Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Pb2472F8ivW7hcmwB3j-OIzdTNc.roa
File: Pb2472F8ivW7hcmwB3j-OIzdTNc.roa (raw, json)
Hash identifier: xipOX4AFmbyCQmNV8QavhWl1t6oHjMn73W4C7OXJ8y4=
Subject key identifier: 3D:BD:B8:EF:61:7C:8A:F5:BB:85:C9:B0:07:78:FE:38:8C:DD:4C:D7
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019EFF63E73E68BF01FF42B3D6F8C1D34C6C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Pb2472F8ivW7hcmwB3j-OIzdTNc.roa
Signing time: Thu 25 Jun 2026 15:26:37 +0000
ROA not before: Thu 25 Jun 2026 15:26:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25369
IP address blocks: 31.57.132.0/24 maxlen: 24
31.57.238.0/24 maxlen: 24
31.58.39.0/24 maxlen: 24
31.58.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jun 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ff:63:e7:3e:68:bf:01:ff:42:b3:d6:f8:c1:d3:4c:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 25 15:26:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3dbdb8ef617c8af5bb85c9b00778fe388cdd4cd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:93:dc:73:f3:36:db:b3:4e:98:96:b9:b9:07:
78:94:46:1c:2e:3c:63:c9:24:bc:94:fd:e5:2c:34:
7c:87:06:cc:a1:20:29:b4:3b:2e:6f:5a:4c:92:c2:
d3:03:4b:5c:ea:a3:81:3d:40:3c:02:b8:d4:cf:44:
05:b3:fc:ec:da:23:f9:b1:53:7e:64:8c:76:3c:5e:
32:6f:1b:c5:c0:8f:7e:ec:8c:33:b4:53:2b:2e:a5:
c0:75:93:71:a8:8f:35:60:ab:07:f7:f2:00:c7:c7:
0a:35:43:5d:93:bc:c8:d5:d4:a9:84:67:9d:4e:a6:
b3:15:bf:13:d9:0e:0a:3c:ba:0b:21:16:ef:b2:a9:
2b:bb:d9:26:a5:b0:5e:58:e9:ed:6e:b5:5c:69:f5:
e6:93:81:1a:2f:62:de:f7:e5:58:87:a6:7d:2c:29:
99:4b:e3:dd:38:4a:a4:98:af:d1:eb:78:2c:71:20:
8c:35:9e:ed:eb:a4:05:74:00:d8:4b:f6:30:a9:7f:
d7:dd:4f:c0:53:be:1b:d1:f1:c0:32:c3:ae:93:5b:
cb:be:f7:93:f7:44:be:90:90:dc:af:ff:b7:d9:9b:
eb:95:cc:f5:ba:cb:39:11:d9:e5:6b:5f:5b:81:64:
54:62:30:83:5c:16:5f:59:ea:aa:95:55:69:21:1d:
a9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:BD:B8:EF:61:7C:8A:F5:BB:85:C9:B0:07:78:FE:38:8C:DD:4C:D7
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Pb2472F8ivW7hcmwB3j-OIzdTNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.132.0/24
31.57.238.0/24
31.58.39.0/24
31.58.60.0/22
Signature Algorithm: sha256WithRSAEncryption
51:86:53:de:bd:a6:f6:1e:8e:30:ac:e2:ec:4c:dd:4a:b9:40:
75:13:29:dd:1c:5c:ce:3a:05:c4:7a:d0:80:83:49:96:35:3d:
86:d6:5d:0b:89:f7:ae:fd:98:70:ac:a9:14:70:45:6e:2d:a0:
f9:3d:44:c4:c4:e5:79:44:13:6a:31:80:fa:5d:86:80:39:f9:
48:89:e4:0e:6d:29:54:3c:1b:a2:98:7a:11:ef:a1:2a:44:fc:
d4:64:a3:84:3d:4d:2d:93:b0:f0:2c:bc:60:f9:68:6f:89:d6:
7c:f6:d4:5c:c9:18:09:83:ae:87:b0:19:72:af:6a:cb:2e:32:
a3:c7:93:c8:a2:97:81:5a:89:ef:4e:27:43:60:5a:8d:f8:ef:
ba:f9:25:6f:bf:02:fe:0d:b8:08:5a:b4:b5:b2:15:f8:8d:98:
73:6b:9c:99:06:5f:6e:22:39:a3:2a:c7:1e:7d:b0:3d:91:a2:
8d:bd:aa:7d:30:70:ce:7d:58:5b:a7:f9:05:92:7a:30:3d:c7:
45:ce:8e:01:3a:47:7d:32:58:60:4c:73:c6:9d:26:ef:4d:38:
8c:a8:0f:49:d6:17:72:e1:4a:42:7a:45:e4:52:4a:c8:c8:33:
bc:44:ae:52:cd:62:ff:9e:11:9b:2b:f0:2b:cc:6b:8e:ca:e3:
77:bf:5f:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ7/Y+c+aL8B/0Kz1vjB00xsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjI1MTUyNjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGJkYjhlZjYxN2M4YWY1YmI4NWM5YjAwNzc4ZmUzODhjZGQ0Y2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZPcc/M227NOmJa5uQd4lEYcLjxj
ySS8lP3lLDR8hwbMoSAptDsub1pMksLTA0tc6qOBPUA8ArjUz0QFs/zs2iP5sVN+
ZIx2PF4ybxvFwI9+7IwztFMrLqXAdZNxqI81YKsH9/IAx8cKNUNdk7zI1dSphGed
TqazFb8T2Q4KPLoLIRbvsqkru9kmpbBeWOntbrVcafXmk4EaL2Le9+VYh6Z9LCmZ
S+PdOEqkmK/R63gscSCMNZ7t66QFdADYS/YwqX/X3U/AU74b0fHAMsOuk1vLvveT
90S+kJDcr/+32Zvrlcz1uss5Ednla19bgWRUYjCDXBZfWeqqlVVpIR2pBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD29uO9hfIr1u4XJsAd4/jiM3UzXMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUGIyNDcyRjhpdlc3aGNtd0Izai1PSXpkVE5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzmEAwQA
HznuAwQAHzonAwQCHzo8MA0GCSqGSIb3DQEBCwUAA4IBAQBRhlPevab2Ho4wrOLs
TN1KuUB1EyndHFzOOgXEetCAg0mWNT2G1l0Lifeu/ZhwrKkUcEVuLaD5PUTExOV5
RBNqMYD6XYaAOflIieQObSlUPBuimHoR76EqRPzUZKOEPU0tk7DwLLxg+WhvidZ8
9tRcyRgJg66HsBlyr2rLLjKjx5PIopeBWonvTidDYFqN+O+6+SVvvwL+DbgIWrS1
shX4jZhza5yZBl9uIjmjKscefbA9kaKNvap9MHDOfVhbp/kFknowPcdFzo4BOkd9
MlhgTHPGnSbvTTiMqA9J1hdy4UpCekXkUkrIyDO8RK5SzWL/nhGbK/ArzGuOyuN3
v1+6
-----END CERTIFICATE-----
Generated at Fri Jun 26 17:03:13 2026 by rpki-client