Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ymo3bt7m6BT4tXtN6oh8vTO-ypU.roa
File: ymo3bt7m6BT4tXtN6oh8vTO-ypU.roa (raw, json)
Hash identifier: zpCkxwp5KL527gpiiD2CYI3Kf23BnEXhDF1evtyjf3U=
Subject key identifier: CA:6A:37:6E:DE:E6:E8:14:F8:B5:7B:4D:EA:88:7C:BD:33:BE:CA:95
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E59F1C86569176BB0BE258D190D5B89A5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ymo3bt7m6BT4tXtN6oh8vTO-ypU.roa
Signing time: Sun 24 May 2026 12:24:38 +0000
ROA not before: Sun 24 May 2026 12:24:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216129
IP address blocks: 31.56.180.0/24 maxlen: 24
31.57.13.0/24 maxlen: 24
31.57.117.0/24 maxlen: 24
31.58.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:59:f1:c8:65:69:17:6b:b0:be:25:8d:19:0d:5b:89:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 24 12:24:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ca6a376edee6e814f8b57b4dea887cbd33beca95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:24:00:3d:9e:4b:28:b1:4c:62:16:7a:c9:e3:
b4:24:5f:e1:1d:06:02:5e:dc:13:38:5f:76:cc:b3:
9a:81:9c:ed:cd:8f:75:b0:ac:5b:64:3b:29:31:90:
f4:7c:6b:af:52:0d:a9:a9:f7:e1:be:03:05:b3:a7:
fb:fd:d5:27:07:fb:d3:c0:77:a5:f7:e4:96:2a:d7:
60:dc:79:86:f9:be:86:8d:8c:ca:fe:c3:64:42:ce:
5a:53:0d:0c:74:c1:02:e8:e8:98:d5:cc:ce:ad:f9:
4f:05:53:f8:d5:6e:1e:39:8a:a5:ef:92:a1:e8:99:
98:16:6c:45:87:da:24:d8:66:a5:43:14:b0:03:7e:
36:eb:8c:a0:7d:74:e7:f8:dd:97:42:d1:3c:88:53:
7a:2a:7b:7f:4f:74:af:ce:a0:60:a2:fe:c1:f8:d5:
7d:66:6c:cc:b8:7d:cf:c6:c5:6b:2f:bf:49:4c:2a:
44:96:5a:12:46:b6:5f:e2:99:b7:aa:1b:7e:15:67:
d9:4f:d1:4e:e2:55:8f:f0:9f:46:15:fe:4a:9b:88:
35:5c:48:9a:80:e3:a5:32:2e:de:c8:4a:2a:34:7f:
62:e1:5b:bf:ae:3a:36:1e:0c:73:f2:3e:8a:53:98:
f5:7b:98:fa:ba:dd:99:b2:03:a0:b3:e7:9c:c9:28:
fc:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:6A:37:6E:DE:E6:E8:14:F8:B5:7B:4D:EA:88:7C:BD:33:BE:CA:95
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ymo3bt7m6BT4tXtN6oh8vTO-ypU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.180.0/24
31.57.13.0/24
31.57.117.0/24
31.58.85.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:c4:e3:64:c5:f8:4d:17:6b:63:d9:f3:54:33:22:63:9b:83:
37:bf:46:fc:8c:97:de:86:8f:ab:b8:05:0b:30:b9:1f:ce:98:
54:a1:48:af:fd:6f:1d:7d:ba:17:db:53:d1:1f:fe:22:07:bb:
e0:8d:8e:39:47:27:f3:97:bb:28:19:55:b4:09:8d:be:7c:90:
df:da:f3:40:6e:3b:e7:5b:52:fd:5b:41:ee:f3:9d:47:4a:a5:
1b:1f:fd:e2:77:eb:2b:83:33:8c:12:0c:07:fd:b0:25:a2:bd:
dc:e4:07:65:06:b8:61:0c:28:17:fc:ee:91:de:68:df:5a:47:
27:92:ce:18:95:97:2c:2a:a5:8b:ea:18:9b:ee:ed:0d:84:d4:
c9:8c:9c:1d:36:45:ac:cf:9b:ac:e2:2e:ea:47:5f:4e:8d:64:
c2:98:12:59:8c:85:f1:af:d8:c1:39:aa:02:e0:03:75:f7:f7:
0c:a9:ae:eb:67:39:db:54:57:d1:39:b2:99:5c:f1:27:7c:e0:
0c:5f:9a:b8:58:5b:b4:85:84:11:87:fa:0b:5a:aa:7f:c7:cf:
1a:50:8c:36:80:41:74:1b:ab:94:83:1e:cb:f8:b9:1a:51:84:
38:fa:8b:97:c3:d7:58:3c:a7:e7:10:7e:47:0b:d7:2b:a0:6c:
8e:31:fd:fc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ5Z8chlaRdrsL4ljRkNW4mlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTI0MTIyNDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTZhMzc2ZWRlZTZlODE0ZjhiNTdiNGRlYTg4N2NiZDMzYmVjYTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyQAPZ5LKLFMYhZ6yeO0JF/hHQYC
XtwTOF92zLOagZztzY91sKxbZDspMZD0fGuvUg2pqffhvgMFs6f7/dUnB/vTwHel
9+SWKtdg3HmG+b6GjYzK/sNkQs5aUw0MdMEC6OiY1czOrflPBVP41W4eOYql75Kh
6JmYFmxFh9ok2GalQxSwA34264ygfXTn+N2XQtE8iFN6Knt/T3SvzqBgov7B+NV9
ZmzMuH3PxsVrL79JTCpElloSRrZf4pm3qht+FWfZT9FO4lWP8J9GFf5Km4g1XEia
gOOlMi7eyEoqNH9i4Vu/rjo2Hgxz8j6KU5j1e5j6ut2ZsgOgs+ecySj82wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMpqN27e5ugU+LV7TeqIfL0zvsqVMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEveW1vM2J0N202QlQ0dFh0TjZvaDh2VE8teXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzi0AwQA
HzkNAwQAHzl1AwQAHzpVMA0GCSqGSIb3DQEBCwUAA4IBAQAvxONkxfhNF2tj2fNU
MyJjm4M3v0b8jJfeho+ruAULMLkfzphUoUiv/W8dfboX21PRH/4iB7vgjY45Ryfz
l7soGVW0CY2+fJDf2vNAbjvnW1L9W0Hu851HSqUbH/3id+srgzOMEgwH/bAlor3c
5AdlBrhhDCgX/O6R3mjfWkcnks4YlZcsKqWL6hib7u0NhNTJjJwdNkWsz5us4i7q
R19OjWTCmBJZjIXxr9jBOaoC4AN19/cMqa7rZznbVFfRObKZXPEnfOAMX5q4WFu0
hYQRh/oLWqp/x88aUIw2gEF0G6uUgx7L+LkaUYQ4+ouXw9dYPKfnEH5HC9croGyO
Mf38
-----END CERTIFICATE-----
Generated at Wed May 27 15:56:15 2026 by rpki-client