Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wwUAsA-oAkBGh-YhAgFAoDdA2Xs.roa
File: wwUAsA-oAkBGh-YhAgFAoDdA2Xs.roa (raw, json)
Hash identifier: Ch0blrhl0z/EFEE7d/PCo+8An/4yw5jtbz7xmL9HmSU=
Subject key identifier: C3:05:00:B0:0F:A8:02:40:46:87:E6:21:02:01:40:A0:37:40:D9:7B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A2ADD639F7230694E30CD4D77378669AF
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wwUAsA-oAkBGh-YhAgFAoDdA2Xs.roa
Signing time: Tue 28 Oct 2025 12:49:03 +0000
ROA not before: Tue 28 Oct 2025 12:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 31.56.16.0/22 maxlen: 24
31.57.16.0/21 maxlen: 24
31.57.36.0/23 maxlen: 24
31.57.135.0/24 maxlen: 24
31.57.168.0/23 maxlen: 24
31.57.184.0/23 maxlen: 24
31.57.208.0/22 maxlen: 22
31.57.216.0/23 maxlen: 24
31.57.250.0/23 maxlen: 24
31.58.76.0/22 maxlen: 24
31.58.92.0/22 maxlen: 24
31.58.176.0/22 maxlen: 24
31.58.200.0/22 maxlen: 24
31.58.216.0/22 maxlen: 24
31.58.240.0/22 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.249.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.58.252.0/22 maxlen: 24
31.59.64.0/22 maxlen: 24
31.59.80.0/22 maxlen: 24
31.59.124.0/22 maxlen: 24
31.59.140.0/22 maxlen: 24
31.59.148.0/22 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/22 maxlen: 24
31.59.164.0/23 maxlen: 24
31.59.176.0/21 maxlen: 24
31.59.188.0/22 maxlen: 24
31.59.192.0/22 maxlen: 24
31.59.216.0/22 maxlen: 24
94.183.152.0/22 maxlen: 22
94.183.192.0/22 maxlen: 22
94.183.196.0/22 maxlen: 22
94.183.200.0/22 maxlen: 22
94.183.204.0/22 maxlen: 22
94.183.208.0/22 maxlen: 22
94.183.212.0/22 maxlen: 22
94.183.216.0/22 maxlen: 22
94.183.220.0/22 maxlen: 22
94.183.224.0/22 maxlen: 22
94.183.228.0/22 maxlen: 22
94.183.236.0/22 maxlen: 22
94.183.240.0/22 maxlen: 22
94.183.244.0/22 maxlen: 22
94.183.248.0/22 maxlen: 22
94.183.252.0/22 maxlen: 22
217.60.16.0/21 maxlen: 24
217.60.28.0/22 maxlen: 24
217.60.40.0/22 maxlen: 24
217.60.64.0/18 maxlen: 24
217.60.187.0/24 maxlen: 24
217.60.196.0/23 maxlen: 24
217.60.244.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2a:dd:63:9f:72:30:69:4e:30:cd:4d:77:37:86:69:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 28 12:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c30500b00fa802404687e621020140a03740d97b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:02:23:29:58:3f:41:00:8c:02:01:8c:23:70:
eb:1b:0d:dd:30:ee:61:f4:e1:e9:94:e6:20:d6:89:
9e:f2:3c:68:da:8f:d3:c6:1b:7a:a9:80:82:9b:e2:
d6:a9:5e:49:de:be:46:eb:07:76:59:7d:0a:0d:0e:
12:b0:ec:eb:97:e1:0f:b3:31:20:be:fe:a1:fb:63:
30:5b:e8:4f:5b:1a:85:6a:f1:bd:50:eb:22:d3:51:
64:57:c8:92:06:bc:02:ba:b7:fd:6d:6e:d2:df:06:
82:3f:52:49:85:95:3b:31:75:4b:b7:59:b7:11:8a:
3f:63:59:58:6e:c9:76:d9:7c:8f:fa:7a:85:99:fd:
20:56:3b:f7:70:92:70:ec:bb:65:51:26:db:a1:7a:
8a:81:50:d1:ca:99:09:ec:da:bf:ef:5d:48:32:f7:
6c:6a:26:4c:41:09:d8:39:d9:9e:4b:cd:53:05:d5:
95:eb:e1:92:60:2a:c1:0c:15:c1:a3:02:73:55:df:
b1:5a:0a:00:4a:5c:79:0c:93:d7:dd:eb:65:b0:e8:
03:7b:8b:67:cb:f6:5b:21:45:98:da:5d:4a:39:66:
33:77:ef:da:0b:3c:d0:5d:56:ab:3f:b0:4f:ea:cf:
17:08:c7:09:20:38:2e:24:ae:94:90:57:b1:fe:24:
