Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2R6AKJFDPLVbI0VvrjOVPUsPB5Q.roa
File: 2R6AKJFDPLVbI0VvrjOVPUsPB5Q.roa (raw, json)
Hash identifier: ySrps++4xqOHSNl4FxBaxDRXofHik+K+j4xdYZvLdV4=
Subject key identifier: D9:1E:80:28:91:43:3C:B5:5B:23:45:6F:AE:33:95:3D:4B:0F:07:94
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01976D29FEE795AD5CA6BBE29AD9EBE123B2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2R6AKJFDPLVbI0VvrjOVPUsPB5Q.roa
Signing time: Sat 14 Jun 2025 06:39:18 +0000
ROA not before: Sat 14 Jun 2025 06:39:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 31.56.4.0/23 maxlen: 23
31.56.48.0/24 maxlen: 24
31.56.57.0/24 maxlen: 24
31.56.77.0/24 maxlen: 24
31.56.90.0/23 maxlen: 23
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.56.114.0/23 maxlen: 24
31.56.118.0/23 maxlen: 24
31.56.120.0/22 maxlen: 24
31.56.146.0/24 maxlen: 24
31.56.180.0/22 maxlen: 24
31.56.188.0/22 maxlen: 24
31.56.196.0/22 maxlen: 24
31.56.200.0/22 maxlen: 24
31.56.204.0/22 maxlen: 22
31.56.208.0/22 maxlen: 24
31.56.212.0/22 maxlen: 24
31.56.228.0/22 maxlen: 24
31.56.236.0/22 maxlen: 24
31.57.12.0/23 maxlen: 24
31.57.36.0/23 maxlen: 24
31.57.38.0/23 maxlen: 23
31.57.60.0/22 maxlen: 24
31.57.92.0/22 maxlen: 22
31.57.99.0/24 maxlen: 24
31.57.104.0/21 maxlen: 24
31.57.120.0/22 maxlen: 24
31.57.124.0/22 maxlen: 24
31.57.132.0/23 maxlen: 23
31.57.136.0/21 maxlen: 24
31.57.146.0/23 maxlen: 24
31.57.168.0/22 maxlen: 24
31.57.176.0/21 maxlen: 21
31.57.184.0/22 maxlen: 24
31.57.192.0/22 maxlen: 24
31.57.200.0/23 maxlen: 24
31.57.208.0/20 maxlen: 24
31.57.216.0/24 maxlen: 24
31.57.217.0/24 maxlen: 24
31.57.224.0/22 maxlen: 22
31.57.232.0/22 maxlen: 24
31.57.250.0/24 maxlen: 24
31.57.251.0/24 maxlen: 24
31.57.252.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.64.0/23 maxlen: 24
31.58.68.0/22 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.134.0/24 maxlen: 24
31.58.152.0/22 maxlen: 24
31.58.171.0/24 maxlen: 24
31.58.172.0/22 maxlen: 24
31.58.220.0/22 maxlen: 22
31.58.224.0/22 maxlen: 24
31.58.226.0/24 maxlen: 24
31.59.76.0/22 maxlen: 24
31.59.96.0/22 maxlen: 22
31.59.112.0/22 maxlen: 22
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.212.0/22 maxlen: 24
31.59.224.0/22 maxlen: 22
