Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_eWpoq-gjcWn22LxJ29Br0Z4ewk.roa
File: _eWpoq-gjcWn22LxJ29Br0Z4ewk.roa (raw, json)
Hash identifier: 5Z8Rd2DWjllN+Ik5WtyUyCs1mSnnb0ayrISS6obH23I=
Subject key identifier: FD:E5:A9:A2:AF:A0:8D:C5:A7:DB:62:F1:27:6F:41:AF:46:78:7B:09
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019DD54B3CE106D3AA564421A313761121AB
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_eWpoq-gjcWn22LxJ29Br0Z4ewk.roa
Signing time: Tue 28 Apr 2026 18:12:50 +0000
ROA not before: Tue 28 Apr 2026 18:12:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212743
IP address blocks: 31.58.232.0/23 maxlen: 24
31.59.36.0/24 maxlen: 24
31.59.39.0/24 maxlen: 24
94.183.170.0/24 maxlen: 24
217.60.12.0/24 maxlen: 24
217.60.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 13:57:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d5:4b:3c:e1:06:d3:aa:56:44:21:a3:13:76:11:21:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 28 18:12:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fde5a9a2afa08dc5a7db62f1276f41af46787b09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2c:aa:3e:39:70:94:a9:33:2d:d1:16:4c:8d:
88:a6:07:ff:70:48:c2:aa:26:3c:bf:a9:37:21:3d:
01:1a:09:94:b7:a5:37:5e:20:ad:a9:e5:76:7f:ef:
5e:20:78:55:7c:eb:94:29:85:9a:ad:ac:49:a6:11:
d7:d2:83:28:62:aa:3d:69:a0:f7:3b:7a:7e:9b:22:
f4:f4:96:4c:9e:27:7e:39:6a:d9:5f:be:8d:61:ab:
8c:af:6b:aa:39:5c:05:30:6b:6c:d9:f5:f7:60:f5:
5f:79:9a:b4:10:84:31:ab:63:b0:2e:65:28:81:1d:
7c:13:6a:65:c9:f5:90:13:be:12:ae:cd:f7:f8:10:
e8:13:85:6e:11:c6:19:7b:78:70:a6:6b:72:ae:fd:
da:8c:61:13:53:b8:a6:7a:8a:c8:7b:09:fb:33:d5:
10:55:32:66:76:34:68:1e:77:1a:b4:eb:cf:cf:8d:
86:69:99:74:f5:45:37:47:f8:86:4a:39:2e:e5:e1:
8a:0f:cf:83:7d:82:a2:87:6c:1e:c0:28:f6:30:15:
8a:9f:21:3a:9e:ae:95:3d:66:18:64:96:68:15:53:
87:bc:ac:e4:f3:55:e7:d5:f0:59:15:64:4a:85:d7:
48:10:68:e2:26:e4:b4:a3:07:6c:fe:74:82:64:b7:
56:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:E5:A9:A2:AF:A0:8D:C5:A7:DB:62:F1:27:6F:41:AF:46:78:7B:09
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_eWpoq-gjcWn22LxJ29Br0Z4ewk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.232.0/23
31.59.36.0/24
31.59.39.0/24
94.183.170.0/24
217.60.12.0/24
217.60.24.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:22:0c:77:8c:29:c3:86:aa:9a:ab:45:b5:e4:4e:3b:0b:14:
a5:14:46:8e:c6:b0:57:b8:f2:44:dc:d9:8d:19:b6:9a:fc:7f:
8d:00:d4:e3:32:b7:69:0f:56:4f:c6:14:9b:94:c0:0a:a8:bc:
04:21:f1:02:8e:c3:1d:4d:b3:ab:26:d9:fe:3f:b5:68:c5:21:
3f:11:8c:0d:d7:c6:fc:ba:86:f9:a7:19:12:7c:26:16:be:6d:
3f:02:89:ce:6c:86:a4:90:ad:22:1e:05:eb:17:4c:db:1c:03:
75:48:31:50:f9:89:0d:c8:3b:2c:22:d0:fd:21:0b:5d:2b:c4:
8c:fa:de:3a:5f:58:cf:9b:e5:92:a4:2e:e2:16:cc:b1:b6:5e:
3a:3f:1a:f5:12:32:fa:07:92:9b:03:39:46:b8:d0:bc:19:7f:
ba:9b:06:7d:79:cc:85:ff:e1:c9:e8:58:0b:58:0c:df:27:55:
6a:00:5e:f5:5e:5b:3a:8c:24:ec:c2:06:fb:b1:90:71:37:54:
3c:ee:6d:52:11:9b:5f:fa:e6:0f:4e:e8:a7:7a:bf:fd:1d:7a:
c4:de:32:78:42:b4:d6:36:e7:f4:87:ad:d4:c0:df:b9:3c:e5:
e2:be:d1:7e:94:bc:7a:bc:46:1d:a2:7b:8d:74:da:5e:25:63:
48:e4:03:13
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ3VSzzhBtOqVkQhoxN2ESGrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNDI4MTgxMjUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGU1YTlhMmFmYTA4ZGM1YTdkYjYyZjEyNzZmNDFhZjQ2Nzg3YjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyyqPjlwlKkzLdEWTI2Ipgf/cEjC
qiY8v6k3IT0BGgmUt6U3XiCtqeV2f+9eIHhVfOuUKYWaraxJphHX0oMoYqo9aaD3
O3p+myL09JZMnid+OWrZX76NYauMr2uqOVwFMGts2fX3YPVfeZq0EIQxq2OwLmUo
gR18E2plyfWQE74Srs33+BDoE4VuEcYZe3hwpmtyrv3ajGETU7imeorIewn7M9UQ
VTJmdjRoHncatOvPz42GaZl09UU3R/iGSjku5eGKD8+DfYKih2wewCj2MBWKnyE6
nq6VPWYYZJZoFVOHvKzk81Xn1fBZFWRKhddIEGjiJuS0owds/nSCZLdWWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP3lqaKvoI3Fp9ti8SdvQa9GeHsJMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvX2VXcG9xLWdqY1duMjJMeEoyOUJyMFo0ZXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBHzroAwQA
HzskAwQAHzsnAwQAXreqAwQA2TwMAwQA2TwYMA0GCSqGSIb3DQEBCwUAA4IBAQDA
Igx3jCnDhqqaq0W15E47CxSlFEaOxrBXuPJE3NmNGbaa/H+NANTjMrdpD1ZPxhSb
lMAKqLwEIfECjsMdTbOrJtn+P7VoxSE/EYwN18b8uob5pxkSfCYWvm0/AonObIak
kK0iHgXrF0zbHAN1SDFQ+YkNyDssItD9IQtdK8SM+t46X1jPm+WSpC7iFsyxtl46
Pxr1EjL6B5KbAzlGuNC8GX+6mwZ9ecyF/+HJ6FgLWAzfJ1VqAF71Xls6jCTswgb7
sZBxN1Q87m1SEZtf+uYPTuiner/9HXrE3jJ4QrTWNuf0h63UwN+5POXivtF+lLx6
vEYdonuNdNpeJWNI5AMT
-----END CERTIFICATE-----
Generated at Tue May 5 19:06:09 2026 by rpki-client