Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/469-tRhy9uWdM8xBfBBDbj18Mcc.roa
File: 469-tRhy9uWdM8xBfBBDbj18Mcc.roa (raw, json)
Hash identifier: haUHcfnKsiDzkI67wtRI7B3REItRez3ER1U7IGnZSyA=
Subject key identifier: E3:AF:7E:B5:18:72:F6:E5:9D:33:CC:41:7C:10:43:6E:3D:7C:31:C7
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01986BC14BA8629A7F0F70B11D58DE9BE9D1
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/469-tRhy9uWdM8xBfBBDbj18Mcc.roa
Signing time: Sat 02 Aug 2025 17:08:06 +0000
ROA not before: Sat 02 Aug 2025 17:08:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4766
IP address blocks: 31.56.172.0/24 maxlen: 24
31.56.173.0/24 maxlen: 24
31.56.242.0/24 maxlen: 24
31.56.243.0/24 maxlen: 24
31.56.244.0/24 maxlen: 24
31.56.245.0/24 maxlen: 24
217.60.0.0/21 maxlen: 24
217.60.3.0/24 maxlen: 24
217.60.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 00:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:6b:c1:4b:a8:62:9a:7f:0f:70:b1:1d:58:de:9b:e9:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 2 17:08:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e3af7eb51872f6e59d33cc417c10436e3d7c31c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bb:d8:1b:a8:59:14:b8:13:55:0f:5d:fe:36:
f0:35:0c:11:cf:b4:9b:49:c9:6c:4b:f9:94:aa:79:
56:48:d5:1e:8e:bd:a3:52:e7:10:54:31:37:f8:d6:
4c:27:06:37:c7:02:83:65:fb:64:d9:b1:1d:0d:eb:
b7:8c:db:31:15:da:5d:b6:dc:85:c5:44:77:c2:d3:
65:c7:8b:d1:17:83:40:6c:7d:83:63:46:e9:ea:73:
03:25:7f:5b:fd:c2:cf:4d:cc:31:29:52:4a:c2:53:
fb:b6:40:fb:d6:bd:fb:69:4b:12:58:fe:e3:4c:a1:
26:c6:4d:8d:b3:18:4b:12:c4:89:a9:c1:7e:48:9e:
17:d0:23:d1:04:0c:ef:2e:96:27:03:75:cb:83:92:
67:7b:5f:4f:01:50:e5:6d:64:8d:36:0a:59:7a:e1:
0b:7b:b8:b2:c3:1f:f8:89:50:e9:d8:a9:8e:ad:ce:
c1:4e:e5:04:0e:14:20:b2:b6:c9:77:cf:10:be:ad:
cc:94:b8:04:3d:b0:57:57:70:ee:e6:00:4b:45:74:
6a:91:74:94:db:0b:38:c4:85:30:65:c0:52:7b:74:
a8:a2:d6:22:fe:f4:c1:81:a8:bb:f6:f4:c7:5f:e9:
99:02:e7:2d:e7:99:3b:c4:f5:6a:73:0d:30:67:1c:
f1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:AF:7E:B5:18:72:F6:E5:9D:33:CC:41:7C:10:43:6E:3D:7C:31:C7
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/469-tRhy9uWdM8xBfBBDbj18Mcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.172.0/23
31.56.242.0-31.56.245.255
217.60.0.0/21
Signature Algorithm: sha256WithRSAEncryption
b8:aa:91:44:9b:34:8f:cd:a9:77:25:db:5e:20:48:08:39:b9:
b1:c4:c8:a5:50:6d:a1:1f:f7:62:5a:7b:16:1c:12:a2:1e:bc:
4d:6a:98:dc:ae:6f:74:fa:ad:d2:65:d8:3a:1c:b1:eb:51:d0:
60:81:17:27:da:7b:3a:ba:42:d8:f2:b3:3c:08:6b:a4:d7:7a:
c0:cb:77:62:f0:0c:bc:02:91:e5:7a:a9:27:a1:17:1b:91:31:
25:0a:74:d3:69:5b:ac:5c:fa:57:16:1b:75:bd:cd:d3:79:8a:
57:33:97:ec:40:c3:26:d8:74:0e:1d:8f:73:40:e7:b7:9c:8a:
1d:e2:20:48:8c:8d:5b:7d:df:65:73:e7:14:b0:62:59:76:8b:
30:7d:1f:2c:8a:03:b1:d3:e2:9e:d2:2d:39:c2:65:8e:a2:03:
62:17:17:f6:3f:79:ea:ff:7c:65:c3:f3:80:65:80:f2:49:20:
e6:a4:4f:30:40:68:c9:70:e8:ce:2d:dd:6b:2d:25:62:c3:40:
02:5f:ea:28:db:e6:cc:48:ed:e3:9e:8a:c6:10:da:6f:3a:78:
8f:a1:d0:60:7c:1e:f3:c0:a4:c2:cc:30:a6:2f:0c:e3:0e:3f:
46:45:c3:d4:53:06:c8:b2:36:3f:93:3c:a3:22:3e:fb:e8:ca:
60:fe:8f:ca
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZhrwUuoYpp/D3CxHVjem+nRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwODAyMTcwODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2FmN2ViNTE4NzJmNmU1OWQzM2NjNDE3YzEwNDM2ZTNkN2MzMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrvYG6hZFLgTVQ9d/jbwNQwRz7Sb
SclsS/mUqnlWSNUejr2jUucQVDE3+NZMJwY3xwKDZftk2bEdDeu3jNsxFdpdttyF
xUR3wtNlx4vRF4NAbH2DY0bp6nMDJX9b/cLPTcwxKVJKwlP7tkD71r37aUsSWP7j
TKEmxk2NsxhLEsSJqcF+SJ4X0CPRBAzvLpYnA3XLg5Jne19PAVDlbWSNNgpZeuEL
e7iywx/4iVDp2KmOrc7BTuUEDhQgsrbJd88Qvq3MlLgEPbBXV3Du5gBLRXRqkXSU
2ws4xIUwZcBSe3SootYi/vTBgai79vTHX+mZAuct55k7xPVqcw0wZxzxLwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOOvfrUYcvblnTPMQXwQQ249fDHHMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNDY5LXRSaHk5dVdkTTh4QmZCQkRiajE4TWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBHzisMAwD
BAEfOPIDBAEfOPQDBAPZPAAwDQYJKoZIhvcNAQELBQADggEBALiqkUSbNI/NqXcl
214gSAg5ubHEyKVQbaEf92JaexYcEqIevE1qmNyub3T6rdJl2DocsetR0GCBFyfa
ezq6QtjyszwIa6TXesDLd2LwDLwCkeV6qSehFxuRMSUKdNNpW6xc+lcWG3W9zdN5
ilczl+xAwybYdA4dj3NA57ecih3iIEiMjVt932Vz5xSwYll2izB9HyyKA7HT4p7S
LTnCZY6iA2IXF/Y/eer/fGXD84BlgPJJIOakTzBAaMlw6M4t3WstJWLDQAJf6ijb
5sxI7eOeisYQ2m86eI+h0GB8HvPApMLMMKYvDOMOP0ZFw9RTBsiyNj+TPKMiPvvo
ymD+j8o=
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:30:21 2025 by rpki-client