Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2fjANrewTd_3sjJ_otRk2dQSOFw.roa
File: 2fjANrewTd_3sjJ_otRk2dQSOFw.roa (raw, json)
Hash identifier: rfdxtjOfW/GK5DVnKjeiGmA9Yhpisn5Is/0O7sqBGp0=
Subject key identifier: D9:F8:C0:36:B7:B0:4D:DF:F7:B2:32:7F:A2:D4:64:D9:D4:12:38:5C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E683313A1192373473B3BD2F4E60B067F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2fjANrewTd_3sjJ_otRk2dQSOFw.roa
Signing time: Wed 27 May 2026 06:50:38 +0000
ROA not before: Wed 27 May 2026 06:50:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13213
IP address blocks: 31.58.17.0/24 maxlen: 24
31.58.31.0/24 maxlen: 24
31.59.23.0/24 maxlen: 24
31.59.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:68:33:13:a1:19:23:73:47:3b:3b:d2:f4:e6:0b:06:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 27 06:50:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d9f8c036b7b04ddff7b2327fa2d464d9d412385c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5b:0e:3b:30:5e:fb:19:9b:e2:9a:60:cc:b7:
b1:d6:3a:52:ee:a0:e5:46:a1:52:fe:d1:29:86:f2:
1b:d7:35:15:11:5f:5f:10:c5:f7:82:24:5c:d4:34:
98:f7:b9:fd:5f:40:65:c4:41:65:cf:de:7f:a4:86:
5c:cd:b7:83:0d:0c:cf:33:dc:6f:d2:76:a9:54:65:
46:4e:b0:bd:12:a1:07:a5:26:86:cd:37:d4:ad:b3:
32:c3:12:a4:6a:ad:dd:6f:d6:3a:6f:46:04:08:2b:
c6:31:df:9c:d3:0b:c0:d5:9d:76:1d:e5:70:06:e5:
7f:d8:49:d5:3c:b6:3b:82:25:d1:54:2a:aa:8b:ce:
17:76:7b:d9:9c:71:7d:da:4c:68:6b:a3:91:e2:ed:
99:71:16:52:50:91:9b:14:a8:8c:34:dc:7c:27:8f:
06:e9:ab:dc:c0:89:f5:20:62:42:d1:f6:76:92:5f:
ad:6f:89:2b:4e:79:42:16:c9:4b:da:4c:ec:19:ec:
8a:75:6f:18:ee:b4:2f:6c:2b:a5:7b:6d:7a:e4:b3:
35:29:24:81:71:36:ca:c0:2a:fd:8a:f7:33:6b:82:
9e:88:53:85:02:9b:47:17:c6:db:28:0b:73:5f:65:
ae:3a:9a:63:d0:24:6f:15:4a:93:59:0f:d6:a7:c4:
d2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F8:C0:36:B7:B0:4D:DF:F7:B2:32:7F:A2:D4:64:D9:D4:12:38:5C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2fjANrewTd_3sjJ_otRk2dQSOFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.17.0/24
31.58.31.0/24
31.59.23.0/24
31.59.31.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:8b:bf:05:c5:4b:7e:25:37:13:e8:b4:ab:41:21:99:48:f8:
f8:f5:60:b3:0c:ac:24:6c:ab:1b:20:56:6b:1d:ec:d2:3f:e0:
89:df:ca:aa:58:7e:20:cf:55:16:20:05:f3:b9:d7:d0:10:67:
3f:1c:3f:c7:06:c4:46:20:9e:84:94:e1:99:58:29:e6:c0:be:
d5:6a:88:e1:5c:de:2a:3b:4e:f0:33:02:15:ac:a2:17:72:9c:
0b:42:2c:72:df:48:2c:97:6c:5f:6a:2d:83:bd:d5:a6:6b:a8:
08:97:15:75:7c:74:dc:f3:b1:16:3b:3f:67:5d:52:d4:5f:ef:
0d:6f:b4:3a:a8:61:5a:6f:92:b9:65:35:89:5d:87:27:0e:b2:
e1:97:43:97:96:7b:bc:60:72:6d:21:2f:78:f6:a6:e3:d5:51:
ca:2a:58:07:ea:31:3b:2b:27:b4:0e:a8:ef:c4:a6:94:24:c0:
39:9e:71:cd:31:7d:7b:2f:14:af:e8:35:a9:b5:8e:f3:36:73:
0c:8f:48:83:d7:ce:7a:55:40:99:54:47:07:5e:22:b8:31:61:
f7:d2:41:c4:30:b1:6f:47:b8:22:e6:f1:6f:de:f8:1d:57:d8:
0b:af:f5:93:7f:6d:06:d7:a9:89:6e:17:fc:d5:18:4c:f7:65:
93:62:94:bd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ5oMxOhGSNzRzs70vTmCwZ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTI3MDY1MDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWY4YzAzNmI3YjA0ZGRmZjdiMjMyN2ZhMmQ0NjRkOWQ0MTIzODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFsOOzBe+xmb4ppgzLex1jpS7qDl
RqFS/tEphvIb1zUVEV9fEMX3giRc1DSY97n9X0BlxEFlz95/pIZczbeDDQzPM9xv
0napVGVGTrC9EqEHpSaGzTfUrbMywxKkaq3db9Y6b0YECCvGMd+c0wvA1Z12HeVw
BuV/2EnVPLY7giXRVCqqi84XdnvZnHF92kxoa6OR4u2ZcRZSUJGbFKiMNNx8J48G
6avcwIn1IGJC0fZ2kl+tb4krTnlCFslL2kzsGeyKdW8Y7rQvbCule2165LM1KSSB
cTbKwCr9ivcza4KeiFOFAptHF8bbKAtzX2WuOppj0CRvFUqTWQ/Wp8TSoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNn4wDa3sE3f97Iyf6LUZNnUEjhcMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMmZqQU5yZXdUZF8zc2pKX290UmsyZFFTT0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzoRAwQA
HzofAwQAHzsXAwQAHzsfMA0GCSqGSIb3DQEBCwUAA4IBAQBPi78FxUt+JTcT6LSr
QSGZSPj49WCzDKwkbKsbIFZrHezSP+CJ38qqWH4gz1UWIAXzudfQEGc/HD/HBsRG
IJ6ElOGZWCnmwL7VaojhXN4qO07wMwIVrKIXcpwLQixy30gsl2xfai2DvdWma6gI
lxV1fHTc87EWOz9nXVLUX+8Nb7Q6qGFab5K5ZTWJXYcnDrLhl0OXlnu8YHJtIS94
9qbj1VHKKlgH6jE7Kye0DqjvxKaUJMA5nnHNMX17LxSv6DWptY7zNnMMj0iD1856
VUCZVEcHXiK4MWH30kHEMLFvR7gi5vFv3vgdV9gLr/WTf20G16mJbhf81RhM92WT
YpS9
-----END CERTIFICATE-----
Generated at Wed May 27 15:54:49 2026 by rpki-client