Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2eja_5dRs-1t_l8ltjuHPkdZmCg.roa
File: 2eja_5dRs-1t_l8ltjuHPkdZmCg.roa (raw, json)
Hash identifier: c1th2Rl3lZzv9PJJqpSiVbHDPRNOUTh8Mf0pKKT5VLM=
Subject key identifier: D9:E8:DA:FF:97:51:B3:ED:6D:FE:5F:25:B6:3B:87:3E:47:59:98:28
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E5F8A945955AE03C4C0AAA584C254B79A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2eja_5dRs-1t_l8ltjuHPkdZmCg.roa
Signing time: Mon 25 May 2026 14:29:37 +0000
ROA not before: Mon 25 May 2026 14:29:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56594
IP address blocks: 31.58.137.0/24 maxlen: 24
31.58.252.0/24 maxlen: 24
31.58.253.0/24 maxlen: 24
31.58.254.0/24 maxlen: 24
31.58.255.0/24 maxlen: 24
31.59.46.0/24 maxlen: 24
31.59.47.0/24 maxlen: 24
31.59.92.0/24 maxlen: 24
31.59.93.0/24 maxlen: 24
31.59.94.0/24 maxlen: 24
31.59.95.0/24 maxlen: 24
31.59.114.0/24 maxlen: 24
31.59.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5f:8a:94:59:55:ae:03:c4:c0:aa:a5:84:c2:54:b7:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 25 14:29:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d9e8daff9751b3ed6dfe5f25b63b873e47599828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:db:e1:08:ae:d9:ab:02:61:1e:2c:f9:13:39:
7a:a8:e6:66:cc:77:2a:8f:6d:99:f2:21:e3:98:cf:
fb:14:48:aa:cc:ab:1e:8d:04:ca:a4:15:78:4c:d3:
72:2f:32:8f:2a:e1:ea:13:18:4c:79:a9:fa:74:c1:
5d:02:91:5f:1d:94:28:cf:3a:e3:a9:7e:bd:d6:a2:
a8:da:b9:f7:3d:c0:8b:ac:19:8d:b2:c3:37:89:90:
5d:1e:c7:1d:90:84:48:1b:a4:19:8a:d8:9f:d4:0c:
76:de:55:93:63:90:bd:43:86:da:a0:ff:99:0d:98:
40:67:31:fb:89:b5:65:1e:f7:21:0c:47:0c:39:08:
51:78:1c:ff:8f:f2:47:fc:ab:9e:91:6d:dc:e9:03:
eb:0c:2e:ba:0d:58:89:7f:d6:8f:ae:81:ac:b6:c7:
f9:d6:30:03:4f:f4:b3:d5:3c:62:3e:1f:0a:83:18:
6a:e5:f7:d8:3c:80:dc:28:59:97:c7:56:8b:2e:ca:
c0:40:eb:ac:64:f0:0c:1f:cf:54:15:83:21:30:c1:
00:e5:40:eb:81:89:ff:16:62:7b:4f:1b:df:3a:1b:
b5:fe:3e:a4:98:e7:f6:85:e0:9f:8b:b3:b2:3b:02:
fe:83:37:8e:11:57:29:d6:0f:fe:af:85:f8:d5:63:
77:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E8:DA:FF:97:51:B3:ED:6D:FE:5F:25:B6:3B:87:3E:47:59:98:28
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2eja_5dRs-1t_l8ltjuHPkdZmCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.137.0/24
31.58.252.0/22
31.59.46.0/23
31.59.92.0/22
31.59.114.0/24
31.59.185.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:14:56:8c:b4:5a:29:4d:41:2b:7d:bb:5a:1f:d6:73:36:ac:
8f:c4:e2:34:a7:58:6f:33:f7:2b:3e:0f:47:e5:26:bb:1e:ad:
97:1d:6b:f3:d6:4e:77:5a:77:4f:6a:63:cd:ad:6c:30:50:c2:
de:b2:d7:fd:44:44:a5:b3:32:68:42:5d:45:43:28:11:bb:92:
c7:7e:98:b2:c0:62:58:c0:63:62:ba:de:85:51:43:07:f5:b3:
0d:28:10:fc:3c:bb:b8:90:09:cb:80:c7:9e:8e:7f:31:74:a6:
f3:0a:42:f7:ef:ed:ea:e6:a5:2d:74:b4:ea:42:87:a1:c4:34:
a9:6f:05:6b:61:06:85:30:1f:3c:a4:2d:b4:44:a5:e0:35:56:
1e:f5:b6:02:6d:74:48:34:63:2f:d5:b5:8a:f0:7e:6a:27:fc:
6d:3d:bc:ee:7e:20:44:38:69:ed:36:1c:cf:b7:18:4b:51:fa:
91:fa:bc:b6:7e:de:a2:68:f2:cf:47:8e:b5:d6:10:94:12:cd:
4e:16:bb:72:63:e9:40:a5:3a:83:15:eb:f8:7f:73:1f:d2:18:
c0:91:cb:a8:55:19:ba:ed:77:b8:27:2e:f2:df:97:5f:b3:0c:
8a:d2:f9:02:06:3d:c0:03:19:00:15:ee:92:71:84:57:05:15:
ba:cc:40:0a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ5fipRZVa4DxMCqpYTCVLeaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTI1MTQyOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWU4ZGFmZjk3NTFiM2VkNmRmZTVmMjViNjNiODczZTQ3NTk5ODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndvhCK7ZqwJhHiz5Ezl6qOZmzHcq
j22Z8iHjmM/7FEiqzKsejQTKpBV4TNNyLzKPKuHqExhMean6dMFdApFfHZQozzrj
qX691qKo2rn3PcCLrBmNssM3iZBdHscdkIRIG6QZitif1Ax23lWTY5C9Q4baoP+Z
DZhAZzH7ibVlHvchDEcMOQhReBz/j/JH/KuekW3c6QPrDC66DViJf9aProGstsf5
1jADT/Sz1TxiPh8Kgxhq5ffYPIDcKFmXx1aLLsrAQOusZPAMH89UFYMhMMEA5UDr
gYn/FmJ7TxvfOhu1/j6kmOf2heCfi7OyOwL+gzeOEVcp1g/+r4X41WN3pQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNno2v+XUbPtbf5fJbY7hz5HWZgoMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMmVqYV81ZFJzLTF0X2w4bHRqdUhQa2RabUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAHzqJAwQC
Hzr8AwQBHzsuAwQCHztcAwQAHztyAwQAHzu5MA0GCSqGSIb3DQEBCwUAA4IBAQAM
FFaMtFopTUErfbtaH9ZzNqyPxOI0p1hvM/crPg9H5Sa7Hq2XHWvz1k53WndPamPN
rWwwUMLestf9RESlszJoQl1FQygRu5LHfpiywGJYwGNiut6FUUMH9bMNKBD8PLu4
kAnLgMeejn8xdKbzCkL37+3q5qUtdLTqQoehxDSpbwVrYQaFMB88pC20RKXgNVYe
9bYCbXRINGMv1bWK8H5qJ/xtPbzufiBEOGntNhzPtxhLUfqR+ry2ft6iaPLPR461
1hCUEs1OFrtyY+lApTqDFev4f3Mf0hjAkcuoVRm67Xe4Jy7y35dfswyK0vkCBj3A
AxkAFe6ScYRXBRW6zEAK
-----END CERTIFICATE-----
Generated at Wed May 27 15:55:22 2026 by rpki-client