Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bHsG61Nz1ky2mxGMYM3x7XpPKtA.roa
File: bHsG61Nz1ky2mxGMYM3x7XpPKtA.roa (raw, json)
Hash identifier: UBEz6TVqu5/NesZL0J2hQDJ4J+3H1PNn9TMUSTNgjN4=
Subject key identifier: 6C:7B:06:EB:53:73:D6:4C:B6:9B:11:8C:60:CD:F1:ED:7A:4F:2A:D0
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E4563545C2DA9B435629551C11DBD54D9
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bHsG61Nz1ky2mxGMYM3x7XpPKtA.roa
Signing time: Wed 20 May 2026 12:36:38 +0000
ROA not before: Wed 20 May 2026 12:36:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.107.0/24 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.59.79.0/24 maxlen: 24
31.59.228.0/24 maxlen: 24
2a14:6e40:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 May 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:45:63:54:5c:2d:a9:b4:35:62:95:51:c1:1d:bd:54:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 20 12:36:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6c7b06eb5373d64cb69b118c60cdf1ed7a4f2ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:61:c7:ee:16:f4:8c:57:72:6b:93:bb:0b:fc:
cc:67:d5:86:99:c4:ea:64:0e:70:24:ec:6a:fc:96:
81:36:83:68:6c:f5:97:21:c7:4e:a6:3e:c5:ff:17:
e8:e3:60:ec:78:90:4d:da:5a:bf:55:b8:c6:98:d7:
11:83:56:1a:d3:44:b0:12:71:1a:a8:37:e9:51:ae:
bf:51:7f:fc:23:05:1e:c3:92:6e:0b:44:34:9a:3e:
fc:69:8d:ad:af:4a:a8:e8:1a:1e:86:1d:93:8a:b2:
f5:0f:cc:14:be:47:58:92:82:72:93:84:a6:e1:dd:
c7:66:44:c2:f3:d7:8c:79:4e:a0:db:27:80:6c:2d:
6e:1a:85:e8:9d:4a:a1:a8:2b:fa:4b:9e:d5:93:8f:
31:56:ec:7b:c5:cd:e9:e7:35:51:34:a8:8b:5c:11:
f9:5f:80:da:c3:7b:43:b2:47:19:95:29:03:a8:43:
fe:3c:d6:80:1c:c4:b2:96:9c:9f:dd:1c:90:7c:40:
9b:9e:94:04:8b:70:41:57:e0:88:f9:d1:82:37:d3:
84:6b:0e:02:6a:55:25:67:05:2a:7c:03:f5:db:3f:
0d:a8:fd:08:25:b2:33:7f:58:60:bd:3f:04:7d:65:
83:1c:bc:e3:69:12:e0:9c:89:7e:0a:fb:ee:dd:db:
5d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7B:06:EB:53:73:D6:4C:B6:9B:11:8C:60:CD:F1:ED:7A:4F:2A:D0
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bHsG61Nz1ky2mxGMYM3x7XpPKtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.107.0/24
31.56.126.0/24
31.56.142.0/23
31.56.148.0/22
31.57.114.0/24
31.57.116.0/24
31.59.79.0/24
31.59.228.0/24
IPv6:
2a14:6e40:2::/48
Signature Algorithm: sha256WithRSAEncryption
a1:c3:a5:0a:bb:be:b4:26:b1:9f:c0:cf:6a:9a:2c:b8:01:7c:
bb:53:db:1f:df:fe:46:af:8e:19:e4:e5:69:69:b1:e0:30:68:
2b:8c:ca:6b:93:b5:c5:b0:bd:60:6b:7a:ab:1e:17:d3:96:93:
00:dc:fe:ad:8d:5a:d8:59:80:e5:c4:27:da:5b:9e:c0:e1:ac:
8a:99:31:2a:e2:21:e8:52:db:12:a2:ab:d5:97:c5:62:70:23:
6b:76:ef:27:51:02:b1:7f:bb:1d:14:da:ec:8d:37:62:55:89:
f2:33:34:94:81:ad:16:3d:c6:40:fa:4e:ea:ed:60:48:77:ca:
15:e7:31:88:70:10:36:ef:17:41:63:55:4a:ef:70:ab:d2:a9:
27:af:3b:af:44:00:05:2e:bd:58:16:a7:e6:22:2f:5e:5e:e9:
66:55:19:16:7e:d0:a9:1c:c4:86:34:99:1b:81:ab:2c:13:30:
5c:16:89:97:af:21:40:35:2c:0b:ce:db:32:28:1b:1f:29:46:
c8:89:4d:06:5d:f5:db:19:88:26:3c:b3:5a:bf:dd:97:61:ed:
76:53:64:7b:53:55:73:e6:93:64:c1:55:3d:34:9f:8a:bd:d2:
9d:a4:5f:d8:8a:78:d2:39:29:dc:58:ee:36:14:d0:bb:16:68:
36:e2:d9:35
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZ5FY1RcLam0NWKVUcEdvVTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTIwMTIzNjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzdiMDZlYjUzNzNkNjRjYjY5YjExOGM2MGNkZjFlZDdhNGYyYWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WHH7hb0jFdya5O7C/zMZ9WGmcTq
ZA5wJOxq/JaBNoNobPWXIcdOpj7F/xfo42DseJBN2lq/VbjGmNcRg1Ya00SwEnEa
qDfpUa6/UX/8IwUew5JuC0Q0mj78aY2tr0qo6Boehh2TirL1D8wUvkdYkoJyk4Sm
4d3HZkTC89eMeU6g2yeAbC1uGoXonUqhqCv6S57Vk48xVux7xc3p5zVRNKiLXBH5
X4Daw3tDskcZlSkDqEP+PNaAHMSylpyf3RyQfECbnpQEi3BBV+CI+dGCN9OEaw4C
alUlZwUqfAP12z8NqP0IJbIzf1hgvT8EfWWDHLzjaRLgnIl+Cvvu3dtdpQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGx7ButTc9ZMtpsRjGDN8e16TyrQMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYkhzRzYxTnoxa3kybXhHTVlNM3g3WHBQS3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA8BAIAATA2AwQDHzgIAwQA
HzhrAwQAHzh+AwQBHziOAwQCHziUAwQAHzlyAwQAHzl0AwQAHztPAwQAHzvkMA8E
AgACMAkDBwAqFG5AAAIwDQYJKoZIhvcNAQELBQADggEBAKHDpQq7vrQmsZ/Az2qa
LLgBfLtT2x/f/kavjhnk5WlpseAwaCuMymuTtcWwvWBreqseF9OWkwDc/q2NWthZ
gOXEJ9pbnsDhrIqZMSriIehS2xKiq9WXxWJwI2t27ydRArF/ux0U2uyNN2JVifIz
NJSBrRY9xkD6TurtYEh3yhXnMYhwEDbvF0FjVUrvcKvSqSevO69EAAUuvVgWp+Yi
L15e6WZVGRZ+0KkcxIY0mRuBqywTMFwWiZevIUA1LAvO2zIoGx8pRsiJTQZd9dsZ
iCY8s1q/3Zdh7XZTZHtTVXPmk2TBVT00n4q90p2kX9iKeNI5KdxY7jYU0LsWaDbi
2TU=
-----END CERTIFICATE-----
Generated at Fri May 22 14:18:36 2026 by rpki-client