Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HtA4upH7EDnCsI5eex_qoiajKuA.roa
File: HtA4upH7EDnCsI5eex_qoiajKuA.roa (raw, json)
Hash identifier: 6573icPVBOPtffiHepZyH+/E21Prqnk7TBX2vDPwhCo=
Subject key identifier: 1E:D0:38:BA:91:FB:10:39:C2:B0:8E:5E:7B:1F:EA:A2:26:A3:2A:E0
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E5FB688015BCA5E1F941D7D068FBA0A38
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HtA4upH7EDnCsI5eex_qoiajKuA.roa
Signing time: Mon 25 May 2026 15:17:38 +0000
ROA not before: Mon 25 May 2026 15:17:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210457
IP address blocks: 31.58.232.0/23 maxlen: 24
31.59.36.0/24 maxlen: 24
31.59.39.0/24 maxlen: 24
94.183.170.0/24 maxlen: 24
217.60.8.0/23 maxlen: 24
217.60.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5f:b6:88:01:5b:ca:5e:1f:94:1d:7d:06:8f:ba:0a:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 25 15:17:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1ed038ba91fb1039c2b08e5e7b1feaa226a32ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c6:38:a8:11:7d:c4:6e:ee:e4:ac:8a:a2:34:
76:98:74:67:15:01:71:30:6d:36:5b:22:10:12:6e:
bb:b2:c5:6b:3f:14:3e:dc:be:b0:c2:ce:cf:d7:f6:
5b:6e:82:0f:9c:f6:5d:6b:49:15:5b:65:b6:16:fe:
46:8f:20:a8:31:56:1a:cc:de:41:4a:0a:a1:8d:fd:
04:28:b8:09:c7:d3:3a:6d:b9:c8:03:82:42:8d:bc:
d5:b2:c8:7a:8a:e5:56:9c:33:02:01:d8:3d:95:5e:
87:73:57:ae:98:2b:05:75:50:fa:4b:e3:d9:81:a2:
54:f7:3c:f9:23:9e:9b:a7:d9:f9:a3:53:da:da:84:
f9:0f:ce:02:4e:f1:9f:ae:4a:22:77:4e:e7:2e:08:
a7:bc:ec:57:21:b2:11:8f:82:68:f4:ea:7c:68:52:
a8:53:74:dd:e1:49:db:4f:f7:7e:0c:09:70:ae:a6:
b2:10:8f:69:62:59:4d:6f:6c:2e:25:26:69:d3:dd:
fd:69:4a:6d:8c:88:0a:99:3b:74:29:c2:df:1b:fc:
9c:78:19:a7:9f:89:64:4a:02:20:fa:4c:df:66:35:
ab:cc:dc:6b:c2:8e:ab:c5:01:ea:d3:60:94:e6:b8:
9f:b1:69:39:a3:97:99:d1:4e:f6:e9:85:34:16:95:
5e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D0:38:BA:91:FB:10:39:C2:B0:8E:5E:7B:1F:EA:A2:26:A3:2A:E0
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HtA4upH7EDnCsI5eex_qoiajKuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.232.0/23
31.59.36.0/24
31.59.39.0/24
94.183.170.0/24
217.60.8.0/23
217.60.24.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:4f:f4:e0:06:1f:8f:90:ae:c1:6d:06:bd:40:9b:13:d5:bb:
13:b4:0d:e0:4f:50:61:00:5a:8f:59:0a:2e:7e:59:36:7f:61:
c5:62:6e:7c:2b:27:f4:d0:f6:a3:f2:f7:70:a7:8e:b3:e8:ee:
41:1f:cb:87:3b:3d:16:d8:61:4b:ff:39:1b:d1:9b:f5:fc:6e:
9a:31:9f:d5:bf:f6:64:6c:b2:19:ea:08:0b:9d:70:24:2d:ef:
00:0d:f1:e9:03:8e:f5:0b:fd:92:67:9e:85:10:90:09:a5:b0:
aa:7b:b3:08:45:6a:1c:44:66:43:89:6b:77:87:0a:62:50:a7:
6a:7a:35:91:87:b1:3b:5f:4f:42:34:bf:bb:1f:f7:6b:7d:5f:
a1:db:90:df:91:01:51:01:0d:6a:cc:b3:91:56:55:20:a2:89:
0e:f6:25:74:1f:25:41:a7:87:21:c1:c2:cb:ad:ec:26:36:08:
ba:bc:9a:82:dd:20:0c:85:1d:c1:0c:df:73:20:6a:8a:51:72:
bc:ad:d4:9f:37:88:41:04:15:1a:a8:69:a0:7e:55:95:26:47:
4f:c2:5f:14:1e:76:50:be:fa:6d:e2:6a:ce:4c:97:62:19:f4:
48:cb:a8:b5:4a:a7:ae:b9:c7:f5:46:18:39:3f:c7:29:98:07:
a3:67:d5:80
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ5ftogBW8peH5QdfQaPugo4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTI1MTUxNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQwMzhiYTkxZmIxMDM5YzJiMDhlNWU3YjFmZWFhMjI2YTMyYWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8Y4qBF9xG7u5KyKojR2mHRnFQFx
MG02WyIQEm67ssVrPxQ+3L6wws7P1/ZbboIPnPZda0kVW2W2Fv5GjyCoMVYazN5B
Sgqhjf0EKLgJx9M6bbnIA4JCjbzVssh6iuVWnDMCAdg9lV6Hc1eumCsFdVD6S+PZ
gaJU9zz5I56bp9n5o1Pa2oT5D84CTvGfrkoid07nLginvOxXIbIRj4Jo9Op8aFKo
U3Td4UnbT/d+DAlwrqayEI9pYllNb2wuJSZp0939aUptjIgKmTt0KcLfG/yceBmn
n4lkSgIg+kzfZjWrzNxrwo6rxQHq02CU5rifsWk5o5eZ0U726YU0FpVeVwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB7QOLqR+xA5wrCOXnsf6qImoyrgMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSHRBNHVwSDdFRG5Dc0k1ZWV4X3FvaWFqS3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBHzroAwQA
HzskAwQAHzsnAwQAXreqAwQB2TwIAwQA2TwYMA0GCSqGSIb3DQEBCwUAA4IBAQA/
T/TgBh+PkK7BbQa9QJsT1bsTtA3gT1BhAFqPWQouflk2f2HFYm58Kyf00Paj8vdw
p46z6O5BH8uHOz0W2GFL/zkb0Zv1/G6aMZ/Vv/ZkbLIZ6ggLnXAkLe8ADfHpA471
C/2SZ56FEJAJpbCqe7MIRWocRGZDiWt3hwpiUKdqejWRh7E7X09CNL+7H/drfV+h
25DfkQFRAQ1qzLORVlUgookO9iV0HyVBp4chwcLLrewmNgi6vJqC3SAMhR3BDN9z
IGqKUXK8rdSfN4hBBBUaqGmgflWVJkdPwl8UHnZQvvpt4mrOTJdiGfRIy6i1Sqeu
ucf1Rhg5P8cpmAejZ9WA
-----END CERTIFICATE-----
Generated at Wed May 27 15:55:31 2026 by rpki-client