Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HmgycaRXwrmwpQYWmjgi9-EoMKc.roa
File: HmgycaRXwrmwpQYWmjgi9-EoMKc.roa (raw, json)
Hash identifier: GdF6RzOCU77XD3/zOQCMvIjFtZV6DHWu+jgKgnASQuk=
Subject key identifier: 1E:68:32:71:A4:57:C2:B9:B0:A5:06:16:9A:38:22:F7:E1:28:30:A7
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019EF0B5B9D7C77905985C5D8DEF81557EEA
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HmgycaRXwrmwpQYWmjgi9-EoMKc.roa
Signing time: Mon 22 Jun 2026 19:01:41 +0000
ROA not before: Mon 22 Jun 2026 19:01:41 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 31.56.5.0/24 maxlen: 24
31.56.119.0/24 maxlen: 24
31.56.128.0/24 maxlen: 24
31.56.129.0/24 maxlen: 24
31.56.130.0/24 maxlen: 24
31.56.131.0/24 maxlen: 24
31.56.132.0/24 maxlen: 24
31.56.133.0/24 maxlen: 24
31.56.134.0/24 maxlen: 24
31.56.135.0/24 maxlen: 24
31.56.136.0/24 maxlen: 24
31.56.137.0/24 maxlen: 24
31.56.207.0/24 maxlen: 24
31.56.246.0/24 maxlen: 24
31.56.247.0/24 maxlen: 24
31.56.248.0/24 maxlen: 24
31.56.249.0/24 maxlen: 24
31.56.250.0/24 maxlen: 24
31.56.251.0/24 maxlen: 24
31.56.252.0/24 maxlen: 24
31.56.253.0/24 maxlen: 24
31.56.254.0/24 maxlen: 24
31.56.255.0/24 maxlen: 24
31.57.41.0/24 maxlen: 24
31.57.42.0/24 maxlen: 24
31.57.82.0/24 maxlen: 24
31.58.116.0/22 maxlen: 24
31.59.0.0/24 maxlen: 24
31.59.1.0/24 maxlen: 24
31.59.2.0/24 maxlen: 24
31.59.3.0/24 maxlen: 24
31.59.4.0/24 maxlen: 24
31.59.5.0/24 maxlen: 24
31.59.6.0/24 maxlen: 24
31.59.7.0/24 maxlen: 24
31.59.8.0/24 maxlen: 24
31.59.9.0/24 maxlen: 24
31.59.246.0/24 maxlen: 24
31.59.247.0/24 maxlen: 24
217.60.126.0/24 maxlen: 24
217.60.127.0/24 maxlen: 24
217.60.160.0/24 maxlen: 24
217.60.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jun 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f0:b5:b9:d7:c7:79:05:98:5c:5d:8d:ef:81:55:7e:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 22 19:01:41 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1e683271a457c2b9b0a506169a3822f7e12830a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:65:fc:b9:ca:72:b1:9a:71:22:d0:af:db:68:
e0:3a:71:7b:75:9a:82:99:c1:44:0d:76:1b:ef:9c:
3c:63:dc:b7:6a:5b:b5:21:22:f2:e8:95:ce:0d:41:
35:47:fd:1d:47:7a:96:2b:9f:10:99:e7:89:e1:31:
17:b9:bc:f9:ff:8c:32:ca:26:fa:fe:11:9c:fe:a4:
76:73:b2:32:f2:79:d8:f1:fb:87:ea:c5:fc:aa:cd:
ad:c3:61:d3:08:71:80:b2:54:26:0d:c1:7d:9c:94:
f2:4d:63:86:44:68:91:bb:aa:3e:11:25:e3:85:0a:
18:b8:b2:79:e9:a3:46:a2:a9:59:75:1c:4a:b7:3f:
56:cb:8f:7a:60:d6:14:53:bc:cc:ff:57:97:08:6f:
63:8e:c3:b6:6a:50:17:63:4c:cf:57:bd:b6:79:b7:
8f:74:29:b3:b8:0e:33:ad:27:0e:26:7c:d4:4c:9d:
02:14:b1:02:42:64:c8:88:19:2d:6a:a2:f3:84:e4:
cd:93:c1:64:0e:56:c5:06:cd:7e:24:89:43:85:62:
8b:14:46:1f:e8:5c:2f:c1:b1:c6:e2:b1:df:1c:98:
64:60:a9:49:74:45:40:2e:de:f1:22:ae:7c:2a:8f:
