Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0UPfsb0tIgq2flEahSuJU5R0Bjs.roa
File: 0UPfsb0tIgq2flEahSuJU5R0Bjs.roa (raw, json)
Hash identifier: q0/DptX8QgWZ+29sJ0tmVI9dZK2ppdgEmf1iUwQinOc=
Subject key identifier: D1:43:DF:B1:BD:2D:22:0A:B6:7E:51:1A:85:2B:89:53:94:74:06:3B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0197224FAAE176620244B9955C40D3B57524
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0UPfsb0tIgq2flEahSuJU5R0Bjs.roa
Signing time: Fri 30 May 2025 17:48:55 +0000
ROA not before: Fri 30 May 2025 17:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 31.56.88.0/24 maxlen: 24
31.56.112.0/21 maxlen: 24
31.57.11.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.176.0/24 maxlen: 24
31.57.194.0/24 maxlen: 24
31.58.59.0/24 maxlen: 24
31.58.71.0/24 maxlen: 24
31.58.146.0/24 maxlen: 24
31.59.14.0/24 maxlen: 24
31.59.30.0/24 maxlen: 24
31.59.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:22:4f:aa:e1:76:62:02:44:b9:95:5c:40:d3:b5:75:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 30 17:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d143dfb1bd2d220ab67e511a852b89539474063b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:84:96:4f:f6:a3:04:81:46:fa:95:75:a1:9b:
f2:2a:fd:c8:cc:d5:fd:c1:e6:fb:aa:86:6a:f4:d3:
65:a6:cb:2a:c6:59:6f:d6:7b:39:c4:5a:0c:4d:86:
73:85:65:2d:4c:8b:b5:ff:ac:63:50:52:63:31:2f:
1a:e9:e6:f8:03:f0:13:32:b9:49:1e:91:df:81:60:
ca:d7:29:9b:fd:85:6e:a5:de:12:dc:f0:db:c6:13:
ca:30:85:b5:ce:2c:bf:18:3b:34:9f:29:55:e7:3a:
7e:a2:f0:d6:0f:b6:47:2a:16:99:c8:ba:2e:be:ba:
99:6c:79:f2:fc:9f:a9:c9:2b:c6:50:12:65:80:48:
25:da:75:eb:d1:40:2f:7c:c7:de:99:9c:1d:6b:6f:
36:ca:04:d9:b5:ef:80:88:f3:c2:ef:d0:42:51:56:
ec:ff:47:c6:a8:a8:a5:4a:c0:6d:7b:d6:48:d3:fb:
bb:65:4a:eb:30:e7:30:32:39:22:d6:70:b8:01:08:
cd:ae:27:0c:1f:aa:f3:14:71:11:fd:82:48:cc:00:
31:7f:ee:37:a0:b6:90:e5:9f:cd:70:ff:98:0a:3d:
a4:36:51:71:dc:4e:3e:32:ee:00:9e:80:73:62:a9:
54:03:99:62:97:46:ae:84:33:f6:06:1f:a9:59:e5:
64:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:43:DF:B1:BD:2D:22:0A:B6:7E:51:1A:85:2B:89:53:94:74:06:3B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0UPfsb0tIgq2flEahSuJU5R0Bjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.88.0/24
31.56.112.0/21
31.57.11.0/24
31.57.131.0/24
31.57.150.0/24
31.57.176.0/24
31.57.194.0/24
31.58.59.0/24
31.58.71.0/24
31.58.146.0/24
31.59.14.0/24
31.59.30.0/24
31.59.215.0/24
Signature Algorithm: sha256WithRSAEncryption
69:63:53:ee:2a:e3:7d:6c:36:72:c8:5b:d7:58:07:6b:1f:a8:
4f:6d:82:1c:fd:a5:d5:6d:1c:9e:f6:22:88:4b:41:7f:f3:ce:
aa:9d:1f:05:f6:d6:9c:ac:13:d7:84:bf:b1:ce:5c:c0:0f:f8:
a8:8e:8f:4f:9e:bd:cd:f2:a3:7c:a2:d3:b5:c9:46:47:77:25:
de:ef:f4:30:84:5c:d3:78:cc:3b:e3:09:a6:86:86:4d:a5:dd:
c5:cd:5f:b5:90:0b:94:cf:05:82:fa:5e:a8:38:c1:1f:1f:97:
22:0f:76:c2:7a:d8:fd:f1:68:73:d1:b6:17:3c:9d:de:94:fe:
6f:fb:2a:6b:ee:fd:2c:b6:57:11:c1:bf:0d:dc:35:8f:a2:a6:
1f:48:62:c4:b0:08:17:6e:97:40:16:df:39:d4:12:58:80:11:
11:05:da:0c:ef:ad:a4:b4:0a:11:c8:4e:7c:e1:65:8c:97:19:
09:8c:bf:05:81:aa:eb:05:cc:af:f2:71:7c:c1:31:d1:0a:e1:
02:65:53:97:31:aa:ff:bf:e3:62:70:71:e2:da:7b:94:94:05:
af:79:a3:9c:ac:25:fb:39:d1:91:ca:7e:a7:d9:04:73:d5:d1:
56:8e:f8:0c:27:f4:10:b7:8f:95:e3:29:84:6e:ed:46:9e:f0:
b4:c4:1f:f7
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZciT6rhdmICRLmVXEDTtXUkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTMwMTc0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTQzZGZiMWJkMmQyMjBhYjY3ZTUxMWE4NTJiODk1Mzk0NzQwNjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YSWT/ajBIFG+pV1oZvyKv3IzNX9
web7qoZq9NNlpssqxllv1ns5xFoMTYZzhWUtTIu1/6xjUFJjMS8a6eb4A/ATMrlJ
HpHfgWDK1ymb/YVupd4S3PDbxhPKMIW1ziy/GDs0nylV5zp+ovDWD7ZHKhaZyLou
vrqZbHny/J+pySvGUBJlgEgl2nXr0UAvfMfemZwda282ygTZte+AiPPC79BCUVbs
/0fGqKilSsBte9ZI0/u7ZUrrMOcwMjki1nC4AQjNricMH6rzFHER/YJIzAAxf+43
oLaQ5Z/NcP+YCj2kNlFx3E4+Mu4AnoBzYqlUA5lil0auhDP2Bh+pWeVk/QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFNFD37G9LSIKtn5RGoUriVOUdAY7MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMFVQZnNiMHRJZ3EyZmxFYWhTdUpVNVIwQmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAHzhYAwQD
HzhwAwQAHzkLAwQAHzmDAwQAHzmWAwQAHzmwAwQAHznCAwQAHzo7AwQAHzpHAwQA
HzqSAwQAHzsOAwQAHzseAwQAHzvXMA0GCSqGSIb3DQEBCwUAA4IBAQBpY1PuKuN9
bDZyyFvXWAdrH6hPbYIc/aXVbRye9iKIS0F/886qnR8F9tacrBPXhL+xzlzAD/io
jo9Pnr3N8qN8otO1yUZHdyXe7/QwhFzTeMw74wmmhoZNpd3FzV+1kAuUzwWC+l6o
OMEfH5ciD3bCetj98Whz0bYXPJ3elP5v+ypr7v0stlcRwb8N3DWPoqYfSGLEsAgX
bpdAFt851BJYgBERBdoM762ktAoRyE584WWMlxkJjL8FgarrBcyv8nF8wTHRCuEC
ZVOXMar/v+NicHHi2nuUlAWveaOcrCX7OdGRyn6n2QRz1dFWjvgMJ/QQt4+V4ymE
bu1GnvC0xB/3
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:47:15 2025 by rpki-client