Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HWHIg0LvBH9Hn8Emf0MJ8DfMuww.roa
File: HWHIg0LvBH9Hn8Emf0MJ8DfMuww.roa (raw, json)
Hash identifier: 5JcgYXTYDzGzCZ/VFq0N7bLuJiBCdBwagXBLyPeJMhk=
Subject key identifier: 1D:61:C8:83:42:EF:04:7F:47:9F:C1:26:7F:43:09:F0:37:CC:BB:0C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E2224CF4F5B1B8A1EC69566536D099A9E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HWHIg0LvBH9Hn8Emf0MJ8DfMuww.roa
Signing time: Wed 13 May 2026 16:21:38 +0000
ROA not before: Wed 13 May 2026 16:21:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 31.56.49.0/24 maxlen: 24
31.56.98.0/24 maxlen: 24
31.56.103.0/24 maxlen: 24
31.56.210.0/24 maxlen: 24
31.56.212.0/24 maxlen: 24
31.56.223.0/24 maxlen: 24
31.56.234.0/24 maxlen: 24
31.56.235.0/24 maxlen: 24
31.57.35.0/24 maxlen: 24
31.57.121.0/24 maxlen: 24
31.57.206.0/24 maxlen: 24
31.57.225.0/24 maxlen: 24
31.58.17.0/24 maxlen: 24
31.58.31.0/24 maxlen: 24
31.58.47.0/24 maxlen: 24
31.58.90.0/24 maxlen: 24
31.58.168.0/24 maxlen: 24
31.59.23.0/24 maxlen: 24
31.59.31.0/24 maxlen: 24
31.59.171.0/24 maxlen: 24
31.59.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:22:24:cf:4f:5b:1b:8a:1e:c6:95:66:53:6d:09:9a:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 13 16:21:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1d61c88342ef047f479fc1267f4309f037ccbb0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9e:47:b3:79:01:30:79:41:d1:4e:aa:ec:31:
5c:dd:f1:a9:7d:35:d7:0d:54:d6:59:67:0a:54:bf:
96:2e:a7:46:8d:78:1c:f3:3a:f3:1d:cf:99:0f:6d:
8a:e1:71:e3:cb:21:67:c9:66:ce:46:24:66:cd:30:
99:32:3e:2e:49:88:b5:a1:b2:af:1a:f7:09:cc:a4:
1b:7d:eb:9f:56:ea:15:7e:32:f7:d6:83:f8:f7:18:
5e:0c:7a:59:7c:88:e3:31:73:1f:fd:08:59:f3:be:
d7:8e:b4:1d:2a:cd:d2:ea:e2:b7:3b:15:88:17:5d:
53:48:6d:6f:e0:2c:df:b0:49:6c:1c:c4:8c:6b:eb:
9e:2d:5c:ab:f4:35:0c:44:f2:1d:ea:b8:56:1d:f9:
67:c8:8d:a0:66:b2:fe:ec:ac:6f:8b:67:a2:b5:ca:
08:cf:c4:f9:ce:5a:e8:c0:ea:5a:83:87:7c:fa:24:
2c:16:2f:f5:a6:b2:83:fd:fd:94:c0:b9:4f:44:5c:
11:b7:ba:08:70:25:db:81:55:07:50:35:2b:47:33:
00:6b:31:b5:05:3a:a4:2c:f1:52:d7:42:45:66:6d:
b6:50:e4:f3:7c:f1:86:02:6a:f9:26:85:42:c0:4e:
da:43:7c:33:29:d9:8f:d7:b4:2c:57:05:98:17:af:
3e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:61:C8:83:42:EF:04:7F:47:9F:C1:26:7F:43:09:F0:37:CC:BB:0C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HWHIg0LvBH9Hn8Emf0MJ8DfMuww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.49.0/24
31.56.98.0/24
31.56.103.0/24
31.56.210.0/24
31.56.212.0/24
31.56.223.0/24
