Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bwEayE0-Q4z53mOiYKorxt2cnoI.roa
File: bwEayE0-Q4z53mOiYKorxt2cnoI.roa (raw, json)
Hash identifier: 5gAOYhe8rCar4xg41d6DBsc94ZakVUhdV8P1j3TnJlc=
Subject key identifier: 6F:01:1A:C8:4D:3E:43:8C:F9:DE:63:A2:60:AA:2B:C6:DD:9C:9E:82
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019D0788FD79F026E89C37AD7B2053A4ABAC
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bwEayE0-Q4z53mOiYKorxt2cnoI.roa
Signing time: Thu 19 Mar 2026 19:18:31 +0000
ROA not before: Thu 19 Mar 2026 19:18:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199524
IP address blocks: 31.57.138.0/24 maxlen: 24
31.58.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 02:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:07:88:fd:79:f0:26:e8:9c:37:ad:7b:20:53:a4:ab:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 19 19:18:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6f011ac84d3e438cf9de63a260aa2bc6dd9c9e82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6d:7e:bf:6c:2e:c5:ab:ea:3f:cd:57:57:ea:
05:19:45:f6:e5:ba:44:d3:4d:8c:ee:54:21:f3:ea:
d4:ee:dd:32:58:d5:52:55:7a:6d:71:d0:24:9d:ec:
9a:2a:11:dc:8c:db:df:b9:d7:e8:72:de:01:20:95:
ac:d0:6c:20:36:f0:0f:4f:06:5e:0f:64:20:95:ce:
3c:8e:0c:39:67:90:fb:10:06:80:68:02:22:43:b7:
a9:fa:ae:b7:aa:cb:94:fc:76:f8:10:ea:9a:b1:c6:
44:28:07:eb:56:d1:18:21:25:d9:a2:1b:de:ed:4c:
9f:ce:4a:17:b4:92:a2:5c:9f:54:22:96:b0:8a:b3:
a3:53:14:d1:32:b2:83:61:51:a6:ac:65:1a:67:42:
6d:6b:2f:3c:2c:05:b6:c4:10:35:4d:2e:19:be:46:
4c:d0:3c:57:6b:04:b0:66:9b:70:f1:25:17:b8:de:
80:a7:f8:63:7c:31:c0:5c:8d:8a:72:b8:c7:b0:9f:
8d:43:e0:6a:b0:0e:c3:5f:06:b5:4d:0c:4a:ce:4e:
08:f3:f3:c3:73:ec:22:78:29:6f:f6:db:39:75:4a:
de:55:b2:36:7c:67:a1:24:09:62:e0:b0:d3:89:31:
d2:24:ea:2f:17:c8:30:82:2a:29:44:e9:85:17:f2:
d9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:01:1A:C8:4D:3E:43:8C:F9:DE:63:A2:60:AA:2B:C6:DD:9C:9E:82
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bwEayE0-Q4z53mOiYKorxt2cnoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.138.0/24
31.58.37.0/24
Signature Algorithm: sha256WithRSAEncryption
07:1f:76:c1:21:59:68:e4:c6:d8:dc:ba:b5:33:dd:7a:1b:27:
0a:e0:35:f0:72:0d:92:9c:fb:c4:3f:c0:27:fb:0e:04:d8:3e:
95:2e:41:3d:b1:1d:94:56:74:1b:c3:65:34:83:bc:6f:b8:f2:
f3:9e:27:6d:09:e7:1c:b6:69:4e:63:09:7e:0a:1f:a8:87:ef:
4e:1e:7c:7f:88:72:8c:38:61:b7:ac:ff:63:28:09:0b:42:bb:
42:4a:71:de:45:ce:5a:1b:0c:06:1c:44:f8:20:e7:b5:a6:a3:
17:d4:c7:da:e9:f0:d6:b8:1f:96:dc:ab:4b:0d:3b:65:d8:53:
ee:46:51:8e:7d:d0:0e:d9:2c:8a:50:d5:0c:07:d2:c2:d1:77:
6f:5a:89:fe:95:f7:66:0e:01:e8:00:af:42:00:cf:ea:d5:38:
f7:18:94:d0:6d:17:69:76:98:84:6b:4b:94:a5:1f:c4:02:f4:
17:c2:d3:ef:33:79:ef:6b:0b:52:59:4d:b0:c4:77:bb:31:01:
6d:94:a4:36:83:d8:c0:b0:85:e7:a8:d0:48:b2:77:c3:8e:40:
bb:bf:39:27:75:f0:c3:57:02:35:ad:90:bb:74:ee:9c:17:a6:
d2:7f:8b:1f:09:aa:6e:86:21:3a:ec:9e:7e:0d:01:07:c4:d7:
9e:c3:25:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0HiP158CbonDeteyBTpKusMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMzE5MTkxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjAxMWFjODRkM2U0MzhjZjlkZTYzYTI2MGFhMmJjNmRkOWM5ZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG1+v2wuxavqP81XV+oFGUX25bpE
002M7lQh8+rU7t0yWNVSVXptcdAkneyaKhHcjNvfudfoct4BIJWs0GwgNvAPTwZe
D2Qglc48jgw5Z5D7EAaAaAIiQ7ep+q63qsuU/Hb4EOqascZEKAfrVtEYISXZohve
7UyfzkoXtJKiXJ9UIpawirOjUxTRMrKDYVGmrGUaZ0Jtay88LAW2xBA1TS4ZvkZM
0DxXawSwZptw8SUXuN6Ap/hjfDHAXI2KcrjHsJ+NQ+BqsA7DXwa1TQxKzk4I8/PD
c+wieClv9ts5dUreVbI2fGehJAli4LDTiTHSJOovF8gwgiopROmFF/LZDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG8BGshNPkOM+d5jomCqK8bdnJ6CMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYndFYXlFMC1RNHo1M21PaVlLb3J4dDJjbm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHzmKAwQA
HzolMA0GCSqGSIb3DQEBCwUAA4IBAQAHH3bBIVlo5MbY3Lq1M916GycK4DXwcg2S
nPvEP8An+w4E2D6VLkE9sR2UVnQbw2U0g7xvuPLznidtCecctmlOYwl+Ch+oh+9O
Hnx/iHKMOGG3rP9jKAkLQrtCSnHeRc5aGwwGHET4IOe1pqMX1Mfa6fDWuB+W3KtL
DTtl2FPuRlGOfdAO2SyKUNUMB9LC0XdvWon+lfdmDgHoAK9CAM/q1Tj3GJTQbRdp
dpiEa0uUpR/EAvQXwtPvM3nvawtSWU2wxHe7MQFtlKQ2g9jAsIXnqNBIsnfDjkC7
vzkndfDDVwI1rZC7dO6cF6bSf4sfCapuhiE67J5+DQEHxNeewyVX
-----END CERTIFICATE-----
Generated at Sat Mar 21 12:01:42 2026 by rpki-client