32:0b:6e:a5:4a:5f:8f:0c:9f:5f:36:c7:69:f0:db:
9e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:68:32:71:A4:57:C2:B9:B0:A5:06:16:9A:38:22:F7:E1:28:30:A7
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HmgycaRXwrmwpQYWmjgi9-EoMKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.5.0/24
31.56.119.0/24
31.56.128.0-31.56.137.255
31.56.207.0/24
31.56.246.0-31.56.255.255
31.57.41.0-31.57.42.255
31.57.82.0/24
31.58.116.0/22
31.59.0.0-31.59.9.255
31.59.246.0/23
217.60.126.0/23
217.60.160.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:32:65:03:93:dd:86:46:1d:54:be:dc:aa:ea:26:b5:fc:b6:
b6:68:2b:98:95:b0:8a:6d:9e:63:bc:52:cd:fd:6e:f9:a8:16:
1c:0b:98:2f:61:16:40:ab:e7:56:b0:2d:0f:7a:e2:e0:f1:74:
88:88:70:83:c5:6d:15:cd:50:b8:43:70:44:b6:f1:fa:73:12:
d8:0c:f3:31:3c:f3:00:86:f7:b8:7c:2d:0a:48:98:05:58:08:
b1:2d:e3:64:07:ad:08:32:7d:7a:d1:c6:d4:db:a5:20:46:42:
a4:b5:b8:9e:81:1a:ee:7e:85:e8:12:6a:4b:0b:b0:cb:1d:79:
5f:cf:90:d5:aa:82:02:c9:87:24:4f:d0:84:1d:8a:ca:4c:37:
84:4d:87:07:3c:3d:7e:39:e1:94:66:e3:c5:3d:6c:35:d5:cc:
0a:91:fd:3b:1f:5b:27:ba:13:d7:af:59:53:34:61:9e:56:4b:
61:7f:8c:2e:b0:2d:51:a3:26:be:9c:51:e2:d4:d3:4a:3c:3e:
1e:ae:f9:38:bf:39:10:18:af:c4:81:55:88:bf:05:8e:07:b2:
13:cf:1a:f0:c0:b9:5a:47:13:63:c2:fe:47:3e:71:9f:16:2a:
f1:a6:5e:71:8d:8e:98:f1:92:cb:26:9e:93:d8:cc:9d:e1:21:
c6:af:c9:4a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZ7wtbnXx3kFmFxdje+BVX7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjIyMTkwMTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTY4MzI3MWE0NTdjMmI5YjBhNTA2MTY5YTM4MjJmN2UxMjgzMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGX8ucpysZpxItCv22jgOnF7dZqC
mcFEDXYb75w8Y9y3alu1ISLy6JXODUE1R/0dR3qWK58QmeeJ4TEXubz5/4wyyib6
/hGc/qR2c7Iy8nnY8fuH6sX8qs2tw2HTCHGAslQmDcF9nJTyTWOGRGiRu6o+ESXj
hQoYuLJ56aNGoqlZdRxKtz9Wy496YNYUU7zM/1eXCG9jjsO2alAXY0zPV722ebeP
dCmzuA4zrScOJnzUTJ0CFLECQmTIiBktaqLzhOTNk8FkDlbFBs1+JIlDhWKLFEYf
6FwvwbHG4rHfHJhkYKlJdEVALt7xIq58Ko8yC26lSl+PDJ9fNsdp8NueHQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFB5oMnGkV8K5sKUGFpo4IvfhKDCnMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSG1neWNhUlh3cm13cFFZV21qZ2k5LUVvTUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAHzgFAwQA
Hzh3MAwDBAcfOIADBAEfOIgDBAAfOM8wCwMEAR849gMDAB84MAwDBAAfOSkDBAAf
OSoDBAAfOVIDBAIfOnQwCwMDAB87AwQBHzsIAwQBHzv2AwQB2Tx+AwQB2TygMA0G
CSqGSIb3DQEBCwUAA4IBAQCjMmUDk92GRh1Uvtyq6ia1/La2aCuYlbCKbZ5jvFLN
/W75qBYcC5gvYRZAq+dWsC0PeuLg8XSIiHCDxW0VzVC4Q3BEtvH6cxLYDPMxPPMA
hve4fC0KSJgFWAixLeNkB60IMn160cbU26UgRkKktbiegRrufoXoEmpLC7DLHXlf
z5DVqoICyYckT9CEHYrKTDeETYcHPD1+OeGUZuPFPWw11cwKkf07H1snuhPXr1lT
NGGeVkthf4wusC1Roya+nFHi1NNKPD4ervk4vzkQGK/EgVWIvwWOB7ITzxrwwLla
RxNjwv5HPnGfFirxpl5xjY6Y8ZLLJp6T2Myd4SHGr8lK
-----END CERTIFICATE-----
Generated at Fri Jun 26 17:03:24 2026 by rpki-client