Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/FMqL_ILntaCTRncqZcZwYtClGtk.roa
File: FMqL_ILntaCTRncqZcZwYtClGtk.roa (raw, json)
Hash identifier: IvQo2+pnvbNi/QuCPgRd9HmO1SHKrJiR2VyZK7yLmzo=
Subject key identifier: 14:CA:8B:FC:82:E7:B5:A0:93:46:77:2A:65:C6:70:62:D0:A5:1A:D9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019EFA4D15E39476F770D89907829DACA97A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/FMqL_ILntaCTRncqZcZwYtClGtk.roa
Signing time: Wed 24 Jun 2026 15:43:36 +0000
ROA not before: Wed 24 Jun 2026 15:43:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51396
IP address blocks: 31.57.37.0/24 maxlen: 24
31.57.185.0/24 maxlen: 24
31.57.208.0/24 maxlen: 24
217.60.197.0/24 maxlen: 24
217.60.241.0/24 maxlen: 24
217.60.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jun 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:fa:4d:15:e3:94:76:f7:70:d8:99:07:82:9d:ac:a9:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 24 15:43:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=14ca8bfc82e7b5a09346772a65c67062d0a51ad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a8:73:b7:0b:01:27:b2:c1:8d:55:79:4a:9d:
c4:7c:e2:0d:12:29:55:54:86:42:a5:fa:9c:6d:70:
74:f9:46:da:2d:60:8a:1e:2d:d5:dc:de:c3:4f:08:
06:0a:c6:1e:5a:e0:89:5e:2a:fe:a1:5e:1e:38:75:
50:b5:c9:a4:b8:fd:6c:98:63:a9:d4:00:d2:f8:e0:
1b:36:30:84:1a:4e:45:68:df:ce:74:be:ea:f7:cb:
3e:a0:2d:1c:0c:49:01:84:b7:56:2f:42:a1:07:47:
e1:08:dc:52:1a:a5:be:58:bb:37:91:83:82:15:d0:
a2:c0:ef:f7:3e:15:4a:00:cd:14:7f:b5:98:94:3f:
a9:b7:49:20:00:ea:71:ff:c1:df:25:ba:ea:8b:66:
50:6d:7c:ed:ce:1e:4b:ad:ab:c1:5b:b3:69:31:7f:
06:a8:1f:f1:bb:89:f5:e9:e3:3f:8a:29:bd:43:9b:
9f:6c:7e:61:bb:fb:10:47:cf:b8:65:e8:cc:be:09:
24:67:d1:d3:0a:84:9a:e8:ef:c9:46:dd:90:54:b1:
40:23:08:46:b9:d3:97:c8:ee:b4:54:fc:bf:bf:ec:
9c:4e:1f:05:b8:4b:56:bf:73:6d:08:62:5d:9a:fb:
d5:fd:e8:1a:e6:75:e5:21:db:01:36:3a:23:2f:86:
2e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:CA:8B:FC:82:E7:B5:A0:93:46:77:2A:65:C6:70:62:D0:A5:1A:D9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/FMqL_ILntaCTRncqZcZwYtClGtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.37.0/24
31.57.185.0/24
31.57.208.0/24
217.60.197.0/24
217.60.241.0/24
217.60.250.0/24
Signature Algorithm: sha256WithRSAEncryption
68:f3:a9:42:5b:c6:a8:be:d5:38:a2:94:61:59:67:61:54:a8:
84:fa:c1:ac:1a:ec:f2:1f:18:6c:46:61:43:10:77:0e:54:8f:
3c:a9:ba:a2:48:5c:9a:49:d0:60:fe:53:ec:d0:86:12:77:d4:
56:fe:ce:2f:ea:4f:64:f7:58:2d:94:6f:5d:7f:7c:e8:d0:07:
46:53:e0:ff:21:6a:03:5b:7f:46:43:f0:9d:bb:42:72:7b:d9:
3f:70:f2:fa:8a:b5:c7:0c:8f:46:71:4a:aa:a2:8c:09:f7:41:
84:df:a6:8f:8e:d0:0f:04:8a:78:a0:e2:ec:05:37:45:3d:d3:
99:25:ab:2b:78:41:90:da:a1:45:62:95:6d:8a:28:7e:61:cc:
02:e3:75:37:fb:ce:e5:d8:0b:5c:44:88:70:78:d4:31:34:1f:
88:3a:71:7f:51:21:94:77:e9:38:c9:98:2b:d5:cf:ea:5e:47:
ce:00:e4:00:2b:a1:d6:30:8f:ca:56:29:27:3e:79:2f:87:c1:
01:02:60:95:55:a4:5e:03:aa:19:e7:57:16:7d:ae:39:50:63:
aa:fc:51:bf:db:bd:b9:3f:2e:41:15:f3:cb:de:34:bd:19:4f:
e1:93:88:23:fa:d6:b4:9f:81:75:33:c2:fa:0b:c5:96:f3:66:
dc:99:e0:4f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ76TRXjlHb3cNiZB4KdrKl6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjI0MTU0MzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGNhOGJmYzgyZTdiNWEwOTM0Njc3MmE2NWM2NzA2MmQwYTUxYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ahztwsBJ7LBjVV5Sp3EfOINEilV
VIZCpfqcbXB0+UbaLWCKHi3V3N7DTwgGCsYeWuCJXir+oV4eOHVQtcmkuP1smGOp
1ADS+OAbNjCEGk5FaN/OdL7q98s+oC0cDEkBhLdWL0KhB0fhCNxSGqW+WLs3kYOC
FdCiwO/3PhVKAM0Uf7WYlD+pt0kgAOpx/8HfJbrqi2ZQbXztzh5LravBW7NpMX8G
qB/xu4n16eM/iim9Q5ufbH5hu/sQR8+4ZejMvgkkZ9HTCoSa6O/JRt2QVLFAIwhG
udOXyO60VPy/v+ycTh8FuEtWv3NtCGJdmvvV/ega5nXlIdsBNjojL4Yu3wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBTKi/yC57Wgk0Z3KmXGcGLQpRrZMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRk1xTF9JTG50YUNUUm5jcVpjWndZdENsR3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAHzklAwQA
Hzm5AwQAHznQAwQA2TzFAwQA2TzxAwQA2Tz6MA0GCSqGSIb3DQEBCwUAA4IBAQBo
86lCW8aovtU4opRhWWdhVKiE+sGsGuzyHxhsRmFDEHcOVI88qbqiSFyaSdBg/lPs
0IYSd9RW/s4v6k9k91gtlG9df3zo0AdGU+D/IWoDW39GQ/Cdu0Jye9k/cPL6irXH
DI9GcUqqoowJ90GE36aPjtAPBIp4oOLsBTdFPdOZJasreEGQ2qFFYpVtiih+YcwC
43U3+87l2AtcRIhweNQxNB+IOnF/USGUd+k4yZgr1c/qXkfOAOQAK6HWMI/KVikn
Pnkvh8EBAmCVVaReA6oZ51cWfa45UGOq/FG/2725Py5BFfPL3jS9GU/hk4gj+ta0
n4F1M8L6C8WW82bcmeBP
-----END CERTIFICATE-----
Generated at Fri Jun 26 17:01:28 2026 by rpki-client