Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NkbGxjxUhXGjGfc56Oyxu9IHcdM.roa
File: NkbGxjxUhXGjGfc56Oyxu9IHcdM.roa (raw, json)
Hash identifier: IzPxE1WyWS4IhdojHLB3mYE1eF459LVFZteWzPKefv8=
Subject key identifier: 36:46:C6:C6:3C:54:85:71:A3:19:F7:39:E8:EC:B1:BB:D2:07:71:D3
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019D686F22A938FFAB3B78B8636357B66203
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NkbGxjxUhXGjGfc56Oyxu9IHcdM.roa
Signing time: Tue 07 Apr 2026 14:53:26 +0000
ROA not before: Tue 07 Apr 2026 14:53:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 31.56.182.0/23 maxlen: 23
31.56.184.0/22 maxlen: 24
31.56.188.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/22 maxlen: 22
31.57.251.0/24 maxlen: 24
31.58.92.0/22 maxlen: 24
31.58.92.0/23 maxlen: 23
31.58.180.0/24 maxlen: 24
31.58.184.0/21 maxlen: 24
31.58.192.0/21 maxlen: 24
31.58.200.0/22 maxlen: 24
31.58.204.0/22 maxlen: 24
31.58.208.0/23 maxlen: 24
31.58.232.0/23 maxlen: 24
31.58.239.0/24 maxlen: 24
31.59.36.0/24 maxlen: 24
31.59.44.0/22 maxlen: 24
31.59.90.0/23 maxlen: 24
31.59.92.0/22 maxlen: 24
31.59.140.0/22 maxlen: 24
31.59.148.0/22 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.176.0/21 maxlen: 24
94.183.151.0/24 maxlen: 24
94.183.159.0/24 maxlen: 24
94.183.167.0/24 maxlen: 24
94.183.170.0/24 maxlen: 24
94.183.192.0/19 maxlen: 24
94.183.242.0/24 maxlen: 24
94.183.244.0/24 maxlen: 24
217.60.8.0/22 maxlen: 24
217.60.14.0/24 maxlen: 24
217.60.15.0/24 maxlen: 24
217.60.16.0/21 maxlen: 24
217.60.24.0/24 maxlen: 24
217.60.28.0/22 maxlen: 24
217.60.32.0/22 maxlen: 24
217.60.52.0/22 maxlen: 24
217.60.56.0/22 maxlen: 24
217.60.160.0/20 maxlen: 24
217.60.176.0/21 maxlen: 24
217.60.184.0/24 maxlen: 24
217.60.188.0/22 maxlen: 24
217.60.192.0/24 maxlen: 24
217.60.193.0/24 maxlen: 24
217.60.195.0/24 maxlen: 24
217.60.198.0/24 maxlen: 24
217.60.200.0/22 maxlen: 24
217.60.204.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 14:30:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:68:6f:22:a9:38:ff:ab:3b:78:b8:63:63:57:b6:62:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 7 14:53:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3646c6c63c548571a319f739e8ecb1bbd20771d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7b:2c:dc:88:38:d3:67:0b:10:3f:b8:3c:9e:
a1:ad:c8:ba:12:6d:fa:1b:71:c3:0d:90:06:74:c0:
8e:4e:f6:d3:e8:64:03:e1:07:cb:5e:56:d6:58:f1:
10:96:c3:91:40:2a:92:e4:aa:48:e4:c9:4c:04:20:
f9:4f:d6:83:e3:31:e7:7c:e2:84:03:1a:4d:f9:4a:
2c:1c:80:4e:ba:f7:e1:b8:55:35:4b:cc:71:91:9e:
b4:8e:b9:36:10:8d:4c:3b:26:c8:8f:b4:ea:72:e5:
5b:20:e1:49:1d:5e:c7:e1:cd:ed:3e:09:7d:37:a9:
33:fb:c4:f9:54:08:85:31:bf:99:05:b0:8f:48:9f:
1c:57:8c:d1:02:98:53:2f:f8:52:13:39:64:1e:57:
b1:bf:a1:82:fa:53:c7:29:e1:37:ae:51:28:cd:f4:
eb:81:45:8f:84:35:9e:fb:53:11:55:6e:24:52:ad:
c1:91:29:ed:cd:f4:3b:3a:a9:00:24:be:f4:6c:7f:
04:87:1a:fe:04:f3:87:fa:df:a9:e7:dd:c9:0e:7b:
76:71:b4:49:2f:dd:9e:36:0d:9f:05:2d:cf:0a:81:
1a:71:95:bc:0b:13:ed:d1:91:1c:41:a0:b7:e0:23:
fb:3e:2b:af:32:57:79:21:c6:ca:3f:d9:18:79:53:
51:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:46:C6:C6:3C:54:85:71:A3:19:F7:39:E8:EC:B1:BB:D2:07:71:D3
