTMwZjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsQZiEk3r995yn0iqtgEMXQn0EoM
60hEhyORkGTQ9QLhxKDJ6SlI71OY69gnNY5zdQXvhZuvJ5klUc0XZ31AawPFgrhK
vXwoNfwl+jDBanOKl4hLzHRHbFj0By+PAD0gAieRzR7MYiMc3pxqEDEJCLgO2MaF
1sCnfGFYFS0m+u9pgp0HDFAc0Q+hGeK87HDncLjRyj4ULacHRSvI88hEQGRSEmQv
1myVEXdlQDRzOHq8l00ibAVzDbpfwZ7zn8VkyIs62fwQiAZDP/7RXJlWx9PZ8Ms0
mu/y9NZvZ2wpIloAgHJW7Vb+sh3JxRB+413h8ZarLZl2/wznF0kMIQTUIQIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFLZxplDj0biufoCp440s1z6tkw8wMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdG5HbVVPUFJ1SzUtZ0tuampTelhQcTJURHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TCB5gQCAAEwgd8DBAIf
OBADBAMfORADBAEfOSQDBAAfOYcDBAEfOagDBAEfObgDBAIfOdADBAEfOdgDBAEf
OfoDBAIfOkwDBAIfOlwDBAIfOrADBAIfOsgDBAIfOtgDBAAfOuswDAMEBB868AME
AB869DALAwQAHzr5AwMAHzoDBAIfO0ADBAIfO1ADBAIfO3wDBAIfO4wwDAMEAh87
lAMEAR87pAMEAx87sDAMAwQCHzu8AwQCHzvAAwQCHzvYAwQD2TwQAwQC2TwcAwQC
2TwoAwQG2TxAAwQA2Ty7AwQB2TzEAwQB2Tz0MA0GCSqGSIb3DQEBCwUAA4IBAQCD
PuF1VFhOqBLeG8FNJoWYHnEruV5rqeGp3euPJwFH8q8DTxWsI4Z5VK3mhZKPuZ00
4U/XfsajpS4KsT2KAJvebbJRvKSe/oNRisiJnDIJvcRhTyHqfAPOGgoho261R+s1
Nf4BYbefivDCXJztdHJYlED8x7FJNDffkMcONNy1XQoQg1cag2l1WL1Kh7CrdPDN
yMejUsNOba0/ZgpVcLh2YqGBXIEX9eF9h2xepMZ4L6S5HA7NhZ5Kg4JELVIPG5Yb
80/igmBKazazIvemSjEMZZ/aHrt4gzwyN2WWm2l53iIF0qNiTktjiACELx1E3C/t
aLc2p+AwInGw3HvN/wYW
-----END CERTIFICATE-----
Generated at Mon Jun 30 17:33:10 2025 by rpki-client