Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/USDx0YalpdyKzz9Tccgj7MdEa6E.roa
File: USDx0YalpdyKzz9Tccgj7MdEa6E.roa (raw, json)
Hash identifier: DtO4EPHUmQXLHtndRSgq2sFywxfuDghiCgmefGaGPlI=
Subject key identifier: 51:20:F1:D1:86:A5:A5:DC:8A:CF:3F:53:71:C8:23:EC:C7:44:6B:A1
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E2A1374F0E341B976F32863269822BA77
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/USDx0YalpdyKzz9Tccgj7MdEa6E.roa
Signing time: Fri 15 May 2026 05:19:38 +0000
ROA not before: Fri 15 May 2026 05:19:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208185
IP address blocks: 31.58.239.0/24 maxlen: 24
94.183.242.0/24 maxlen: 24
94.183.243.0/24 maxlen: 24
94.183.244.0/24 maxlen: 24
94.183.245.0/24 maxlen: 24
94.183.246.0/24 maxlen: 24
94.183.247.0/24 maxlen: 24
94.183.248.0/22 maxlen: 24
94.183.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2a:13:74:f0:e3:41:b9:76:f3:28:63:26:98:22:ba:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 15 05:19:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5120f1d186a5a5dc8acf3f5371c823ecc7446ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e2:f4:1e:ff:30:a8:ec:45:c9:ca:c5:04:cb:
1e:df:ac:07:3f:ea:d0:79:82:37:f8:f1:f2:b8:26:
96:81:b1:82:1c:ea:0c:0f:16:d6:83:ef:cc:d4:c9:
ca:52:83:7e:70:d9:ec:43:61:fb:85:08:c9:71:72:
bb:b1:f1:ed:79:be:1a:54:b5:89:0d:34:f2:1d:5a:
8d:3d:ec:19:2e:ae:9b:3f:3c:87:06:b0:a8:05:11:
4e:48:cd:97:8b:81:c1:c0:b6:50:ff:5d:20:ae:db:
04:fd:88:55:7e:b8:70:72:ab:c4:fb:11:2d:2a:68:
a7:9b:89:34:41:a8:3d:09:f9:95:77:9d:af:76:e8:
d3:da:d2:88:ec:29:67:bc:87:8d:d5:c9:6f:f0:7c:
16:c4:9f:2f:e1:70:82:73:a0:bc:7c:46:95:58:ac:
bd:58:e2:c8:2d:90:98:e0:40:61:09:3e:60:ea:73:
b2:b8:58:7f:4f:e3:46:7c:19:96:d0:60:c1:fb:67:
16:33:0f:94:6a:f5:a6:cd:e4:fe:ee:20:61:b9:bd:
3a:b9:68:e3:58:52:b4:06:22:b4:7e:44:53:39:e3:
ff:41:8d:0e:f2:b9:da:59:1c:3e:29:bc:3d:46:ce:
0f:80:e9:d6:0d:8b:a5:f6:2a:f3:70:a9:1b:8a:b9:
b0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:20:F1:D1:86:A5:A5:DC:8A:CF:3F:53:71:C8:23:EC:C7:44:6B:A1
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/USDx0YalpdyKzz9Tccgj7MdEa6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.239.0/24
94.183.242.0-94.183.251.255
94.183.254.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:ee:72:83:7c:c4:44:fd:5c:86:b6:2c:6a:92:5c:db:65:71:
1b:4c:ae:45:99:81:e3:f3:0d:bc:db:c2:2c:2e:5f:bf:dd:9c:
85:ff:1a:ac:f4:be:f1:d6:28:ad:d5:e3:e6:ca:7b:22:f9:02:
fa:a3:c1:8e:9d:cf:02:b8:39:cb:a2:e7:ed:ef:76:b2:dd:18:
f6:d1:bc:ab:96:36:a8:8b:ca:75:b5:93:99:57:29:e1:4a:84:
7d:b1:15:51:ad:57:46:72:47:37:5e:03:dd:0c:00:8d:29:3c:
23:ff:95:9d:4b:ac:ac:8a:98:00:71:45:92:5e:fa:30:c2:3e:
d3:56:11:f2:65:81:00:22:b9:bc:ac:fa:c3:05:2d:53:18:a0:
23:38:72:d9:eb:a6:54:6e:ce:c9:f0:6f:5e:39:12:03:f7:b1:
16:4c:43:91:70:1b:2f:75:59:92:49:a3:f6:a5:97:c3:74:97:
61:15:9a:9f:9a:74:dd:fa:fd:7d:18:55:ad:af:fa:65:e9:2e:
61:83:fb:b8:be:69:37:b8:e4:ae:6e:25:cf:c0:0e:0b:ce:43:
d9:14:3b:c1:bc:c5:b1:a9:8c:ca:e2:be:59:4d:7b:65:5d:8f:
b1:0c:83:b2:26:21:20:9c:6f:a1:d5:81:5a:be:e4:64:3d:1d:
35:b3:a6:b5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ4qE3Tw40G5dvMoYyaYIrp3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTE1MDUxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTIwZjFkMTg2YTVhNWRjOGFjZjNmNTM3MWM4MjNlY2M3NDQ2YmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweL0Hv8wqOxFycrFBMse36wHP+rQ
eYI3+PHyuCaWgbGCHOoMDxbWg+/M1MnKUoN+cNnsQ2H7hQjJcXK7sfHteb4aVLWJ
DTTyHVqNPewZLq6bPzyHBrCoBRFOSM2Xi4HBwLZQ/10grtsE/YhVfrhwcqvE+xEt
Kminm4k0Qag9CfmVd52vdujT2tKI7ClnvIeN1clv8HwWxJ8v4XCCc6C8fEaVWKy9
WOLILZCY4EBhCT5g6nOyuFh/T+NGfBmW0GDB+2cWMw+UavWmzeT+7iBhub06uWjj
WFK0BiK0fkRTOeP/QY0O8rnaWRw+Kbw9Rs4PgOnWDYul9irzcKkbirmwCwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFEg8dGGpaXcis8/U3HII+zHRGuhMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVVNEeDBZYWxwZHlLeno5VGNjZ2o3TWRFYTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAHzrvMAwD
BAFet/IDBAJet/gDBABet/4wDQYJKoZIhvcNAQELBQADggEBAB3ucoN8xET9XIa2
LGqSXNtlcRtMrkWZgePzDbzbwiwuX7/dnIX/Gqz0vvHWKK3V4+bKeyL5AvqjwY6d
zwK4Ocui5+3vdrLdGPbRvKuWNqiLynW1k5lXKeFKhH2xFVGtV0ZyRzdeA90MAI0p
PCP/lZ1LrKyKmABxRZJe+jDCPtNWEfJlgQAiubys+sMFLVMYoCM4ctnrplRuzsnw
b145EgP3sRZMQ5FwGy91WZJJo/all8N0l2EVmp+adN36/X0YVa2v+mXpLmGD+7i+
aTe45K5uJc/ADgvOQ9kUO8G8xbGpjMrivllNe2Vdj7EMg7ImISCcb6HVgVq+5GQ9
HTWzprU=
-----END CERTIFICATE-----
Generated at Wed May 27 15:56:31 2026 by rpki-client