Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8YZ3ZkAjVM3mbNEd5fy_YoqYUR4.roa
File: 8YZ3ZkAjVM3mbNEd5fy_YoqYUR4.roa (raw, json)
Hash identifier: /+5wotfjbzIIk6vDcL+3Sy74a8h5WPdNpcD97zVpXdE=
Subject key identifier: F1:86:77:66:40:23:54:CD:E6:6C:D1:1D:E5:FC:BF:62:8A:98:51:1E
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019F038555612EE11528F593092AC5C33CA1
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8YZ3ZkAjVM3mbNEd5fy_YoqYUR4.roa
Signing time: Fri 26 Jun 2026 10:41:37 +0000
ROA not before: Fri 26 Jun 2026 10:41:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48678
IP address blocks: 31.56.214.0/24 maxlen: 24
31.57.135.0/24 maxlen: 24
31.58.41.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
217.60.16.0/24 maxlen: 24
217.60.17.0/24 maxlen: 24
217.60.18.0/24 maxlen: 24
217.60.19.0/24 maxlen: 24
217.60.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jun 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:03:85:55:61:2e:e1:15:28:f5:93:09:2a:c5:c3:3c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 26 10:41:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f1867766402354cde66cd11de5fcbf628a98511e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:20:67:be:7e:e6:0e:79:77:74:79:99:0b:7e:
82:4b:69:74:c5:12:1f:a0:e5:19:7a:92:1c:a9:89:
dc:c8:f3:af:b9:dc:d1:42:d0:41:0e:ab:b9:5e:43:
73:04:4a:f0:90:76:14:9d:c3:2b:81:fb:a2:8c:20:
b9:a9:99:63:c7:88:d9:05:3d:f5:8d:93:82:55:77:
6a:4d:60:fb:ca:c3:cb:dc:8e:e8:72:6e:d5:c2:74:
be:22:57:a1:e1:e1:a2:0d:08:18:18:5c:72:ef:99:
90:d1:e7:75:4a:c8:e0:65:64:f6:95:51:77:47:ec:
a3:58:37:95:35:1e:2e:da:9d:82:a4:61:b6:16:fa:
92:8e:43:f9:de:ad:aa:14:cc:b4:02:f6:dd:ba:fc:
f5:a4:42:20:10:52:5f:97:ff:eb:9f:58:22:4b:10:
08:4d:39:82:04:07:5e:96:f9:6f:fe:31:2a:2a:6e:
e6:61:09:4d:72:dc:1a:41:4d:fc:93:82:04:2d:5c:
dd:35:3a:d5:41:a2:c6:29:13:eb:4b:9a:9e:dd:19:
7a:37:8e:2e:f3:91:23:00:e8:2d:c2:0e:1b:b8:e3:
05:32:a3:52:cc:c3:6a:e1:a6:2b:cc:18:b4:b9:f2:
3c:5e:3c:bb:e1:92:55:85:82:76:3d:c0:23:b3:fd:
00:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:86:77:66:40:23:54:CD:E6:6C:D1:1D:E5:FC:BF:62:8A:98:51:1E
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/8YZ3ZkAjVM3mbNEd5fy_YoqYUR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.214.0/24
31.57.135.0/24
31.58.41.0/24
31.58.245.0/24
31.58.247.0/24
31.58.250.0/23
217.60.16.0/22
217.60.187.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:98:2c:32:00:31:a1:4b:58:ce:d0:ba:02:02:31:11:a5:6a:
ef:7f:f9:c9:bb:7a:91:1a:6c:ca:bf:0a:58:f4:59:1b:99:9f:
f7:10:5c:56:ae:14:8d:d3:c0:9c:53:f9:43:33:db:90:fd:81:
d6:7c:d5:9d:b9:3f:77:14:0a:75:6c:12:00:c7:c9:9d:d8:e4:
63:1a:41:bd:be:d3:ae:36:a7:95:a5:60:52:35:ac:c0:4d:ef:
bd:cf:68:d0:ea:d5:35:ac:c2:9e:c3:7e:c8:cf:08:1e:8f:c9:
73:32:6a:ce:93:7e:db:29:4f:1a:de:a5:2d:3d:e5:96:76:f2:
e0:df:de:aa:00:9f:74:5c:71:1a:23:ea:3d:74:3c:d9:b5:ec:
6d:26:85:c3:30:26:51:bd:a8:02:de:34:db:70:80:2c:29:ca:
bc:0e:a6:ad:53:9b:80:a4:d1:3f:0d:90:a1:4c:b1:f7:6d:23:
ad:18:e8:78:bf:b7:da:f0:39:c8:6f:f1:29:1a:ce:b7:8f:ab:
20:94:4b:51:fa:01:e6:5b:b0:bc:41:c8:7a:ac:76:3a:20:4d:
e1:2a:a2:66:72:ae:60:e9:8f:77:9e:b6:3d:0c:5a:76:59:92:
8f:78:5a:b7:50:f0:c8:bc:08:0a:52:e1:81:c7:a2:76:37:4d:
c7:83:f4:db
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ8DhVVhLuEVKPWTCSrFwzyhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjI2MTA0MTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTg2Nzc2NjQwMjM1NGNkZTY2Y2QxMWRlNWZjYmY2MjhhOTg1MTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryBnvn7mDnl3dHmZC36CS2l0xRIf
oOUZepIcqYncyPOvudzRQtBBDqu5XkNzBErwkHYUncMrgfuijCC5qZljx4jZBT31
jZOCVXdqTWD7ysPL3I7ocm7VwnS+Ileh4eGiDQgYGFxy75mQ0ed1SsjgZWT2lVF3
R+yjWDeVNR4u2p2CpGG2FvqSjkP53q2qFMy0Avbduvz1pEIgEFJfl//rn1giSxAI
TTmCBAdelvlv/jEqKm7mYQlNctwaQU38k4IELVzdNTrVQaLGKRPrS5qe3Rl6N44u
85EjAOgtwg4buOMFMqNSzMNq4aYrzBi0ufI8Xjy74ZJVhYJ2PcAjs/0AZQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFPGGd2ZAI1TN5mzRHeX8v2KKmFEeMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOFlaM1prQWpWTTNtYk5FZDVmeV9Zb3FZVVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAHzjWAwQA
HzmHAwQAHzopAwQAHzr1AwQAHzr3AwQBHzr6AwQC2TwQAwQA2Ty7MA0GCSqGSIb3
DQEBCwUAA4IBAQCNmCwyADGhS1jO0LoCAjERpWrvf/nJu3qRGmzKvwpY9FkbmZ/3
EFxWrhSN08CcU/lDM9uQ/YHWfNWduT93FAp1bBIAx8md2ORjGkG9vtOuNqeVpWBS
NazATe+9z2jQ6tU1rMKew37Izwgej8lzMmrOk37bKU8a3qUtPeWWdvLg396qAJ90
XHEaI+o9dDzZtextJoXDMCZRvagC3jTbcIAsKcq8DqatU5uApNE/DZChTLH3bSOt
GOh4v7fa8DnIb/EpGs63j6sglEtR+gHmW7C8Qch6rHY6IE3hKqJmcq5g6Y93nrY9
DFp2WZKPeFq3UPDIvAgKUuGBx6J2N03Hg/Tb
-----END CERTIFICATE-----
Generated at Fri Jun 26 17:01:04 2026 by rpki-client