Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cs8Gg8D9lpZLd9ZlprJwUAJUL5I.roa
File: cs8Gg8D9lpZLd9ZlprJwUAJUL5I.roa (raw, json)
Hash identifier: WVTzADunPvCwii6yDjUpI3He0/n5jX/BO2fNzH6rnRk=
Subject key identifier: 72:CF:06:83:C0:FD:96:96:4B:77:D6:65:A6:B2:70:50:02:54:2F:92
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E4674826A4B95D3769AE27E9803DD5BC6
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cs8Gg8D9lpZLd9ZlprJwUAJUL5I.roa
Signing time: Wed 20 May 2026 17:35:01 +0000
ROA not before: Wed 20 May 2026 17:35:01 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29802
IP address blocks: 31.56.88.0/24 maxlen: 24
31.57.30.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.176.0/24 maxlen: 24
31.57.194.0/24 maxlen: 24
31.58.71.0/24 maxlen: 24
31.58.160.0/24 maxlen: 24
31.59.14.0/24 maxlen: 24
31.59.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:46:74:82:6a:4b:95:d3:76:9a:e2:7e:98:03:dd:5b:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 20 17:35:01 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=72cf0683c0fd96964b77d665a6b2705002542f92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:40:6a:9c:2b:9b:c4:76:27:94:06:31:ee:4c:
07:48:23:ed:9d:75:92:aa:48:9d:db:bb:94:9b:8c:
1d:19:76:32:b3:37:23:a5:26:9d:19:26:f6:9a:f6:
e8:e9:1b:8f:0d:85:8a:86:00:db:15:ad:5e:c6:46:
7e:6e:39:71:a9:50:9d:7b:16:13:91:ec:b4:18:09:
5f:6a:fd:a5:9b:fb:2c:f8:7a:7d:c1:6c:96:2d:40:
63:8a:77:9b:c6:85:16:b6:7c:c3:86:6d:82:94:bc:
c8:90:28:8b:ac:b2:a8:32:c2:ad:4f:5a:7e:47:02:
94:0a:fd:c7:2f:ef:3b:73:10:5e:2f:94:76:5a:16:
7d:fb:34:fc:c8:c2:67:ff:f6:b3:12:59:06:8b:25:
e1:4d:33:92:a5:93:15:6c:36:30:02:74:5b:8f:9d:
14:09:d6:0d:ac:60:7d:84:0f:f2:af:4e:31:5a:50:
bd:e6:ca:23:eb:99:ff:86:b3:2e:59:2d:c4:2b:d4:
58:d2:c9:9d:eb:a5:39:4e:61:ad:b1:a4:09:85:ed:
5f:8b:1c:e9:a6:72:1b:6d:b7:c2:ed:a7:d7:17:0c:
cf:08:57:74:55:0d:3d:71:2b:66:17:17:a5:1f:42:
cc:ec:14:1f:f4:f9:79:e8:88:01:15:72:a1:df:15:
cd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:CF:06:83:C0:FD:96:96:4B:77:D6:65:A6:B2:70:50:02:54:2F:92
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/cs8Gg8D9lpZLd9ZlprJwUAJUL5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.88.0/24
31.57.30.0/24
31.57.131.0/24
31.57.150.0/24
31.57.176.0/24
31.57.194.0/24
31.58.71.0/24
31.58.160.0/24
31.59.14.0/24
31.59.30.0/24
Signature Algorithm: sha256WithRSAEncryption
68:89:52:cc:ff:c3:a9:96:41:56:d2:58:96:b3:7b:5d:1b:92:
aa:f1:a4:20:93:57:24:d9:1f:40:bd:0f:72:b6:f9:2a:57:9b:
b2:1a:a5:b5:6f:e4:ed:48:8e:2d:03:86:95:a4:54:40:a5:46:
4f:3b:cc:ca:b7:d3:34:c9:c5:3f:22:62:e4:1f:96:38:65:33:
1e:9c:e5:9a:a4:cb:86:a6:92:21:29:ef:c1:6e:81:2a:4b:3f:
7a:5b:aa:9d:dd:4f:a2:8e:cd:41:4d:48:85:10:28:6a:6a:11:
6c:49:cd:6e:62:e3:89:97:49:ec:ad:d2:c9:e8:c4:a8:27:7c:
34:bd:cf:96:0c:9c:7f:7a:a6:de:76:19:ce:c3:da:2a:23:84:
85:50:27:1e:a9:16:f3:7b:20:62:ea:49:35:a7:e2:41:f4:c5:
c8:f0:40:8f:30:ec:b3:36:59:b2:e8:4a:69:5b:03:84:9a:b4:
9b:c7:65:eb:8b:90:e1:24:43:2a:e4:f0:5c:fd:78:a7:f2:0f:
99:fc:33:98:e7:37:ad:c1:02:58:41:64:3f:cf:22:a9:a3:35:
c5:74:35:e4:4e:f7:87:57:c0:a6:7a:a7:27:c8:59:30:4b:44:
8f:9e:5c:02:88:84:b3:a8:61:43:10:a6:06:2f:7a:20:a3:3f:
f9:81:51:13
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ5GdIJqS5XTdprifpgD3VvGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTIwMTczNTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmNmMDY4M2MwZmQ5Njk2NGI3N2Q2NjVhNmIyNzA1MDAyNTQyZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUBqnCubxHYnlAYx7kwHSCPtnXWS
qkid27uUm4wdGXYyszcjpSadGSb2mvbo6RuPDYWKhgDbFa1exkZ+bjlxqVCdexYT
key0GAlfav2lm/ss+Hp9wWyWLUBjinebxoUWtnzDhm2ClLzIkCiLrLKoMsKtT1p+
RwKUCv3HL+87cxBeL5R2WhZ9+zT8yMJn//azElkGiyXhTTOSpZMVbDYwAnRbj50U
CdYNrGB9hA/yr04xWlC95soj65n/hrMuWS3EK9RY0smd66U5TmGtsaQJhe1fixzp
pnIbbbfC7afXFwzPCFd0VQ09cStmFxelH0LM7BQf9Pl56IgBFXKh3xXNzwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHLPBoPA/ZaWS3fWZaaycFACVC+SMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvY3M4R2c4RDlscFpMZDlabHBySndVQUpVTDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAHzhYAwQA
HzkeAwQAHzmDAwQAHzmWAwQAHzmwAwQAHznCAwQAHzpHAwQAHzqgAwQAHzsOAwQA
HzseMA0GCSqGSIb3DQEBCwUAA4IBAQBoiVLM/8OplkFW0liWs3tdG5Kq8aQgk1ck
2R9AvQ9ytvkqV5uyGqW1b+TtSI4tA4aVpFRApUZPO8zKt9M0ycU/ImLkH5Y4ZTMe
nOWapMuGppIhKe/BboEqSz96W6qd3U+ijs1BTUiFEChqahFsSc1uYuOJl0nsrdLJ
6MSoJ3w0vc+WDJx/eqbedhnOw9oqI4SFUCceqRbzeyBi6kk1p+JB9MXI8ECPMOyz
Nlmy6EppWwOEmrSbx2Xri5DhJEMq5PBc/Xin8g+Z/DOY5zetwQJYQWQ/zyKpozXF
dDXkTveHV8CmeqcnyFkwS0SPnlwCiISzqGFDEKYGL3ogoz/5gVET
-----END CERTIFICATE-----
Generated at Wed May 27 15:55:31 2026 by rpki-client