Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wHqmBKAexeX3RHSvx8kxwjDt45s.roa
File: wHqmBKAexeX3RHSvx8kxwjDt45s.roa (raw, json)
Hash identifier: zbgXUXjaqz+c71UhZ+hRH0CVcv+ktCJNJ7+8itIOOlo=
Subject key identifier: C0:7A:A6:04:A0:1E:C5:E5:F7:44:74:AF:C7:C9:31:C2:30:ED:E3:9B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019F0400ED5CB49FE5DC7D438999920EC1EC
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wHqmBKAexeX3RHSvx8kxwjDt45s.roa
Signing time: Fri 26 Jun 2026 12:56:37 +0000
ROA not before: Fri 26 Jun 2026 12:56:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212743
IP address blocks: 31.58.232.0/23 maxlen: 24
31.59.36.0/24 maxlen: 24
31.59.39.0/24 maxlen: 24
94.183.170.0/24 maxlen: 24
94.183.206.0/24 maxlen: 24
94.183.208.0/23 maxlen: 24
94.183.226.0/24 maxlen: 24
94.183.238.0/24 maxlen: 24
94.183.239.0/24 maxlen: 24
94.183.254.0/24 maxlen: 24
217.60.8.0/23 maxlen: 24
217.60.24.0/24 maxlen: 24
217.60.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jun 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:04:00:ed:5c:b4:9f:e5:dc:7d:43:89:99:92:0e:c1:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 26 12:56:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c07aa604a01ec5e5f74474afc7c931c230ede39b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7b:61:5e:16:10:d9:56:47:ec:3c:dd:d8:1a:
d9:bd:12:ca:11:4e:6c:d1:84:32:c5:d5:a9:f9:bd:
1a:50:75:e1:5f:c4:21:57:12:18:58:1b:30:08:a1:
7b:4b:61:d0:1f:be:85:d9:cc:bd:95:43:a1:59:10:
b2:05:eb:11:de:6e:8d:49:5a:9b:22:c8:2a:4d:d4:
af:b9:4d:a5:ec:2e:cd:80:19:02:d3:4b:a0:47:90:
72:25:82:fb:df:83:86:1f:85:f3:df:05:4d:31:e3:
a2:29:f1:74:05:bc:74:7e:28:d3:00:8f:6b:40:28:
7e:68:c3:e0:64:dd:50:17:0d:08:dd:85:51:23:14:
50:b0:3c:b6:aa:1a:86:d4:0b:33:63:e9:d4:3b:89:
64:c2:74:24:e6:35:bd:9d:c8:fe:25:13:ed:81:79:
15:0f:cc:30:8c:fe:ed:d0:07:aa:18:55:eb:0a:23:
74:c8:09:69:fd:d4:ee:bf:4f:ae:b8:28:4b:18:94:
61:b4:9e:3c:67:1a:67:57:cf:51:98:d0:5d:a1:28:
6e:e8:a9:13:14:bb:61:2b:0c:ed:95:aa:2c:7c:3e:
a7:cb:4f:c4:a3:8b:7b:ea:cc:0d:7d:28:0d:93:8f:
cf:e7:c9:0d:74:d9:19:26:24:ec:63:bc:2c:65:ca:
97:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:7A:A6:04:A0:1E:C5:E5:F7:44:74:AF:C7:C9:31:C2:30:ED:E3:9B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/wHqmBKAexeX3RHSvx8kxwjDt45s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.232.0/23
31.59.36.0/24
31.59.39.0/24
