Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5O77RsiGD6qiSz0S5jOP-wUXEuw.roa
File: 5O77RsiGD6qiSz0S5jOP-wUXEuw.roa (raw, json)
Hash identifier: oTPkRB+WK5csJKhphrdfE2YK1xGMzWM7j/lXLyF4t74=
Subject key identifier: E4:EE:FB:46:C8:86:0F:AA:A2:4B:3D:12:E6:33:8F:FB:05:17:12:EC
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01987EE0FAB700D67A355AB55EEFCD294A19
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5O77RsiGD6qiSz0S5jOP-wUXEuw.roa
Signing time: Wed 06 Aug 2025 10:15:30 +0000
ROA not before: Wed 06 Aug 2025 10:15:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215242
IP address blocks: 31.58.211.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
217.60.251.0/24 maxlen: 24
217.60.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7e:e0:fa:b7:00:d6:7a:35:5a:b5:5e:ef:cd:29:4a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 6 10:15:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4eefb46c8860faaa24b3d12e6338ffb051712ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:68:a3:51:1b:08:8f:bc:df:04:c2:0a:28:5b:
ef:ee:eb:9f:22:46:e3:ad:a5:f3:11:ea:d3:24:bd:
ce:f4:5e:25:ca:e5:7a:2a:e1:b9:cf:8c:14:8f:f4:
b6:a2:4b:ea:47:4e:80:98:fe:ed:13:2e:8a:69:62:
85:8c:c5:f7:2a:af:ca:dd:2c:bf:d1:55:24:ca:20:
13:4a:8a:d5:ce:47:3b:fb:be:5f:21:89:4a:c0:df:
c0:83:f7:f0:78:b4:58:31:d7:7e:39:0b:9f:97:91:
69:9c:b6:e2:3e:38:f7:f9:86:13:84:ed:dd:fe:ee:
e1:25:3c:eb:e8:99:76:41:35:e1:11:2e:81:4e:c9:
66:ac:6e:02:81:3c:ee:5f:c6:07:9d:4f:7d:36:d5:
a7:36:4c:0c:87:53:6c:c2:9f:86:bb:2d:44:37:08:
d1:58:e5:00:9a:e0:68:7c:4c:0d:44:4b:8e:a6:41:
33:65:30:ce:28:6d:75:0f:ec:46:20:3b:2c:8b:cf:
1e:73:23:61:90:8d:c9:61:23:b8:ac:a3:b9:fe:2b:
86:c9:8f:73:bf:86:7b:b0:2f:21:68:24:d7:f7:27:
6b:e3:54:b4:ac:92:cf:5b:4c:4a:15:8d:cd:8c:0b:
b4:06:fe:07:75:22:d5:5c:15:e2:83:77:53:b1:e0:
37:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:EE:FB:46:C8:86:0F:AA:A2:4B:3D:12:E6:33:8F:FB:05:17:12:EC
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5O77RsiGD6qiSz0S5jOP-wUXEuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.211.0/24
31.58.236.0/24
31.58.246.0/23
31.58.249.0-31.58.251.255
217.60.251.0/24
217.60.254.0/24
Signature Algorithm: sha256WithRSAEncryption
91:52:79:e0:e9:d9:02:e6:d2:1c:dc:eb:c9:a6:a9:13:3a:a7:
a4:70:bb:01:76:91:44:f1:48:25:49:fd:a7:98:4c:2f:d4:75:
4f:70:2e:64:b1:fc:a6:ba:6a:c5:06:de:3c:37:c5:a6:6b:bb:
5d:18:a3:c7:fa:e4:fa:c2:f5:e1:46:03:ab:40:3e:c2:b8:34:
6c:15:0e:41:2b:d8:de:f0:56:33:a7:1c:ad:43:d3:c4:3b:ff:
fe:eb:0c:f8:d7:8a:02:cb:14:38:83:64:f7:87:1d:86:b5:e6:
25:59:51:00:c4:01:6e:ce:d5:07:95:c3:13:aa:f7:b7:a0:aa:
8e:29:5b:94:2c:b5:ba:ef:b5:6b:67:cf:a7:e6:94:97:62:c2:
66:d2:15:9f:7b:90:25:81:28:80:ac:f2:13:52:2c:79:14:67:
bb:df:d0:af:1e:74:4b:77:26:01:9d:89:9f:43:0b:82:ca:c4:
aa:41:be:b4:7e:f6:79:b4:34:e2:60:0b:fc:cd:f1:58:ac:65:
1b:35:1a:72:19:a8:7e:c7:9f:a2:5d:64:89:f0:f6:98:c7:27:
6c:6e:04:cf:4c:34:41:ca:d7:8d:6a:90:c7:4c:6f:26:aa:20:
d9:e3:bb:d8:02:30:4e:c0:9d:38:3f:16:6f:c5:93:26:38:9a:
e3:3f:81:4b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZh+4Pq3ANZ6NVq1Xu/NKUoZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwODA2MTAxNTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGVlZmI0NmM4ODYwZmFhYTI0YjNkMTJlNjMzOGZmYjA1MTcxMmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmijURsIj7zfBMIKKFvv7uufIkbj
raXzEerTJL3O9F4lyuV6KuG5z4wUj/S2okvqR06AmP7tEy6KaWKFjMX3Kq/K3Sy/
0VUkyiATSorVzkc7+75fIYlKwN/Ag/fweLRYMdd+OQufl5FpnLbiPjj3+YYThO3d
/u7hJTzr6Jl2QTXhES6BTslmrG4CgTzuX8YHnU99NtWnNkwMh1Nswp+Guy1ENwjR
WOUAmuBofEwNREuOpkEzZTDOKG11D+xGIDssi88ecyNhkI3JYSO4rKO5/iuGyY9z
v4Z7sC8haCTX9ydr41S0rJLPW0xKFY3NjAu0Bv4HdSLVXBXig3dTseA34wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFOTu+0bIhg+qoks9EuYzj/sFFxLsMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNU83N1JzaUdENnFpU3owUzVqT1Atd1VYRXV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAHzrTAwQA
HzrsAwQBHzr2MAwDBAAfOvkDBAIfOvgDBADZPPsDBADZPP4wDQYJKoZIhvcNAQEL
BQADggEBAJFSeeDp2QLm0hzc68mmqRM6p6RwuwF2kUTxSCVJ/aeYTC/UdU9wLmSx
/Ka6asUG3jw3xaZru10Yo8f65PrC9eFGA6tAPsK4NGwVDkEr2N7wVjOnHK1D08Q7
//7rDPjXigLLFDiDZPeHHYa15iVZUQDEAW7O1QeVwxOq97egqo4pW5QstbrvtWtn
z6fmlJdiwmbSFZ97kCWBKICs8hNSLHkUZ7vf0K8edEt3JgGdiZ9DC4LKxKpBvrR+
9nm0NOJgC/zN8VisZRs1GnIZqH7Hn6JdZInw9pjHJ2xuBM9MNEHK141qkMdMbyaq
INnju9gCME7AnTg/Fm/FkyY4muM/gUs=
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:34:29 2025 by rpki-client