Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_OMQNkslkUX-i2nhj2qaZV52D0E.roa
File: _OMQNkslkUX-i2nhj2qaZV52D0E.roa (raw, json)
Hash identifier: Lz0Czay8SI0Ra810JiXCAwmlIkitbTU6DI43T06RczM=
Subject key identifier: FC:E3:10:36:4B:25:91:45:FE:8B:69:E1:8F:6A:9A:65:5E:76:0F:41
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E4F2213077D5D257D06CB5F039910A2D5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_OMQNkslkUX-i2nhj2qaZV52D0E.roa
Signing time: Fri 22 May 2026 10:01:33 +0000
ROA not before: Fri 22 May 2026 10:01:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397423
IP address blocks: 31.56.140.0/24 maxlen: 24
31.56.147.0/24 maxlen: 24
31.56.182.0/24 maxlen: 24
31.56.183.0/24 maxlen: 24
31.57.78.0/24 maxlen: 24
31.57.79.0/24 maxlen: 24
31.57.80.0/24 maxlen: 24
31.57.81.0/24 maxlen: 24
31.57.85.0/24 maxlen: 24
31.57.86.0/24 maxlen: 24
31.57.87.0/24 maxlen: 24
31.57.203.0/24 maxlen: 24
31.58.10.0/24 maxlen: 24
31.58.16.0/24 maxlen: 24
31.58.19.0/24 maxlen: 24
31.58.20.0/24 maxlen: 24
31.58.21.0/24 maxlen: 24
31.58.26.0/24 maxlen: 24
31.58.29.0/24 maxlen: 24
31.58.30.0/24 maxlen: 24
31.58.167.0/24 maxlen: 24
31.58.212.0/24 maxlen: 24
31.59.13.0/24 maxlen: 24
31.59.18.0/24 maxlen: 24
31.59.24.0/24 maxlen: 24
94.183.255.0/24 maxlen: 24
217.60.13.0/24 maxlen: 24
217.60.198.0/24 maxlen: 24
217.60.237.0/24 maxlen: 24
217.60.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 May 2026 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:22:13:07:7d:5d:25:7d:06:cb:5f:03:99:10:a2:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 22 10:01:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fce310364b259145fe8b69e18f6a9a655e760f41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:34:c0:23:3f:c6:70:b2:5b:ab:36:58:b8:10:
7c:e4:f8:db:7f:09:10:a4:9b:da:cf:d7:7c:3f:82:
f2:ff:d3:75:1a:82:b0:d7:77:fc:35:55:69:14:d8:
25:6f:48:56:c0:54:a0:fa:90:96:6c:f6:0c:30:35:
34:f8:a0:a5:a4:1b:f7:5c:11:1b:a1:83:d0:39:06:
5b:15:43:ab:e2:e0:4e:81:00:06:f1:0c:57:b1:3b:
53:dd:4f:46:3a:0e:69:72:8d:53:b1:f3:bd:89:eb:
85:a1:bd:c9:a6:bb:e3:e1:8c:f5:42:d6:45:94:61:
78:27:e7:de:e8:04:5c:e6:5e:d1:12:2e:23:a3:77:
d1:3a:98:3e:a6:28:f7:ee:c3:6e:e8:a3:c8:df:82:
de:79:16:0b:df:cf:51:2a:5b:87:bd:fe:45:8e:77:
1a:19:fa:ec:6b:50:73:f0:c9:e3:f1:90:f8:97:91:
69:cc:2f:da:db:cd:fc:ac:ee:84:7a:6e:d7:bc:31:
86:8c:2a:5e:a4:05:27:f9:0e:3e:9c:74:8f:f0:5d:
81:66:70:64:91:67:9b:48:73:33:45:0b:89:f6:ff:
65:38:b2:d8:42:7d:c9:3a:11:12:f9:9f:c5:52:03:
c3:2d:15:0a:b3:cd:97:3d:5b:1f:91:f5:f9:9f:66:
0a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E3:10:36:4B:25:91:45:FE:8B:69:E1:8F:6A:9A:65:5E:76:0F:41
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_OMQNkslkUX-i2nhj2qaZV52D0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.140.0/24
