Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tyV3MpbHoNS54Jq3aISMsy0R_QY.roa
File: tyV3MpbHoNS54Jq3aISMsy0R_QY.roa (raw, json)
Hash identifier: cBT/hik4jLRxC0RjAYSmBXSf0SAcXQ70Pzi/NgG4PxI=
Subject key identifier: B7:25:77:32:96:C7:A0:D4:B9:E0:9A:B7:68:84:8C:B3:2D:11:FD:06
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019EDAC6EC491B2939E543A74BC292074B6D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tyV3MpbHoNS54Jq3aISMsy0R_QY.roa
Signing time: Thu 18 Jun 2026 12:48:50 +0000
ROA not before: Thu 18 Jun 2026 12:48:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212743
IP address blocks: 31.58.232.0/23 maxlen: 24
31.59.36.0/24 maxlen: 24
31.59.39.0/24 maxlen: 24
94.183.170.0/24 maxlen: 24
94.183.206.0/24 maxlen: 24
94.183.226.0/24 maxlen: 24
94.183.238.0/24 maxlen: 24
94.183.239.0/24 maxlen: 24
94.183.254.0/24 maxlen: 24
217.60.8.0/23 maxlen: 24
217.60.24.0/24 maxlen: 24
217.60.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 19:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:da:c6:ec:49:1b:29:39:e5:43:a7:4b:c2:92:07:4b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 18 12:48:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b725773296c7a0d4b9e09ab768848cb32d11fd06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:18:02:09:63:1e:28:d2:89:b5:1f:d0:42:5b:
12:7e:fe:fa:5d:2e:85:ae:8b:4f:90:16:6c:59:78:
eb:04:e6:27:f9:90:70:c0:09:dc:26:e1:09:86:67:
1a:4c:f6:5b:78:ff:85:1a:eb:3c:79:0e:4a:65:c1:
9a:23:59:c9:d2:cf:03:ff:fd:cf:09:bd:45:01:84:
3e:96:f6:d9:1d:85:cf:47:f9:53:50:65:8a:07:a0:
cb:68:f0:0c:9b:0e:c3:8a:25:3c:42:cb:9c:64:96:
87:de:31:bf:11:41:de:21:4b:b8:ef:00:b5:9d:7c:
1a:a5:ef:b1:b5:1a:2b:18:dd:4e:3e:f8:ac:1b:33:
31:76:a0:cd:4e:2d:61:5a:f2:5a:f6:1a:6b:00:31:
7b:e5:93:60:c9:21:50:e2:10:33:bc:b2:62:d0:e9:
cb:79:78:5d:37:c9:13:98:59:14:fd:10:91:68:92:
0f:5f:06:88:a1:e2:0c:a6:44:9c:5d:1c:1f:4c:5e:
b0:05:3e:29:2b:13:20:7d:1c:e0:e0:08:44:bc:87:
3a:a5:99:49:00:9c:bc:bb:be:7e:f1:40:27:19:00:
7a:88:89:5c:58:9a:6c:ab:bd:8b:6d:7d:d4:67:c4:
33:ea:29:05:c8:f9:c1:36:64:39:73:d6:bd:4d:85:
3b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:25:77:32:96:C7:A0:D4:B9:E0:9A:B7:68:84:8C:B3:2D:11:FD:06
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tyV3MpbHoNS54Jq3aISMsy0R_QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.232.0/23
31.59.36.0/24
31.59.39.0/24
