Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OrvTZLUfWXcHQNZFkrypEod3Ae4.roa
File: OrvTZLUfWXcHQNZFkrypEod3Ae4.roa (raw, json)
Hash identifier: x4wbGg6rdIUcAdAni4X34pVQqrq0ddqJQOsfT71cjgE=
Subject key identifier: 3A:BB:D3:64:B5:1F:59:77:07:40:D6:45:92:BC:A9:12:87:77:01:EE
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01985714124F4B4C6A917A5C4848F7556EFE
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OrvTZLUfWXcHQNZFkrypEod3Ae4.roa
Signing time: Tue 29 Jul 2025 16:46:29 +0000
ROA not before: Tue 29 Jul 2025 16:46:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20326
IP address blocks: 31.57.196.0/24 maxlen: 24
31.57.238.0/24 maxlen: 24
31.58.56.0/24 maxlen: 24
31.59.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:57:14:12:4f:4b:4c:6a:91:7a:5c:48:48:f7:55:6e:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 29 16:46:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3abbd364b51f59770740d64592bca912877701ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:fc:37:be:33:15:77:f5:5c:fa:7d:ff:eb:dc:
e9:a0:26:ab:8d:64:64:59:29:82:bf:62:af:79:5e:
59:c5:e1:1b:1e:14:e7:89:03:8d:af:e0:07:da:8a:
27:03:ce:ae:46:16:f2:27:9e:d1:3a:6e:27:e5:19:
51:ac:09:f0:90:44:6f:c3:7f:84:2d:d1:8a:e3:30:
92:c2:06:d7:c5:4d:0d:8c:88:40:89:25:36:4f:e9:
7e:5e:af:27:06:c9:fc:1b:91:63:44:bc:2e:9b:d7:
19:d3:06:14:17:5e:ab:80:56:8c:13:20:1f:4f:58:
57:3f:ef:38:bc:ee:02:ce:6d:27:f8:46:ad:81:1d:
e2:3d:ee:90:90:f1:16:e5:45:d2:9e:83:a9:1c:75:
ae:fe:06:42:5e:05:f3:f0:f3:54:0e:fe:ae:4f:4f:
3e:23:15:c3:1c:a1:c0:a0:83:95:af:f4:cf:33:c3:
c7:a4:a0:8f:00:b3:fc:f3:34:01:8a:b6:16:e5:a2:
d8:73:ff:0f:25:8a:71:df:0d:57:1b:31:b8:f2:43:
cc:f9:1e:40:9d:f5:1b:23:cd:16:27:2d:94:3e:fe:
81:c2:58:a5:b1:6f:7d:1b:b9:e6:60:85:92:20:69:
c2:3e:b7:0a:2f:aa:2c:40:5f:fa:c0:cb:d8:7a:38:
31:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:BB:D3:64:B5:1F:59:77:07:40:D6:45:92:BC:A9:12:87:77:01:EE
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OrvTZLUfWXcHQNZFkrypEod3Ae4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.196.0/24
31.57.238.0/24
31.58.56.0/24
31.59.172.0/24
Signature Algorithm: sha256WithRSAEncryption
98:58:96:a8:3c:a6:69:bd:64:19:41:a5:5b:c2:c7:6d:b3:8d:
aa:ad:6f:81:db:6a:7c:39:15:91:a6:26:bb:58:43:42:f1:dc:
30:76:9b:02:ef:51:e9:e2:a5:d4:c7:3b:cd:a8:08:e9:cb:1f:
6c:77:16:c6:bd:c1:1f:95:26:fa:5b:87:50:76:cc:21:d4:c9:
fa:6e:01:b5:c1:57:41:dd:54:2c:ce:fd:e5:13:9c:b8:bc:09:
0f:51:34:cf:60:6a:63:0f:21:78:c4:41:30:ef:29:ca:7b:34:
e2:b2:e9:26:fd:08:20:eb:8d:e6:08:b3:58:72:84:e5:c7:86:
0e:0c:45:83:9a:28:10:de:29:c8:51:54:d0:f6:ac:87:af:62:
e7:76:79:1d:1b:c8:a6:a4:62:20:74:e4:72:08:c8:e8:9d:f9:
44:8a:51:38:25:49:1a:69:e0:99:84:12:38:69:b9:f7:e4:1c:
5f:37:88:83:9a:31:68:b0:9d:7e:81:35:89:77:5b:ec:cd:ee:
11:5d:e7:a4:ff:8e:93:c8:6d:ec:0e:22:41:f7:64:97:29:83:
49:4b:d1:5b:a9:ae:64:b4:f7:87:8b:bc:0a:7b:19:57:c7:c5:
ac:14:26:64:a3:48:cb:00:73:17:83:87:a4:e8:c2:bb:77:30:
9e:9f:94:96
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZhXFBJPS0xqkXpcSEj3VW7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzI5MTY0NjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWJiZDM2NGI1MWY1OTc3MDc0MGQ2NDU5MmJjYTkxMjg3NzcwMWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fw3vjMVd/Vc+n3/69zpoCarjWRk
WSmCv2KveV5ZxeEbHhTniQONr+AH2oonA86uRhbyJ57ROm4n5RlRrAnwkERvw3+E
LdGK4zCSwgbXxU0NjIhAiSU2T+l+Xq8nBsn8G5FjRLwum9cZ0wYUF16rgFaMEyAf
T1hXP+84vO4Czm0n+EatgR3iPe6QkPEW5UXSnoOpHHWu/gZCXgXz8PNUDv6uT08+
IxXDHKHAoIOVr/TPM8PHpKCPALP88zQBirYW5aLYc/8PJYpx3w1XGzG48kPM+R5A
nfUbI80WJy2UPv6BwlilsW99G7nmYIWSIGnCPrcKL6osQF/6wMvYejgxoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDq702S1H1l3B0DWRZK8qRKHdwHuMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvT3J2VFpMVWZXWGNIUU5aRmtyeXBFb2QzQWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHznEAwQA
HznuAwQAHzo4AwQAHzusMA0GCSqGSIb3DQEBCwUAA4IBAQCYWJaoPKZpvWQZQaVb
wsdts42qrW+B22p8ORWRpia7WENC8dwwdpsC71Hp4qXUxzvNqAjpyx9sdxbGvcEf
lSb6W4dQdswh1Mn6bgG1wVdB3VQszv3lE5y4vAkPUTTPYGpjDyF4xEEw7ynKezTi
sukm/Qgg643mCLNYcoTlx4YODEWDmigQ3inIUVTQ9qyHr2LndnkdG8impGIgdORy
CMjonflEilE4JUkaaeCZhBI4abn35BxfN4iDmjFosJ1+gTWJd1vsze4RXeek/46T
yG3sDiJB92SXKYNJS9Fbqa5ktPeHi7wKexlXx8WsFCZko0jLAHMXg4ek6MK7dzCe
n5SW
-----END CERTIFICATE-----
Generated at Wed Aug 6 09:42:26 2025 by rpki-client