Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ONhhee_QJF7sAaapZ-_FD0fjok8.roa
File: ONhhee_QJF7sAaapZ-_FD0fjok8.roa (raw, json)
Hash identifier: zzyUxy5h2f1OWCGa3ng3kjop8ekH88cPEQL1E2eoPNs=
Subject key identifier: 38:D8:61:79:EF:D0:24:5E:EC:01:A6:A9:67:EF:C5:0F:47:E3:A2:4F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019CD778F3CDA7CF6DA1872EF477121E7B8E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ONhhee_QJF7sAaapZ-_FD0fjok8.roa
Signing time: Tue 10 Mar 2026 11:19:13 +0000
ROA not before: Tue 10 Mar 2026 11:19:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 31.56.49.0/24 maxlen: 24
31.56.98.0/24 maxlen: 24
31.56.103.0/24 maxlen: 24
31.56.210.0/24 maxlen: 24
31.56.212.0/24 maxlen: 24
31.56.223.0/24 maxlen: 24
31.56.234.0/24 maxlen: 24
31.56.235.0/24 maxlen: 24
31.57.35.0/24 maxlen: 24
31.57.121.0/24 maxlen: 24
31.57.206.0/24 maxlen: 24
31.57.225.0/24 maxlen: 24
31.58.47.0/24 maxlen: 24
31.58.90.0/24 maxlen: 24
31.58.168.0/24 maxlen: 24
31.59.171.0/24 maxlen: 24
31.59.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Mar 2026 20:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d7:78:f3:cd:a7:cf:6d:a1:87:2e:f4:77:12:1e:7b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 10 11:19:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=38d86179efd0245eec01a6a967efc50f47e3a24f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:24:3b:c7:b5:d6:ab:cb:67:01:2b:67:dc:99:
75:a6:93:fb:e4:e9:24:52:a2:d4:eb:c6:fc:5a:f3:
ae:35:b0:c4:97:29:f0:3e:e6:65:40:36:09:61:0f:
18:f5:70:2a:28:25:15:df:f7:10:9d:ab:94:02:89:
ce:7e:a0:7a:15:26:ea:ba:0c:b1:30:f4:f6:b7:25:
cb:f7:1b:66:09:d1:62:a9:8f:ea:b0:4f:3e:b8:bd:
35:40:e2:17:21:2b:74:72:f5:77:8c:07:74:ff:5d:
fc:5e:9a:f9:02:26:f2:22:9c:c4:e5:41:6e:77:58:
7a:f0:2a:6d:5a:0b:a2:c0:71:ab:35:db:24:cb:49:
2c:4c:8f:66:3f:31:aa:ab:ec:a1:d0:b0:d9:b9:03:
11:c3:9b:a5:9b:bd:e0:9d:24:7b:e6:77:87:f1:da:
2e:d7:64:71:23:c5:5b:31:39:88:bf:8c:a4:14:c3:
12:d0:e5:96:89:24:32:3e:42:24:0f:98:89:f3:1f:
93:41:0b:81:6c:da:d1:82:fd:06:43:f8:d5:9f:5b:
0b:24:23:0f:0b:64:d9:fb:32:76:dd:53:fd:32:ef:
4b:f6:14:fe:1d:9d:f8:71:c0:2d:82:43:81:33:5a:
77:9e:38:02:f6:58:d6:7f:6f:07:15:b1:42:7d:fb:
98:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D8:61:79:EF:D0:24:5E:EC:01:A6:A9:67:EF:C5:0F:47:E3:A2:4F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ONhhee_QJF7sAaapZ-_FD0fjok8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.49.0/24
31.56.98.0/24
31.56.103.0/24
31.56.210.0/24
