Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/7BtcLRgUs53BDu5AVMvYQH-ff6M.roa
File: 7BtcLRgUs53BDu5AVMvYQH-ff6M.roa (raw, json)
Hash identifier: OZjeI2JGPMFiilOqOh4pQxjM8imupr8VcuK1mLA5VyQ=
Subject key identifier: EC:1B:5C:2D:18:14:B3:9D:C1:0E:EE:40:54:CB:D8:40:7F:9F:7F:A3
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E3FE9A9238F17E9C080F1F21D3C5C157D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/7BtcLRgUs53BDu5AVMvYQH-ff6M.roa
Signing time: Tue 19 May 2026 11:05:38 +0000
ROA not before: Tue 19 May 2026 11:05:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204104
IP address blocks: 31.56.89.0/24 maxlen: 24
31.58.237.0/24 maxlen: 24
94.183.150.0/24 maxlen: 24
94.183.153.0/24 maxlen: 24
94.183.154.0/24 maxlen: 24
94.183.162.0/24 maxlen: 24
94.183.169.0/24 maxlen: 24
94.183.180.0/24 maxlen: 24
94.183.218.0/24 maxlen: 24
217.60.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3f:e9:a9:23:8f:17:e9:c0:80:f1:f2:1d:3c:5c:15:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 19 11:05:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ec1b5c2d1814b39dc10eee4054cbd8407f9f7fa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:09:4c:f0:c0:2e:ff:40:13:2f:de:c7:9a:1a:
c1:be:6a:a1:f3:84:aa:58:1d:17:65:64:ec:bb:71:
aa:02:23:5d:ad:f0:1f:19:8b:be:d4:aa:fb:f5:9c:
3b:27:ea:13:9d:74:78:25:56:e1:96:0a:fb:69:7c:
08:74:0f:b7:82:06:24:73:32:ff:81:7f:e2:13:b9:
78:c7:59:e1:f4:c1:c4:83:1f:dd:2a:42:bd:66:7a:
b6:49:ef:7a:83:58:d6:16:14:26:de:86:f9:75:e4:
65:89:52:fa:7d:6f:34:a0:08:73:ac:be:9b:77:60:
56:c8:fc:a9:07:aa:12:e7:81:1f:69:e9:12:e6:f4:
4e:f6:fe:80:c7:9a:00:80:69:6b:ab:73:cc:2d:11:
90:49:2f:60:ac:0c:b4:9f:06:97:36:27:0d:75:12:
54:49:2d:f6:46:0b:9f:68:33:bc:ae:77:59:97:59:
ea:39:98:80:ef:ac:e1:28:0e:5a:8d:7f:38:49:db:
37:09:76:a2:bf:70:93:75:81:88:53:9a:13:74:34:
07:07:75:c5:cd:30:75:93:08:c3:44:73:df:a6:d6:
6d:6e:69:65:56:6b:e0:4e:59:40:f9:d8:9a:81:e7:
32:7a:1b:ea:96:26:f8:1f:30:fe:4e:04:65:e3:3d:
b1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:1B:5C:2D:18:14:B3:9D:C1:0E:EE:40:54:CB:D8:40:7F:9F:7F:A3
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/7BtcLRgUs53BDu5AVMvYQH-ff6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.89.0/24
31.58.237.0/24
94.183.150.0/24
94.183.153.0-94.183.154.255
94.183.162.0/24
94.183.169.0/24
94.183.180.0/24
94.183.218.0/24
217.60.238.0/24
Signature Algorithm: sha256WithRSAEncryption
07:76:e4:89:7c:a2:a5:43:0c:42:f9:45:1d:fa:47:14:d3:52:
a4:7e:44:df:d2:63:b0:43:d4:88:76:54:4a:9a:87:6b:85:18:
1b:ac:21:c8:1e:1e:9f:ca:70:bc:6e:3c:8b:a8:41:2b:6b:b6:
74:d6:2f:24:a3:c4:23:65:73:00:01:d4:6b:ed:2b:33:c0:98:
38:c8:b9:6f:66:bb:3d:5c:07:27:7f:99:86:24:16:60:da:2c:
cb:47:59:a6:5f:e8:b1:c4:9e:ee:7b:aa:c4:da:af:9b:21:d0:
81:35:9b:ef:89:3e:93:2e:70:b9:50:2f:a3:6f:79:b7:14:87:
56:bb:bd:1a:db:7d:ed:09:8f:74:2d:f5:e6:45:59:07:7c:89:
7b:a4:a8:2b:a5:7f:13:35:5c:77:ea:24:fc:9a:ca:9b:09:ec:
94:96:08:bc:68:46:ac:70:12:98:91:40:35:6a:d7:e3:c1:55:
c2:ca:1e:f2:30:87:3c:11:45:48:12:29:07:05:1a:ce:bb:9f:
df:67:aa:02:80:72:ab:32:28:26:50:5c:a0:b0:cb:7f:c9:a3:
f5:c3:dc:3a:fa:2c:fd:f9:64:82:59:7f:23:a2:c8:48:cd:3c:
9b:2d:08:5f:17:20:f5:ab:d0:e8:83:82:3e:63:35:ce:70:d9:
23:d7:19:01
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZ4/6akjjxfpwIDx8h08XBV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTE5MTEwNTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzFiNWMyZDE4MTRiMzlkYzEwZWVlNDA1NGNiZDg0MDdmOWY3ZmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAlM8MAu/0ATL97HmhrBvmqh84Sq
WB0XZWTsu3GqAiNdrfAfGYu+1Kr79Zw7J+oTnXR4JVbhlgr7aXwIdA+3ggYkczL/
gX/iE7l4x1nh9MHEgx/dKkK9Znq2Se96g1jWFhQm3ob5deRliVL6fW80oAhzrL6b
d2BWyPypB6oS54EfaekS5vRO9v6Ax5oAgGlrq3PMLRGQSS9grAy0nwaXNicNdRJU
SS32RgufaDO8rndZl1nqOZiA76zhKA5ajX84Sds3CXaiv3CTdYGIU5oTdDQHB3XF
zTB1kwjDRHPfptZtbmllVmvgTllA+diagecyehvqlib4HzD+TgRl4z2xzQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFOwbXC0YFLOdwQ7uQFTL2EB/n3+jMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvN0J0Y0xSZ1VzNTNCRHU1QVZNdllRSC1mZjZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAHzhZAwQA
HzrtAwQAXreWMAwDBABet5kDBABet5oDBABet6IDBABet6kDBABet7QDBABet9oD
BADZPO4wDQYJKoZIhvcNAQELBQADggEBAAd25Il8oqVDDEL5RR36RxTTUqR+RN/S
Y7BD1Ih2VEqah2uFGBusIcgeHp/KcLxuPIuoQStrtnTWLySjxCNlcwAB1GvtKzPA
mDjIuW9muz1cByd/mYYkFmDaLMtHWaZf6LHEnu57qsTar5sh0IE1m++JPpMucLlQ
L6NvebcUh1a7vRrbfe0Jj3Qt9eZFWQd8iXukqCulfxM1XHfqJPyaypsJ7JSWCLxo
RqxwEpiRQDVq1+PBVcLKHvIwhzwRRUgSKQcFGs67n99nqgKAcqsyKCZQXKCwy3/J
o/XD3Dr6LP35ZIJZfyOiyEjNPJstCF8XIPWr0OiDgj5jNc5w2SPXGQE=
-----END CERTIFICATE-----
Generated at Wed May 27 15:55:23 2026 by rpki-client