Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TotiMlXPlqzGhIZ8Qc8UTr2R92A.roa
File: TotiMlXPlqzGhIZ8Qc8UTr2R92A.roa (raw, json)
Hash identifier: Vha8XJhg+CfqmOoRMtDnMTT0U7KovdC6iLz6v6qrdIo=
Subject key identifier: 4E:8B:62:32:55:CF:96:AC:C6:84:86:7C:41:CF:14:4E:BD:91:F7:60
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019CB82D62402F8E35633BF18EFFD0436332
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TotiMlXPlqzGhIZ8Qc8UTr2R92A.roa
Signing time: Wed 04 Mar 2026 09:28:27 +0000
ROA not before: Wed 04 Mar 2026 09:28:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214432
IP address blocks: 31.56.6.0/24 maxlen: 24
31.56.35.0/24 maxlen: 24
31.57.11.0/24 maxlen: 24
31.57.53.0/24 maxlen: 24
31.57.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b8:2d:62:40:2f:8e:35:63:3b:f1:8e:ff:d0:43:63:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 4 09:28:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e8b623255cf96acc684867c41cf144ebd91f760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d8:de:5d:98:28:99:f5:d9:b0:e6:f8:1e:23:
d2:98:64:84:5e:01:12:9a:6f:b0:0c:d2:9b:2d:01:
af:71:eb:26:05:73:70:71:df:a4:88:4a:c1:d3:72:
ae:d4:46:bd:e3:6f:6d:6d:fc:ee:2f:2e:51:62:71:
f8:09:74:35:6c:00:b6:ac:93:98:39:66:c5:e7:d4:
73:b4:d6:86:4d:16:58:a4:86:96:41:41:12:e2:52:
2d:0a:71:a4:17:ce:0a:5a:c4:cf:87:59:b1:7b:30:
5d:e4:c8:91:e1:71:d8:4f:82:d7:eb:20:ae:79:10:
b2:db:2a:2f:68:c2:90:95:e5:59:93:51:29:8e:8f:
45:8e:a6:a2:3c:2b:f8:a4:19:ce:c2:48:80:e7:06:
f4:4a:11:93:7b:57:c9:1d:01:d3:ec:78:0b:58:bb:
44:b1:df:2f:06:c0:70:bb:6c:e8:f5:7f:4d:4e:a9:
51:77:1e:70:8a:26:2e:ed:cb:da:92:3e:99:c1:4f:
fe:99:0c:3d:d0:f8:50:66:e9:19:5c:6d:62:f7:b1:
6f:ab:df:b1:60:b5:3f:f3:3b:01:4f:67:95:fd:de:
b5:84:9d:14:fa:cc:1b:ef:90:08:ae:40:1f:84:bc:
1c:7b:78:22:d1:44:da:7a:6e:04:47:d8:6e:e5:e2:
bc:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:8B:62:32:55:CF:96:AC:C6:84:86:7C:41:CF:14:4E:BD:91:F7:60
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TotiMlXPlqzGhIZ8Qc8UTr2R92A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.6.0/24
31.56.35.0/24
31.57.11.0/24
31.57.53.0/24
31.57.59.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:9f:0c:43:ec:41:ad:bd:f1:f4:1c:2e:16:c0:72:24:ff:af:
ac:f0:ca:db:19:e1:e2:fe:3d:ea:27:11:27:02:14:3d:f9:d0:
89:89:36:7c:05:c0:ff:f5:3e:b0:a0:c2:bb:ae:97:ff:d4:e6:
bc:32:c8:dd:77:9f:d6:ad:76:f7:2d:0e:24:f7:c5:ad:23:e1:
5a:c6:7c:9f:9c:d1:20:29:b0:b6:13:11:68:b9:fb:93:c6:73:
88:4b:45:c9:0f:85:d0:f2:0a:4f:e5:13:49:aa:81:6f:c8:c8:
5e:7d:9c:60:ea:0e:f9:a1:b7:81:eb:aa:17:9f:0f:bf:53:51:
3b:4e:34:5e:e3:fa:04:40:7e:65:22:de:13:0a:ba:06:c5:3f:
97:1f:af:0a:98:09:39:ae:c0:b7:a6:2f:9f:d4:8f:c2:4a:50:
e8:24:52:d5:40:e2:99:e9:5f:19:33:8c:34:35:4e:13:46:f9:
d7:21:1b:3b:fb:82:54:57:4c:d9:71:78:03:2a:7d:8e:22:4e:
54:34:85:94:13:40:7c:58:56:3f:37:94:2e:7a:19:29:e4:93:
55:96:46:10:e9:01:eb:19:23:8e:93:e5:65:3a:7e:10:4e:7d:
59:03:33:cb:7a:dd:78:ee:db:df:ef:6e:2e:71:69:ab:73:ea:
84:5d:b6:cb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZy4LWJAL441Yzvxjv/QQ2MyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMzA0MDkyODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZThiNjIzMjU1Y2Y5NmFjYzY4NDg2N2M0MWNmMTQ0ZWJkOTFmNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdjeXZgomfXZsOb4HiPSmGSEXgES
mm+wDNKbLQGvcesmBXNwcd+kiErB03Ku1Ea9429tbfzuLy5RYnH4CXQ1bAC2rJOY
OWbF59RztNaGTRZYpIaWQUES4lItCnGkF84KWsTPh1mxezBd5MiR4XHYT4LX6yCu
eRCy2yovaMKQleVZk1Epjo9FjqaiPCv4pBnOwkiA5wb0ShGTe1fJHQHT7HgLWLtE
sd8vBsBwu2zo9X9NTqlRdx5wiiYu7cvakj6ZwU/+mQw90PhQZukZXG1i97Fvq9+x
YLU/8zsBT2eV/d61hJ0U+swb75AIrkAfhLwce3gi0UTaem4ER9hu5eK8JwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE6LYjJVz5asxoSGfEHPFE69kfdgMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVG90aU1sWFBscXpHaElaOFFjOFVUcjJSOTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzgGAwQA
HzgjAwQAHzkLAwQAHzk1AwQAHzk7MA0GCSqGSIb3DQEBCwUAA4IBAQCPnwxD7EGt
vfH0HC4WwHIk/6+s8MrbGeHi/j3qJxEnAhQ9+dCJiTZ8BcD/9T6woMK7rpf/1Oa8
Msjdd5/WrXb3LQ4k98WtI+FaxnyfnNEgKbC2ExFoufuTxnOIS0XJD4XQ8gpP5RNJ
qoFvyMhefZxg6g75obeB66oXnw+/U1E7TjRe4/oEQH5lIt4TCroGxT+XH68KmAk5
rsC3pi+f1I/CSlDoJFLVQOKZ6V8ZM4w0NU4TRvnXIRs7+4JUV0zZcXgDKn2OIk5U
NIWUE0B8WFY/N5Quehkp5JNVlkYQ6QHrGSOOk+VlOn4QTn1ZAzPLet147tvf724u
cWmrc+qEXbbL
-----END CERTIFICATE-----
Generated at Thu Mar 12 07:58:36 2026 by rpki-client