Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WU9I2hUd4_IqJQI0U83RUuJEtNk.roa
File: WU9I2hUd4_IqJQI0U83RUuJEtNk.roa (raw, json)
Hash identifier: 2GePrvFaJLZPhWeINsCtNWKOz0RfDHTaadkW7D256IQ=
Subject key identifier: 59:4F:48:DA:15:1D:E3:F2:2A:25:02:34:53:CD:D1:52:E2:44:B4:D9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019855AC0845C18BC8F196F362003AD6B4E6
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WU9I2hUd4_IqJQI0U83RUuJEtNk.roa
Signing time: Tue 29 Jul 2025 10:13:14 +0000
ROA not before: Tue 29 Jul 2025 10:13:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399073
IP address blocks: 31.56.49.0/24 maxlen: 24
31.56.210.0/24 maxlen: 24
31.56.212.0/24 maxlen: 24
31.56.223.0/24 maxlen: 24
31.56.234.0/24 maxlen: 24
31.56.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 14:26:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:ac:08:45:c1:8b:c8:f1:96:f3:62:00:3a:d6:b4:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 29 10:13:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=594f48da151de3f22a25023453cdd152e244b4d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:dd:0f:7f:ee:3f:63:e8:5d:f0:0f:dc:9c:30:
a4:6e:7b:67:9d:2f:9b:95:dd:26:5d:e6:5e:38:72:
d6:f3:29:ab:fd:13:eb:a2:5b:f0:ef:5e:99:7c:7b:
c9:b5:1e:74:67:57:43:0b:f9:a4:3d:f8:66:fc:45:
8b:60:99:e6:31:66:cb:56:96:93:ab:be:fd:86:8a:
be:8c:0f:e0:89:44:fe:38:f2:97:19:c1:ae:87:a0:
81:35:9c:3d:b9:79:4a:73:bc:8d:68:08:96:6e:dc:
cc:c1:ce:01:9c:ab:5c:f7:28:bb:e3:09:95:53:61:
d9:96:5c:cf:26:70:0c:f4:ff:84:91:6a:f7:d7:0b:
bd:b4:3e:83:75:25:a5:7d:55:47:a7:62:08:25:9a:
52:12:c8:be:e2:4f:8a:44:a6:da:82:32:1a:4f:2e:
b8:48:30:6a:98:4d:af:b9:37:c3:4c:63:06:f6:bd:
a0:81:9a:d4:ba:13:0a:6f:b7:dd:ba:24:11:4d:25:
0a:d5:79:80:f1:f3:df:70:e0:ac:67:8a:9b:59:48:
a2:9f:1a:a9:21:c0:33:4c:bd:9c:e7:db:76:17:90:
75:7f:f6:c0:45:ad:76:33:dd:8e:4a:7c:96:fc:d5:
70:81:72:0a:cf:4b:fe:d5:24:82:d5:30:c0:28:46:
b4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:4F:48:DA:15:1D:E3:F2:2A:25:02:34:53:CD:D1:52:E2:44:B4:D9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WU9I2hUd4_IqJQI0U83RUuJEtNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.49.0/24
31.56.210.0/24
31.56.212.0/24
31.56.223.0/24
31.56.234.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:1f:66:c0:3f:0e:71:12:88:0b:cf:fc:dc:8d:c5:86:6e:24:
d7:c3:35:01:ef:79:2a:e7:67:63:19:d4:83:40:e4:7e:f5:72:
b0:7a:1a:c1:ef:1d:29:d5:2e:3c:e8:d4:76:8b:ba:2d:a0:75:
94:63:d1:2a:9a:36:22:8d:ee:57:b1:7d:0c:b3:b4:a5:0d:06:
fc:64:1d:22:24:71:59:bf:77:b0:dd:6b:9e:8e:77:12:43:1e:
2b:b4:f4:67:d2:64:84:05:d3:dc:03:5a:0e:26:cd:24:c4:a1:
2f:32:e2:c0:ae:21:fb:d4:10:e9:3e:15:e0:96:23:26:89:ca:
27:2d:82:83:91:03:c6:20:01:ef:bf:4e:cd:ba:f7:ba:ab:e2:
6a:61:4c:41:6f:62:81:7a:ef:34:7f:d3:e6:40:2b:e3:79:29:
46:7e:80:5e:38:ce:42:c2:bf:b8:33:68:7a:fe:21:20:d6:60:
3e:8e:31:85:54:e4:5a:c8:68:24:e0:c3:f6:a2:e9:80:41:80:
0d:82:ca:2d:15:1c:71:03:0f:3d:36:ac:f9:b3:37:50:fc:5a:
5d:e8:38:e4:b5:75:16:8a:5b:47:99:c4:02:f5:6b:68:07:81:
a6:45:39:02:71:b7:b9:de:f9:af:81:9f:c2:56:64:be:f9:78:
06:ea:79:7a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZhVrAhFwYvI8ZbzYgA61rTmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzI5MTAxMzE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTRmNDhkYTE1MWRlM2YyMmEyNTAyMzQ1M2NkZDE1MmUyNDRiNGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgd0Pf+4/Y+hd8A/cnDCkbntnnS+b
ld0mXeZeOHLW8ymr/RProlvw716ZfHvJtR50Z1dDC/mkPfhm/EWLYJnmMWbLVpaT
q779hoq+jA/giUT+OPKXGcGuh6CBNZw9uXlKc7yNaAiWbtzMwc4BnKtc9yi74wmV
U2HZllzPJnAM9P+EkWr31wu9tD6DdSWlfVVHp2IIJZpSEsi+4k+KRKbagjIaTy64
SDBqmE2vuTfDTGMG9r2ggZrUuhMKb7fduiQRTSUK1XmA8fPfcOCsZ4qbWUiinxqp
IcAzTL2c59t2F5B1f/bARa12M92OSnyW/NVwgXIKz0v+1SSC1TDAKEa0PQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFlPSNoVHePyKiUCNFPN0VLiRLTZMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvV1U5STJoVWQ0X0lxSlFJMFU4M1JVdUpFdE5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzgxAwQA
HzjSAwQAHzjUAwQAHzjfAwQBHzjqMA0GCSqGSIb3DQEBCwUAA4IBAQB/H2bAPw5x
EogLz/zcjcWGbiTXwzUB73kq52djGdSDQOR+9XKwehrB7x0p1S486NR2i7otoHWU
Y9EqmjYije5XsX0Ms7SlDQb8ZB0iJHFZv3ew3WuejncSQx4rtPRn0mSEBdPcA1oO
Js0kxKEvMuLAriH71BDpPhXgliMmiconLYKDkQPGIAHvv07Nuve6q+JqYUxBb2KB
eu80f9PmQCvjeSlGfoBeOM5Cwr+4M2h6/iEg1mA+jjGFVORayGgk4MP2oumAQYAN
gsotFRxxAw89Nqz5szdQ/Fpd6DjktXUWiltHmcQC9WtoB4GmRTkCcbe53vmvgZ/C
VmS++XgG6nl6
-----END CERTIFICATE-----
Generated at Wed Aug 6 19:34:38 2025 by rpki-client