Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/seKPTU6ANlg-v8A3MscONersYQk.roa
File: seKPTU6ANlg-v8A3MscONersYQk.roa (raw, json)
Hash identifier: EGiAfREsc2uF2dxRCoE/3Indkv4le8iO3BDOu4IvyKU=
Subject key identifier: B1:E2:8F:4D:4E:80:36:58:3E:BF:C0:37:32:C7:0E:35:EA:EC:61:09
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A25199035CBC6652BB62926B474E0BBD3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/seKPTU6ANlg-v8A3MscONersYQk.roa
Signing time: Mon 27 Oct 2025 09:57:03 +0000
ROA not before: Mon 27 Oct 2025 09:57:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204104
IP address blocks: 31.58.237.0/24 maxlen: 24
94.183.150.0/24 maxlen: 24
94.183.162.0/24 maxlen: 24
94.183.169.0/24 maxlen: 24
217.60.199.0/24 maxlen: 24
217.60.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:19:90:35:cb:c6:65:2b:b6:29:26:b4:74:e0:bb:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 27 09:57:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1e28f4d4e8036583ebfc03732c70e35eaec6109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:6d:1f:a5:db:b9:f0:08:c0:6c:17:07:42:bc:
9c:69:c7:72:01:23:b6:7d:6f:98:8b:7b:08:3b:b7:
7a:34:48:5d:2e:29:c5:58:65:78:e4:15:9e:ab:31:
21:33:8b:db:1e:66:d0:1e:f2:bd:74:3d:17:99:ae:
0f:29:57:03:e3:05:26:f5:17:32:9d:9c:aa:68:47:
de:8c:54:28:7f:d4:37:46:2d:22:f8:be:f3:cc:01:
d8:f4:07:a5:eb:fe:e7:82:d2:ad:b2:2b:4a:80:90:
eb:a7:ce:bb:ce:d0:bf:bc:d1:79:51:e5:d2:11:10:
a5:32:f7:36:c7:88:98:e0:76:ca:6b:ff:f3:2f:6c:
c5:38:b9:46:fd:ab:05:6b:82:97:b5:08:1f:16:48:
ff:fa:32:02:8d:4a:85:f0:e1:6a:17:d5:85:7b:fa:
71:87:a2:bd:50:9e:05:83:74:00:a3:bb:2e:82:94:
9d:ef:72:e2:e9:63:22:57:83:ed:22:fe:ac:0e:e5:
a7:d5:c1:a2:f0:76:c8:89:01:75:d4:9e:7c:e5:9f:
fa:f1:12:9c:71:ad:7e:5a:28:29:ff:35:2a:f5:e4:
ab:f2:71:9d:72:0d:86:e2:25:a6:a6:ce:7d:f2:8b:
3a:77:1e:06:11:2f:b2:90:6a:98:1f:7b:e3:bd:1b:
82:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E2:8F:4D:4E:80:36:58:3E:BF:C0:37:32:C7:0E:35:EA:EC:61:09
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/seKPTU6ANlg-v8A3MscONersYQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.237.0/24
94.183.150.0/24
94.183.162.0/24
94.183.169.0/24
217.60.199.0/24
217.60.238.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:ad:c8:13:c2:88:0e:b3:7d:13:91:18:8d:35:ec:d8:01:d7:
5e:88:c2:c1:8e:51:f5:b6:09:2e:c9:4a:e8:2a:79:a8:82:2b:
c9:33:b3:48:c0:4c:28:73:d7:31:d7:ae:6a:74:05:5f:04:a9:
20:80:f2:9a:10:bd:c9:45:4a:8a:00:ea:78:36:f6:13:f9:e8:
5e:33:28:69:c4:63:e1:c0:c9:3d:81:a0:bc:80:4a:f4:e7:26:
ed:0e:84:7e:e4:85:5f:55:25:83:e7:a9:eb:d1:83:b5:2c:07:
34:d6:5c:c1:26:b1:b0:03:30:89:e3:d7:31:6e:83:f7:ef:ff:
49:f2:0c:e7:4a:c3:7b:02:13:91:55:d7:45:6e:bb:99:6f:8f:
82:2d:0a:8e:40:4a:09:13:7c:6c:78:c0:75:8b:8f:dd:37:6b:
c6:e9:80:57:ae:8e:f2:d1:ad:45:56:9b:52:fb:1a:8a:60:c7:
7a:1c:f4:53:1f:49:fa:d1:dd:7a:94:bb:c4:28:d3:55:4c:e2:
be:f0:7a:97:ad:03:e6:1d:b7:1a:2a:23:2a:28:3d:1c:99:fa:
dd:e3:78:9b:b7:46:16:b7:75:b4:1c:e6:16:0d:d7:cf:26:aa:
4b:9a:3e:62:15:6d:1e:20:55:d1:f5:e9:d9:73:1e:18:76:4c:
9f:f5:02:30
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZolGZA1y8ZlK7YpJrR04LvTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMDI3MDk1NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWUyOGY0ZDRlODAzNjU4M2ViZmMwMzczMmM3MGUzNWVhZWM2MTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1W0fpdu58AjAbBcHQrycacdyASO2
fW+Yi3sIO7d6NEhdLinFWGV45BWeqzEhM4vbHmbQHvK9dD0Xma4PKVcD4wUm9Rcy
nZyqaEfejFQof9Q3Ri0i+L7zzAHY9Ael6/7ngtKtsitKgJDrp867ztC/vNF5UeXS
ERClMvc2x4iY4HbKa//zL2zFOLlG/asFa4KXtQgfFkj/+jICjUqF8OFqF9WFe/px
h6K9UJ4Fg3QAo7sugpSd73Li6WMiV4PtIv6sDuWn1cGi8HbIiQF11J585Z/68RKc
ca1+Wigp/zUq9eSr8nGdcg2G4iWmps598os6dx4GES+ykGqYH3vjvRuCeQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLHij01OgDZYPr/ANzLHDjXq7GEJMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvc2VLUFRVNkFObGctdjhBM01zY09OZXJzWVFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAHzrtAwQA
XreWAwQAXreiAwQAXrepAwQA2TzHAwQA2TzuMA0GCSqGSIb3DQEBCwUAA4IBAQCt
rcgTwogOs30TkRiNNezYAddeiMLBjlH1tgkuyUroKnmogivJM7NIwEwoc9cx165q
dAVfBKkggPKaEL3JRUqKAOp4NvYT+eheMyhpxGPhwMk9gaC8gEr05ybtDoR+5IVf
VSWD56nr0YO1LAc01lzBJrGwAzCJ49cxboP37/9J8gznSsN7AhORVddFbruZb4+C
LQqOQEoJE3xseMB1i4/dN2vG6YBXro7y0a1FVptS+xqKYMd6HPRTH0n60d16lLvE
KNNVTOK+8HqXrQPmHbcaKiMqKD0cmfrd43ibt0YWt3W0HOYWDdfPJqpLmj5iFW0e
IFXR9enZcx4Ydkyf9QIw
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:13:46 2025 by rpki-client