94.183.170.0/24
94.183.206.0/24
94.183.208.0/23
94.183.226.0/24
94.183.238.0/23
94.183.254.0/24
217.60.8.0/23
217.60.24.0/24
217.60.99.0/24
Signature Algorithm: sha256WithRSAEncryption
00:5f:31:33:06:4b:d7:8a:34:e7:e3:5e:31:5c:57:1f:f2:f4:
5c:3a:d9:f4:ec:59:73:bb:6d:03:84:00:6c:43:ef:de:39:68:
2d:46:d6:df:3b:c4:51:b0:40:65:38:29:4d:4b:8d:5b:2b:6b:
ba:20:61:33:77:f3:5c:e4:cf:b0:3b:9b:93:c7:42:0e:d1:b5:
50:fe:fa:83:ae:5a:0c:fe:64:a8:34:4d:8d:1c:22:fa:51:a8:
82:6f:d4:c9:c1:be:70:ef:8f:9d:42:83:d8:c9:53:13:c5:ce:
bb:11:37:af:48:6a:3c:1a:75:af:ab:32:94:b3:8d:40:da:c9:
e1:3c:3c:fe:5f:8f:30:86:62:9e:f7:fe:46:f1:59:ce:14:a9:
07:0c:91:f1:30:1e:24:41:c5:04:05:ce:17:7e:20:3f:21:92:
70:64:92:29:1f:39:54:47:ac:68:b4:6c:9e:ef:07:19:c8:0a:
c4:3b:ab:1a:42:19:51:df:bd:00:f4:5b:d9:1e:ad:18:c3:a7:
ab:a2:5f:cb:75:5d:f8:0c:9d:03:13:ac:51:0e:9a:00:a2:f6:
15:19:99:c4:92:c3:3c:cb:27:0e:52:d1:17:57:4b:65:98:5d:
58:97:ee:91:19:56:7c:22:05:5e:fc:38:2d:e7:d7:e9:12:e0:
8a:16:18:37
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZ8EAO1ctJ/l3H1DiZmSDsHsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjI2MTI1NjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDdhYTYwNGEwMWVjNWU1Zjc0NDc0YWZjN2M5MzFjMjMwZWRlMzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3thXhYQ2VZH7Dzd2BrZvRLKEU5s
0YQyxdWp+b0aUHXhX8QhVxIYWBswCKF7S2HQH76F2cy9lUOhWRCyBesR3m6NSVqb
IsgqTdSvuU2l7C7NgBkC00ugR5ByJYL734OGH4Xz3wVNMeOiKfF0Bbx0fijTAI9r
QCh+aMPgZN1QFw0I3YVRIxRQsDy2qhqG1AszY+nUO4lkwnQk5jW9ncj+JRPtgXkV
D8wwjP7t0AeqGFXrCiN0yAlp/dTuv0+uuChLGJRhtJ48ZxpnV89RmNBdoShu6KkT
FLthKwztlaosfD6ny0/Eo4t76swNfSgNk4/P58kNdNkZJiTsY7wsZcqX9wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMB6pgSgHsXl90R0r8fJMcIw7eObMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvd0hxbUJLQWV4ZVgzUkhTdng4a3h3akR0NDVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBHzroAwQA
HzskAwQAHzsnAwQAXreqAwQAXrfOAwQBXrfQAwQAXrfiAwQBXrfuAwQAXrf+AwQB
2TwIAwQA2TwYAwQA2TxjMA0GCSqGSIb3DQEBCwUAA4IBAQAAXzEzBkvXijTn414x
XFcf8vRcOtn07Flzu20DhABsQ+/eOWgtRtbfO8RRsEBlOClNS41bK2u6IGEzd/Nc
5M+wO5uTx0IO0bVQ/vqDrloM/mSoNE2NHCL6UaiCb9TJwb5w74+dQoPYyVMTxc67
ETevSGo8GnWvqzKUs41A2snhPDz+X48whmKe9/5G8VnOFKkHDJHxMB4kQcUEBc4X
fiA/IZJwZJIpHzlUR6xotGye7wcZyArEO6saQhlR370A9FvZHq0Yw6erol/LdV34
DJ0DE6xRDpoAovYVGZnEksM8yycOUtEXV0tlmF1Yl+6RGVZ8IgVe/Dgt59fpEuCK
Fhg3
-----END CERTIFICATE-----
Generated at Fri Jun 26 17:02:24 2026 by rpki-client