Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/k7uuuDJ452DctFEAHwSBax2gJ1k.roa
File: k7uuuDJ452DctFEAHwSBax2gJ1k.roa (raw, json)
Hash identifier: DqHt3yVroS9M0fQhzfCuBqROr9DC5z8Bz+Rrz0Vqw1E=
Subject key identifier: 93:BB:AE:B8:32:78:E7:60:DC:B4:51:00:1F:04:81:6B:1D:A0:27:59
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019DA6858766C56FE73C6B7A6EBA7B0262A7
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/k7uuuDJ452DctFEAHwSBax2gJ1k.roa
Signing time: Sun 19 Apr 2026 16:14:21 +0000
ROA not before: Sun 19 Apr 2026 16:14:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.107.0/24 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.57.15.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.59.79.0/24 maxlen: 24
31.59.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a6:85:87:66:c5:6f:e7:3c:6b:7a:6e:ba:7b:02:62:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 19 16:14:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=93bbaeb83278e760dcb451001f04816b1da02759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:69:a2:8b:f0:59:cf:27:dc:d3:59:cb:cd:80:
89:ea:69:39:ac:24:a6:e6:f0:a7:78:ca:56:e8:5c:
62:0d:ce:9c:eb:64:f2:64:58:53:7f:da:49:11:81:
fd:9a:e5:a2:af:8c:fe:b1:5b:6d:c7:88:78:9f:ca:
5b:76:0d:f2:8f:b7:0d:d1:68:f5:15:db:f8:74:51:
94:f9:fc:d8:14:53:05:6d:ad:d6:88:c9:4c:7f:70:
dc:d2:30:a0:01:2d:8a:2f:b6:cc:d6:66:58:fd:64:
56:03:b1:5c:16:c9:8c:68:40:6a:c6:37:ba:24:02:
d7:2b:e9:7c:e1:9b:27:27:28:4e:f0:44:fb:39:7d:
5b:12:f0:d1:0f:3f:b2:0c:25:67:1b:df:4b:66:4d:
00:c4:89:b9:54:fa:42:ae:9a:59:d9:8e:63:29:ac:
a3:a8:ce:b3:4f:3b:54:d2:e4:86:0d:4c:ef:f0:c8:
62:86:f6:11:9f:89:b3:0d:83:98:c1:57:6f:79:ea:
26:16:a3:ad:2d:ec:35:48:d0:79:75:74:66:33:d8:
a0:cc:be:28:22:bc:dc:d8:49:e4:a6:93:02:26:1b:
d9:cc:19:41:d7:b7:86:41:2a:5b:84:2b:12:97:6b:
ed:a0:cd:22:cd:05:86:02:42:2a:b7:2d:e3:02:ec:
f7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:BB:AE:B8:32:78:E7:60:DC:B4:51:00:1F:04:81:6B:1D:A0:27:59
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/k7uuuDJ452DctFEAHwSBax2gJ1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.107.0/24
31.56.126.0/24
31.56.142.0/23
31.56.148.0/22
31.57.15.0/24
31.57.114.0/24
31.57.116.0/24
31.59.79.0/24
31.59.228.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:b8:be:f7:43:cf:07:a1:ef:82:f5:14:70:59:ef:20:2b:81:
5c:16:e8:16:3d:5c:59:7b:4d:10:55:d3:af:5f:4c:ba:6f:45:
c9:d2:28:69:ff:a9:90:9d:c4:a4:44:ff:14:6b:89:45:cc:10:
c4:66:4d:25:d3:42:fc:99:64:d9:6d:c7:67:31:79:31:e7:0d:
50:33:c7:05:5a:5f:02:9c:82:32:61:83:a8:d1:66:3d:b5:75:
cc:95:c3:1e:f0:e3:2a:dc:85:f6:b0:ce:c8:5c:4b:4b:d2:b6:
53:0c:86:9e:86:3c:01:24:53:65:9a:80:04:f7:af:f8:20:d5:
2a:ef:76:8e:0d:cf:7d:e0:d9:af:e5:df:89:d9:49:4c:a0:c7:
c5:82:a2:3a:06:fb:66:02:34:8d:c8:20:29:28:47:af:3c:4c:
28:55:b4:ce:5e:73:a5:c6:11:0b:f4:07:dc:ad:ae:a9:dc:a5:
b3:87:04:1d:3f:ab:c4:72:84:30:ba:98:dd:ae:36:95:48:ca:
be:be:71:bc:94:fb:10:c6:38:09:e3:e9:42:6f:f3:fe:0a:d1:
99:31:2a:43:ff:15:18:8e:29:6e:c2:a0:b7:70:93:e8:ad:8c:
b9:8e:47:8c:05:d2:f0:83:f3:b0:2e:8e:5b:83:84:c0:82:ed:
23:e8:21:24
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ2mhYdmxW/nPGt6brp7AmKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNDE5MTYxNDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2JiYWViODMyNzhlNzYwZGNiNDUxMDAxZjA0ODE2YjFkYTAyNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8mmii/BZzyfc01nLzYCJ6mk5rCSm
5vCneMpW6FxiDc6c62TyZFhTf9pJEYH9muWir4z+sVttx4h4n8pbdg3yj7cN0Wj1
Fdv4dFGU+fzYFFMFba3WiMlMf3Dc0jCgAS2KL7bM1mZY/WRWA7FcFsmMaEBqxje6
JALXK+l84ZsnJyhO8ET7OX1bEvDRDz+yDCVnG99LZk0AxIm5VPpCrppZ2Y5jKayj
qM6zTztU0uSGDUzv8MhihvYRn4mzDYOYwVdveeomFqOtLew1SNB5dXRmM9igzL4o
Irzc2EnkppMCJhvZzBlB17eGQSpbhCsSl2vtoM0izQWGAkIqty3jAuz3pQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJO7rrgyeOdg3LRRAB8EgWsdoCdZMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvazd1dXVESjQ1MkRjdEZFQUh3U0JheDJnSjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQDHzgIAwQA
HzhrAwQAHzh+AwQBHziOAwQCHziUAwQAHzkPAwQAHzlyAwQAHzl0AwQAHztPAwQA
HzvkMA0GCSqGSIb3DQEBCwUAA4IBAQBNuL73Q88Hoe+C9RRwWe8gK4FcFugWPVxZ
e00QVdOvX0y6b0XJ0ihp/6mQncSkRP8Ua4lFzBDEZk0l00L8mWTZbcdnMXkx5w1Q
M8cFWl8CnIIyYYOo0WY9tXXMlcMe8OMq3IX2sM7IXEtL0rZTDIaehjwBJFNlmoAE
96/4INUq73aODc994Nmv5d+J2UlMoMfFgqI6BvtmAjSNyCApKEevPEwoVbTOXnOl
xhEL9Afcra6p3KWzhwQdP6vEcoQwupjdrjaVSMq+vnG8lPsQxjgJ4+lCb/P+CtGZ
MSpD/xUYjiluwqC3cJPorYy5jkeMBdLwg/OwLo5bg4TAgu0j6CEk
-----END CERTIFICATE-----
Generated at Sun May 3 14:47:56 2026 by rpki-client