Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/EdIsoULnt5NEdP159QmMQALj8f8.roa
File: EdIsoULnt5NEdP159QmMQALj8f8.roa (raw, json)
Hash identifier: z+rJBFxMd+WKseSZbfr4BuwcYhLED4PHmXHRGdThJ2U=
Subject key identifier: 11:D2:2C:A1:42:E7:B7:93:44:74:FD:79:F5:09:8C:40:02:E3:F1:FF
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E4F221292BD361CCFAE7AC20CD2D0AAC9
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/EdIsoULnt5NEdP159QmMQALj8f8.roa
Signing time: Fri 22 May 2026 10:01:33 +0000
ROA not before: Fri 22 May 2026 10:01:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 31.56.184.0/22 maxlen: 24
31.56.188.0/24 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/22 maxlen: 22
31.57.217.0/24 maxlen: 24
31.58.180.0/24 maxlen: 24
31.58.184.0/21 maxlen: 24
31.58.192.0/20 maxlen: 24
31.58.209.0/24 maxlen: 24
31.58.252.0/22 maxlen: 24
31.59.37.0/24 maxlen: 24
31.59.90.0/23 maxlen: 24
31.59.92.0/22 maxlen: 24
31.59.140.0/22 maxlen: 24
31.59.148.0/22 maxlen: 24
31.59.160.0/22 maxlen: 24
31.59.164.0/24 maxlen: 24
31.59.176.0/21 maxlen: 24
94.183.152.0/24 maxlen: 24
94.183.238.0/24 maxlen: 24
94.183.239.0/24 maxlen: 24
217.60.8.0/22 maxlen: 24
217.60.15.0/24 maxlen: 24
217.60.16.0/21 maxlen: 24
217.60.28.0/22 maxlen: 24
217.60.32.0/22 maxlen: 24
217.60.52.0/22 maxlen: 24
217.60.56.0/22 maxlen: 24
217.60.68.0/22 maxlen: 24
217.60.76.0/22 maxlen: 24
217.60.108.0/22 maxlen: 24
217.60.112.0/22 maxlen: 24
217.60.124.0/22 maxlen: 24
217.60.152.0/22 maxlen: 24
217.60.156.0/22 maxlen: 24
217.60.160.0/20 maxlen: 24
217.60.176.0/21 maxlen: 24
217.60.188.0/22 maxlen: 24
217.60.242.0/24 maxlen: 24
2a14:6e40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:22:12:92:bd:36:1c:cf:ae:7a:c2:0c:d2:d0:aa:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 22 10:01:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=11d22ca142e7b7934474fd79f5098c4002e3f1ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:06:d8:79:bb:c5:ea:1a:13:a1:e6:6b:f5:57:
d9:a4:2e:ed:83:21:eb:82:ba:2c:24:96:1e:8c:0d:
f4:64:8a:03:f7:4b:54:d0:c3:b3:6e:d9:17:de:64:
2e:30:d0:ef:46:94:95:4f:cf:09:88:2f:17:c4:df:
ef:c3:1e:13:fc:ff:19:64:20:d5:ef:54:61:91:ef:
1d:a8:03:26:17:33:94:44:31:ab:8c:6a:4a:b5:27:
65:25:e2:3a:90:3f:27:6f:3e:ca:63:eb:ba:f7:c6:
c5:26:3c:6d:35:26:31:74:fc:c9:0a:ab:81:1c:3b:
e6:d7:33:43:fb:b4:4d:cf:3c:4f:df:b1:68:3b:3a:
93:28:60:99:16:3a:3b:cb:6c:6e:51:56:41:ef:64:
15:dd:8a:34:9e:d5:d5:be:96:54:08:1d:c6:5c:0a:
1b:66:b1:e2:45:04:22:69:ca:7e:37:02:ae:da:95:
6f:a1:c4:82:2c:82:d1:99:46:dd:28:8f:4a:72:6a:
6b:9b:b7:d6:68:c3:9d:a5:fd:4d:83:e3:cf:b0:12:
d5:5d:a3:2c:d6:82:98:fc:59:13:c1:f9:96:7a:f8:
5b:65:38:d2:50:02:92:a6:f3:d4:09:15:6c:fa:d4:
25:5f:96:80:74:34:f5:eb:1d:08:b7:6d:04:2e:16:
7f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D2:2C:A1:42:E7:B7:93:44:74:FD:79:F5:09:8C:40:02:E3:F1:FF
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/EdIsoULnt5NEdP159QmMQALj8f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.184.0-31.56.188.255
31.57.200.0/24
