Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TBaGr_UeyMOglqq5cq2JwFgppUk.roa
File: TBaGr_UeyMOglqq5cq2JwFgppUk.roa (raw, json)
Hash identifier: q5lTHe9GVTZrJUA/rk416au3D/2hK9NdulXq8rGAidc=
Subject key identifier: 4C:16:86:AF:F5:1E:C8:C3:A0:96:AA:B9:72:AD:89:C0:58:29:A5:49
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019D338A5E6E2EC2410B1E1755F264FAEB97
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TBaGr_UeyMOglqq5cq2JwFgppUk.roa
Signing time: Sat 28 Mar 2026 08:23:19 +0000
ROA not before: Sat 28 Mar 2026 08:23:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 31.56.182.0/23 maxlen: 23
31.56.184.0/22 maxlen: 24
31.56.188.0/23 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.208.0/22 maxlen: 22
31.57.251.0/24 maxlen: 24
31.58.92.0/22 maxlen: 24
31.58.92.0/23 maxlen: 23
31.58.180.0/24 maxlen: 24
31.58.184.0/21 maxlen: 24
31.58.192.0/21 maxlen: 24
31.58.204.0/22 maxlen: 24
31.58.208.0/23 maxlen: 24
31.58.232.0/23 maxlen: 24
31.58.239.0/24 maxlen: 24
31.59.36.0/24 maxlen: 24
31.59.44.0/22 maxlen: 24
31.59.84.0/22 maxlen: 24
31.59.90.0/23 maxlen: 24
31.59.92.0/22 maxlen: 24
31.59.140.0/22 maxlen: 24
31.59.148.0/22 maxlen: 24
31.59.152.0/21 maxlen: 24
94.183.159.0/24 maxlen: 24
94.183.170.0/24 maxlen: 24
94.183.242.0/24 maxlen: 24
217.60.8.0/22 maxlen: 24
217.60.14.0/24 maxlen: 24
217.60.15.0/24 maxlen: 24
217.60.16.0/21 maxlen: 24
217.60.24.0/24 maxlen: 24
217.60.25.0/24 maxlen: 24
217.60.28.0/22 maxlen: 24
217.60.32.0/22 maxlen: 24
217.60.52.0/22 maxlen: 24
217.60.56.0/22 maxlen: 24
217.60.160.0/20 maxlen: 24
217.60.176.0/21 maxlen: 24
217.60.188.0/22 maxlen: 24
217.60.192.0/24 maxlen: 24
217.60.193.0/24 maxlen: 24
217.60.195.0/24 maxlen: 24
217.60.198.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 08:23:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:8a:5e:6e:2e:c2:41:0b:1e:17:55:f2:64:fa:eb:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 28 08:23:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4c1686aff51ec8c3a096aab972ad89c05829a549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6d:f2:86:c4:a0:c8:1e:1e:3f:80:30:a4:4d:
23:44:bb:83:9c:62:be:20:a1:d6:53:21:56:af:52:
a4:44:73:e6:29:3e:9a:e6:e8:81:69:cb:40:08:ec:
ac:0e:41:50:32:55:a9:4f:64:da:15:5c:95:55:ad:
b1:09:94:80:01:e8:ee:a7:aa:e0:e7:40:2e:02:d1:
74:25:1d:90:f6:bc:21:d6:65:6d:e1:3c:e9:03:f8:
9b:49:cf:94:13:57:40:ee:a5:31:c7:19:ff:42:40:
cb:30:86:97:b8:60:26:bb:f3:cf:78:28:37:c2:6e:
b6:a9:f9:40:da:e6:2d:15:17:bb:22:3e:b7:f4:8c:
9e:da:94:04:78:df:66:6f:35:6d:91:94:b4:cd:a5:
55:e9:06:43:69:b4:85:af:04:5d:b9:d1:c0:06:72:
b8:cf:e5:4b:ad:90:6f:5b:91:bf:c5:10:4c:63:c8:
82:3a:98:30:36:e9:c6:a3:14:80:31:2e:39:11:b0:
c6:6f:82:c0:79:4c:70:c7:da:2a:f2:db:8a:79:a1:
11:a7:ab:94:39:b1:6c:6d:39:0e:42:67:09:6b:16:
5c:26:09:5f:33:16:29:e5:72:43:b0:08:0b:a1:f2:
46:61:78:d5:82:34:11:24:bd:73:5d:dd:f6:fa:03:
69:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:16:86:AF:F5:1E:C8:C3:A0:96:AA:B9:72:AD:89:C0:58:29:A5:49
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TBaGr_UeyMOglqq5cq2JwFgppUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.182.0-31.56.189.255
