Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OmxX7RtvL_9r2Wv4dzbQED0zqIg.roa
File: OmxX7RtvL_9r2Wv4dzbQED0zqIg.roa (raw, json)
Hash identifier: xHCGgA1TffMjBHgocVdCivy/Tg7wYrQzrdXvseWutVw=
Subject key identifier: 3A:6C:57:ED:1B:6F:2F:FF:6B:D9:6B:F8:77:36:D0:10:3D:33:A8:88
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019EFEF9B35CEC8F2D57B9C260D424EAA1FA
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OmxX7RtvL_9r2Wv4dzbQED0zqIg.roa
Signing time: Thu 25 Jun 2026 13:30:37 +0000
ROA not before: Thu 25 Jun 2026 13:30:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 399468
IP address blocks: 31.58.184.0/21 maxlen: 24
31.59.176.0/21 maxlen: 24
94.183.192.0/21 maxlen: 24
217.60.52.0/22 maxlen: 24
217.60.56.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jun 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:fe:f9:b3:5c:ec:8f:2d:57:b9:c2:60:d4:24:ea:a1:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 25 13:30:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3a6c57ed1b6f2fff6bd96bf87736d0103d33a888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d1:4a:2f:4d:cc:31:c8:83:80:d5:51:d6:76:
b7:24:58:04:0f:36:87:b4:2c:43:73:db:2c:8e:d8:
2e:d3:c8:69:3b:96:2b:27:0c:f8:a3:73:55:15:f8:
38:4a:e5:a0:76:e9:22:b5:c1:d8:4e:c1:49:fb:ee:
7d:ab:e6:a1:b4:56:00:2d:4d:8f:54:0c:98:7c:50:
f5:9d:b1:78:e0:3a:78:0f:cc:98:df:ad:d0:b7:39:
68:b9:13:7b:fe:36:d7:94:fd:38:4a:b5:d5:02:2b:
df:f2:76:d7:fe:42:93:03:9c:c7:5d:9e:ce:fe:32:
7b:5b:8e:dd:e5:7e:52:1c:39:e6:1c:26:71:85:62:
0e:98:42:c2:f3:8f:72:ad:9a:c3:db:ac:76:96:37:
b3:cc:d3:71:7c:58:0c:c0:10:46:b0:59:74:ee:1a:
d1:dc:af:7e:16:86:c3:16:35:b7:df:9a:50:6b:13:
a9:39:bd:6a:3b:98:db:63:47:65:3d:37:fc:8e:e0:
41:0c:57:0d:ce:3f:33:e2:57:0f:1a:c4:0b:f8:e3:
3b:b6:95:dc:48:f0:af:73:81:76:ff:58:4f:3e:9c:
58:af:82:c3:bf:13:ad:57:eb:26:d3:8b:90:28:a8:
ad:9c:25:62:cc:ef:b0:71:41:15:0d:6b:10:86:2f:
5a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6C:57:ED:1B:6F:2F:FF:6B:D9:6B:F8:77:36:D0:10:3D:33:A8:88
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OmxX7RtvL_9r2Wv4dzbQED0zqIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.184.0/21
31.59.176.0/21
94.183.192.0/21
217.60.52.0-217.60.59.255
Signature Algorithm: sha256WithRSAEncryption
2b:c1:1c:49:fc:c6:3b:4b:78:16:26:82:52:29:d1:40:20:17:
fe:5a:55:9d:6e:cc:96:f6:75:12:02:be:59:12:02:e9:fb:32:
e0:71:e9:e6:5d:55:4d:9e:21:4d:7a:36:f8:53:ec:4c:c2:21:
6c:b9:fe:fe:a4:f5:30:7e:de:72:a1:40:b7:ca:ff:ae:cf:a3:
01:b4:bd:a7:ce:93:81:08:45:aa:a0:58:2f:b3:e2:e4:1f:8d:
25:c0:d1:05:14:5a:7a:fa:2c:e1:26:8c:ea:32:dd:9b:79:7c:
f7:db:9b:53:8a:fb:e6:5d:d4:81:5f:20:b2:d2:59:87:21:a3:
8c:25:42:10:34:a8:bb:4f:c1:11:39:23:32:25:dc:86:02:ac:
dc:3a:bf:b8:07:54:8c:63:9d:83:d9:fe:da:40:0f:6c:7f:92:
fd:7d:0a:c6:cf:32:8a:c4:9d:a7:73:c7:5d:47:be:ea:16:1f:
28:bb:85:16:89:88:de:12:94:93:33:ed:01:6c:65:3a:55:ae:
10:32:e4:ec:a0:7d:2e:c8:0f:38:be:8b:97:16:24:ea:ce:b4:
fe:16:48:2f:eb:86:04:95:f0:50:37:f6:b8:eb:46:95:24:77:
87:6c:20:97:05:84:6f:3f:2e:10:5b:90:58:1d:60:b4:71:f2:
09:c3:c6:fe
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ7++bNc7I8tV7nCYNQk6qH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjI1MTMzMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZjNTdlZDFiNmYyZmZmNmJkOTZiZjg3NzM2ZDAxMDNkMzNhODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9FKL03MMciDgNVR1na3JFgEDzaH
tCxDc9ssjtgu08hpO5YrJwz4o3NVFfg4SuWgdukitcHYTsFJ++59q+ahtFYALU2P
VAyYfFD1nbF44Dp4D8yY363QtzlouRN7/jbXlP04SrXVAivf8nbX/kKTA5zHXZ7O
/jJ7W47d5X5SHDnmHCZxhWIOmELC849yrZrD26x2ljezzNNxfFgMwBBGsFl07hrR
3K9+FobDFjW335pQaxOpOb1qO5jbY0dlPTf8juBBDFcNzj8z4lcPGsQL+OM7tpXc
SPCvc4F2/1hPPpxYr4LDvxOtV+sm04uQKKitnCVizO+wcUEVDWsQhi9aqwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDpsV+0bby//a9lr+Hc20BA9M6iIMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvT214WDdSdHZMXzlyMld2NGR6YlFFRDB6cUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDHzq4AwQD
HzuwAwQDXrfAMAwDBALZPDQDBALZPDgwDQYJKoZIhvcNAQELBQADggEBACvBHEn8
xjtLeBYmglIp0UAgF/5aVZ1uzJb2dRICvlkSAun7MuBx6eZdVU2eIU16NvhT7EzC
IWy5/v6k9TB+3nKhQLfK/67PowG0vafOk4EIRaqgWC+z4uQfjSXA0QUUWnr6LOEm
jOoy3Zt5fPfbm1OK++Zd1IFfILLSWYcho4wlQhA0qLtPwRE5IzIl3IYCrNw6v7gH
VIxjnYPZ/tpAD2x/kv19CsbPMorEnadzx11HvuoWHyi7hRaJiN4SlJMz7QFsZTpV
rhAy5OygfS7IDzi+i5cWJOrOtP4WSC/rhgSV8FA39rjrRpUkd4dsIJcFhG8/LhBb
kFgdYLRx8gnDxv4=
-----END CERTIFICATE-----
Generated at Fri Jun 26 17:05:42 2026 by rpki-client