31.56.234.0/23
31.57.35.0/24
31.57.121.0/24
31.57.206.0/24
31.57.225.0/24
31.58.17.0/24
31.58.31.0/24
31.58.47.0/24
31.58.90.0/24
31.58.168.0/24
31.59.23.0/24
31.59.31.0/24
31.59.171.0/24
31.59.236.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:be:3d:e4:de:c3:ac:e7:d5:ba:3d:ab:b7:8d:01:33:fe:7e:
ed:2e:c5:bc:90:e8:f0:58:db:dd:25:15:06:2c:f4:cb:ad:4a:
24:c1:1b:e2:dc:7e:2b:3f:4f:f6:0a:fb:3c:66:26:e7:e6:8b:
ea:f0:44:81:de:29:98:f5:f0:49:a5:f5:17:30:d1:6c:63:c1:
ce:58:0a:df:ee:94:27:16:9e:c9:06:6e:03:13:16:1c:89:27:
a7:0e:51:07:b9:d8:6c:28:10:64:b8:f0:17:e6:d0:da:0c:19:
16:7f:c3:4c:15:c8:3c:e5:67:63:ce:33:c3:11:d2:0c:a3:a9:
3c:79:95:55:21:83:0c:bd:32:7e:6a:9f:9c:8e:29:70:e6:e6:
b2:0a:ba:ca:c7:8d:7f:c9:f5:d6:f4:0e:51:bc:89:68:80:4f:
95:2f:58:fc:14:49:73:b8:e8:cc:ea:14:f5:40:42:65:97:f0:
65:58:bd:89:ef:e5:92:af:d5:b2:39:b5:a4:87:84:3b:ad:13:
d3:63:c1:43:19:5a:9e:39:be:25:77:75:7e:ff:ad:3c:9b:04:
ca:8b:5d:c9:61:fe:7a:30:96:a4:6d:26:77:15:f5:ea:34:c1:
58:22:1e:b4:d1:1d:28:c5:01:42:13:51:a1:11:c8:68:df:37:
d7:3c:b5:8d
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZ4iJM9PWxuKHsaVZlNtCZqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTEzMTYyMTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDYxYzg4MzQyZWYwNDdmNDc5ZmMxMjY3ZjQzMDlmMDM3Y2NiYjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ5Hs3kBMHlB0U6q7DFc3fGpfTXX
DVTWWWcKVL+WLqdGjXgc8zrzHc+ZD22K4XHjyyFnyWbORiRmzTCZMj4uSYi1obKv
GvcJzKQbfeufVuoVfjL31oP49xheDHpZfIjjMXMf/QhZ877XjrQdKs3S6uK3OxWI
F11TSG1v4CzfsElsHMSMa+ueLVyr9DUMRPId6rhWHflnyI2gZrL+7Kxvi2eitcoI
z8T5zlrowOpag4d8+iQsFi/1prKD/f2UwLlPRFwRt7oIcCXbgVUHUDUrRzMAazG1
BTqkLPFS10JFZm22UOTzfPGGAmr5JoVCwE7aQ3wzKdmP17QsVwWYF68+vwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFB1hyINC7wR/R5/BJn9DCfA3zLsMMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSFdISWcwTHZCSDlIbjhFbWYwTUo4RGZNdXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAHzgx
AwQAHzhiAwQAHzhnAwQAHzjSAwQAHzjUAwQAHzjfAwQBHzjqAwQAHzkjAwQAHzl5
AwQAHznOAwQAHznhAwQAHzoRAwQAHzofAwQAHzovAwQAHzpaAwQAHzqoAwQAHzsX
AwQAHzsfAwQAHzurAwQCHzvsMA0GCSqGSIb3DQEBCwUAA4IBAQBfvj3k3sOs59W6
Pau3jQEz/n7tLsW8kOjwWNvdJRUGLPTLrUokwRvi3H4rP0/2Cvs8Zibn5ovq8ESB
3imY9fBJpfUXMNFsY8HOWArf7pQnFp7JBm4DExYciSenDlEHudhsKBBkuPAX5tDa
DBkWf8NMFcg85WdjzjPDEdIMo6k8eZVVIYMMvTJ+ap+cjilw5uayCrrKx41/yfXW
9A5RvIlogE+VL1j8FElzuOjM6hT1QEJll/BlWL2J7+WSr9WyObWkh4Q7rRPTY8FD
GVqeOb4ld3V+/608mwTKi13JYf56MJakbSZ3FfXqNMFYIh600R0oxQFCE1GhEcho
3zfXPLWN
-----END CERTIFICATE-----
Generated at Wed May 27 15:55:15 2026 by rpki-client