31.57.200.0/24
31.57.208.0/22
31.57.251.0/24
31.58.92.0/22
31.58.180.0/24
31.58.184.0-31.58.199.255
31.58.204.0-31.58.209.255
31.58.232.0/23
31.58.239.0/24
31.59.36.0/24
31.59.44.0/22
31.59.84.0/22
31.59.90.0-31.59.95.255
31.59.140.0/22
31.59.148.0-31.59.159.255
94.183.159.0/24
94.183.170.0/24
94.183.242.0/24
217.60.8.0/22
217.60.14.0-217.60.25.255
217.60.28.0-217.60.35.255
217.60.52.0-217.60.59.255
217.60.160.0-217.60.183.255
217.60.188.0-217.60.193.255
217.60.195.0/24
217.60.198.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:9a:b6:26:68:d2:4c:c0:58:e3:ba:c8:64:30:c6:1b:14:1c:
e3:73:1c:8b:db:c4:2c:a2:15:26:d4:ec:b9:9c:6c:7e:3a:5b:
f6:96:cd:7f:f5:93:d8:3d:18:a2:cd:4e:e9:e5:a7:2b:5e:2e:
c7:6b:57:7b:84:df:0e:10:b7:cb:c5:06:e2:b3:b1:b2:1d:7b:
29:6e:fb:73:c1:44:c8:65:aa:0c:0c:5e:90:ae:b4:4c:2e:8b:
11:28:64:df:52:5d:57:e1:cd:ce:e1:9d:06:9c:6c:d5:3e:28:
43:94:f8:58:a9:9e:97:d7:2e:9d:bb:c0:5a:45:1d:68:44:69:
c2:46:07:e2:5d:b0:6c:82:1b:08:98:43:ba:d3:4e:fe:21:13:
94:1a:cf:cc:b0:93:1b:9c:10:d1:d6:f5:7b:64:66:77:58:51:
c2:a4:8e:7e:09:a9:e8:f1:e2:ea:32:43:01:7a:69:38:f0:2c:
98:de:d3:17:c3:d0:29:3d:74:d8:6d:a4:6f:94:8a:f5:bb:9b:
5b:f1:83:1c:ad:25:69:c4:35:a4:ec:96:e2:a9:ec:5a:e8:04:
6f:76:6b:67:7a:a4:19:f9:98:d7:e4:e9:c1:dd:0d:42:72:b7:
3e:fa:97:2f:76:c9:2f:cc:70:e8:32:86:c2:90:65:be:1f:23:
be:f0:28:36
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAZ0zil5uLsJBCx4XVfJk+uuXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMzI4MDgyMzE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzE2ODZhZmY1MWVjOGMzYTA5NmFhYjk3MmFkODljMDU4MjlhNTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG3yhsSgyB4eP4AwpE0jRLuDnGK+
IKHWUyFWr1KkRHPmKT6a5uiBactACOysDkFQMlWpT2TaFVyVVa2xCZSAAejup6rg
50AuAtF0JR2Q9rwh1mVt4TzpA/ibSc+UE1dA7qUxxxn/QkDLMIaXuGAmu/PPeCg3
wm62qflA2uYtFRe7Ij639Iye2pQEeN9mbzVtkZS0zaVV6QZDabSFrwRdudHABnK4
z+VLrZBvW5G/xRBMY8iCOpgwNunGoxSAMS45EbDGb4LAeUxwx9oq8tuKeaERp6uU
ObFsbTkOQmcJaxZcJglfMxYp5XJDsAgLofJGYXjVgjQRJL1zXd32+gNpewIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFEwWhq/1HsjDoJaquXKticBYKaVJMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVEJhR3JfVWV5TU9nbHFxNWNxMkp3RmdwcFVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwgfkEAgABMIHyMAwD
BAEfOLYDBAEfOLwDBAAfOcgDBAIfOdADBAAfOfsDBAIfOlwDBAAfOrQwDAMEAx86
uAMEAx86wDAMAwQCHzrMAwQBHzrQAwQBHzroAwQAHzrvAwQAHzskAwQCHzssAwQC
HztUMAwDBAEfO1oDBAUfO0ADBAIfO4wwDAMEAh87lAMEBR87gAMEAF63nwMEAF63
qgMEAF638gMEAtk8CDAMAwQB2TwOAwQB2TwYMAwDBALZPBwDBALZPCAwDAMEAtk8
NAMEAtk8ODAMAwQF2TygAwQD2TywMAwDBALZPLwDBAHZPMADBADZPMMDBAHZPMYw
DQYJKoZIhvcNAQELBQADggEBALWatiZo0kzAWOO6yGQwxhsUHONzHIvbxCyiFSbU
7LmcbH46W/aWzX/1k9g9GKLNTunlpyteLsdrV3uE3w4Qt8vFBuKzsbIdeylu+3PB
RMhlqgwMXpCutEwuixEoZN9SXVfhzc7hnQacbNU+KEOU+FipnpfXLp27wFpFHWhE
acJGB+JdsGyCGwiYQ7rTTv4hE5Qaz8ywkxucENHW9XtkZndYUcKkjn4Jqejx4uoy
QwF6aTjwLJje0xfD0Ck9dNhtpG+UivW7m1vxgxytJWnENaTsluKp7FroBG92a2d6
pBn5mNfk6cHdDUJytz76ly92yS/McOgyhsKQZb4fI77wKDY=
-----END CERTIFICATE-----
Generated at Sat Mar 28 17:01:40 2026 by rpki-client