31.59.232.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6d:29:fe:e7:95:ad:5c:a6:bb:e2:9a:d9:eb:e1:23:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 14 06:39:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d91e802891433cb55b23456fae33953d4b0f0794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:5d:32:28:b1:74:76:99:df:4b:89:b2:f7:63:
c7:e4:64:9a:09:f3:3d:34:2e:6c:2e:ad:d7:14:26:
bd:dd:39:91:e1:63:50:61:11:33:95:bd:64:ce:76:
0a:5c:6d:ff:5e:45:02:3c:7b:26:39:1e:04:10:7a:
ba:67:44:a9:98:5b:16:80:53:ed:a0:ef:9f:ea:45:
a2:4a:24:55:79:96:4b:c0:93:d9:6f:1f:a2:91:db:
98:52:f3:d9:43:b4:eb:21:dc:e4:06:b3:8b:5c:01:
a5:db:6e:10:07:d8:cf:a0:41:00:bd:03:4e:8b:5a:
22:36:3b:f8:9b:9b:14:ee:24:92:b7:11:91:42:5e:
6e:f6:8f:bd:ea:51:a7:7d:aa:9a:e6:b0:bd:c4:8a:
ad:a9:6b:52:51:b4:23:b7:48:01:c8:c9:56:fc:39:
84:ef:cf:fc:43:22:c7:f4:09:ea:85:83:d4:5f:17:
82:10:be:20:67:d1:d4:16:12:71:e4:bb:33:be:b6:
95:4c:c8:2d:00:17:9f:03:ac:b7:bc:72:79:31:40:
63:ec:4d:1b:4a:5e:03:f4:7a:1e:5d:95:82:0e:88:
70:1a:01:d3:50:e3:ea:60:71:ab:b8:74:23:ad:2c:
a4:83:ba:f4:a2:fa:74:59:d4:66:25:ea:9b:27:2a:
e2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:1E:80:28:91:43:3C:B5:5B:23:45:6F:AE:33:95:3D:4B:0F:07:94
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2R6AKJFDPLVbI0VvrjOVPUsPB5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/23
31.56.48.0/24
31.56.57.0/24
31.56.77.0/24
31.56.90.0/23
31.56.104.0/21
31.56.114.0/23
31.56.118.0-31.56.123.255
31.56.146.0/24
31.56.180.0/22
31.56.188.0/22
31.56.196.0-31.56.215.255
31.56.228.0/22
31.56.236.0/22
31.57.12.0/23
31.57.36.0/22
31.57.60.0/22
31.57.92.0/22
31.57.99.0/24
31.57.104.0/21
31.57.120.0/21
31.57.132.0/23
31.57.136.0/21
31.57.146.0/23
31.57.168.0/22
31.57.176.0-31.57.187.255
31.57.192.0/22
31.57.200.0/23
31.57.208.0-31.57.227.255
31.57.232.0/22
31.57.250.0-31.57.255.255
31.58.34.0/23
31.58.50.0/23
31.58.64.0/23
31.58.68.0/22
31.58.84.0/22
31.58.134.0/24
31.58.152.0/22
31.58.171.0-31.58.175.255
31.58.220.0-31.58.227.255
31.59.76.0/22
31.59.96.0/22
31.59.112.0/22
31.59.136.0-31.59.151.255
31.59.160.0/21
31.59.212.0/22
31.59.224.0/22
31.59.232.0/22
Signature Algorithm: sha256WithRSAEncryption
50:36:ed:ed:7b:e1:22:04:4e:6c:f6:69:e3:51:92:f9:84:19:
29:f1:51:93:77:75:39:64:3e:92:e7:1b:28:76:ba:34:5d:fd:
2b:52:a2:54:11:11:dd:1f:5f:9c:40:17:79:85:84:9b:b0:b4:
7f:95:2a:93:74:89:4d:06:65:14:9f:8f:15:a3:c7:80:cc:7c:
a5:42:77:00:b8:23:63:d1:f5:b0:e3:18:18:2e:90:31:4a:cd:
