Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KnXxplxZVY0vXd1vmImuUPMaujk.roa
File: KnXxplxZVY0vXd1vmImuUPMaujk.roa (raw, json)
Hash identifier: 28hecEApxfvcgIN/+GqsZLeXR+yQQ6MwAvhDs2a6DH4=
Subject key identifier: 2A:75:F1:A6:5C:59:55:8D:2F:5D:DD:6F:98:89:AE:50:F3:1A:BA:39
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E8E5984E43BCDB78920C2DF2B211FBE65
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KnXxplxZVY0vXd1vmImuUPMaujk.roa
Signing time: Wed 03 Jun 2026 16:38:11 +0000
ROA not before: Wed 03 Jun 2026 16:38:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 399486
IP address blocks: 31.57.36.0/24 maxlen: 24
31.57.38.0/24 maxlen: 24
31.57.147.0/24 maxlen: 24
31.57.188.0/24 maxlen: 24
31.57.219.0/24 maxlen: 24
31.57.251.0/24 maxlen: 24
217.60.97.0/24 maxlen: 24
217.60.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 06:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8e:59:84:e4:3b:cd:b7:89:20:c2:df:2b:21:1f:be:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 3 16:38:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2a75f1a65c59558d2f5ddd6f9889ae50f31aba39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:2f:5f:27:23:93:db:e8:b3:0a:f6:db:9c:38:
9c:6b:93:c3:3c:03:e9:03:46:3c:0f:cd:37:fb:d3:
99:f4:b7:d7:62:4a:44:b6:30:d5:bf:8e:6c:f7:1b:
a0:87:29:3a:d1:50:6b:96:f2:e8:9f:90:8e:5d:cc:
aa:fa:f5:b1:42:37:08:3a:ad:c2:3e:6b:0a:03:ba:
7a:dc:b3:5d:ad:cd:9d:29:21:8c:f1:b8:dc:f6:b6:
1f:b7:09:cf:14:01:cc:3a:cd:cc:02:fa:a1:dd:f5:
b9:97:a8:79:97:0d:84:7d:21:8e:20:45:28:d2:d8:
2b:10:fd:7a:e0:64:62:c1:2c:ad:08:1e:2c:ab:62:
1a:d3:f6:ea:3e:1c:29:48:35:42:cd:4b:3b:18:5c:
f2:1f:e4:aa:0f:ff:21:07:e2:63:cb:80:95:92:84:
c1:bd:ab:4f:56:fa:db:2c:ce:86:48:02:d9:e3:1f:
00:95:80:95:b7:a0:a4:1e:97:8b:02:81:f1:eb:50:
59:53:19:08:01:f3:69:04:0b:f8:94:7a:50:dd:4c:
0d:cf:f4:6a:8e:01:89:c0:03:db:ec:4e:10:e9:de:
18:5b:30:55:1b:d1:0e:f3:8d:c5:58:fd:48:c7:99:
ed:34:50:66:67:c3:e9:bf:bb:98:69:e5:44:c6:43:
b0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:75:F1:A6:5C:59:55:8D:2F:5D:DD:6F:98:89:AE:50:F3:1A:BA:39
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KnXxplxZVY0vXd1vmImuUPMaujk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.36.0/24
31.57.38.0/24
31.57.147.0/24
31.57.188.0/24
31.57.219.0/24
31.57.251.0/24
217.60.97.0/24
217.60.184.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:93:49:f5:4c:a8:6b:b3:68:94:0d:82:21:c8:da:72:87:4e:
f8:69:9b:08:cc:69:86:76:26:a4:46:1c:5c:20:7b:8c:c7:79:
19:df:e5:e8:7e:45:68:7f:d0:63:cf:d0:e9:16:12:5a:88:01:
51:53:ce:6e:f3:02:42:f9:2b:a8:fc:45:b2:fa:1e:aa:25:05:
61:e3:30:74:cd:fd:db:9c:d4:b4:22:25:e7:ef:13:7f:6e:36:
56:4e:47:00:82:cd:34:9c:6c:a8:a4:b9:b5:e3:98:23:a1:52:
63:da:1d:9b:3a:cc:5c:7c:b8:3b:fa:f0:a6:99:c3:4b:92:2b:
fd:91:61:89:91:bb:02:08:b1:ad:be:a4:f5:64:d5:f5:6b:b3:
90:5f:99:af:e6:4b:c7:98:8b:94:67:7b:54:df:c9:92:6c:14:
c3:a0:18:12:fe:1f:fd:8f:19:0b:44:ce:f1:2d:a6:e3:fd:a2:
9d:2a:9c:7f:39:21:ee:78:10:c4:d8:29:ca:9f:f5:8f:87:30:
47:e7:b9:82:af:2a:24:15:7f:54:96:8a:dc:15:10:b5:3e:c8:
12:40:05:e3:47:ff:7b:c6:02:ea:80:3b:0f:27:1d:22:d3:43:
e3:65:a7:1e:4f:48:17:f9:9b:d2:9b:63:cf:0c:76:8c:c7:35:
a2:4f:bc:33
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ6OWYTkO823iSDC3yshH75lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjAzMTYzODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTc1ZjFhNjVjNTk1NThkMmY1ZGRkNmY5ODg5YWU1MGYzMWFiYTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzS9fJyOT2+izCvbbnDica5PDPAPp
A0Y8D803+9OZ9LfXYkpEtjDVv45s9xughyk60VBrlvLon5COXcyq+vWxQjcIOq3C
PmsKA7p63LNdrc2dKSGM8bjc9rYftwnPFAHMOs3MAvqh3fW5l6h5lw2EfSGOIEUo
0tgrEP164GRiwSytCB4sq2Ia0/bqPhwpSDVCzUs7GFzyH+SqD/8hB+Jjy4CVkoTB
vatPVvrbLM6GSALZ4x8AlYCVt6CkHpeLAoHx61BZUxkIAfNpBAv4lHpQ3UwNz/Rq
jgGJwAPb7E4Q6d4YWzBVG9EO843FWP1Ix5ntNFBmZ8Ppv7uYaeVExkOwxQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCp18aZcWVWNL13db5iJrlDzGro5MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvS25YeHBseFpWWTB2WGQxdm1JbXVVUE1hdWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAHzkkAwQA
HzkmAwQAHzmTAwQAHzm8AwQAHznbAwQAHzn7AwQA2TxhAwQA2Ty4MA0GCSqGSIb3
DQEBCwUAA4IBAQA+k0n1TKhrs2iUDYIhyNpyh074aZsIzGmGdiakRhxcIHuMx3kZ
3+XofkVof9Bjz9DpFhJaiAFRU85u8wJC+Suo/EWy+h6qJQVh4zB0zf3bnNS0IiXn
7xN/bjZWTkcAgs00nGyopLm145gjoVJj2h2bOsxcfLg7+vCmmcNLkiv9kWGJkbsC
CLGtvqT1ZNX1a7OQX5mv5kvHmIuUZ3tU38mSbBTDoBgS/h/9jxkLRM7xLabj/aKd
Kpx/OSHueBDE2CnKn/WPhzBH57mCryokFX9UlorcFRC1PsgSQAXjR/97xgLqgDsP
Jx0i00PjZaceT0gX+ZvSm2PPDHaMxzWiT7wz
-----END CERTIFICATE-----
Generated at Thu Jun 4 11:18:32 2026 by rpki-client