Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fNEXnCWQ61hojt4s0cjZtpjaWPc.roa
File: fNEXnCWQ61hojt4s0cjZtpjaWPc.roa (raw, json)
Hash identifier: 8mBQaKmQzgdkfeLeOVVN7iDyNVINJKYx0kiqPjZ+2Cg=
Subject key identifier: 7C:D1:17:9C:25:90:EB:58:68:8E:DE:2C:D1:C8:D9:B6:98:DA:58:F7
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019D8B7D0CD0A2C9D733B022FF5478FCA61B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fNEXnCWQ61hojt4s0cjZtpjaWPc.roa
Signing time: Tue 14 Apr 2026 10:15:21 +0000
ROA not before: Tue 14 Apr 2026 10:15:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 19793
IP address blocks: 31.56.16.0/22 maxlen: 24
31.57.16.0/21 maxlen: 24
31.58.176.0/22 maxlen: 24
31.58.216.0/22 maxlen: 24
31.58.240.0/22 maxlen: 24
31.59.124.0/22 maxlen: 24
31.59.188.0/22 maxlen: 24
31.59.192.0/22 maxlen: 24
31.59.216.0/22 maxlen: 24
217.60.144.0/22 maxlen: 24
217.60.148.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 21:23:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8b:7d:0c:d0:a2:c9:d7:33:b0:22:ff:54:78:fc:a6:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 14 10:15:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7cd1179c2590eb58688ede2cd1c8d9b698da58f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3f:f3:fa:55:3d:df:70:57:58:d7:c3:f8:80:
81:0f:ff:e8:2b:ec:e6:c6:24:4e:38:f0:68:74:8c:
c2:4f:be:33:8c:a0:a4:49:b9:94:c4:4c:8c:30:5d:
8a:12:79:0d:aa:8b:ea:c4:91:9d:28:a7:d5:e8:5b:
a2:bf:ed:2e:05:e7:a0:85:6c:14:18:66:79:be:27:
4a:2b:f0:eb:cf:17:54:0d:ea:e1:43:47:af:cf:e8:
63:ba:f1:cd:b2:17:e6:52:97:0b:3b:4e:76:4e:24:
22:45:51:ac:87:e5:74:70:80:2a:17:0b:83:9b:db:
ec:5e:92:22:b1:03:7d:27:89:ca:b7:a2:f3:a8:1e:
b0:9e:e4:fe:dd:df:f3:0b:1f:a3:1e:07:3a:a7:49:
0a:b2:08:56:e4:f7:33:b3:1c:4b:22:58:2a:f5:17:
41:e6:e2:31:5e:cc:64:05:e6:be:cf:79:09:57:fb:
9b:15:b7:82:f9:49:4d:27:30:55:b8:60:45:98:b0:
a1:1a:a9:27:18:79:a0:dd:41:ed:0d:26:15:6f:3c:
e3:71:98:2b:32:94:6d:e1:b0:53:2f:9b:41:2c:f3:
36:e1:4a:5e:6c:ef:29:db:9d:9b:c1:28:55:85:ff:
05:21:a6:13:c7:9a:4e:87:8a:6b:f7:42:3c:f2:d4:
6d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D1:17:9C:25:90:EB:58:68:8E:DE:2C:D1:C8:D9:B6:98:DA:58:F7
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fNEXnCWQ61hojt4s0cjZtpjaWPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.16.0/22
31.57.16.0/21
31.58.176.0/22
31.58.216.0/22
31.58.240.0/22
31.59.124.0/22
31.59.188.0-31.59.195.255
31.59.216.0/22
217.60.144.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:59:54:68:38:ef:87:2f:e4:32:ae:b9:1f:d2:e0:e0:52:8e:
78:dc:42:fa:0c:df:6f:bc:61:59:6c:c4:6f:e1:52:25:e8:a8:
d8:b5:a5:79:35:d4:4d:44:be:4a:5d:c8:40:d6:d5:d1:23:0d:
4c:a6:cc:29:63:46:c2:56:a5:6e:2c:1c:56:89:8f:7a:be:77:
03:69:92:1a:27:33:9d:59:bc:ac:f6:aa:d1:74:dc:71:23:89:
0f:9a:a8:a0:c8:9d:03:ca:b7:1c:b9:c6:a9:15:7a:24:b9:be:
35:00:9a:fa:96:19:49:96:6a:2a:fe:3d:c6:42:5f:20:7c:17:
20:42:2d:07:96:ab:2a:0a:c4:4e:89:5f:43:cd:88:08:b7:e5:
35:3c:cb:12:9d:82:e9:9f:36:4d:ca:29:09:8a:0c:64:a7:25:
99:43:bb:93:e2:01:77:7d:74:67:4c:6e:6c:8e:17:b2:59:e5:
08:85:eb:91:ad:14:07:51:96:7f:b5:6d:0d:44:56:b9:74:64:
e2:8d:c7:84:32:b6:e7:43:8a:68:89:10:24:30:ea:a2:54:0d:
66:78:f8:25:0d:04:13:8f:d5:67:75:a2:a3:37:38:ad:13:47:
d8:40:ac:01:4b:97:ff:e9:cf:9d:72:fd:f2:6f:64:7b:c0:fb:
af:dc:05:5b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZ2LfQzQosnXM7Ai/1R4/KYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNDE0MTAxNTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2QxMTc5YzI1OTBlYjU4Njg4ZWRlMmNkMWM4ZDliNjk4ZGE1OGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj/z+lU933BXWNfD+ICBD//oK+zm
xiROOPBodIzCT74zjKCkSbmUxEyMMF2KEnkNqovqxJGdKKfV6Fuiv+0uBeeghWwU
GGZ5vidKK/DrzxdUDerhQ0evz+hjuvHNshfmUpcLO052TiQiRVGsh+V0cIAqFwuD
m9vsXpIisQN9J4nKt6LzqB6wnuT+3d/zCx+jHgc6p0kKsghW5PczsxxLIlgq9RdB
5uIxXsxkBea+z3kJV/ubFbeC+UlNJzBVuGBFmLChGqknGHmg3UHtDSYVbzzjcZgr
MpRt4bBTL5tBLPM24UpebO8p252bwShVhf8FIaYTx5pOh4pr90I88tRt2wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFHzRF5wlkOtYaI7eLNHI2baY2lj3MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZk5FWG5DV1E2MWhvanQ0czBjalp0cGphV1BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCHzgQAwQD
HzkQAwQCHzqwAwQCHzrYAwQCHzrwAwQCHzt8MAwDBAIfO7wDBAIfO8ADBAIfO9gD
BAPZPJAwDQYJKoZIhvcNAQELBQADggEBAG5ZVGg474cv5DKuuR/S4OBSjnjcQvoM
32+8YVlsxG/hUiXoqNi1pXk11E1EvkpdyEDW1dEjDUymzCljRsJWpW4sHFaJj3q+
dwNpkhonM51ZvKz2qtF03HEjiQ+aqKDInQPKtxy5xqkVeiS5vjUAmvqWGUmWair+
PcZCXyB8FyBCLQeWqyoKxE6JX0PNiAi35TU8yxKdgumfNk3KKQmKDGSnJZlDu5Pi
AXd9dGdMbmyOF7JZ5QiF65GtFAdRln+1bQ1EVrl0ZOKNx4QytudDimiJECQw6qJU
DWZ4+CUNBBOP1Wd1oqM3OK0TR9hArAFLl//pz51y/fJvZHvA+6/cBVs=
-----END CERTIFICATE-----
Generated at Sat Apr 18 04:36:03 2026 by rpki-client