Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/31hx1j0ZUlZZesM8c0uLfHi71Go.roa
File: 31hx1j0ZUlZZesM8c0uLfHi71Go.roa (raw, json)
Hash identifier: BnsTTGiaWYChyMjLnpom2y+ekwg5sRz50roBtLRSDbI=
Subject key identifier: DF:58:71:D6:3D:19:52:56:59:7A:C3:3C:73:4B:8B:7C:78:BB:D4:6A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019E07A77F07E7E685825EB29294606AB329
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/31hx1j0ZUlZZesM8c0uLfHi71Go.roa
Signing time: Fri 08 May 2026 12:54:37 +0000
ROA not before: Fri 08 May 2026 12:54:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208504
IP address blocks: 80.240.91.0/24 maxlen: 24
81.168.7.0/24 maxlen: 24
82.152.9.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:07:a7:7f:07:e7:e6:85:82:5e:b2:92:94:60:6a:b3:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 8 12:54:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=df5871d63d195256597ac33c734b8b7c78bbd46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:47:f5:5a:60:99:3d:f1:2c:1e:43:c5:7a:81:
3e:50:d3:f0:9e:ed:db:92:c5:27:8e:f4:73:6d:3f:
bc:ac:bc:bc:49:74:04:18:ae:eb:02:38:b2:1a:88:
3b:84:00:ce:02:6e:fb:00:a3:b8:4d:45:c1:9c:60:
14:f7:f0:af:4f:2e:96:2d:90:ff:19:ae:61:08:d3:
08:4f:17:f9:82:ec:1a:78:52:96:22:e6:6a:47:93:
f7:f1:b7:57:7c:a1:ff:86:17:a4:ab:2d:8e:aa:dc:
93:a1:1d:ff:f7:32:1d:fd:48:40:a6:3b:ae:93:8f:
6a:2a:dd:bc:a6:7f:13:b7:87:83:c3:ee:50:50:e0:
e1:e4:f9:c9:8e:17:55:a9:0b:e9:7b:8d:a2:eb:5c:
50:04:b3:83:f6:74:ed:cf:17:3f:e5:16:97:ea:82:
71:24:88:4e:e6:ac:bd:48:f8:93:66:cc:1a:00:97:
05:7b:97:36:06:c2:39:94:82:b0:ed:73:7b:63:a0:
2c:f3:c2:f8:f6:04:3b:0c:72:1e:3f:ae:ad:af:78:
5f:00:40:92:e8:df:de:6b:4b:1b:0c:ec:fb:e5:d9:
b2:d9:11:ba:bf:b2:27:d4:90:98:35:1f:3e:cb:fa:
9a:63:46:96:b6:40:81:53:ca:18:ce:61:6b:90:4e:
32:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:58:71:D6:3D:19:52:56:59:7A:C3:3C:73:4B:8B:7C:78:BB:D4:6A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/31hx1j0ZUlZZesM8c0uLfHi71Go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.91.0/24
81.168.7.0/24
82.152.9.0/24
82.153.243.0/24
Signature Algorithm: sha256WithRSAEncryption
39:5b:1b:90:68:a7:ba:12:20:a9:41:9a:37:02:de:f8:f4:5f:
06:b9:5f:e8:a5:2c:ef:08:2e:ae:bb:c0:86:22:6f:b7:5c:7a:
18:73:d2:be:80:ce:91:f8:16:09:e2:94:f0:25:8c:1a:76:f5:
68:f7:4a:ee:f7:8f:dc:b1:b9:dc:3a:ec:b7:e0:2b:2f:bb:3d:
ec:61:7a:75:f5:4a:05:ef:b8:65:13:d5:24:e1:c8:a5:5d:35:
ff:fc:f0:2b:2c:f9:49:c6:c0:c3:00:86:10:fd:a1:40:1b:da:
d5:61:ea:e9:7f:27:a6:fc:f3:5c:95:9c:8e:9b:20:74:13:d5:
fc:3b:b9:3c:9a:c7:13:8c:e5:b6:b9:85:67:54:43:79:ca:38:
1e:08:37:f8:2f:96:92:ea:d9:4a:b1:a0:ae:f4:05:98:0c:46:
11:d5:35:41:2f:1a:37:ca:85:77:af:85:fa:25:cf:0d:92:43:
64:8e:e4:d0:e6:bc:28:d7:af:8d:0e:c6:61:07:58:ff:bd:50:
18:fa:87:d0:57:c1:aa:c5:7e:43:94:e7:f7:ed:a8:86:b3:b2:
16:af:b6:8e:64:06:f3:6a:00:b3:e3:fb:c6:98:6d:42:45:67:
b8:e3:19:a7:ea:5e:a2:b4:25:e9:9c:62:ee:78:2e:d6:88:f3:
90:de:1a:d3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4Hp38H5+aFgl6ykpRgarMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNTA4MTI1NDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjU4NzFkNjNkMTk1MjU2NTk3YWMzM2M3MzRiOGI3Yzc4YmJkNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUf1WmCZPfEsHkPFeoE+UNPwnu3b
ksUnjvRzbT+8rLy8SXQEGK7rAjiyGog7hADOAm77AKO4TUXBnGAU9/CvTy6WLZD/
Ga5hCNMITxf5guwaeFKWIuZqR5P38bdXfKH/hhekqy2OqtyToR3/9zId/UhApjuu
k49qKt28pn8Tt4eDw+5QUODh5PnJjhdVqQvpe42i61xQBLOD9nTtzxc/5RaX6oJx
JIhO5qy9SPiTZswaAJcFe5c2BsI5lIKw7XN7Y6As88L49gQ7DHIeP66tr3hfAECS
6N/ea0sbDOz75dmy2RG6v7In1JCYNR8+y/qaY0aWtkCBU8oYzmFrkE4y8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN9YcdY9GVJWWXrDPHNLi3x4u9RqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMzFoeDFqMFpVbFpaZXNNOGMwdUxmSGk3MUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUPBbAwQA
UagHAwQAUpgJAwQAUpnzMA0GCSqGSIb3DQEBCwUAA4IBAQA5WxuQaKe6EiCpQZo3
At749F8GuV/opSzvCC6uu8CGIm+3XHoYc9K+gM6R+BYJ4pTwJYwadvVo90ru94/c
sbncOuy34Csvuz3sYXp19UoF77hlE9Uk4cilXTX//PArLPlJxsDDAIYQ/aFAG9rV
Yerpfyem/PNclZyOmyB0E9X8O7k8mscTjOW2uYVnVEN5yjgeCDf4L5aS6tlKsaCu
9AWYDEYR1TVBLxo3yoV3r4X6Jc8NkkNkjuTQ5rwo16+NDsZhB1j/vVAY+ofQV8Gq
xX5DlOf37aiGs7IWr7aOZAbzagCz4/vGmG1CRWe44xmn6l6itCXpnGLueC7WiPOQ
3hrT
-----END CERTIFICATE-----
Generated at Wed May 13 02:12:32 2026 by rpki-client