Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/uMy43dMAqQQjDbvlA-E0XaSJPDs.roa
File: uMy43dMAqQQjDbvlA-E0XaSJPDs.roa (raw, json)
Hash identifier: UZNyKT1Ua2+sS6iwazhY4CYeycNzUu/XdWfkAhVGRPM=
Subject key identifier: B8:CC:B8:DD:D3:00:A9:04:23:0D:BB:E5:03:E1:34:5D:A4:89:3C:3B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0197B5645CE747D68177FF63B32BFBF783CC
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/uMy43dMAqQQjDbvlA-E0XaSJPDs.roa
Signing time: Sat 28 Jun 2025 07:15:42 +0000
ROA not before: Sat 28 Jun 2025 07:15:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 31.56.113.0/24 maxlen: 24
31.56.154.0/24 maxlen: 24
31.56.158.0/24 maxlen: 24
31.56.159.0/24 maxlen: 24
31.56.168.0/24 maxlen: 24
31.56.169.0/24 maxlen: 24
31.56.170.0/24 maxlen: 24
31.56.171.0/24 maxlen: 24
31.56.174.0/24 maxlen: 24
31.56.175.0/24 maxlen: 24
31.57.24.0/22 maxlen: 24
31.57.28.0/22 maxlen: 24
31.57.105.0/24 maxlen: 24
31.57.106.0/24 maxlen: 24
31.57.107.0/24 maxlen: 24
31.57.108.0/24 maxlen: 24
31.57.109.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.212.0/22 maxlen: 24
217.60.0.0/21 maxlen: 24
217.60.0.0/24 maxlen: 24
217.60.1.0/24 maxlen: 24
217.60.2.0/24 maxlen: 24
217.60.4.0/24 maxlen: 24
217.60.5.0/24 maxlen: 24
217.60.6.0/24 maxlen: 24
217.60.12.0/22 maxlen: 24
217.60.12.0/24 maxlen: 24
217.60.13.0/24 maxlen: 24
217.60.14.0/24 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.60.0/22 maxlen: 24
217.60.60.0/24 maxlen: 24
217.60.61.0/24 maxlen: 24
217.60.62.0/24 maxlen: 24
217.60.63.0/24 maxlen: 24
217.60.188.0/22 maxlen: 24
217.60.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 15:11:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b5:64:5c:e7:47:d6:81:77:ff:63:b3:2b:fb:f7:83:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 28 07:15:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8ccb8ddd300a904230dbbe503e1345da4893c3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1b:fc:2b:5a:08:ef:30:b5:4e:2a:eb:62:a7:
0d:ae:ed:af:7f:a3:b3:4a:98:7c:5b:25:9b:73:2b:
0c:01:bd:a7:15:af:66:e5:3f:2a:ef:5e:e9:22:1c:
93:20:b3:9c:39:55:01:9d:d6:35:34:b2:be:b0:6e:
43:28:68:31:5e:60:88:b9:66:3a:f5:7b:af:a3:ed:
06:75:2e:46:9e:2a:ad:d4:1f:08:a8:87:90:d6:3a:
a3:91:d0:24:be:15:13:32:81:bf:57:af:1d:8c:42:
40:53:c2:12:d9:c3:1d:92:3f:ac:cb:1b:fc:3c:09:
be:3e:75:f9:53:4c:7b:a2:80:66:b7:ae:98:dc:b0:
ae:bf:d4:20:72:17:66:d4:a3:61:00:32:55:61:e1:
2b:8d:25:da:64:84:39:e8:00:bd:f8:b4:a5:5b:9e:
4f:1f:e1:a1:03:b1:c2:ad:02:ff:72:ec:f3:6e:98:
17:c7:9e:74:a8:b1:03:01:d0:f1:08:a6:2a:57:3f:
3e:44:40:e4:78:e6:71:eb:9f:c4:61:93:40:57:47:
a6:f8:14:11:5c:43:33:c6:c3:99:82:b7:72:c0:38:
52:07:b8:b5:52:ec:c5:51:66:ad:61:06:0c:77:3f:
48:b6:a3:5c:75:e6:00:02:04:13:4e:51:fb:75:f2:
33:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:CC:B8:DD:D3:00:A9:04:23:0D:BB:E5:03:E1:34:5D:A4:89:3C:3B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/uMy43dMAqQQjDbvlA-E0XaSJPDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.113.0/24
31.56.154.0/24
31.56.158.0/23
31.56.168.0/22
31.56.174.0/23
31.57.24.0/21
31.57.105.0-31.57.109.255
31.58.34.0/23
31.58.212.0/22
217.60.0.0/21
217.60.12.0/22
217.60.24.0/22
217.60.60.0/22
217.60.188.0-217.60.195.255
Signature Algorithm: sha256WithRSAEncryption
7f:dc:3a:7d:35:33:b2:02:e2:77:f0:f1:44:f1:18:32:98:99:
29:cb:16:50:b4:52:83:2a:74:26:db:e6:75:3f:73:65:f4:d9:
d2:c9:56:1d:1d:66:5e:4d:f2:f3:4c:13:55:13:7f:84:2b:a8:
74:ef:47:c4:81:bc:60:eb:72:12:2e:ce:4b:d3:ed:c4:b9:06:
48:de:8b:68:7e:a2:3c:3e:04:cd:ec:5c:d0:19:c6:2e:e8:8e:
4d:d8:67:0f:5b:6b:5d:c1:ad:43:54:58:de:6d:68:da:e5:5f:
9b:34:2b:ee:4c:d3:90:7e:c7:65:14:77:f7:74:19:64:4c:c5:
69:e8:5e:ee:36:fb:f4:15:61:d5:c8:0a:bf:82:8b:95:e5:17:
42:e8:d4:a6:1f:8c:ed:3f:85:a9:49:38:7e:cc:c9:ab:c8:9f:
cb:b3:80:70:d1:e9:be:78:37:9e:ab:d7:a2:09:b0:2e:a2:81:
01:1f:54:c9:87:b9:13:31:1a:95:45:66:7e:4b:03:6e:c8:2a:
a8:76:c2:4f:d5:37:13:cc:e3:7b:ed:bb:1f:1f:f1:31:b0:e5:
6d:37:3c:2c:8a:d7:cd:b6:19:02:3d:82:09:ce:a8:7d:16:84:
ff:d0:e6:01:bc:c5:87:ed:dc:2a:e2:95:67:85:f9:9d:12:69:
9f:1a:a6:71
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZe1ZFznR9aBd/9jsyv794PMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjI4MDcxNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGNjYjhkZGQzMDBhOTA0MjMwZGJiZTUwM2UxMzQ1ZGE0ODkzYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hv8K1oI7zC1TirrYqcNru2vf6Oz
Sph8WyWbcysMAb2nFa9m5T8q717pIhyTILOcOVUBndY1NLK+sG5DKGgxXmCIuWY6
9Xuvo+0GdS5Gniqt1B8IqIeQ1jqjkdAkvhUTMoG/V68djEJAU8IS2cMdkj+syxv8
PAm+PnX5U0x7ooBmt66Y3LCuv9Qgchdm1KNhADJVYeErjSXaZIQ56AC9+LSlW55P
H+GhA7HCrQL/cuzzbpgXx550qLEDAdDxCKYqVz8+REDkeOZx65/EYZNAV0em+BQR
XEMzxsOZgrdywDhSB7i1UuzFUWatYQYMdz9ItqNcdeYAAgQTTlH7dfIz0QIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFLjMuN3TAKkEIw275QPhNF2kiTw7MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdU15NDNkTUFxUVFqRGJ2bEEtRTBYYVNKUERzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQAHzhxAwQA
HziaAwQBHzieAwQCHzioAwQBHziuAwQDHzkYMAwDBAAfOWkDBAEfOWwDBAEfOiID
BAIfOtQDBAPZPAADBALZPAwDBALZPBgDBALZPDwwDAMEAtk8vAMEAtk8wDANBgkq
hkiG9w0BAQsFAAOCAQEAf9w6fTUzsgLid/DxRPEYMpiZKcsWULRSgyp0JtvmdT9z
ZfTZ0slWHR1mXk3y80wTVRN/hCuodO9HxIG8YOtyEi7OS9PtxLkGSN6LaH6iPD4E
zexc0BnGLuiOTdhnD1trXcGtQ1RY3m1o2uVfmzQr7kzTkH7HZRR393QZZEzFaehe
7jb79BVh1cgKv4KLleUXQujUph+M7T+FqUk4fszJq8ify7OAcNHpvng3nqvXogmw
LqKBAR9UyYe5EzEalUVmfksDbsgqqHbCT9U3E8zje+27Hx/xMbDlbTc8LIrXzbYZ
Aj2CCc6ofRaE/9DmAbzFh+3cKuKVZ4X5nRJpnxqmcQ==
-----END CERTIFICATE-----
Generated at Tue Jul 1 00:47:22 2025 by rpki-client