Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5tvx2dfevfemoHAegqBhTJQdz4o.roa
File: 5tvx2dfevfemoHAegqBhTJQdz4o.roa (raw, json)
Hash identifier: 95yXmab/LwzmxsXXZek16+o4eg8lfyC6BqYQGoZ0NGg=
Subject key identifier: E6:DB:F1:D9:D7:DE:BD:F7:A6:A0:70:1E:82:A0:61:4C:94:1D:CF:8A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E5FB688AF662E3C716B35CFA71B80D5A9
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5tvx2dfevfemoHAegqBhTJQdz4o.roa
Signing time: Mon 25 May 2026 15:17:38 +0000
ROA not before: Mon 25 May 2026 15:17:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212743
IP address blocks: 31.58.232.0/23 maxlen: 24
31.59.36.0/24 maxlen: 24
31.59.39.0/24 maxlen: 24
94.183.170.0/24 maxlen: 24
217.60.8.0/23 maxlen: 24
217.60.12.0/24 maxlen: 24
217.60.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5f:b6:88:af:66:2e:3c:71:6b:35:cf:a7:1b:80:d5:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 25 15:17:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e6dbf1d9d7debdf7a6a0701e82a0614c941dcf8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:83:af:3c:cd:8e:77:20:8e:1b:e0:10:95:5e:
5f:70:20:ad:46:83:03:0c:db:1a:c2:6f:f4:50:b1:
35:7c:87:25:19:88:01:14:e8:7a:94:70:65:e9:07:
e7:94:32:5b:17:8b:f0:82:4b:e3:70:9d:8a:ea:5c:
cb:0e:5d:af:02:ad:39:c5:a8:1e:27:59:01:19:95:
9e:e4:e3:b6:0a:d7:cd:72:ee:c4:16:b0:57:2b:15:
ab:30:f8:0c:38:13:2e:c3:8f:78:14:ac:6c:a9:3e:
a5:31:fb:6e:13:71:d4:91:d0:22:06:57:a1:6a:f8:
85:1d:f1:81:ef:ef:f3:d6:14:8c:95:49:71:ae:86:
bf:72:46:4f:d1:ef:96:9e:c9:7e:76:87:fa:41:1f:
4e:ed:7b:eb:f3:47:bb:bf:79:b7:7a:a6:af:1e:30:
e6:da:73:f8:11:ac:8d:34:9a:49:bb:27:7e:f8:04:
9f:9d:22:50:22:87:c6:bd:a8:bb:37:d2:e2:4d:db:
4c:29:84:d7:1a:d4:37:2a:74:22:d7:54:f3:40:09:
4c:6b:a1:8c:13:bf:2d:c3:a1:38:3b:39:cd:8a:6b:
46:60:f8:95:21:47:9a:bd:39:32:af:35:37:0a:b2:
ca:3c:cf:da:51:b1:55:5d:af:5d:aa:10:4f:73:ca:
26:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:DB:F1:D9:D7:DE:BD:F7:A6:A0:70:1E:82:A0:61:4C:94:1D:CF:8A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/5tvx2dfevfemoHAegqBhTJQdz4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.232.0/23
31.59.36.0/24
31.59.39.0/24
94.183.170.0/24
217.60.8.0/23
217.60.12.0/24
217.60.24.0/24
Signature Algorithm: sha256WithRSAEncryption
18:59:13:ac:79:2c:d3:88:fd:60:96:32:82:21:99:fd:66:cd:
73:cc:4f:95:f4:9a:03:29:85:5b:29:69:21:41:32:a5:78:57:
36:d2:84:40:02:6d:29:22:08:ec:9e:9e:5b:36:41:4e:78:8a:
b1:77:dc:cf:cf:e1:eb:6c:ce:a2:15:2a:9a:bc:d3:8a:0c:b6:
86:4d:69:c2:2a:44:7f:72:4d:53:f2:e4:3e:b4:4d:26:53:b5:
23:a3:4f:22:33:00:01:e7:3b:43:3c:9c:ae:3d:ee:83:bb:5e:
63:ac:62:4d:cc:21:9e:c5:5a:bc:03:82:d4:41:51:dc:cc:d7:
54:8e:89:da:68:c2:af:24:29:a3:a4:9e:0f:d0:db:8d:01:34:
05:61:d1:47:01:cd:02:58:05:f6:2c:83:8b:bf:8f:dc:18:17:
12:0e:74:c8:13:52:ee:65:94:ac:53:db:b0:b2:76:88:84:d8:
14:68:0b:84:95:01:d6:d8:55:de:49:ab:37:c6:74:f2:9a:ac:
a0:6e:a9:46:77:e9:a1:f4:fe:7e:02:64:c2:8c:17:5a:28:3c:
6c:7b:64:b3:21:6b:f4:5b:b6:bf:9d:46:ae:64:36:a7:87:fe:
af:d3:12:94:7a:19:d0:d1:14:92:41:97:7f:b1:59:4d:ac:b6:
00:10:4d:dc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ5ftoivZi48cWs1z6cbgNWpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTI1MTUxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmRiZjFkOWQ3ZGViZGY3YTZhMDcwMWU4MmEwNjE0Yzk0MWRjZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4OvPM2OdyCOG+AQlV5fcCCtRoMD
DNsawm/0ULE1fIclGYgBFOh6lHBl6QfnlDJbF4vwgkvjcJ2K6lzLDl2vAq05xage
J1kBGZWe5OO2CtfNcu7EFrBXKxWrMPgMOBMuw494FKxsqT6lMftuE3HUkdAiBleh
aviFHfGB7+/z1hSMlUlxroa/ckZP0e+Wnsl+dof6QR9O7Xvr80e7v3m3eqavHjDm
2nP4EayNNJpJuyd++ASfnSJQIofGvai7N9LiTdtMKYTXGtQ3KnQi11TzQAlMa6GM
E78tw6E4OznNimtGYPiVIUeavTkyrzU3CrLKPM/aUbFVXa9dqhBPc8omlQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFObb8dnX3r33pqBwHoKgYUyUHc+KMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNXR2eDJkZmV2ZmVtb0hBZWdxQmhUSlFkejRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBHzroAwQA
HzskAwQAHzsnAwQAXreqAwQB2TwIAwQA2TwMAwQA2TwYMA0GCSqGSIb3DQEBCwUA
A4IBAQAYWROseSzTiP1gljKCIZn9Zs1zzE+V9JoDKYVbKWkhQTKleFc20oRAAm0p
Igjsnp5bNkFOeIqxd9zPz+HrbM6iFSqavNOKDLaGTWnCKkR/ck1T8uQ+tE0mU7Uj
o08iMwAB5ztDPJyuPe6Du15jrGJNzCGexVq8A4LUQVHczNdUjonaaMKvJCmjpJ4P
0NuNATQFYdFHAc0CWAX2LIOLv4/cGBcSDnTIE1LuZZSsU9uwsnaIhNgUaAuElQHW
2FXeSas3xnTymqygbqlGd+mh9P5+AmTCjBdaKDxse2SzIWv0W7a/nUauZDanh/6v
0xKUehnQ0RSSQZd/sVlNrLYAEE3c
-----END CERTIFICATE-----
Generated at Wed May 27 15:54:52 2026 by rpki-client