Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hJslIWlAh49cmSd1M61o-xzieV4.roa
File: hJslIWlAh49cmSd1M61o-xzieV4.roa (raw, json)
Hash identifier: b9bF44nV7zLKGjpWBGl5KoCR8/wZiLa7z4LAnn4qUaE=
Subject key identifier: 84:9B:25:21:69:40:87:8F:5C:99:27:75:33:AD:68:FB:1C:E2:79:5E
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019D52F9F858790E9ECCEEC66FDB17ABC3E3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hJslIWlAh49cmSd1M61o-xzieV4.roa
Signing time: Fri 03 Apr 2026 10:53:26 +0000
ROA not before: Fri 03 Apr 2026 10:53:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.107.0/24 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.59.79.0/24 maxlen: 24
31.59.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:52:f9:f8:58:79:0e:9e:cc:ee:c6:6f:db:17:ab:c3:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 3 10:53:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=849b25216940878f5c99277533ad68fb1ce2795e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:d7:c7:60:a0:b7:e7:98:4c:74:66:e1:46:5b:
c7:c6:56:38:df:da:15:3e:6c:6e:1c:c6:bc:af:71:
bf:4b:bd:dd:f6:56:5e:1a:2d:1f:33:74:95:f1:cd:
dc:f7:66:9e:bd:6f:73:19:75:19:6d:ba:6d:9d:c8:
81:9e:7b:90:fe:e4:ad:61:36:57:03:36:5a:d6:4c:
dc:0f:dc:c3:04:31:c5:99:45:61:aa:b2:63:22:c5:
33:4c:6b:d5:16:43:be:bb:c9:f9:a4:24:e8:01:4f:
f0:6e:8c:d0:b2:c3:43:73:e9:af:64:32:35:7c:1d:
33:28:d2:68:2e:e6:7c:1f:0c:40:25:02:21:1d:32:
f1:4f:91:55:6a:65:eb:85:b6:a4:fd:bb:db:7c:67:
94:76:28:52:f7:81:7d:23:0f:de:2b:93:3b:4b:31:
f6:8f:3d:13:4b:f5:fb:77:72:ea:87:00:8d:5a:98:
a5:f1:5b:c6:98:d2:2c:28:4d:14:c1:62:15:74:0b:
be:76:4f:a5:c5:7b:24:2f:9a:d1:37:5d:f3:59:36:
c2:5e:f7:10:ac:0d:cf:c5:bf:66:98:dc:32:c8:23:
df:37:e6:5c:38:3a:14:7f:4e:02:2f:a7:a0:47:fb:
8b:4b:8a:7a:59:3a:bf:f0:c3:ff:ac:05:5c:6c:0d:
0f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:9B:25:21:69:40:87:8F:5C:99:27:75:33:AD:68:FB:1C:E2:79:5E
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hJslIWlAh49cmSd1M61o-xzieV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.107.0/24
31.56.126.0/24
31.56.142.0/23
31.56.148.0/22
31.57.114.0/24
31.57.116.0/24
31.59.79.0/24
31.59.228.0/24
Signature Algorithm: sha256WithRSAEncryption
45:06:7e:48:54:60:d7:50:51:58:a2:16:88:4a:bd:e1:b9:d1:
43:99:01:ac:75:77:0e:85:08:29:00:4b:ff:bd:a8:fd:2a:36:
12:de:f1:ad:71:83:7e:1d:64:a2:8b:9b:c4:8b:96:7c:12:56:
48:5b:9d:4a:54:b5:e1:73:7e:bf:80:de:cb:b8:44:41:41:97:
a2:80:f6:de:36:cc:15:9a:ce:97:11:b7:9e:7c:ef:aa:9c:62:
73:4b:56:56:29:06:95:70:3d:e6:bc:cc:4f:8c:f8:46:6d:e1:
8b:9a:db:56:4f:33:09:75:46:60:84:80:83:30:2a:99:81:e4:
e5:e2:05:3f:47:78:37:41:f7:be:7c:49:0e:f1:20:35:70:b3:
ab:00:c7:88:28:5f:d5:b5:51:ca:d8:4b:2a:e4:ef:cc:17:6b:
83:20:f2:bf:cb:5c:c1:30:41:69:cf:c7:35:3e:ad:77:9c:18:
a7:5d:98:f6:c3:2b:03:86:25:a2:e1:3e:77:3e:5a:a7:bc:9c:
16:25:5d:af:cb:f8:f3:a0:0d:23:05:a1:f6:38:33:13:13:9d:
30:8e:f7:ce:4f:c9:0b:2f:ae:6c:ae:bf:86:4b:8a:07:17:c4:
20:f6:b0:1a:b6:6d:57:40:d2:37:8f:40:ca:7e:77:b8:5d:bb:
2e:41:fe:90
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ1S+fhYeQ6ezO7Gb9sXq8PjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNDAzMTA1MzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDliMjUyMTY5NDA4NzhmNWM5OTI3NzUzM2FkNjhmYjFjZTI3OTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA59fHYKC355hMdGbhRlvHxlY439oV
PmxuHMa8r3G/S73d9lZeGi0fM3SV8c3c92aevW9zGXUZbbptnciBnnuQ/uStYTZX
AzZa1kzcD9zDBDHFmUVhqrJjIsUzTGvVFkO+u8n5pCToAU/wbozQssNDc+mvZDI1
fB0zKNJoLuZ8HwxAJQIhHTLxT5FVamXrhbak/bvbfGeUdihS94F9Iw/eK5M7SzH2
jz0TS/X7d3LqhwCNWpil8VvGmNIsKE0UwWIVdAu+dk+lxXskL5rRN13zWTbCXvcQ
rA3Pxb9mmNwyyCPfN+ZcODoUf04CL6egR/uLS4p6WTq/8MP/rAVcbA0PwwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFISbJSFpQIePXJkndTOtaPsc4nleMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaEpzbElXbEFoNDljbVNkMU02MW8teHppZVY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDHzgIAwQA
HzhrAwQAHzh+AwQBHziOAwQCHziUAwQAHzlyAwQAHzl0AwQAHztPAwQAHzvkMA0G
CSqGSIb3DQEBCwUAA4IBAQBFBn5IVGDXUFFYohaISr3hudFDmQGsdXcOhQgpAEv/
vaj9KjYS3vGtcYN+HWSii5vEi5Z8ElZIW51KVLXhc36/gN7LuERBQZeigPbeNswV
ms6XEbeefO+qnGJzS1ZWKQaVcD3mvMxPjPhGbeGLmttWTzMJdUZghICDMCqZgeTl
4gU/R3g3Qfe+fEkO8SA1cLOrAMeIKF/VtVHK2Esq5O/MF2uDIPK/y1zBMEFpz8c1
Pq13nBinXZj2wysDhiWi4T53PlqnvJwWJV2vy/jzoA0jBaH2ODMTE50wjvfOT8kL
L65srr+GS4oHF8Qg9rAatm1XQNI3j0DKfne4XbsuQf6Q
-----END CERTIFICATE-----
Generated at Tue Apr 7 10:31:09 2026 by rpki-client