94.183.170.0/24
94.183.206.0/24
94.183.226.0/24
94.183.238.0/23
94.183.254.0/24
217.60.8.0/23
217.60.24.0/24
217.60.99.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:a4:6d:86:2c:22:6a:d1:d1:8e:12:b8:0d:94:bc:4b:ea:6a:
a1:77:bc:18:bf:77:fb:8f:6f:68:f7:d4:77:49:5f:7f:5c:c4:
7a:b1:ad:f6:96:f4:28:85:1d:be:d9:4c:f2:42:de:b7:f2:40:
03:bb:88:78:f9:09:77:6e:02:8c:21:a8:a6:00:05:26:c3:81:
d7:8d:7e:63:1c:40:73:c7:a0:f9:ae:e1:72:95:84:4a:ad:18:
c9:48:6e:5c:8c:a2:2f:ec:2a:65:94:55:e9:ed:80:b2:56:b9:
84:0c:ad:a4:d6:6f:94:72:fa:42:2e:9b:01:cf:8c:f3:58:88:
da:43:09:3e:af:8a:a6:24:fc:c2:7d:0c:8c:25:1f:90:0c:a8:
ea:30:7f:8f:41:c8:f3:27:ab:cd:ee:55:df:8d:fc:d6:a4:75:
43:ac:2b:7c:db:6a:4a:96:c9:d2:97:b6:c2:a9:1b:8b:9e:88:
27:47:fa:5b:ad:87:81:1d:70:fa:da:08:5c:fb:de:50:30:1a:
d9:59:4c:aa:d1:7e:b1:8f:a5:4c:ed:2d:cc:d6:76:0b:4d:e8:
51:cf:ea:cb:40:42:da:87:e8:23:7f:e7:a0:3c:ab:9e:04:18:
dd:c5:48:7f:9e:ef:e6:57:b8:4c:8f:1a:66:bb:a1:ea:2f:ed:
ea:82:1f:91
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZ7axuxJGyk55UOnS8KSB0ttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjE4MTI0ODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzI1NzczMjk2YzdhMGQ0YjllMDlhYjc2ODg0OGNiMzJkMTFmZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxgCCWMeKNKJtR/QQlsSfv76XS6F
rotPkBZsWXjrBOYn+ZBwwAncJuEJhmcaTPZbeP+FGus8eQ5KZcGaI1nJ0s8D//3P
Cb1FAYQ+lvbZHYXPR/lTUGWKB6DLaPAMmw7DiiU8QsucZJaH3jG/EUHeIUu47wC1
nXwape+xtRorGN1OPvisGzMxdqDNTi1hWvJa9hprADF75ZNgySFQ4hAzvLJi0OnL
eXhdN8kTmFkU/RCRaJIPXwaIoeIMpkScXRwfTF6wBT4pKxMgfRzg4AhEvIc6pZlJ
AJy8u75+8UAnGQB6iIlcWJpsq72LbX3UZ8Qz6ikFyPnBNmQ5c9a9TYU7bwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFLcldzKWx6DUueCat2iEjLMtEf0GMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdHlWM01wYkhvTlM1NEpxM2FJU01zeTBSX1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBHzroAwQA
HzskAwQAHzsnAwQAXreqAwQAXrfOAwQAXrfiAwQBXrfuAwQAXrf+AwQB2TwIAwQA
2TwYAwQA2TxjMA0GCSqGSIb3DQEBCwUAA4IBAQAPpG2GLCJq0dGOErgNlLxL6mqh
d7wYv3f7j29o99R3SV9/XMR6sa32lvQohR2+2UzyQt638kADu4h4+Ql3bgKMIaim
AAUmw4HXjX5jHEBzx6D5ruFylYRKrRjJSG5cjKIv7CpllFXp7YCyVrmEDK2k1m+U
cvpCLpsBz4zzWIjaQwk+r4qmJPzCfQyMJR+QDKjqMH+PQcjzJ6vN7lXfjfzWpHVD
rCt822pKlsnSl7bCqRuLnognR/pbrYeBHXD62ghc+95QMBrZWUyq0X6xj6VM7S3M
1nYLTehRz+rLQELah+gjf+egPKueBBjdxUh/nu/mV7hMjxpmu6HqL+3qgh+R
-----END CERTIFICATE-----
Generated at Sat Jun 20 06:09:03 2026 by rpki-client