Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OVr_h6ylEKMBmCHaNvIsV422R6o.roa
File: OVr_h6ylEKMBmCHaNvIsV422R6o.roa (raw, json)
Hash identifier: 6kNtwrBe8pW9wizQdovgTVmkXMdiYnXZBR0g0q5lD9s=
Subject key identifier: 39:5A:FF:87:AC:A5:10:A3:01:98:21:DA:36:F2:2C:57:8D:B6:47:AA
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E65D2417DF0A1477159992982DC00BFC5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OVr_h6ylEKMBmCHaNvIsV422R6o.roa
Signing time: Tue 26 May 2026 19:45:38 +0000
ROA not before: Tue 26 May 2026 19:45:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 31.56.184.0/22 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/22 maxlen: 22
31.57.217.0/24 maxlen: 24
31.58.180.0/24 maxlen: 24
31.58.184.0/21 maxlen: 24
31.58.192.0/20 maxlen: 24
31.58.209.0/24 maxlen: 24
31.59.37.0/24 maxlen: 24
31.59.90.0/23 maxlen: 24
31.59.140.0/22 maxlen: 24
31.59.148.0/22 maxlen: 24
31.59.160.0/22 maxlen: 24
31.59.164.0/24 maxlen: 24
31.59.176.0/21 maxlen: 24
94.183.152.0/24 maxlen: 24
94.183.238.0/24 maxlen: 24
94.183.239.0/24 maxlen: 24
217.60.16.0/21 maxlen: 24
217.60.28.0/22 maxlen: 24
217.60.32.0/22 maxlen: 24
217.60.52.0/22 maxlen: 24
217.60.56.0/22 maxlen: 24
217.60.68.0/22 maxlen: 24
217.60.76.0/22 maxlen: 24
217.60.108.0/22 maxlen: 24
217.60.112.0/22 maxlen: 24
217.60.124.0/22 maxlen: 24
217.60.152.0/22 maxlen: 24
217.60.156.0/22 maxlen: 24
217.60.160.0/20 maxlen: 24
217.60.176.0/21 maxlen: 24
217.60.188.0/22 maxlen: 24
217.60.242.0/24 maxlen: 24
2a14:6e40:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:65:d2:41:7d:f0:a1:47:71:59:99:29:82:dc:00:bf:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 26 19:45:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=395aff87aca510a3019821da36f22c578db647aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:07:84:9c:00:29:af:d6:c7:56:44:8d:a0:b3:
2c:cd:3b:9c:09:10:cd:23:af:0d:12:b8:49:cb:fa:
c0:c7:d5:86:e7:4b:0c:55:8a:26:1c:9d:0b:19:88:
7b:33:8b:f2:9d:22:07:24:97:fe:2b:3c:3b:13:60:
42:57:60:90:38:bc:a5:58:39:c8:a0:81:e4:ef:71:
b2:5b:ab:af:21:a7:e8:3b:02:42:20:cc:d4:af:ed:
2c:e3:03:b4:35:01:9f:35:ee:00:b1:51:3f:10:b0:
f5:3e:3e:d7:00:32:f4:ee:7f:9f:74:9c:b9:d8:60:
cd:b2:71:5e:e9:6e:e3:5c:91:89:0e:47:41:8f:9b:
c6:dd:44:38:95:e6:a2:01:4c:d6:60:2f:ad:eb:2b:
c3:57:03:ff:1c:29:4e:73:3a:a1:4c:b8:04:61:89:
b1:f5:57:4a:0f:f9:7c:60:96:7c:2c:5a:9b:9d:73:
63:67:23:cb:6b:78:c2:18:d1:0d:66:9c:c3:1b:5f:
d1:f2:8e:e7:28:af:e2:bb:c5:ac:66:02:06:9e:a9:
15:39:5a:8e:03:0d:fb:9f:cb:e9:91:8d:ef:36:4f:
a0:86:95:54:13:73:ce:66:c8:6f:88:f5:88:2c:18:
8e:ec:69:74:39:03:e3:44:5b:dc:90:c5:2d:c9:cb:
8b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:5A:FF:87:AC:A5:10:A3:01:98:21:DA:36:F2:2C:57:8D:B6:47:AA
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OVr_h6ylEKMBmCHaNvIsV422R6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.184.0/22
31.57.200.0/24
31.57.208.0/22
31.57.217.0/24
