Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/egwebPHucRUgfkoBlLkbcBrSOm8.roa
File: egwebPHucRUgfkoBlLkbcBrSOm8.roa (raw, json)
Hash identifier: R/yGPjQxqdPpAPRGPVpOtvTu67cq5we2N1tfQ3oTrs4=
Subject key identifier: 7A:0C:1E:6C:F1:EE:71:15:20:7E:4A:01:94:B9:1B:70:1A:D2:3A:6F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019CD3CA383BB712402246413632F001A45D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/egwebPHucRUgfkoBlLkbcBrSOm8.roa
Signing time: Mon 09 Mar 2026 18:09:31 +0000
ROA not before: Mon 09 Mar 2026 18:09:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48678
IP address blocks: 31.56.16.0/22 maxlen: 24
31.56.214.0/24 maxlen: 24
31.57.16.0/21 maxlen: 24
31.57.135.0/24 maxlen: 24
31.58.41.0/24 maxlen: 24
31.58.176.0/22 maxlen: 24
31.58.200.0/22 maxlen: 24
31.58.216.0/22 maxlen: 24
31.58.240.0/22 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.245.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.58.252.0/22 maxlen: 24
31.59.64.0/22 maxlen: 24
31.59.80.0/22 maxlen: 24
31.59.124.0/22 maxlen: 24
31.59.176.0/21 maxlen: 24
31.59.188.0/22 maxlen: 24
31.59.192.0/22 maxlen: 24
31.59.216.0/22 maxlen: 24
217.60.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 08:23:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d3:ca:38:3b:b7:12:40:22:46:41:36:32:f0:01:a4:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 9 18:09:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7a0c1e6cf1ee7115207e4a0194b91b701ad23a6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c1:bd:a0:ba:82:ef:8f:08:d7:5a:a1:dd:26:
29:16:7d:63:4f:93:1d:7f:70:d5:34:e6:1d:1f:0c:
6a:bd:9c:cc:d7:c0:3b:ec:d4:ca:90:57:d0:86:2d:
3e:65:1d:31:2b:6c:15:92:3a:0f:ef:a2:c6:92:a2:
9c:14:c7:81:b4:27:4c:83:19:e7:8b:50:f9:c7:52:
d1:7d:53:f9:78:14:cf:81:39:af:33:2f:c0:5f:05:
2b:0a:f9:3d:b2:ab:ef:f6:1c:57:c5:6b:f1:01:ea:
af:92:ea:e6:60:9e:42:d9:78:60:f6:86:db:ed:51:
93:7d:33:7e:c7:31:16:20:b4:0f:74:92:f5:18:b3:
b6:a6:76:c2:4c:f7:cf:3e:6e:75:d8:92:4d:23:db:
f2:4c:52:dd:87:ac:47:25:9d:22:03:b7:ac:72:8c:
54:5d:87:06:0a:e7:4e:27:05:1c:ad:1b:8a:1e:a7:
32:c2:af:59:09:18:ed:ba:d5:f7:8b:d2:3a:bd:fe:
f4:df:9c:de:ff:48:bd:ea:fd:69:aa:35:89:73:98:
1c:2d:78:7a:d2:9f:6a:d8:a3:05:e6:67:81:7a:3a:
96:bd:01:5e:db:ac:7e:e2:de:2e:42:d9:48:b8:2e:
bb:c8:cf:fc:c2:95:31:85:af:8d:f6:68:f1:22:cd:
48:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0C:1E:6C:F1:EE:71:15:20:7E:4A:01:94:B9:1B:70:1A:D2:3A:6F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/egwebPHucRUgfkoBlLkbcBrSOm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.16.0/22
31.56.214.0/24
