Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/nNNLUyfU-HMxgWK14w8-irf0qJI.roa
File: nNNLUyfU-HMxgWK14w8-irf0qJI.roa (raw, json)
Hash identifier: qMOiC93SGTFq9PJkpcIqg+TNE4X+cfmcRCwgbTEKxBs=
Subject key identifier: 9C:D3:4B:53:27:D4:F8:73:31:81:62:B5:E3:0F:3E:8A:B7:F4:A8:92
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A3F3B528397764C4F99B5162D2B87D214
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/nNNLUyfU-HMxgWK14w8-irf0qJI.roa
Signing time: Sat 01 Nov 2025 11:44:03 +0000
ROA not before: Sat 01 Nov 2025 11:44:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4766
IP address blocks: 31.56.172.0/24 maxlen: 24
31.56.173.0/24 maxlen: 24
31.56.242.0/24 maxlen: 24
31.56.243.0/24 maxlen: 24
31.56.244.0/24 maxlen: 24
31.56.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3f:3b:52:83:97:76:4c:4f:99:b5:16:2d:2b:87:d2:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 1 11:44:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cd34b5327d4f873318162b5e30f3e8ab7f4a892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d7:54:ac:ee:a9:75:ca:c0:8d:35:65:74:b3:
0b:31:61:25:09:45:44:be:1c:3a:f0:27:d0:8c:65:
25:3c:a4:f1:f8:f6:06:e8:fb:a3:05:30:5f:ff:77:
6c:d7:54:82:91:78:c1:85:b7:f2:8d:8d:5a:fb:77:
84:02:c6:12:ed:dc:d0:1c:1a:29:59:1e:42:0c:36:
e3:ef:c9:19:2b:e9:fb:5b:c3:70:35:15:3b:69:97:
8c:13:ad:15:d5:7a:3d:4b:f8:f1:71:25:ce:63:d1:
f1:67:c2:33:72:08:35:03:32:a7:cf:e6:3e:54:27:
41:45:6b:ff:49:ca:b6:b0:0a:f9:4a:88:c2:81:ae:
f2:43:1c:1a:e9:45:6d:79:49:a8:a8:b1:03:12:bb:
39:29:05:6f:59:ab:b8:19:73:52:22:78:99:db:d1:
bc:9c:e3:17:75:b0:a9:8d:88:35:08:c1:7c:88:98:
c8:7f:c4:c7:f4:39:37:b9:e8:e1:c4:1e:86:b9:64:
d9:b1:77:e1:89:67:6d:3c:31:5a:9c:76:7a:c8:00:
c3:00:b0:17:78:4a:b5:27:59:ce:33:bc:4c:4a:4a:
4f:fb:f8:01:27:71:32:31:cf:73:65:b5:7a:f9:a2:
75:e3:69:dc:c3:7f:4a:f2:b9:f8:27:2e:05:9b:87:
a5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D3:4B:53:27:D4:F8:73:31:81:62:B5:E3:0F:3E:8A:B7:F4:A8:92
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/nNNLUyfU-HMxgWK14w8-irf0qJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.172.0/23
31.56.242.0-31.56.245.255
Signature Algorithm: sha256WithRSAEncryption
9b:33:d1:e5:34:08:ea:e7:33:57:ad:65:e4:d0:52:41:55:8b:
33:ba:9a:56:da:33:8c:2b:7a:13:74:b7:54:d8:59:f0:45:6a:
31:e0:10:d9:98:e2:d5:5a:62:97:a3:aa:e3:d9:0c:a0:93:79:
00:aa:4b:21:91:f4:72:ea:7a:8a:54:e7:8b:60:cb:88:da:84:
75:4f:b4:13:00:65:3f:33:4c:5e:7a:66:f0:e2:76:80:d3:86:
c7:29:91:86:f1:30:fc:9d:cd:08:bf:03:99:13:78:8a:6b:9f:
51:50:38:4b:1a:e5:50:1c:a2:d0:0a:6d:06:f2:65:d7:c5:e1:
a1:01:e0:98:d9:8a:88:65:38:a8:4f:f5:fa:bb:77:cc:0e:44:
ec:c0:c7:55:5b:60:0b:02:41:14:7d:ea:21:bf:45:81:cf:1e:
5c:9f:13:d6:f7:96:85:94:18:04:b3:17:22:f0:c0:66:5b:3d:
74:d2:5a:28:5b:79:57:d3:fc:65:1c:5f:b0:f4:ed:00:a1:ca:
b5:12:9d:4a:84:4e:16:c7:8e:86:d4:37:60:cf:9f:16:f0:57:
ec:5b:66:4c:58:01:88:2e:4c:d1:e3:2a:11:49:62:1e:d8:b2:
56:e1:de:28:e1:9c:24:1f:77:b6:71:fe:24:f9:cc:d9:e1:6f:
dc:87:79:c1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZo/O1KDl3ZMT5m1Fi0rh9IUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTAxMTE0NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2QzNGI1MzI3ZDRmODczMzE4MTYyYjVlMzBmM2U4YWI3ZjRhODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmddUrO6pdcrAjTVldLMLMWElCUVE
vhw68CfQjGUlPKTx+PYG6PujBTBf/3ds11SCkXjBhbfyjY1a+3eEAsYS7dzQHBop
WR5CDDbj78kZK+n7W8NwNRU7aZeME60V1Xo9S/jxcSXOY9HxZ8Izcgg1AzKnz+Y+
VCdBRWv/Scq2sAr5SojCga7yQxwa6UVteUmoqLEDErs5KQVvWau4GXNSIniZ29G8
nOMXdbCpjYg1CMF8iJjIf8TH9Dk3uejhxB6GuWTZsXfhiWdtPDFanHZ6yADDALAX
eEq1J1nOM7xMSkpP+/gBJ3EyMc9zZbV6+aJ142ncw39K8rn4Jy4Fm4elvQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJzTS1Mn1PhzMYFiteMPPoq39KiSMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvbk5OTFV5ZlUtSE14Z1dLMTR3OC1pcmYwcUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBHzisMAwD
BAEfOPIDBAEfOPQwDQYJKoZIhvcNAQELBQADggEBAJsz0eU0COrnM1etZeTQUkFV
izO6mlbaM4wrehN0t1TYWfBFajHgENmY4tVaYpejquPZDKCTeQCqSyGR9HLqeopU
54tgy4jahHVPtBMAZT8zTF56ZvDidoDThscpkYbxMPydzQi/A5kTeIprn1FQOEsa
5VAcotAKbQbyZdfF4aEB4JjZiohlOKhP9fq7d8wOROzAx1VbYAsCQRR96iG/RYHP
HlyfE9b3loWUGASzFyLwwGZbPXTSWihbeVfT/GUcX7D07QChyrUSnUqEThbHjobU
N2DPnxbwV+xbZkxYAYguTNHjKhFJYh7Yslbh3ijhnCQfd7Zx/iT5zNnhb9yHecE=
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:47:28 2025 by rpki-client