31.58.180.0/24
31.58.184.0-31.58.207.255
31.58.209.0/24
31.59.37.0/24
31.59.90.0/23
31.59.140.0/22
31.59.148.0/22
31.59.160.0-31.59.164.255
31.59.176.0/21
94.183.152.0/24
94.183.238.0/23
217.60.16.0/21
217.60.28.0-217.60.35.255
217.60.52.0-217.60.59.255
217.60.68.0/22
217.60.76.0/22
217.60.108.0-217.60.115.255
217.60.124.0/22
217.60.152.0-217.60.183.255
217.60.188.0/22
217.60.242.0/24
IPv6:
2a14:6e40:1::/48
Signature Algorithm: sha256WithRSAEncryption
40:96:c1:11:43:4e:fb:56:16:21:98:03:8c:5c:ab:27:6f:35:
c5:ab:1c:1c:4b:6e:1c:7b:74:ee:64:ef:8e:e3:35:f9:b3:a2:
bb:8f:3b:7e:33:5f:a9:bc:c2:f8:71:a5:b7:f1:d1:4b:4c:7f:
58:e8:a4:82:6b:3b:1d:3a:56:5d:77:ad:c0:10:90:ef:bd:9a:
43:e8:5a:a9:e5:f0:19:e5:cf:ab:77:d3:f3:d8:ea:4d:7d:52:
5f:61:e6:55:2c:1e:aa:7c:51:d1:23:f8:36:6b:15:4b:c2:d2:
15:16:e9:fe:cf:2f:27:1b:47:25:97:9e:8b:c0:af:ab:f9:4c:
e8:26:af:b6:e8:90:88:05:35:f7:e1:48:a9:d8:f4:5c:3a:05:
b0:f1:6f:ed:eb:d2:9f:a5:99:dd:c3:95:3b:61:ac:66:32:6a:
03:cc:6b:03:a7:fb:b1:69:48:8a:3b:a1:a3:0f:c9:41:87:5e:
54:7f:29:8b:ba:dc:ee:68:b8:34:c3:0a:a4:10:bd:59:0b:80:
ed:5f:d9:66:28:8a:70:21:98:3c:63:0d:4f:0b:bd:35:65:29:
db:41:a7:21:3d:60:68:1e:69:dc:61:f7:a2:11:fc:60:35:96:
09:04:7c:0a:88:69:92:1d:29:ee:70:91:33:d7:c4:56:4b:9b:
22:f1:26:54
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgISAZ5l0kF98KFHcVmZKYLcAL/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTI2MTk0NTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTVhZmY4N2FjYTUxMGEzMDE5ODIxZGEzNmYyMmM1NzhkYjY0N2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugeEnAApr9bHVkSNoLMszTucCRDN
I68NErhJy/rAx9WG50sMVYomHJ0LGYh7M4vynSIHJJf+Kzw7E2BCV2CQOLylWDnI
oIHk73GyW6uvIafoOwJCIMzUr+0s4wO0NQGfNe4AsVE/ELD1Pj7XADL07n+fdJy5
2GDNsnFe6W7jXJGJDkdBj5vG3UQ4leaiAUzWYC+t6yvDVwP/HClOczqhTLgEYYmx
9VdKD/l8YJZ8LFqbnXNjZyPLa3jCGNENZpzDG1/R8o7nKK/iu8WsZgIGnqkVOVqO
Aw37n8vpkY3vNk+ghpVUE3POZshviPWILBiO7Gl0OQPjRFvckMUtycuLuQIDAQAB
o4IC3zCCAtswHQYDVR0OBBYEFDla/4espRCjAZgh2jbyLFeNtkeqMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvT1ZyX2g2eWxFS01CbUNIYU52SXNWNDIyUjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH0BggrBgEFBQcBBwEB/wSB5DCB4TCBzQQCAAEwgcYDBAIf
OLgDBAAfOcgDBAIfOdADBAAfOdkDBAAfOrQwDAMEAx86uAMEBB86wAMEAB860QME
AB87JQMEAR87WgMEAh87jAMEAh87lDAMAwQFHzugAwQAHzukAwQDHzuwAwQAXreY
AwQBXrfuAwQD2TwQMAwDBALZPBwDBALZPCAwDAMEAtk8NAMEAtk8OAMEAtk8RAME
Atk8TDAMAwQC2TxsAwQC2TxwAwQC2Tx8MAwDBAPZPJgDBAPZPLADBALZPLwDBADZ
PPIwDwQCAAIwCQMHACoUbkAAATANBgkqhkiG9w0BAQsFAAOCAQEAQJbBEUNO+1YW
IZgDjFyrJ281xascHEtuHHt07mTvjuM1+bOiu487fjNfqbzC+HGlt/HRS0x/WOik
gms7HTpWXXetwBCQ772aQ+haqeXwGeXPq3fT89jqTX1SX2HmVSweqnxR0SP4NmsV
S8LSFRbp/s8vJxtHJZeei8Cvq/lM6CavtuiQiAU19+FIqdj0XDoFsPFv7evSn6WZ
3cOVO2GsZjJqA8xrA6f7sWlIijuhow/JQYdeVH8pi7rc7mi4NMMKpBC9WQuA7V/Z
ZiiKcCGYPGMNTwu9NWUp20GnIT1gaB5p3GH3ohH8YDWWCQR8Cohpkh0p7nCRM9fE
VkubIvEmVA==
-----END CERTIFICATE-----
Generated at Wed May 27 15:55:17 2026 by rpki-client