31.57.208.0/22
31.57.217.0/24
31.58.180.0/24
31.58.184.0-31.58.207.255
31.58.209.0/24
31.58.252.0/22
31.59.37.0/24
31.59.90.0-31.59.95.255
31.59.140.0/22
31.59.148.0/22
31.59.160.0-31.59.164.255
31.59.176.0/21
94.183.152.0/24
94.183.238.0/23
217.60.8.0/22
217.60.15.0-217.60.23.255
217.60.28.0-217.60.35.255
217.60.52.0-217.60.59.255
217.60.68.0/22
217.60.76.0/22
217.60.108.0-217.60.115.255
217.60.124.0/22
217.60.152.0-217.60.183.255
217.60.188.0/22
217.60.242.0/24
IPv6:
2a14:6e40:1::/48
Signature Algorithm: sha256WithRSAEncryption
bb:7a:59:e2:cb:28:72:bf:13:76:06:26:d7:36:5a:a0:ce:42:
05:87:89:9b:aa:82:8a:ae:b3:bb:f6:96:0f:76:33:80:0d:28:
e2:4b:85:09:be:50:44:5a:e1:b2:ae:8d:dd:b2:da:4f:4f:77:
f8:27:d9:8d:bb:2e:36:ca:64:12:a5:e3:18:fe:53:77:50:7c:
06:c9:c8:df:88:bd:78:44:ed:6b:7a:ad:94:5b:85:b6:25:58:
94:6d:6c:10:04:8a:78:7f:bc:0e:f2:40:68:b4:07:e8:82:ae:
f4:19:09:02:40:95:89:cd:7d:07:aa:10:5e:d3:79:b7:b5:a2:
7b:b8:59:b5:a6:1f:7e:a2:93:8e:67:e7:de:fa:50:94:f9:61:
74:db:93:ad:3e:95:06:77:eb:9f:5a:16:16:91:40:44:72:c3:
a2:68:c5:41:db:15:08:3b:7f:d9:7e:5a:2b:f0:03:4d:be:f5:
5c:0c:51:2e:87:60:19:ef:74:b6:91:6e:f8:a2:9f:8e:52:51:
69:15:25:95:86:ee:2d:10:91:cf:a7:5e:a9:d9:ed:15:c2:67:
8d:a8:03:7a:1f:49:df:77:88:14:7c:5b:18:e4:1b:f1:a9:3a:
22:a5:b7:8c:6f:73:9a:c7:48:d1:5e:c1:92:f1:05:cb:45:9a:
fe:24:45:ae
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgISAZ5PIhKSvTYcz656wgzS0KrJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTIyMTAwMTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQyMmNhMTQyZTdiNzkzNDQ3NGZkNzlmNTA5OGM0MDAyZTNmMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wbYebvF6hoToeZr9VfZpC7tgyHr
grosJJYejA30ZIoD90tU0MOzbtkX3mQuMNDvRpSVT88JiC8XxN/vwx4T/P8ZZCDV
71Rhke8dqAMmFzOURDGrjGpKtSdlJeI6kD8nbz7KY+u698bFJjxtNSYxdPzJCquB
HDvm1zND+7RNzzxP37FoOzqTKGCZFjo7y2xuUVZB72QV3Yo0ntXVvpZUCB3GXAob
ZrHiRQQiacp+NwKu2pVvocSCLILRmUbdKI9Kcmprm7fWaMOdpf1Ng+PPsBLVXaMs
1oKY/FkTwfmWevhbZTjSUAKSpvPUCRVs+tQlX5aAdDT16x0It20ELhZ/YwIDAQAB
o4IDBjCCAwIwHQYDVR0OBBYEFBHSLKFC57eTRHT9efUJjEAC4/H/MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRWRJc29VTG50NU5FZFAxNTlRbU1RQUxqOGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGgYIKwYBBQUHAQcBAf8EggEJMIIBBTCB8QQCAAEwgeow
DAMEAx84uAMEAB84vAMEAB85yAMEAh850AMEAB852QMEAB86tDAMAwQDHzq4AwQE
HzrAAwQAHzrRAwQCHzr8AwQAHzslMAwDBAEfO1oDBAUfO0ADBAIfO4wDBAIfO5Qw
DAMEBR87oAMEAB87pAMEAx87sAMEAF63mAMEAV637gMEAtk8CDAMAwQA2TwPAwQD
2TwQMAwDBALZPBwDBALZPCAwDAMEAtk8NAMEAtk8OAMEAtk8RAMEAtk8TDAMAwQC
2TxsAwQC2TxwAwQC2Tx8MAwDBAPZPJgDBAPZPLADBALZPLwDBADZPPIwDwQCAAIw
CQMHACoUbkAAATANBgkqhkiG9w0BAQsFAAOCAQEAu3pZ4ssocr8TdgYm1zZaoM5C
BYeJm6qCiq6zu/aWD3YzgA0o4kuFCb5QRFrhsq6N3bLaT093+CfZjbsuNspkEqXj
GP5Td1B8BsnI34i9eETta3qtlFuFtiVYlG1sEASKeH+8DvJAaLQH6IKu9BkJAkCV
ic19B6oQXtN5t7Wie7hZtaYffqKTjmfn3vpQlPlhdNuTrT6VBnfrn1oWFpFARHLD
omjFQdsVCDt/2X5aK/ADTb71XAxRLodgGe90tpFu+KKfjlJRaRUllYbuLRCRz6de
qdntFcJnjagDeh9J33eIFHxbGOQb8ak6IqW3jG9zmsdI0V7BkvEFy0Wa/iRFrg==
-----END CERTIFICATE-----
Generated at Sat May 23 03:03:24 2026 by rpki-client