31.56.212.0/24
31.56.223.0/24
31.56.234.0/23
31.57.35.0/24
31.57.121.0/24
31.57.206.0/24
31.57.225.0/24
31.58.47.0/24
31.58.90.0/24
31.58.168.0/24
31.59.171.0/24
31.59.236.0/22
Signature Algorithm: sha256WithRSAEncryption
27:03:eb:1c:a4:8b:72:04:84:6b:fb:a2:f7:23:a3:62:aa:a7:
85:bd:a0:53:46:42:7e:ca:98:28:39:61:be:8c:a0:2c:d6:b0:
02:d2:95:61:9b:2d:a1:6d:a3:10:8a:4e:8a:e2:d1:ac:4f:c2:
0d:c3:f7:01:35:28:1e:cd:d7:81:0b:ea:a7:63:dc:d9:c9:fc:
fa:79:b2:a4:03:27:d9:e3:b7:fa:77:9d:97:83:42:6d:f9:88:
f9:8a:d2:12:a3:af:06:d6:f6:6c:2d:ad:4d:5f:41:03:23:85:
ee:24:ff:26:26:f7:2e:d3:45:97:a1:94:14:72:57:36:62:b6:
dd:56:2c:53:4f:89:ba:db:11:bc:df:91:ce:6a:0a:bf:55:16:
b7:b4:2f:14:84:af:0d:7b:a8:d5:04:b1:70:11:0a:fd:86:9a:
2e:a0:75:a6:e9:fc:18:0e:b3:eb:90:72:84:5a:aa:7a:9a:27:
9d:36:49:d2:0b:fb:ff:35:88:cf:aa:e2:96:7f:df:5a:37:d6:
c8:21:53:91:74:e7:42:35:87:6e:77:03:4a:0c:00:22:86:b0:
65:aa:d9:3c:37:3d:e4:f2:f6:ab:57:84:3d:2c:d2:b6:ca:1f:
24:fd:ce:0a:58:e5:38:2d:8d:3d:fd:32:75:2f:36:fb:ad:ee:
2d:02:a5:c4
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZzXePPNp89toYcu9HcSHnuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMzEwMTExOTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQ4NjE3OWVmZDAyNDVlZWMwMWE2YTk2N2VmYzUwZjQ3ZTNhMjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiQ7x7XWq8tnAStn3Jl1ppP75Okk
UqLU68b8WvOuNbDElynwPuZlQDYJYQ8Y9XAqKCUV3/cQnauUAonOfqB6FSbqugyx
MPT2tyXL9xtmCdFiqY/qsE8+uL01QOIXISt0cvV3jAd0/138Xpr5AibyIpzE5UFu
d1h68CptWguiwHGrNdsky0ksTI9mPzGqq+yh0LDZuQMRw5ulm73gnSR75neH8dou
12RxI8VbMTmIv4ykFMMS0OWWiSQyPkIkD5iJ8x+TQQuBbNrRgv0GQ/jVn1sLJCMP
C2TZ+zJ23VP9Mu9L9hT+HZ34ccAtgkOBM1p3njgC9ljWf28HFbFCffuY3wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFDjYYXnv0CRe7AGmqWfvxQ9H46JPMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvT05oaGVlX1FKRjdzQWFhcFotX0ZEMGZqb2s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAHzgxAwQA
HzhiAwQAHzhnAwQAHzjSAwQAHzjUAwQAHzjfAwQBHzjqAwQAHzkjAwQAHzl5AwQA
HznOAwQAHznhAwQAHzovAwQAHzpaAwQAHzqoAwQAHzurAwQCHzvsMA0GCSqGSIb3
DQEBCwUAA4IBAQAnA+scpItyBIRr+6L3I6NiqqeFvaBTRkJ+ypgoOWG+jKAs1rAC
0pVhmy2hbaMQik6K4tGsT8INw/cBNSgezdeBC+qnY9zZyfz6ebKkAyfZ47f6d52X
g0Jt+Yj5itISo68G1vZsLa1NX0EDI4XuJP8mJvcu00WXoZQUclc2YrbdVixTT4m6
2xG835HOagq/VRa3tC8UhK8Ne6jVBLFwEQr9hpouoHWm6fwYDrPrkHKEWqp6mied
NknSC/v/NYjPquKWf99aN9bIIVORdOdCNYdudwNKDAAihrBlqtk8Nz3k8varV4Q9
LNK2yh8k/c4KWOU4LY09/TJ1Lzb7re4tAqXE
-----END CERTIFICATE-----
Generated at Sat Mar 21 06:49:44 2026 by rpki-client