Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/s8F656s5vfJkS18DJZHNvh6taPk.roa
File: s8F656s5vfJkS18DJZHNvh6taPk.roa (raw, json)
Hash identifier: zwPmQMmMsYemFvIb5H/3AFSZghssTXYB5huZ05OFLWE=
Subject key identifier: B3:C1:7A:E7:AB:39:BD:F2:64:4B:5F:03:25:91:CD:BE:1E:AD:68:F9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01984B8CF520C5F9563C2D3105CC3686F3EA
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/s8F656s5vfJkS18DJZHNvh6taPk.roa
Signing time: Sun 27 Jul 2025 11:03:05 +0000
ROA not before: Sun 27 Jul 2025 11:03:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 31.56.31.0/24 maxlen: 24
31.56.32.0/24 maxlen: 24
31.56.44.0/24 maxlen: 24
31.56.112.0/24 maxlen: 24
31.57.171.0/24 maxlen: 24
31.57.222.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 19:04:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4b:8c:f5:20:c5:f9:56:3c:2d:31:05:cc:36:86:f3:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 27 11:03:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3c17ae7ab39bdf2644b5f032591cdbe1ead68f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0b:0d:d8:3c:04:2a:5b:cc:62:ce:20:3a:96:
64:bf:ab:70:b0:37:db:d9:be:0f:11:54:73:07:02:
27:53:03:b5:be:40:bf:96:88:0d:85:d3:a6:4c:0b:
65:67:2f:93:f3:e0:10:0d:18:1c:2a:7c:3e:08:b7:
85:09:e6:dd:20:0c:5d:ec:34:c7:7e:55:4c:c8:32:
f2:2b:e5:83:cd:bf:75:69:62:bc:7b:36:c8:66:12:
3f:77:ee:f6:0a:76:c6:57:f0:6a:91:ea:e4:11:2d:
87:05:c8:ca:31:e8:23:06:b2:38:1e:9d:ab:76:14:
59:ac:1b:4c:32:44:89:32:16:25:dc:1e:36:13:57:
03:6e:72:56:de:10:35:94:8d:75:81:50:68:68:31:
2f:82:63:b7:ed:16:d2:95:58:3b:e5:f5:82:30:f3:
be:3c:bc:42:37:cc:e7:f7:fc:be:a0:38:f5:36:29:
b3:d6:4f:18:cd:af:ed:b1:6f:56:32:67:75:b1:95:
51:52:6e:85:3d:e2:57:34:eb:03:08:ce:34:3e:ff:
93:26:1c:76:18:5c:7a:15:62:67:e0:5e:38:fc:06:
20:5c:f2:f8:66:92:d4:4d:5c:2d:ac:3e:d0:af:fa:
d7:0c:0c:b4:6c:91:a7:bc:eb:38:c7:31:22:d3:81:
4b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C1:7A:E7:AB:39:BD:F2:64:4B:5F:03:25:91:CD:BE:1E:AD:68:F9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/s8F656s5vfJkS18DJZHNvh6taPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.31.0-31.56.32.255
31.56.44.0/24
31.56.112.0/24
31.57.171.0/24
31.57.222.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:eb:44:b2:92:81:ea:cb:80:45:9d:ce:82:b5:7d:c0:20:ca:
1d:00:f9:3e:7f:a0:bd:ba:32:23:3d:91:c9:d7:2f:02:af:c4:
39:11:ec:34:a1:fe:8c:94:da:49:2e:bf:5a:bb:1b:91:02:f6:
46:36:84:f0:70:be:89:e6:3e:21:23:49:b7:e1:15:3c:8c:9e:
b8:fd:85:77:d8:f0:9b:ad:e7:2e:04:0b:32:22:64:ad:1f:04:
d9:92:9e:3b:8d:7d:14:ee:41:a7:9d:68:40:1f:75:75:1e:e7:
18:56:f4:7f:ab:0b:33:31:34:a4:19:1e:1f:00:b1:c4:bb:82:
e7:e9:47:c3:c4:4d:6c:88:48:87:03:a5:dd:28:41:d9:a1:af:
83:01:3e:c2:d2:4e:1a:20:14:b6:e2:8f:66:f4:6d:be:dc:a9:
ca:2a:5b:00:73:b0:7b:c5:16:19:65:02:cb:a1:dc:79:c6:e4:
63:ad:e1:54:0e:57:34:36:b0:03:cd:16:e0:1d:5f:00:9f:d8:
2a:a3:d2:5a:ac:d4:8c:86:e7:66:44:b1:53:e3:16:c7:81:cb:
46:e7:a1:3e:a5:9e:7b:3f:9f:3e:db:f9:72:dd:3c:44:26:d6:
d4:da:a1:e2:93:16:e2:12:6d:9c:c4:45:83:82:e9:35:41:c0:
15:6f:46:48
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZhLjPUgxflWPC0xBcw2hvPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzI3MTEwMzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2MxN2FlN2FiMzliZGYyNjQ0YjVmMDMyNTkxY2RiZTFlYWQ2OGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AsN2DwEKlvMYs4gOpZkv6twsDfb
2b4PEVRzBwInUwO1vkC/logNhdOmTAtlZy+T8+AQDRgcKnw+CLeFCebdIAxd7DTH
flVMyDLyK+WDzb91aWK8ezbIZhI/d+72CnbGV/BqkerkES2HBcjKMegjBrI4Hp2r
dhRZrBtMMkSJMhYl3B42E1cDbnJW3hA1lI11gVBoaDEvgmO37RbSlVg75fWCMPO+
PLxCN8zn9/y+oDj1Nimz1k8Yza/tsW9WMmd1sZVRUm6FPeJXNOsDCM40Pv+TJhx2
GFx6FWJn4F44/AYgXPL4ZpLUTVwtrD7Qr/rXDAy0bJGnvOs4xzEi04FLiwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLPBeuerOb3yZEtfAyWRzb4erWj5MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvczhGNjU2czV2ZkprUzE4REpaSE52aDZ0YVBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAAfOB8D
BAAfOCADBAAfOCwDBAAfOHADBAAfOasDBAEfOd4wDQYJKoZIhvcNAQELBQADggEB
AArrRLKSgerLgEWdzoK1fcAgyh0A+T5/oL26MiM9kcnXLwKvxDkR7DSh/oyU2kku
v1q7G5EC9kY2hPBwvonmPiEjSbfhFTyMnrj9hXfY8Jut5y4ECzIiZK0fBNmSnjuN
fRTuQaedaEAfdXUe5xhW9H+rCzMxNKQZHh8AscS7gufpR8PETWyISIcDpd0oQdmh
r4MBPsLSThogFLbij2b0bb7cqcoqWwBzsHvFFhllAsuh3HnG5GOt4VQOVzQ2sAPN
FuAdXwCf2Cqj0lqs1IyG52ZEsVPjFseBy0bnoT6lnns/nz7b+XLdPEQm1tTaoeKT
FuISbZzERYOC6TVBwBVvRkg=
-----END CERTIFICATE-----
Generated at Thu Aug 7 03:57:05 2025 by rpki-client