e7:35:e9:c9:e0:9e:5f:a1:47:b2:9d:4e:b3:41:c7:4c:0b:e5:
6a:32:6f:12:10:d5:84:70:16:fe:71:b7:d4:d2:e5:a4:b3:a0:
f7:75:ff:b7:3c:70:3d:65:f1:a6:d4:6e:65:12:68:d9:49:0a:
ee:09:f9:dd:f7:f0:a7:c2:43:f1:14:94:62:74:69:ab:55:b2:
87:08:6b:32:ac:cb:10:1a:7d:a8:23:d0:db:83:7f:a5:2e:a8:
11:e7:0c:20:48:7a:3d:02:84:a5:78:4d:59:0f:f7:7c:2e:ce:
4e:95:fe:98:7c:2d:5a:09:96:20:a6:63:eb:20:c2:cd:0a:5f:
4e:ad:47:ac:6c:93:d9:cc:86:71:45:94:e6:c7:84:a8:78:7e:
8f:16:85:ff:ff:e0:62:bd:8f:f1:c7:86:ec:3d:a7:ac:ca:76:
f8:a2:1c:3d
-----BEGIN CERTIFICATE-----
MIIGYDCCBUigAwIBAgISAZdtKf7nla1cprvimtnr4SOyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjE0MDYzOTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTFlODAyODkxNDMzY2I1NWIyMzQ1NmZhZTMzOTUzZDRiMGYwNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA710yKLF0dpnfS4my92PH5GSaCfM9
NC5sLq3XFCa93TmR4WNQYREzlb1kznYKXG3/XkUCPHsmOR4EEHq6Z0SpmFsWgFPt
oO+f6kWiSiRVeZZLwJPZbx+ikduYUvPZQ7TrIdzkBrOLXAGl224QB9jPoEEAvQNO
i1oiNjv4m5sU7iSStxGRQl5u9o+96lGnfaqa5rC9xIqtqWtSUbQjt0gByMlW/DmE
78/8QyLH9AnqhYPUXxeCEL4gZ9HUFhJx5LszvraVTMgtABefA6y3vHJ5MUBj7E0b
Sl4D9HoeXZWCDohwGgHTUOPqYHGruHQjrSykg7r0ovp0WdRmJeqbJyrioQIDAQAB
o4IDbDCCA2gwHQYDVR0OBBYEFNkegCiRQzy1WyNFb64zlT1LDweUMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMlI2QUtKRkRQTFZiSTBWdnJqT1ZQVXNQQjVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgAYIKwYBBQUHAQcBAf8EggFvMIIBazCCAWcEAgABMIIB
XwMEAR84BAMEAB84MAMEAB84OQMEAB84TQMEAR84WgMEAx84aAMEAR84cjAMAwQB
Hzh2AwQCHzh4AwQAHziSAwQCHzi0AwQCHzi8MAwDBAIfOMQDBAMfONADBAIfOOQD
BAIfOOwDBAEfOQwDBAIfOSQDBAIfOTwDBAIfOVwDBAAfOWMDBAMfOWgDBAMfOXgD
BAEfOYQDBAMfOYgDBAEfOZIDBAIfOagwDAMEBB85sAMEAh85uAMEAh85wAMEAR85
yDAMAwQEHznQAwQCHzngAwQCHznoMAsDBAEfOfoDAwEfOAMEAR86IgMEAR86MgME
AR86QAMEAh86RAMEAh86VAMEAB86hgMEAh86mDAMAwQAHzqrAwQEHzqgMAwDBAIf
OtwDBAIfOuADBAIfO0wDBAIfO2ADBAIfO3AwDAMEAx87iAMEAx87kAMEAx87oAME
Ah871AMEAh874AMEAh876DANBgkqhkiG9w0BAQsFAAOCAQEAUDbt7XvhIgRObPZp
41GS+YQZKfFRk3d1OWQ+kucbKHa6NF39K1KiVBER3R9fnEAXeYWEm7C0f5Uqk3SJ
TQZlFJ+PFaPHgMx8pUJ3ALgjY9H1sOMYGC6QMUrN5zXpyeCeX6FHsp1Os0HHTAvl
ajJvEhDVhHAW/nG31NLlpLOg93X/tzxwPWXxptRuZRJo2UkK7gn53ffwp8JD8RSU
YnRpq1WyhwhrMqzLEBp9qCPQ24N/pS6oEecMIEh6PQKEpXhNWQ/3fC7OTpX+mHwt
WgmWIKZj6yDCzQpfTq1HrGyT2cyGcUWU5seEqHh+jxaF///gYr2P8ceG7D2nrMp2
+KIcPQ==
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:54:20 2025 by rpki-client