Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ve4NHczRTC43G2hluW9K08kG25w.roa
File: ve4NHczRTC43G2hluW9K08kG25w.roa (raw, json)
Hash identifier: 9w8MqvlBEYKsqYXkFA8fN1Fgnzc8DVfHWa9I1kSM0cs=
Subject key identifier: BD:EE:0D:1D:CC:D1:4C:2E:37:1B:68:65:B9:6F:4A:D3:C9:06:DB:9C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019EDAC6EBA1EA090EF46416430C1405E116
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ve4NHczRTC43G2hluW9K08kG25w.roa
Signing time: Thu 18 Jun 2026 12:48:49 +0000
ROA not before: Thu 18 Jun 2026 12:48:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202413
IP address blocks: 31.58.232.0/23 maxlen: 24
31.59.36.0/24 maxlen: 24
31.59.39.0/24 maxlen: 24
94.183.170.0/24 maxlen: 24
94.183.226.0/24 maxlen: 24
94.183.238.0/24 maxlen: 24
94.183.239.0/24 maxlen: 24
94.183.254.0/24 maxlen: 24
217.60.8.0/23 maxlen: 24
217.60.24.0/24 maxlen: 24
217.60.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jun 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:da:c6:eb:a1:ea:09:0e:f4:64:16:43:0c:14:05:e1:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 18 12:48:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bdee0d1dccd14c2e371b6865b96f4ad3c906db9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d4:f0:91:6d:1e:ee:b2:38:f2:6f:69:0e:7e:
59:ce:a5:3c:81:59:f2:49:de:49:d1:df:25:b3:cb:
4d:bc:c1:48:be:95:ba:59:b3:12:1d:0a:20:89:11:
1a:d1:54:90:7d:d0:4e:96:07:e2:82:6f:70:50:f1:
c6:aa:2a:8c:48:b5:bd:f7:d6:e9:cf:51:ae:be:a0:
96:86:8d:98:b9:aa:dd:c2:74:e8:21:f2:83:33:f5:
d2:cf:1d:ab:80:b0:6b:a8:61:08:f4:7d:c0:25:10:
b2:9c:e4:87:94:30:1b:eb:8a:1a:01:46:7a:26:28:
34:9f:8f:a3:36:2d:d1:02:30:d3:32:e7:51:57:1b:
82:ee:79:66:86:d7:43:92:de:9f:51:d1:1c:e4:3d:
cc:26:bb:9c:d9:1e:31:04:49:f9:f1:ee:36:da:52:
cd:a3:89:93:ff:e1:28:c6:46:b6:11:f0:78:35:44:
aa:3d:4c:ef:44:ed:27:e8:3d:70:62:3b:ff:75:42:
cf:ab:0d:6f:e9:5c:4a:0c:4a:a7:7a:0b:ad:b2:23:
fa:95:83:8a:cd:66:e2:9a:e0:49:2e:71:d9:95:7e:
17:7a:bc:d7:8a:ef:06:10:0a:bf:a8:bd:ea:d8:a3:
af:96:49:31:bd:c3:77:a3:78:43:b6:ba:16:16:90:
56:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:EE:0D:1D:CC:D1:4C:2E:37:1B:68:65:B9:6F:4A:D3:C9:06:DB:9C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ve4NHczRTC43G2hluW9K08kG25w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.232.0/23
31.59.36.0/24
31.59.39.0/24
94.183.170.0/24
94.183.226.0/24
94.183.238.0/23
94.183.254.0/24
217.60.8.0/23
217.60.24.0/24
217.60.99.0/24
Signature Algorithm: sha256WithRSAEncryption
39:01:a8:81:c4:25:be:b0:51:5f:de:e8:27:b3:13:c9:66:d1:
06:bc:65:73:e0:81:e4:04:34:99:b4:2c:a3:35:12:ab:5c:ac:
46:50:f6:21:19:f6:b9:72:31:5e:43:a9:99:16:e0:89:62:dc:
d1:69:5c:11:05:8c:8d:95:0c:5f:18:28:79:5f:bc:e1:98:bd:
ee:bd:bf:ec:66:5e:49:c9:11:c9:7a:04:0d:a8:4c:b9:21:6c:
97:1d:ee:d0:c9:c9:e9:72:21:e6:17:0e:7c:56:25:78:0f:9f:
df:02:68:d5:e6:13:9c:20:31:56:3f:c1:f0:ff:a8:26:78:c6:
4a:ea:81:be:d0:5c:88:61:ae:7c:d9:ef:d5:eb:33:4b:35:29:
72:7d:a5:13:29:44:68:e7:0c:41:ab:e3:3a:44:64:db:bb:8a:
f3:62:9a:e0:95:e8:1c:8f:4a:b9:12:0e:98:b4:06:0e:3e:16:
02:cd:70:8f:19:b2:89:3c:79:19:2c:be:18:ba:bc:0c:b7:7a:
76:bb:67:f1:0c:ac:20:8d:9c:ac:6f:ec:d5:95:98:79:4c:8e:
82:d2:59:d1:2c:74:3c:00:1c:77:0b:47:4c:da:87:a0:0a:5d:
44:5b:99:46:92:d6:c8:d2:b9:59:e3:83:9c:83:37:02:c9:8c:
b3:a6:0f:d0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ7axuuh6gkO9GQWQwwUBeEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjE4MTI0ODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGVlMGQxZGNjZDE0YzJlMzcxYjY4NjViOTZmNGFkM2M5MDZkYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9TwkW0e7rI48m9pDn5ZzqU8gVny
Sd5J0d8ls8tNvMFIvpW6WbMSHQogiREa0VSQfdBOlgfigm9wUPHGqiqMSLW999bp
z1GuvqCWho2YuardwnToIfKDM/XSzx2rgLBrqGEI9H3AJRCynOSHlDAb64oaAUZ6
Jig0n4+jNi3RAjDTMudRVxuC7nlmhtdDkt6fUdEc5D3MJruc2R4xBEn58e422lLN
o4mT/+Eoxka2EfB4NUSqPUzvRO0n6D1wYjv/dULPqw1v6VxKDEqnegutsiP6lYOK
zWbimuBJLnHZlX4XerzXiu8GEAq/qL3q2KOvlkkxvcN3o3hDtroWFpBWUwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFL3uDR3M0UwuNxtoZblvStPJBtucMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdmU0TkhjelJUQzQzRzJobHVXOUswOGtHMjV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBHzroAwQA
HzskAwQAHzsnAwQAXreqAwQAXrfiAwQBXrfuAwQAXrf+AwQB2TwIAwQA2TwYAwQA
2TxjMA0GCSqGSIb3DQEBCwUAA4IBAQA5AaiBxCW+sFFf3ugnsxPJZtEGvGVz4IHk
BDSZtCyjNRKrXKxGUPYhGfa5cjFeQ6mZFuCJYtzRaVwRBYyNlQxfGCh5X7zhmL3u
vb/sZl5JyRHJegQNqEy5IWyXHe7QycnpciHmFw58ViV4D5/fAmjV5hOcIDFWP8Hw
/6gmeMZK6oG+0FyIYa582e/V6zNLNSlyfaUTKURo5wxBq+M6RGTbu4rzYprglegc
j0q5Eg6YtAYOPhYCzXCPGbKJPHkZLL4YurwMt3p2u2fxDKwgjZysb+zVlZh5TI6C
0lnRLHQ8ABx3C0dM2oegCl1EW5lGktbI0rlZ44OcgzcCyYyzpg/Q
-----END CERTIFICATE-----
Generated at Fri Jun 26 17:03:08 2026 by rpki-client