Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/yN203mXojVmQBWEYo_jSbxN6D4s.roa
File: yN203mXojVmQBWEYo_jSbxN6D4s.roa (raw, json)
Hash identifier: EKRLXkKtoRlZD1jHisFffSJ5WcJtZChJzefBq8Uholw=
Subject key identifier: C8:DD:B4:DE:65:E8:8D:59:90:05:61:18:A3:F8:D2:6F:13:7A:0F:8B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019EDAC6EBDC104EDD8CB370F079162FA7AC
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/yN203mXojVmQBWEYo_jSbxN6D4s.roa
Signing time: Thu 18 Jun 2026 12:48:50 +0000
ROA not before: Thu 18 Jun 2026 12:48:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210457
IP address blocks: 31.58.232.0/23 maxlen: 24
31.59.36.0/24 maxlen: 24
31.59.39.0/24 maxlen: 24
94.183.170.0/24 maxlen: 24
94.183.226.0/24 maxlen: 24
94.183.238.0/24 maxlen: 24
94.183.239.0/24 maxlen: 24
94.183.254.0/24 maxlen: 24
217.60.8.0/23 maxlen: 24
217.60.24.0/24 maxlen: 24
217.60.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jun 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:da:c6:eb:dc:10:4e:dd:8c:b3:70:f0:79:16:2f:a7:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 18 12:48:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c8ddb4de65e88d5990056118a3f8d26f137a0f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c6:0f:96:78:1f:cd:99:75:1a:4d:dc:cb:5e:
94:e3:c7:f2:b2:e8:0d:f0:94:a5:39:e9:7d:fb:ce:
9b:4c:64:cc:cf:bb:2f:b4:1c:49:b8:33:45:b4:f4:
e8:96:e2:06:92:cb:db:9e:b5:6b:bd:47:2b:ed:16:
94:f9:7c:60:e6:57:51:14:1c:a4:45:bd:d6:69:c1:
7d:e2:01:50:05:f9:0d:83:26:f7:26:41:44:de:ac:
e0:a3:c0:37:84:93:2c:5a:c6:6c:e9:16:c8:56:b7:
9f:72:fa:e4:01:34:14:2e:31:40:66:60:5b:ed:23:
33:10:03:e3:ef:b4:4e:96:5b:d0:7a:e0:9a:54:79:
4b:7e:29:d1:d7:62:59:c3:e3:20:7b:a6:93:96:07:
4f:da:3a:a7:7f:b2:56:c3:76:53:33:f4:33:17:b6:
f8:de:ee:59:a3:cf:ee:f4:4d:0c:e0:04:5e:f5:3f:
1f:c7:71:1a:1f:f5:1b:98:87:4a:ce:2b:5c:02:a7:
73:e0:84:08:a6:b6:25:ba:cb:09:0b:61:bf:5a:df:
7c:92:0b:63:73:86:24:2d:b0:b6:d1:00:80:26:bb:
b9:d5:23:72:86:43:27:14:c8:bd:19:78:66:2b:d1:
47:ab:bf:5c:a4:b0:20:79:ff:5e:38:01:a5:3e:2e:
34:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DD:B4:DE:65:E8:8D:59:90:05:61:18:A3:F8:D2:6F:13:7A:0F:8B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/yN203mXojVmQBWEYo_jSbxN6D4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.232.0/23
31.59.36.0/24
31.59.39.0/24
94.183.170.0/24
94.183.226.0/24
94.183.238.0/23
94.183.254.0/24
217.60.8.0/23
217.60.24.0/24
217.60.99.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:71:8a:f0:2c:65:4d:6c:76:2a:6c:c5:b8:6d:4c:fb:17:7d:
16:d4:05:be:20:5e:cb:a5:d1:04:dc:0b:d3:31:1d:27:30:e0:
d1:aa:ff:0c:81:7c:e7:cf:2c:b1:71:5e:bc:52:2f:57:02:de:
82:74:4b:56:de:60:61:a0:8b:03:73:17:f1:d8:d9:d1:cc:f2:
1c:1a:ef:00:d2:77:68:9e:bf:94:ff:70:b7:42:d6:d9:43:ea:
9c:c0:00:97:bd:f6:c5:67:d0:55:53:89:43:a4:3e:4b:fc:61:
bc:23:0a:58:93:87:52:1b:20:d9:f7:1f:64:6c:3c:3f:5a:67:
a3:6f:4b:e0:a7:1b:54:19:f8:98:b9:e6:e9:81:79:cf:4b:1c:
c4:b6:ce:d9:d6:d6:34:96:e1:66:96:b6:03:e0:0e:f1:12:8e:
70:fd:31:3d:34:6c:b4:41:a1:a2:c8:5e:f7:de:44:b5:63:3d:
87:78:44:6b:76:ea:c6:0f:73:7f:af:f8:62:8f:94:46:61:04:
07:d7:78:30:77:fa:da:25:74:2c:7d:38:5d:fb:db:85:7e:50:
29:8e:ef:36:82:4a:60:6d:ad:94:d9:22:cd:9e:54:25:1a:18:
a9:ac:6c:0e:2d:62:95:05:b1:49:be:48:4e:57:dd:67:57:c5:
08:17:18:aa
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ7axuvcEE7djLNw8HkWL6esMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNjE4MTI0ODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGRkYjRkZTY1ZTg4ZDU5OTAwNTYxMThhM2Y4ZDI2ZjEzN2EwZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28YPlngfzZl1Gk3cy16U48fysugN
8JSlOel9+86bTGTMz7svtBxJuDNFtPToluIGksvbnrVrvUcr7RaU+Xxg5ldRFByk
Rb3WacF94gFQBfkNgyb3JkFE3qzgo8A3hJMsWsZs6RbIVrefcvrkATQULjFAZmBb
7SMzEAPj77ROllvQeuCaVHlLfinR12JZw+Mge6aTlgdP2jqnf7JWw3ZTM/QzF7b4
3u5Zo8/u9E0M4ARe9T8fx3EaH/UbmIdKzitcAqdz4IQIprYlussJC2G/Wt98kgtj
c4YkLbC20QCAJru51SNyhkMnFMi9GXhmK9FHq79cpLAgef9eOAGlPi40KQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMjdtN5l6I1ZkAVhGKP40m8Teg+LMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEveU4yMDNtWG9qVm1RQldFWW9falNieE42RDRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBHzroAwQA
HzskAwQAHzsnAwQAXreqAwQAXrfiAwQBXrfuAwQAXrf+AwQB2TwIAwQA2TwYAwQA
2TxjMA0GCSqGSIb3DQEBCwUAA4IBAQCecYrwLGVNbHYqbMW4bUz7F30W1AW+IF7L
pdEE3AvTMR0nMODRqv8MgXznzyyxcV68Ui9XAt6CdEtW3mBhoIsDcxfx2NnRzPIc
Gu8A0ndonr+U/3C3QtbZQ+qcwACXvfbFZ9BVU4lDpD5L/GG8IwpYk4dSGyDZ9x9k
bDw/Wmejb0vgpxtUGfiYuebpgXnPSxzEts7Z1tY0luFmlrYD4A7xEo5w/TE9NGy0
QaGiyF733kS1Yz2HeERrdurGD3N/r/hij5RGYQQH13gwd/raJXQsfThd+9uFflAp
ju82gkpgba2U2SLNnlQlGhiprGwOLWKVBbFJvkhOV91nV8UIFxiq
-----END CERTIFICATE-----
Generated at Fri Jun 26 17:04:25 2026 by rpki-client