ac:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:05:00:B0:0F:A8:02:40:46:87:E6:21:02:01:40:A0:37:40:D9:7B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wwUAsA-oAkBGh-YhAgFAoDdA2Xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.16.0/22
31.57.16.0/21
31.57.36.0/23
31.57.135.0/24
31.57.168.0/23
31.57.184.0/23
31.57.208.0/22
31.57.216.0/23
31.57.250.0/23
31.58.76.0/22
31.58.92.0/22
31.58.176.0/22
31.58.200.0/22
31.58.216.0/22
31.58.240.0-31.58.244.255
31.58.249.0-31.58.255.255
31.59.64.0/22
31.59.80.0/22
31.59.124.0/22
31.59.140.0/22
31.59.148.0-31.59.165.255
31.59.176.0/21
31.59.188.0-31.59.195.255
31.59.216.0/22
94.183.152.0/22
94.183.192.0-94.183.231.255
94.183.236.0-94.183.255.255
217.60.16.0/21
217.60.28.0/22
217.60.40.0/22
217.60.64.0/18
217.60.187.0/24
217.60.196.0/23
217.60.244.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:51:3b:f5:14:7a:4c:3a:40:fb:30:ab:36:e7:8e:a9:9d:eb:
4c:36:7b:78:51:29:31:e0:e6:88:9c:63:dc:21:0d:e5:41:c9:
14:1b:57:ff:01:3d:77:b0:f4:8f:84:c1:e8:a7:18:aa:50:3a:
3d:3c:ee:12:fb:ce:8b:5d:ea:7a:6a:a6:98:5e:e6:f8:d6:0a:
c0:a0:aa:5e:6f:7f:a9:18:71:95:d5:23:13:34:62:21:6e:30:
5d:ec:eb:11:78:8e:20:92:27:4b:b6:e9:78:e2:cf:f0:5e:ae:
2d:33:a8:42:58:67:78:9d:84:9f:74:05:e8:0c:2f:e3:b6:fe:
a6:d4:e2:bd:e3:bc:7b:af:dc:6d:cf:0f:61:f2:c3:a3:a7:d3:
83:81:5e:67:67:f7:ef:c0:fd:c2:d9:9f:1b:b8:e4:73:4d:60:
c4:95:44:a5:1f:db:5c:71:4c:68:d3:bd:ba:ec:38:5d:7f:8d:
d1:ef:82:22:07:16:b4:80:6b:e9:7c:dd:97:0d:fc:dd:cc:8e:
3a:11:eb:23:6f:59:7a:7f:2b:45:92:1b:29:a9:dd:15:b1:72:
a3:d4:7e:26:d0:54:d2:eb:c4:9e:74:83:7a:5b:6c:d8:93:b0:
1b:a1:63:29:54:a6:10:96:94:f0:48:af:81:68:29:e2:7c:2a:
68:9d:e6:3b
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAZoq3WOfcjBpTjDNTXc3hmmvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMDI4MTI0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzA1MDBiMDBmYTgwMjQwNDY4N2U2MjEwMjAxNDBhMDM3NDBkOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AIjKVg/QQCMAgGMI3DrGw3dMO5h
9OHplOYg1ome8jxo2o/Txht6qYCCm+LWqV5J3r5G6wd2WX0KDQ4SsOzrl+EPszEg
vv6h+2MwW+hPWxqFavG9UOsi01FkV8iSBrwCurf9bW7S3waCP1JJhZU7MXVLt1m3
EYo/Y1lYbsl22XyP+nqFmf0gVjv3cJJw7LtlUSbboXqKgVDRypkJ7Nq/711IMvds
aiZMQQnYOdmeS81TBdWV6+GSYCrBDBXBowJzVd+xWgoASlx5DJPX3etlsOgDe4tn
y/ZbIUWY2l1KOWYzd+/aCzzQXVarP7BP6s8XCMcJIDguJK6UkFex/iSs5QIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFMMFALAPqAJARofmIQIBQKA3QNl7MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvd3dVQXNBLW9Ba0JHaC1ZaEFnRkFvRGRBMlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCCAQEEAgABMIH6
AwQCHzgQAwQDHzkQAwQBHzkkAwQAHzmHAwQBHzmoAwQBHzm4AwQCHznQAwQBHznY
AwQBHzn6AwQCHzpMAwQCHzpcAwQCHzqwAwQCHzrIAwQCHzrYMAwDBAQfOvADBAAf
OvQwCwMEAB86+QMDAB86AwQCHztAAwQCHztQAwQCHzt8AwQCHzuMMAwDBAIfO5QD
BAEfO6QDBAMfO7AwDAMEAh87vAMEAh87wAMEAh872AMEAl63mDAMAwQGXrfAAwQD
XrfgMAsDBAJet+wDAwNesAMEA9k8EAMEAtk8HAMEAtk8KAMEBtk8QAMEANk8uwME
Adk8xAMEAdk89DANBgkqhkiG9w0BAQsFAAOCAQEAK1E79RR6TDpA+zCrNueOqZ3r
TDZ7eFEpMeDmiJxj3CEN5UHJFBtX/wE9d7D0j4TB6KcYqlA6PTzuEvvOi13qemqm
mF7m+NYKwKCqXm9/qRhxldUjEzRiIW4wXezrEXiOIJInS7bpeOLP8F6uLTOoQlhn
eJ2En3QF6Awv47b+ptTiveO8e6/cbc8PYfLDo6fTg4FeZ2f378D9wtmfG7jkc01g
xJVEpR/bXHFMaNO9uuw4XX+N0e+CIgcWtIBr6Xzdlw383cyOOhHrI29Zen8rRZIb
KandFbFyo9R+JtBU0uvEnnSDelts2JOwG6FjKVSmEJaU8EivgWgp4nwqaJ3mOw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:34:46 2025 by rpki-client