Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/FCjHCdn81yY-0d-Xg19w3iAQlZM.roa
File: FCjHCdn81yY-0d-Xg19w3iAQlZM.roa (raw, json)
Hash identifier: INoRMQCvM1NsxdQPNS6T75w8Mw3QAwy+LmBHEhPruAg=
Subject key identifier: 14:28:C7:09:D9:FC:D7:26:3E:D1:DF:97:83:5F:70:DE:20:10:95:93
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E82735534852BE86EDBF2F40236B6D5C3
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/FCjHCdn81yY-0d-Xg19w3iAQlZM.roa
Signing time: Mon 01 Jun 2026 09:10:57 +0000
ROA not before: Mon 01 Jun 2026 09:10:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.107.0/24 maxlen: 24
31.56.126.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.59.79.0/24 maxlen: 24
31.59.228.0/24 maxlen: 24
2a14:6e40:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jun 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:82:73:55:34:85:2b:e8:6e:db:f2:f4:02:36:b6:d5:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 1 09:10:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1428c709d9fcd7263ed1df97835f70de20109593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7c:ce:5d:4f:28:cd:ec:fa:76:0a:af:72:fe:
86:d9:41:ed:dd:58:0d:76:86:8d:e0:c2:4a:b7:aa:
10:11:54:b7:38:83:8e:71:4d:a5:cf:81:0d:ea:e6:
c8:cf:5b:6e:0e:d1:fc:d5:46:7e:41:b4:99:16:b3:
e3:5d:e1:90:4a:62:f5:fd:46:72:df:65:2c:fd:1d:
4b:7b:5f:83:18:cd:7d:1f:be:3e:7e:6d:7a:f2:45:
14:e0:89:6d:ad:db:f4:56:07:3b:8c:00:7a:1b:32:
38:51:f0:82:e7:39:a8:62:3f:26:71:a0:97:55:d1:
45:3e:8b:67:e9:d3:7b:3e:d2:d3:32:c9:17:77:ff:
42:fc:60:81:c3:95:71:64:cf:a0:bf:50:80:f7:2d:
52:34:97:6f:97:79:7b:21:b3:d5:b0:30:a7:24:1c:
ba:51:fc:cb:29:2e:82:04:f7:70:fa:9f:83:2f:4e:
00:bc:9d:88:0b:70:19:28:6d:56:ce:fa:92:b0:a5:
80:24:e1:33:6b:c6:d4:5c:48:c0:b0:67:7d:47:4b:
0a:60:db:d2:fb:f7:48:04:1a:e2:43:d3:54:e4:57:
16:75:99:f8:16:48:c3:41:b4:1f:08:40:19:b8:a7:
35:dc:6b:51:ad:08:d1:e0:7e:38:bd:fe:8e:c9:41:
03:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:28:C7:09:D9:FC:D7:26:3E:D1:DF:97:83:5F:70:DE:20:10:95:93
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/FCjHCdn81yY-0d-Xg19w3iAQlZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.107.0/24
31.56.126.0/24
31.57.114.0/24
31.57.116.0/24
31.59.79.0/24
31.59.228.0/24
IPv6:
2a14:6e40:2::/48
Signature Algorithm: sha256WithRSAEncryption
74:03:65:5f:4c:c3:4f:6b:22:81:56:f1:e3:36:53:57:b7:9b:
23:c1:00:0f:9a:d0:b3:f3:d1:bf:bd:ef:ec:48:c8:70:77:ba:
b4:ce:db:97:b1:0f:92:19:ab:c9:2f:49:c5:18:18:d7:24:55:
d9:43:d4:86:52:56:55:f9:06:03:55:7d:d4:3c:ca:30:33:75:
56:6c:4e:b9:ca:de:5d:70:e5:22:38:e5:2e:76:57:a0:83:bb:
ec:33:f8:87:97:18:27:9f:2b:06:2b:ef:c9:99:16:8d:d0:a6:
31:27:a5:71:45:68:e3:b4:af:19:9f:0e:13:e5:49:5b:93:2c:
a1:29:58:ee:49:02:fd:44:27:68:b6:31:f9:be:29:55:ec:9e:
05:f2:bd:81:6d:be:06:64:f0:10:49:b0:cf:99:cb:f9:34:76:
f4:29:72:4f:60:3f:40:d1:db:4e:81:26:6d:f4:fb:99:61:22:
29:29:e6:49:2e:d8:cb:7d:7a:ed:67:6d:de:99:f9:9d:e6:45:
11:de:d5:61:29:de:67:98:69:15:bd:1b:fe:2d:ba:28:6b:2a:
0c:e3:8b:14:bc:7e:98:5b:a3:92:b1:e4:05:30:5d:32:6a:82:
d8:a6:aa:84:85:a1:61:b3:30:d7:2d:50:ec:56:94:97:36:d0:
1d:d5:56:3a
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZ6Cc1U0hSvobtvy9AI2ttXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjAxMDkxMDU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDI4YzcwOWQ5ZmNkNzI2M2VkMWRmOTc4MzVmNzBkZTIwMTA5NTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3zOXU8ozez6dgqvcv6G2UHt3VgN
doaN4MJKt6oQEVS3OIOOcU2lz4EN6ubIz1tuDtH81UZ+QbSZFrPjXeGQSmL1/UZy
32Us/R1Le1+DGM19H74+fm168kUU4Iltrdv0Vgc7jAB6GzI4UfCC5zmoYj8mcaCX
VdFFPotn6dN7PtLTMskXd/9C/GCBw5VxZM+gv1CA9y1SNJdvl3l7IbPVsDCnJBy6
UfzLKS6CBPdw+p+DL04AvJ2IC3AZKG1WzvqSsKWAJOEza8bUXEjAsGd9R0sKYNvS
+/dIBBriQ9NU5FcWdZn4FkjDQbQfCEAZuKc13GtRrQjR4H44vf6OyUEDGQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFBQoxwnZ/NcmPtHfl4NfcN4gEJWTMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRkNqSENkbjgxeVktMGQtWGcxOXczaUFRbFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQDHzgIAwQA
HzhrAwQAHzh+AwQAHzlyAwQAHzl0AwQAHztPAwQAHzvkMA8EAgACMAkDBwAqFG5A
AAIwDQYJKoZIhvcNAQELBQADggEBAHQDZV9Mw09rIoFW8eM2U1e3myPBAA+a0LPz
0b+97+xIyHB3urTO25exD5IZq8kvScUYGNckVdlD1IZSVlX5BgNVfdQ8yjAzdVZs
TrnK3l1w5SI45S52V6CDu+wz+IeXGCefKwYr78mZFo3QpjEnpXFFaOO0rxmfDhPl
SVuTLKEpWO5JAv1EJ2i2Mfm+KVXsngXyvYFtvgZk8BBJsM+Zy/k0dvQpck9gP0DR
206BJm30+5lhIikp5kku2Mt9eu1nbd6Z+Z3mRRHe1WEp3meYaRW9G/4tuihrKgzj
ixS8fphbo5Kx5AUwXTJqgtimqoSFoWGzMNctUOxWlJc20B3VVjo=
-----END CERTIFICATE-----
Generated at Fri Jun 26 17:04:24 2026 by rpki-client