Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/yL5oFMeYX2PBRwpri5a3m46zzAo.roa
File: yL5oFMeYX2PBRwpri5a3m46zzAo.roa (raw, json)
Hash identifier: 8I4isbDdUI5Az3quyQIoPocRXbt+R/JLWDWFV+TTNt0=
Subject key identifier: C8:BE:68:14:C7:98:5F:63:C1:47:0A:6B:8B:96:B7:9B:8E:B3:CC:0A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E2A529E018A4C57C2F6C3C7891B087FE2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/yL5oFMeYX2PBRwpri5a3m46zzAo.roa
Signing time: Fri 15 May 2026 06:28:37 +0000
ROA not before: Fri 15 May 2026 06:28:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60781
IP address blocks: 31.56.36.0/24 maxlen: 24
31.59.19.0/24 maxlen: 24
31.59.22.0/24 maxlen: 24
31.59.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2a:52:9e:01:8a:4c:57:c2:f6:c3:c7:89:1b:08:7f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 15 06:28:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c8be6814c7985f63c1470a6b8b96b79b8eb3cc0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:db:2a:b3:59:d1:69:6d:02:c7:7f:09:c8:8d:
6f:07:c6:d1:f5:58:ce:ab:73:86:cd:04:3c:7d:82:
0f:98:27:98:7f:00:95:29:a1:3e:ca:b5:fe:49:8f:
15:3d:9e:54:4c:8c:9e:a1:55:d5:9d:15:7f:84:35:
29:b9:2a:71:ba:a9:a0:0d:07:d1:21:24:59:70:03:
91:c0:69:47:31:45:95:30:c9:4e:f9:a5:c0:c6:99:
98:34:02:bd:d1:af:39:d0:b3:6f:df:8c:0d:c3:5c:
83:d3:72:fa:f4:81:cb:db:26:b9:95:6f:b4:99:9c:
2e:5a:f5:c0:bd:4c:a9:0d:8b:2d:52:16:c4:58:d2:
f0:f3:42:08:ea:aa:a2:41:83:33:08:bb:b1:e7:b8:
7e:28:db:1d:7b:a3:06:1e:b2:b4:37:a2:f3:b3:97:
7c:3a:eb:cd:f8:a3:ab:ad:4e:45:43:cd:f5:c3:a6:
7d:91:e7:47:1a:ae:fb:34:4c:65:22:fd:37:0a:50:
7d:25:7f:fb:4f:45:7b:3e:43:da:37:e8:60:45:24:
0c:99:0d:e4:39:6d:b8:b6:93:8f:4b:a3:67:4b:2e:
8f:dd:20:fe:7d:67:aa:53:64:aa:7a:bd:63:ff:7e:
6f:0f:22:5d:65:75:a0:d8:fa:67:27:0a:51:fa:18:
6b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:BE:68:14:C7:98:5F:63:C1:47:0A:6B:8B:96:B7:9B:8E:B3:CC:0A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/yL5oFMeYX2PBRwpri5a3m46zzAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.36.0/24
31.59.19.0/24
31.59.22.0/24
31.59.25.0/24
Signature Algorithm: sha256WithRSAEncryption
54:cd:e1:c7:10:dd:ef:35:b9:87:ed:b5:96:34:ee:74:b0:3c:
89:0d:ac:49:b8:30:c0:c1:3b:02:81:32:53:06:e1:09:9e:60:
3b:f3:f7:42:99:82:31:3d:80:90:64:18:1e:5e:08:c6:af:df:
f5:5d:04:6c:02:f0:76:9e:27:04:59:29:ec:df:72:b6:20:94:
ad:48:39:e0:83:4e:61:d2:e0:9c:89:ed:65:7f:8e:de:dd:de:
b1:50:1c:cb:bf:49:81:3d:3f:63:c3:cb:36:cb:be:9a:a9:93:
df:06:7b:0b:87:07:56:a1:cb:a1:e2:d9:36:e4:c8:39:93:67:
ab:04:5b:09:69:28:84:78:bb:38:7b:87:03:ed:7a:06:fc:e0:
8d:0f:68:0f:ec:56:66:6a:67:e2:f8:a4:5e:86:43:9b:76:99:
8d:8b:e6:45:83:5b:7c:11:68:25:79:d1:9f:71:08:ef:e3:b6:
c2:20:0b:d7:0a:99:ab:e7:3f:91:e1:b4:3e:f0:40:e9:9f:86:
a8:44:da:4b:e3:e4:e0:50:f5:87:73:94:6a:c0:10:8c:78:7b:
51:39:14:a9:8c:a0:d2:a6:b1:13:d0:c2:09:6f:b3:7a:a4:fc:
eb:91:84:a5:77:f5:9d:ac:44:c7:92:f1:7e:32:66:28:10:e0:
e1:27:7f:41
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4qUp4BikxXwvbDx4kbCH/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTE1MDYyODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGJlNjgxNGM3OTg1ZjYzYzE0NzBhNmI4Yjk2Yjc5YjhlYjNjYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9sqs1nRaW0Cx38JyI1vB8bR9VjO
q3OGzQQ8fYIPmCeYfwCVKaE+yrX+SY8VPZ5UTIyeoVXVnRV/hDUpuSpxuqmgDQfR
ISRZcAORwGlHMUWVMMlO+aXAxpmYNAK90a850LNv34wNw1yD03L69IHL2ya5lW+0
mZwuWvXAvUypDYstUhbEWNLw80II6qqiQYMzCLux57h+KNsde6MGHrK0N6Lzs5d8
OuvN+KOrrU5FQ831w6Z9kedHGq77NExlIv03ClB9JX/7T0V7PkPaN+hgRSQMmQ3k
OW24tpOPS6NnSy6P3SD+fWeqU2Sqer1j/35vDyJdZXWg2PpnJwpR+hhrswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMi+aBTHmF9jwUcKa4uWt5uOs8wKMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEveUw1b0ZNZVlYMlBCUndwcmk1YTNtNDZ6ekFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzgkAwQA
HzsTAwQAHzsWAwQAHzsZMA0GCSqGSIb3DQEBCwUAA4IBAQBUzeHHEN3vNbmH7bWW
NO50sDyJDaxJuDDAwTsCgTJTBuEJnmA78/dCmYIxPYCQZBgeXgjGr9/1XQRsAvB2
nicEWSns33K2IJStSDngg05h0uCcie1lf47e3d6xUBzLv0mBPT9jw8s2y76aqZPf
BnsLhwdWocuh4tk25Mg5k2erBFsJaSiEeLs4e4cD7XoG/OCND2gP7FZmamfi+KRe
hkObdpmNi+ZFg1t8EWgledGfcQjv47bCIAvXCpmr5z+R4bQ+8EDpn4aoRNpL4+Tg
UPWHc5RqwBCMeHtRORSpjKDSprET0MIJb7N6pPzrkYSld/WdrETHkvF+MmYoEODh
J39B
-----END CERTIFICATE-----
Generated at Wed May 27 15:55:20 2026 by rpki-client