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NkbGxjxUhXGjGfc56Oyxu9IHcdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.182.0-31.56.189.255
31.57.200.0/24
31.57.208.0/22
31.57.251.0/24
31.58.92.0/22
31.58.180.0/24
31.58.184.0-31.58.209.255
31.58.232.0/23
31.58.239.0/24
31.59.36.0/24
31.59.44.0/22
31.59.90.0-31.59.95.255
31.59.140.0/22
31.59.148.0-31.59.159.255
31.59.176.0/21
94.183.151.0/24
94.183.159.0/24
94.183.167.0/24
94.183.170.0/24
94.183.192.0/19
94.183.242.0/24
94.183.244.0/24
217.60.8.0/22
217.60.14.0-217.60.24.255
217.60.28.0-217.60.35.255
217.60.52.0-217.60.59.255
217.60.160.0-217.60.184.255
217.60.188.0-217.60.193.255
217.60.195.0/24
217.60.198.0/24
217.60.200.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:05:23:54:4b:2d:b4:0d:8c:83:25:98:49:da:4f:08:37:49:
74:52:62:61:3b:c2:e3:22:60:6e:3a:d1:ad:9f:ed:0f:0f:21:
f1:fd:ae:f1:9d:eb:3c:42:3f:44:e9:3f:a2:a6:32:91:ba:9e:
26:a6:05:11:2f:54:c1:16:b6:2b:ce:2c:f5:e3:d9:e0:72:e8:
81:12:7f:0f:94:13:d5:11:8d:45:21:a7:8f:fa:f2:cd:a3:9d:
b6:d7:a3:16:60:16:21:43:f9:6f:6e:17:85:8d:85:c6:f5:0d:
fa:ec:3e:16:eb:e4:46:f4:47:23:ee:cb:a4:1d:ae:21:c1:88:
07:9c:9c:b2:24:ad:40:ce:b3:0b:ed:d1:f7:d4:2f:00:81:7c:
99:43:42:f1:2d:49:54:4e:38:dd:eb:8c:c6:44:55:0d:aa:25:
6b:20:2d:68:e2:45:62:6a:fe:c5:98:5f:9f:f3:44:e1:ce:71:
86:2d:df:a1:e3:31:d4:04:07:e1:28:10:6e:cf:83:cb:e8:13:
b0:d8:ce:bc:a4:67:76:85:b5:8a:0f:ce:99:d6:4c:19:14:be:
39:2a:d6:3f:32:0d:6e:19:1a:ba:d5:a2:0f:42:3f:53:ef:cf:
86:71:18:54:fc:9c:5f:8f:96:49:10:cf:29:4e:23:9c:4a:7b:
61:e8:5b:81
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAZ1obyKpOP+rO3i4Y2NXtmIDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNDA3MTQ1MzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjQ2YzZjNjNjNTQ4NTcxYTMxOWY3MzllOGVjYjFiYmQyMDc3MWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXss3Ig402cLED+4PJ6hrci6Em36
G3HDDZAGdMCOTvbT6GQD4QfLXlbWWPEQlsORQCqS5KpI5MlMBCD5T9aD4zHnfOKE
AxpN+UosHIBOuvfhuFU1S8xxkZ60jrk2EI1MOybIj7TqcuVbIOFJHV7H4c3tPgl9
N6kz+8T5VAiFMb+ZBbCPSJ8cV4zRAphTL/hSEzlkHlexv6GC+lPHKeE3rlEozfTr
gUWPhDWe+1MRVW4kUq3BkSntzfQ7OqkAJL70bH8Ehxr+BPOH+t+p593JDnt2cbRJ
L92eNg2fBS3PCoEacZW8CxPt0ZEcQaC34CP7PiuvMld5IcbKP9kYeVNR2wIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFDZGxsY8VIVxoxn3OejssbvSB3HTMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTmtiR3hqeFVoWEdqR2ZjNTZPeXh1OUlIY2RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AjAMAwQBHzi2AwQBHzi8AwQAHznIAwQCHznQAwQAHzn7AwQCHzpcAwQAHzq0MAwD
BAMfOrgDBAEfOtADBAEfOugDBAAfOu8DBAAfOyQDBAIfOywwDAMEAR87WgMEBR87
QAMEAh87jDAMAwQCHzuUAwQFHzuAAwQDHzuwAwQAXreXAwQAXrefAwQAXrenAwQA
XreqAwQFXrfAAwQAXrfyAwQAXrf0AwQC2TwIMAwDBAHZPA4DBADZPBgwDAMEAtk8
HAMEAtk8IDAMAwQC2Tw0AwQC2Tw4MAwDBAXZPKADBADZPLgwDAMEAtk8vAMEAdk8
wAMEANk8wwMEANk8xgMEA9k8yDANBgkqhkiG9w0BAQsFAAOCAQEALQUjVEsttA2M
gyWYSdpPCDdJdFJiYTvC4yJgbjrRrZ/tDw8h8f2u8Z3rPEI/ROk/oqYykbqeJqYF
ES9UwRa2K84s9ePZ4HLogRJ/D5QT1RGNRSGnj/ryzaOdttejFmAWIUP5b24XhY2F
xvUN+uw+FuvkRvRHI+7LpB2uIcGIB5ycsiStQM6zC+3R99QvAIF8mUNC8S1JVE44
3euMxkRVDaolayAtaOJFYmr+xZhfn/NE4c5xhi3foeMx1AQH4SgQbs+Dy+gTsNjO
vKRndoW1ig/OmdZMGRS+OSrWPzINbhkautWiD0I/U+/PhnEYVPycX4+WSRDPKU4j
nEp7YehbgQ==
-----END CERTIFICATE-----
Generated at Tue Apr 7 19:39:19 2026 by rpki-client