Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/D9YljAy3bSs1TnIAQuRdnuk8V20.roa
File: D9YljAy3bSs1TnIAQuRdnuk8V20.roa (raw, json)
Hash identifier: MWfAfI+U+4YLzT3Om6qUPX7DcZATH1MowUhBP9HdkIs=
Subject key identifier: 0F:D6:25:8C:0C:B7:6D:2B:35:4E:72:00:42:E4:5D:9E:E9:3C:57:6D
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A02436916A1D3F90CE67135AD227E1062
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/D9YljAy3bSs1TnIAQuRdnuk8V20.roa
Signing time: Mon 20 Oct 2025 15:36:03 +0000
ROA not before: Mon 20 Oct 2025 15:36:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 31.56.86.0/24 maxlen: 24
31.57.122.0/24 maxlen: 24
31.57.124.0/24 maxlen: 24
31.57.125.0/24 maxlen: 24
31.57.140.0/24 maxlen: 24
31.57.162.0/23 maxlen: 24
31.57.164.0/23 maxlen: 24
31.57.180.0/24 maxlen: 24
31.58.42.0/24 maxlen: 24
31.58.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:43:69:16:a1:d3:f9:0c:e6:71:35:ad:22:7e:10:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 20 15:36:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0fd6258c0cb76d2b354e720042e45d9ee93c576d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8b:16:af:d6:19:7a:18:3c:29:88:39:09:02:
de:17:a6:91:8d:90:5c:2c:24:8d:57:f9:17:b4:03:
81:04:fe:f9:09:70:a7:66:4d:7f:67:22:d4:ce:9e:
b2:bb:8a:ee:e1:6f:ee:ed:b9:18:bc:1e:65:07:6b:
99:0b:00:ed:98:d3:c3:99:ef:08:80:df:a3:0a:e2:
e9:7a:18:4d:2b:25:b7:8f:3c:e7:f1:1e:d8:74:1a:
9b:78:c6:22:d9:8f:e4:5b:68:81:b3:56:9a:4d:61:
c5:57:62:2a:a4:f4:6a:10:d4:56:e1:13:7e:a8:5d:
36:3a:6a:df:7f:a8:5f:5c:46:81:7a:78:f0:fb:75:
44:75:4b:0e:04:22:e6:86:cc:f9:32:28:c1:52:a1:
3d:e7:f9:f5:81:c9:04:2c:2b:55:35:97:3f:74:70:
c7:ce:42:2d:ee:7e:ae:48:60:b3:30:18:d6:fc:a3:
ab:58:1c:3f:0a:ac:aa:56:c1:1f:c7:44:f5:64:0a:
58:ad:f5:cf:cb:e9:c1:e7:83:99:1a:2c:9b:95:73:
08:81:3a:2c:ab:ca:7e:ba:9d:07:f9:32:12:7d:46:
9d:c3:8f:94:92:f0:3e:38:3d:e3:43:e5:67:5a:15:
17:04:42:23:39:42:9f:9c:08:d7:7e:3c:37:3c:a3:
a5:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D6:25:8C:0C:B7:6D:2B:35:4E:72:00:42:E4:5D:9E:E9:3C:57:6D
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/D9YljAy3bSs1TnIAQuRdnuk8V20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.86.0/24
31.57.122.0/24
31.57.124.0/23
31.57.140.0/24
31.57.162.0-31.57.165.255
31.57.180.0/24
31.58.42.0/24
31.58.48.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:76:f1:67:c2:f6:8b:2f:2c:08:3b:d1:72:d0:eb:9b:53:8f:
ba:9f:07:54:90:16:1e:64:b6:bf:96:76:d8:7f:24:50:d4:b8:
1c:80:9d:71:3c:f5:e9:90:3d:4e:f4:a8:df:73:10:d1:87:5f:
20:e2:dd:bf:22:b2:92:4f:f3:8b:63:49:0e:e8:1f:3b:a9:c5:
86:e8:83:94:a4:0b:67:ee:03:56:a8:fc:fd:6e:7d:1c:96:9f:
a8:12:30:2f:0c:a6:24:eb:4e:d9:93:92:41:48:16:e0:93:83:
80:6c:13:09:e2:6c:3d:f4:63:91:5b:85:46:ed:b1:a4:aa:08:
1c:ae:56:9f:08:d1:a3:61:f2:4e:9f:69:55:74:a7:5a:6a:b8:
e1:a8:1a:bb:d8:42:00:8e:5a:f3:7c:09:a5:e1:e0:3f:eb:2c:
b0:38:dd:3b:a9:04:86:ed:39:7a:74:5b:b7:58:10:5d:43:36:
a9:9e:b4:06:6e:2a:0f:d8:f1:ff:1e:20:78:d4:f8:af:eb:c2:
3b:28:95:ff:20:25:f1:02:88:77:3c:37:aa:ed:75:5f:58:53:
77:05:93:2b:20:42:b5:ea:91:49:c8:92:3c:f8:6f:29:ee:2e:
b2:6d:d6:d2:50:7a:a6:10:e7:98:05:9c:aa:48:dc:51:10:97:
29:df:36:f4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZoCQ2kWodP5DOZxNa0ifhBiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMDIwMTUzNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQ2MjU4YzBjYjc2ZDJiMzU0ZTcyMDA0MmU0NWQ5ZWU5M2M1NzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqosWr9YZehg8KYg5CQLeF6aRjZBc
LCSNV/kXtAOBBP75CXCnZk1/ZyLUzp6yu4ru4W/u7bkYvB5lB2uZCwDtmNPDme8I
gN+jCuLpehhNKyW3jzzn8R7YdBqbeMYi2Y/kW2iBs1aaTWHFV2IqpPRqENRW4RN+
qF02Omrff6hfXEaBenjw+3VEdUsOBCLmhsz5MijBUqE95/n1gckELCtVNZc/dHDH
zkIt7n6uSGCzMBjW/KOrWBw/CqyqVsEfx0T1ZApYrfXPy+nB54OZGiyblXMIgTos
q8p+up0H+TISfUadw4+UkvA+OD3jQ+VnWhUXBEIjOUKfnAjXfjw3PKOl9QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFA/WJYwMt20rNU5yAELkXZ7pPFdtMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRDlZbGpBeTNiU3MxVG5JQVF1UmRudWs4VjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAHzhWAwQA
Hzl6AwQBHzl8AwQAHzmMMAwDBAEfOaIDBAEfOaQDBAAfObQDBAAfOioDBAAfOjAw
DQYJKoZIhvcNAQELBQADggEBAJp28WfC9osvLAg70XLQ65tTj7qfB1SQFh5ktr+W
dth/JFDUuByAnXE89emQPU70qN9zENGHXyDi3b8ispJP84tjSQ7oHzupxYbog5Sk
C2fuA1ao/P1ufRyWn6gSMC8MpiTrTtmTkkFIFuCTg4BsEwnibD30Y5FbhUbtsaSq
CByuVp8I0aNh8k6faVV0p1pquOGoGrvYQgCOWvN8CaXh4D/rLLA43TupBIbtOXp0
W7dYEF1DNqmetAZuKg/Y8f8eIHjU+K/rwjsolf8gJfECiHc8N6rtdV9YU3cFkysg
QrXqkUnIkjz4bynuLrJt1tJQeqYQ55gFnKpI3FEQlynfNvQ=
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:05:38 2025 by rpki-client