31.56.147.0/24
31.56.182.0/23
31.57.78.0-31.57.81.255
31.57.85.0-31.57.87.255
31.57.203.0/24
31.58.10.0/24
31.58.16.0/24
31.58.19.0-31.58.21.255
31.58.26.0/24
31.58.29.0-31.58.30.255
31.58.167.0/24
31.58.212.0/24
31.59.13.0/24
31.59.18.0/24
31.59.24.0/24
94.183.255.0/24
217.60.13.0/24
217.60.198.0/24
217.60.237.0/24
217.60.240.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:3f:c3:f5:53:f1:5a:31:12:da:06:3d:9b:89:df:04:2f:db:
65:01:ed:28:e5:58:a3:81:df:c5:88:77:30:fd:76:7f:22:67:
9d:01:77:bb:97:d8:e2:c4:61:86:8e:d4:d8:ee:e3:f6:20:c5:
b0:34:c1:4a:f6:15:ac:31:fc:ce:67:a8:d3:36:36:d7:42:ee:
6a:83:f0:10:95:0e:a6:27:1e:8f:cf:63:77:7e:84:51:f7:d1:
c9:b9:a8:c4:e9:71:f2:e6:42:44:44:8a:b2:fa:5e:3e:66:5f:
08:26:ad:d4:c3:62:a4:21:a4:e1:98:64:7c:42:b7:9b:ef:a6:
37:9a:cb:29:75:67:a9:5d:5f:26:92:ea:e2:02:6a:2e:67:40:
b3:51:32:22:03:91:d5:8e:30:7c:0f:58:e2:7a:f0:1a:08:d3:
5f:71:b8:e9:a6:95:81:d0:17:b4:c4:65:e7:dd:97:48:b3:ed:
cc:46:28:4c:ad:d9:95:23:cc:5e:1a:f4:b0:37:20:69:85:35:
9c:97:29:cf:9d:ba:45:b0:99:ae:7d:3c:26:82:15:f1:da:44:
93:e6:b7:32:68:e9:6c:76:cd:8f:06:27:8f:26:1a:aa:f7:ab:
b2:ef:38:52:46:43:09:ec:c6:8f:77:ad:78:f8:be:4b:4a:08:
4c:d6:02:7f
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZ5PIhMHfV0lfQbLXwOZEKLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTIyMTAwMTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2UzMTAzNjRiMjU5MTQ1ZmU4YjY5ZTE4ZjZhOWE2NTVlNzYwZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDTAIz/GcLJbqzZYuBB85PjbfwkQ
pJvaz9d8P4Ly/9N1GoKw13f8NVVpFNglb0hWwFSg+pCWbPYMMDU0+KClpBv3XBEb
oYPQOQZbFUOr4uBOgQAG8QxXsTtT3U9GOg5pco1TsfO9ieuFob3Jprvj4Yz1QtZF
lGF4J+fe6ARc5l7REi4jo3fROpg+pij37sNu6KPI34LeeRYL389RKluHvf5Fjnca
Gfrsa1Bz8Mnj8ZD4l5FpzC/a2838rO6Eem7XvDGGjCpepAUn+Q4+nHSP8F2BZnBk
kWebSHMzRQuJ9v9lOLLYQn3JOhES+Z/FUgPDLRUKs82XPVsfkfX5n2YKbwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFPzjEDZLJZFF/otp4Y9qmmVedg9BMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvX09NUU5rc2xrVVgtaTJuaGoycWFaVjUyRDBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAf
OIwDBAAfOJMDBAEfOLYwDAMEAR85TgMEAR85UDAMAwQAHzlVAwQDHzlQAwQAHznL
AwQAHzoKAwQAHzoQMAwDBAAfOhMDBAEfOhQDBAAfOhowDAMEAB86HQMEAB86HgME
AB86pwMEAB861AMEAB87DQMEAB87EgMEAB87GAMEAF63/wMEANk8DQMEANk8xgME
ANk87QMEANk88DANBgkqhkiG9w0BAQsFAAOCAQEAnz/D9VPxWjES2gY9m4nfBC/b
ZQHtKOVYo4HfxYh3MP12fyJnnQF3u5fY4sRhho7U2O7j9iDFsDTBSvYVrDH8zmeo
0zY210LuaoPwEJUOpicej89jd36EUffRybmoxOlx8uZCRESKsvpePmZfCCat1MNi
pCGk4ZhkfEK3m++mN5rLKXVnqV1fJpLq4gJqLmdAs1EyIgOR1Y4wfA9Y4nrwGgjT
X3G46aaVgdAXtMRl592XSLPtzEYoTK3ZlSPMXhr0sDcgaYU1nJcpz526RbCZrn08
JoIV8dpEk+a3MmjpbHbNjwYnjyYaqversu84UkZDCezGj3etePi+S0oITNYCfw==
-----END CERTIFICATE-----
Generated at Sun May 24 23:49:23 2026 by rpki-client