Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/JiGxh2wM2qgJVzN4wYDOUWR3gCM.roa
File: JiGxh2wM2qgJVzN4wYDOUWR3gCM.roa (raw, json)
Hash identifier: FGrHzGcjcKrdpQRw4jwWoY6/Gd0JUdNwH0Mfac+7FRk=
Subject key identifier: 26:21:B1:87:6C:0C:DA:A8:09:57:33:78:C1:80:CE:51:64:77:80:23
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019DDFC5BAE61C900DCB10C854931A191BCF
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/JiGxh2wM2qgJVzN4wYDOUWR3gCM.roa
Signing time: Thu 30 Apr 2026 19:02:50 +0000
ROA not before: Thu 30 Apr 2026 19:02:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 150249
IP address blocks: 31.56.30.0/24 maxlen: 24
31.56.43.0/24 maxlen: 24
31.56.192.0/24 maxlen: 24
31.58.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 03 May 2026 16:43:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:df:c5:ba:e6:1c:90:0d:cb:10:c8:54:93:1a:19:1b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 30 19:02:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2621b1876c0cdaa809573378c180ce5164778023
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e1:4c:bc:5d:f5:e4:95:96:cb:a6:29:f8:12:
46:a6:ce:97:1d:22:6c:03:97:1a:47:17:fc:97:d1:
93:eb:92:b0:c5:92:6e:38:20:c5:87:f9:bc:78:52:
86:d3:e3:fb:6d:6d:90:b3:eb:94:56:1e:29:41:16:
48:bb:ef:60:d0:74:38:45:cf:48:f8:de:67:a5:54:
91:6a:29:8e:38:c4:4e:b9:fc:62:93:6d:ca:85:24:
d9:5b:6c:71:19:ac:30:39:47:db:fb:0c:3c:3a:ff:
f3:f2:31:67:54:6d:4e:45:97:7a:85:e8:4f:70:3e:
bf:fe:6b:34:7c:17:11:d5:5c:9d:20:fa:ba:92:92:
5d:b4:c9:ba:67:6a:33:63:c5:c7:9e:96:14:b8:91:
7f:29:91:eb:e8:6f:14:7f:35:35:4f:9b:0d:5f:1f:
f6:13:40:91:e5:4e:5b:65:13:1f:0a:1d:29:3e:7a:
3d:d8:cb:f7:61:ee:4a:e8:c9:41:d8:c5:f1:2e:3f:
6a:93:55:87:82:58:5d:d1:93:73:dc:9e:3e:74:28:
ea:d2:d5:8e:62:3b:47:2b:62:d2:74:0b:15:e1:42:
1b:8f:51:4d:6c:d6:36:4b:ec:95:72:a3:dd:fc:57:
aa:3f:1e:df:a4:be:57:5d:01:93:41:d8:47:df:d7:
f3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:21:B1:87:6C:0C:DA:A8:09:57:33:78:C1:80:CE:51:64:77:80:23
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/JiGxh2wM2qgJVzN4wYDOUWR3gCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.30.0/24
31.56.43.0/24
31.56.192.0/24
31.58.57.0/24
Signature Algorithm: sha256WithRSAEncryption
85:b0:af:37:11:c4:26:a9:6c:ca:47:0a:fe:fa:33:6f:bb:19:
e2:e0:55:b7:8d:d1:ab:bc:e9:81:1e:45:53:33:69:ea:99:40:
09:eb:75:46:30:70:1e:b3:ad:7d:af:a1:ca:76:88:70:1a:a7:
8a:f4:a6:6c:5f:78:25:b6:06:aa:2f:6b:d9:39:25:82:02:0c:
db:f6:0e:d4:c0:ce:05:ed:bc:69:82:39:98:19:6b:f8:ad:70:
28:00:1b:85:bf:c4:34:14:22:63:44:c9:90:65:f6:b4:8e:bd:
8a:75:aa:a3:07:dd:30:2e:98:5b:05:a1:1e:39:9f:c6:6d:d2:
9c:4b:64:44:bf:96:c9:dd:97:11:37:66:2b:d2:33:d2:e1:aa:
e6:90:43:c4:32:cf:51:02:37:63:5a:da:cf:1f:f4:f9:c1:4a:
c2:cc:39:ac:80:44:4f:93:37:4a:c7:df:4e:1c:ab:4e:3a:e1:
1a:94:17:09:36:6d:0e:8d:ca:03:20:1c:f9:f0:94:80:b5:db:
ca:f1:bd:33:90:37:ab:8f:ce:e2:75:23:c4:7b:8c:ee:54:27:
ef:07:ae:a1:c7:2b:4b:34:8c:5b:af:b7:f5:f6:b8:64:b6:40:
14:5c:0b:59:39:9b:e2:93:64:54:88:1a:30:20:e2:32:6d:e9:
53:4b:d3:1f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3fxbrmHJANyxDIVJMaGRvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNDMwMTkwMjUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjIxYjE4NzZjMGNkYWE4MDk1NzMzNzhjMTgwY2U1MTY0Nzc4MDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuFMvF315JWWy6Yp+BJGps6XHSJs
A5caRxf8l9GT65KwxZJuOCDFh/m8eFKG0+P7bW2Qs+uUVh4pQRZIu+9g0HQ4Rc9I
+N5npVSRaimOOMROufxik23KhSTZW2xxGawwOUfb+ww8Ov/z8jFnVG1ORZd6hehP
cD6//ms0fBcR1VydIPq6kpJdtMm6Z2ozY8XHnpYUuJF/KZHr6G8UfzU1T5sNXx/2
E0CR5U5bZRMfCh0pPno92Mv3Ye5K6MlB2MXxLj9qk1WHglhd0ZNz3J4+dCjq0tWO
YjtHK2LSdAsV4UIbj1FNbNY2S+yVcqPd/FeqPx7fpL5XXQGTQdhH39fzgwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCYhsYdsDNqoCVczeMGAzlFkd4AjMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSmlHeGgyd00ycWdKVnpONHdZRE9VV1IzZ0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzgeAwQA
HzgrAwQAHzjAAwQAHzo5MA0GCSqGSIb3DQEBCwUAA4IBAQCFsK83EcQmqWzKRwr+
+jNvuxni4FW3jdGrvOmBHkVTM2nqmUAJ63VGMHAes619r6HKdohwGqeK9KZsX3gl
tgaqL2vZOSWCAgzb9g7UwM4F7bxpgjmYGWv4rXAoABuFv8Q0FCJjRMmQZfa0jr2K
daqjB90wLphbBaEeOZ/GbdKcS2REv5bJ3ZcRN2Yr0jPS4armkEPEMs9RAjdjWtrP
H/T5wUrCzDmsgERPkzdKx99OHKtOOuEalBcJNm0OjcoDIBz58JSAtdvK8b0zkDer
j87idSPEe4zuVCfvB66hxytLNIxbr7f19rhktkAUXAtZOZvik2RUiBowIOIybelT
S9Mf
-----END CERTIFICATE-----
Generated at Sat May 2 22:51:13 2026 by rpki-client