Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/upNkxfhGBJ4J9F1I9VZArCTvLCs.roa
File: upNkxfhGBJ4J9F1I9VZArCTvLCs.roa (raw, json)
Hash identifier: FpFC6Y1YkPHO3xS0+oaDBucubyKmEqMuDwadrLfd/G0=
Subject key identifier: BA:93:64:C5:F8:46:04:9E:09:F4:5D:48:F5:56:40:AC:24:EF:2C:2B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01984B87759DA1E598B79016E00CD3C79561
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/upNkxfhGBJ4J9F1I9VZArCTvLCs.roa
Signing time: Sun 27 Jul 2025 10:57:05 +0000
ROA not before: Sun 27 Jul 2025 10:57:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204104
IP address blocks: 31.58.237.0/24 maxlen: 24
94.183.169.0/24 maxlen: 24
217.60.199.0/24 maxlen: 24
217.60.237.0/24 maxlen: 24
217.60.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 00:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4b:87:75:9d:a1:e5:98:b7:90:16:e0:0c:d3:c7:95:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jul 27 10:57:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba9364c5f846049e09f45d48f55640ac24ef2c2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:69:2f:6e:d7:66:88:cb:70:c3:a4:8a:5a:7b:
ac:8e:93:92:ae:7d:6a:61:63:4d:13:a1:c8:5a:98:
5a:13:a5:36:d8:76:25:f5:f8:4c:bf:17:17:d0:98:
73:67:28:ae:ac:cc:01:dd:5d:e6:f5:0a:f8:e7:e6:
de:ef:28:ef:d1:85:1a:a2:78:08:76:68:25:22:93:
35:29:62:47:6a:d0:60:f5:98:ec:19:00:a5:c9:f9:
dd:d9:c3:77:04:e0:00:06:d8:9e:b4:55:37:2a:98:
d2:5e:53:7d:03:be:68:d4:a8:00:e6:f7:4e:ad:1b:
c7:39:ab:f4:ed:d2:69:af:0c:cd:1d:01:aa:cc:81:
76:73:04:28:7a:0f:8b:e0:d2:11:ff:04:50:60:6d:
60:4f:05:c3:b0:b6:bc:1d:3d:c5:d5:51:33:77:b9:
1b:90:1c:81:b7:7b:ca:c1:8b:69:9b:06:3c:3b:55:
c6:3e:94:27:b1:85:1d:ac:8b:2e:84:a7:c7:f2:9e:
fa:e0:36:5d:64:09:bb:35:6b:89:ce:71:82:75:6f:
f6:d9:cc:af:f0:0f:94:fc:bd:04:55:2d:70:7e:af:
ba:64:66:30:49:69:c2:e3:41:d3:72:cb:48:0f:27:
fd:1e:09:d2:f8:2c:d8:ba:0e:15:65:68:bd:72:f1:
95:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:93:64:C5:F8:46:04:9E:09:F4:5D:48:F5:56:40:AC:24:EF:2C:2B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/upNkxfhGBJ4J9F1I9VZArCTvLCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.237.0/24
94.183.169.0/24
217.60.199.0/24
217.60.237.0-217.60.238.255
Signature Algorithm: sha256WithRSAEncryption
9e:1f:d4:1b:1a:2f:bb:20:59:7b:7f:22:f0:9b:8a:ba:05:ff:
b0:40:50:0f:9c:ef:67:00:f1:b7:0e:52:a4:5f:dd:18:6d:e6:
43:2c:5f:38:1d:60:a4:fc:6a:fe:8e:e1:75:fa:3a:43:cb:3c:
bf:2e:26:48:e5:8a:a2:bd:79:f9:d9:8a:33:aa:fc:c0:74:3b:
73:94:08:5b:28:7d:9c:f6:5b:ab:91:3b:f5:0c:5e:28:fe:c1:
e8:48:33:cb:75:13:c8:b0:af:bc:fd:20:6d:19:6f:87:12:aa:
07:18:71:c2:52:c5:bf:ff:0e:aa:76:13:ac:c7:f3:06:97:69:
1b:ec:fc:47:52:b3:7a:ba:d1:f2:28:36:30:b2:ba:cb:8d:3f:
4c:45:f4:f8:a2:48:da:f2:e5:3d:1d:ba:c2:05:fd:56:1b:6b:
13:61:3e:46:17:79:fd:2a:8e:64:cc:69:61:eb:55:a6:66:61:
63:e2:f5:41:b7:d5:67:40:4d:91:73:b4:45:11:49:24:dc:fd:
14:3b:3b:2d:8c:db:e2:4c:4c:aa:fc:83:ca:8d:66:a8:8f:5e:
c5:34:95:c7:de:e0:92:aa:e5:19:fd:aa:a3:1f:df:22:68:f6:
87:86:eb:94:90:58:5d:13:25:e0:8e:21:49:2e:38:58:81:d9:
d1:48:62:74
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZhLh3WdoeWYt5AW4AzTx5VhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNzI3MTA1NzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTkzNjRjNWY4NDYwNDllMDlmNDVkNDhmNTU2NDBhYzI0ZWYyYzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+GkvbtdmiMtww6SKWnusjpOSrn1q
YWNNE6HIWphaE6U22HYl9fhMvxcX0JhzZyiurMwB3V3m9Qr45+be7yjv0YUaongI
dmglIpM1KWJHatBg9ZjsGQClyfnd2cN3BOAABtietFU3KpjSXlN9A75o1KgA5vdO
rRvHOav07dJprwzNHQGqzIF2cwQoeg+L4NIR/wRQYG1gTwXDsLa8HT3F1VEzd7kb
kByBt3vKwYtpmwY8O1XGPpQnsYUdrIsuhKfH8p764DZdZAm7NWuJznGCdW/22cyv
8A+U/L0EVS1wfq+6ZGYwSWnC40HTcstIDyf9HgnS+CzYug4VZWi9cvGVmwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLqTZMX4RgSeCfRdSPVWQKwk7ywrMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdXBOa3hmaEdCSjRKOUYxSTlWWkFyQ1R2TENzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAHzrtAwQA
XrepAwQA2TzHMAwDBADZPO0DBADZPO4wDQYJKoZIhvcNAQELBQADggEBAJ4f1Bsa
L7sgWXt/IvCbiroF/7BAUA+c72cA8bcOUqRf3Rht5kMsXzgdYKT8av6O4XX6OkPL
PL8uJkjliqK9efnZijOq/MB0O3OUCFsofZz2W6uRO/UMXij+wehIM8t1E8iwr7z9
IG0Zb4cSqgcYccJSxb//Dqp2E6zH8waXaRvs/EdSs3q60fIoNjCyusuNP0xF9Pii
SNry5T0dusIF/VYbaxNhPkYXef0qjmTMaWHrVaZmYWPi9UG31WdATZFztEURSSTc
/RQ7Oy2M2+JMTKr8g8qNZqiPXsU0lcfe4JKq5Rn9qqMf3yJo9oeG65SQWF0TJeCO
IUkuOFiB2dFIYnQ=
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:20:57 2025 by rpki-client