31.57.16.0/21
31.57.135.0/24
31.58.41.0/24
31.58.176.0/22
31.58.200.0/22
31.58.216.0/22
31.58.240.0-31.58.245.255
31.58.250.0-31.58.255.255
31.59.64.0/22
31.59.80.0/22
31.59.124.0/22
31.59.176.0/21
31.59.188.0-31.59.195.255
31.59.216.0/22
217.60.187.0/24
Signature Algorithm: sha256WithRSAEncryption
90:fa:5d:dd:04:e2:72:51:fd:52:db:c5:e3:8f:be:08:76:48:
c2:7a:92:c5:65:bb:5e:7d:8c:7e:d5:ff:c0:39:ed:07:59:8d:
ec:79:2f:00:53:ba:2a:20:34:c8:29:6b:40:ea:37:ac:0a:42:
0a:5c:6b:d7:9b:fe:e2:5e:db:d6:f2:d5:0c:e1:76:aa:a2:83:
8c:74:2c:9a:79:fb:4a:35:0d:3c:aa:2f:c7:8e:52:cf:89:f3:
67:ad:e3:92:5c:0e:f6:38:d3:d5:7d:0a:17:cd:5e:a6:22:1e:
78:e1:6d:83:a3:54:94:c3:d8:67:a9:76:ee:62:53:2d:01:08:
82:56:03:a1:ed:12:c8:39:f9:73:14:61:9a:14:84:1a:e3:6e:
c8:42:54:0e:01:cb:37:83:f8:9e:56:6e:67:74:d7:92:26:0d:
98:3b:e7:21:4f:f8:f8:d7:9e:84:5f:91:31:64:30:4c:7c:af:
41:64:3f:63:43:87:f1:dd:16:7a:7e:dc:97:e5:18:cc:08:f9:
e9:03:1e:7f:ef:5b:e3:c0:7f:f1:9c:1f:a7:cc:8f:ec:a9:17:
74:af:54:38:28:ea:2d:39:0a:ff:99:e3:01:8c:03:96:cf:ae:
ed:a1:ad:51:2c:c9:67:7e:28:1d:c4:b9:b5:03:61:5c:d8:00:
fb:8c:05:3c
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZzTyjg7txJAIkZBNjLwAaRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMzA5MTgwOTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTBjMWU2Y2YxZWU3MTE1MjA3ZTRhMDE5NGI5MWI3MDFhZDIzYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsG9oLqC748I11qh3SYpFn1jT5Md
f3DVNOYdHwxqvZzM18A77NTKkFfQhi0+ZR0xK2wVkjoP76LGkqKcFMeBtCdMgxnn
i1D5x1LRfVP5eBTPgTmvMy/AXwUrCvk9sqvv9hxXxWvxAeqvkurmYJ5C2Xhg9obb
7VGTfTN+xzEWILQPdJL1GLO2pnbCTPfPPm512JJNI9vyTFLdh6xHJZ0iA7escoxU
XYcGCudOJwUcrRuKHqcywq9ZCRjtutX3i9I6vf7035ze/0i96v1pqjWJc5gcLXh6
0p9q2KMF5meBejqWvQFe26x+4t4uQtlIuC67yM/8wpUxha+N9mjxIs1IhQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFHoMHmzx7nEVIH5KAZS5G3Aa0jpvMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZWd3ZWJQSHVjUlVnZmtvQmxMa2JjQnJTT204LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjCBgwQCAAEwfQMEAh84
EAMEAB841gMEAx85EAMEAB85hwMEAB86KQMEAh86sAMEAh86yAMEAh862DAMAwQE
HzrwAwQBHzr0MAsDBAEfOvoDAwAfOgMEAh87QAMEAh87UAMEAh87fAMEAx87sDAM
AwQCHzu8AwQCHzvAAwQCHzvYAwQA2Ty7MA0GCSqGSIb3DQEBCwUAA4IBAQCQ+l3d
BOJyUf1S28Xjj74IdkjCepLFZbtefYx+1f/AOe0HWY3seS8AU7oqIDTIKWtA6jes
CkIKXGvXm/7iXtvW8tUM4XaqooOMdCyaeftKNQ08qi/HjlLPifNnreOSXA72ONPV
fQoXzV6mIh544W2Do1SUw9hnqXbuYlMtAQiCVgOh7RLIOflzFGGaFIQa427IQlQO
Acs3g/ieVm5ndNeSJg2YO+chT/j4156EX5ExZDBMfK9BZD9jQ4fx3RZ6ftyX5RjM
CPnpAx5/71vjwH/xnB+nzI/sqRd0r1Q4KOotOQr/meMBjAOWz67toa1RLMlnfigd
xLm1A2Fc2AD7jAU8
-----END CERTIFICATE-----
Generated at Sat Mar 28 17:05:59 2026 by rpki-client