Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0UOX6q2xQw-gn__hX3pNvNdoMFE.roa
File: 0UOX6q2xQw-gn__hX3pNvNdoMFE.roa (raw, json)
Hash identifier: /oy64I8ISHynIEYS4sYYkUopIz+VwcKBoxZUDH4VrLA=
Subject key identifier: D1:43:97:EA:AD:B1:43:0F:A0:9F:FF:E1:5F:7A:4D:BC:D7:68:30:51
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E0D6B543A1375C87E68908293C3A9CE53
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0UOX6q2xQw-gn__hX3pNvNdoMFE.roa
Signing time: Sat 09 May 2026 15:46:38 +0000
ROA not before: Sat 09 May 2026 15:46:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213791
IP address blocks: 31.57.112.0/24 maxlen: 24
31.57.202.0/24 maxlen: 24
217.60.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:0d:6b:54:3a:13:75:c8:7e:68:90:82:93:c3:a9:ce:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 9 15:46:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d14397eaadb1430fa09fffe15f7a4dbcd7683051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f0:21:e6:f9:88:a9:28:ed:60:8c:a9:c3:ef:
88:fc:4c:e4:f0:04:15:8e:4c:0a:40:88:60:06:3b:
ce:1c:45:b1:42:a7:75:94:48:d5:c1:c8:ae:b8:89:
b8:fc:fe:61:c9:ee:61:a2:44:a0:e0:ba:23:f0:bf:
76:fa:50:3e:4d:b5:9b:7c:d9:4a:bd:a6:33:84:b7:
f9:16:6e:b7:ee:45:d8:fb:f7:c9:19:99:ae:e6:e4:
0c:b4:89:40:94:04:1f:8b:e4:14:24:2c:77:51:45:
34:57:dc:d9:13:99:86:16:00:4a:a7:f1:e4:c8:ae:
f7:17:7b:56:75:f8:0a:94:f2:8c:7b:be:5c:c2:8a:
98:ce:97:9c:c6:26:8f:fe:8d:5e:6a:39:08:88:0d:
4a:9f:69:56:16:7b:07:a7:e8:cf:24:7a:c9:0e:54:
81:c7:5d:51:61:e4:22:94:a3:7e:79:a7:8e:3e:33:
72:40:3b:bb:fe:ff:f1:a8:8b:50:63:6d:34:77:a1:
af:c0:52:b7:dd:f0:27:a3:20:c9:a0:7b:ea:ca:5e:
83:c2:41:60:cd:04:9d:70:8f:8a:28:6e:a2:74:c2:
65:eb:18:a3:aa:e4:bc:f7:ff:fc:c5:72:9a:66:5b:
f3:ad:39:45:98:7a:f3:23:1c:68:63:58:15:57:ac:
44:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:43:97:EA:AD:B1:43:0F:A0:9F:FF:E1:5F:7A:4D:BC:D7:68:30:51
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/0UOX6q2xQw-gn__hX3pNvNdoMFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.112.0/24
31.57.202.0/24
217.60.99.0/24
Signature Algorithm: sha256WithRSAEncryption
51:40:80:e4:be:9b:6a:57:1c:5d:7c:7c:50:c2:92:70:68:a3:
c1:b9:3a:05:91:98:8c:2a:b2:56:aa:f4:2d:4e:31:db:c1:08:
79:4c:6d:07:f1:ee:1a:bd:18:a3:fb:82:7f:46:a0:60:ce:54:
9b:9c:fc:65:f1:7c:c3:d3:58:be:ec:da:75:83:c8:04:79:ad:
c1:f6:cd:c8:33:75:35:0c:91:01:0c:9d:52:7f:9e:1d:a3:ef:
8c:48:eb:5a:45:40:37:2c:13:bf:4d:72:84:e7:ef:87:d8:70:
39:44:e7:1a:2f:51:81:1b:0c:7f:1d:d7:dc:ec:e6:00:3a:fc:
9a:09:eb:40:e5:e6:38:bf:e6:42:14:14:a0:cd:d3:21:70:7e:
4e:2f:ac:16:dc:87:29:18:9f:22:a0:c7:f5:0b:99:97:0b:12:
ab:25:0e:65:52:0f:ca:e4:23:27:3f:f4:3e:69:74:ef:8a:85:
b6:4f:87:85:df:be:ee:17:b4:41:ca:7b:3c:2c:e8:b0:66:3d:
58:70:33:71:f3:c9:6c:5f:33:a6:1a:56:a5:7b:d5:3d:5a:41:
a1:26:c9:00:ab:26:89:26:89:00:18:18:4c:54:90:89:e0:8a:
66:c7:95:0f:ca:7a:27:c1:c9:37:89:57:a8:ad:4a:57:ab:34:
ca:36:4c:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ4Na1Q6E3XIfmiQgpPDqc5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTA5MTU0NjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTQzOTdlYWFkYjE0MzBmYTA5ZmZmZTE1ZjdhNGRiY2Q3NjgzMDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PAh5vmIqSjtYIypw++I/Ezk8AQV
jkwKQIhgBjvOHEWxQqd1lEjVwciuuIm4/P5hye5hokSg4Loj8L92+lA+TbWbfNlK
vaYzhLf5Fm637kXY+/fJGZmu5uQMtIlAlAQfi+QUJCx3UUU0V9zZE5mGFgBKp/Hk
yK73F3tWdfgKlPKMe75cwoqYzpecxiaP/o1eajkIiA1Kn2lWFnsHp+jPJHrJDlSB
x11RYeQilKN+eaeOPjNyQDu7/v/xqItQY200d6GvwFK33fAnoyDJoHvqyl6DwkFg
zQSdcI+KKG6idMJl6xijquS89//8xXKaZlvzrTlFmHrzIxxoY1gVV6xEkQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNFDl+qtsUMPoJ//4V96TbzXaDBRMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMFVPWDZxMnhRdy1nbl9faFgzcE52TmRvTUZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzlwAwQA
HznKAwQA2TxjMA0GCSqGSIb3DQEBCwUAA4IBAQBRQIDkvptqVxxdfHxQwpJwaKPB
uToFkZiMKrJWqvQtTjHbwQh5TG0H8e4avRij+4J/RqBgzlSbnPxl8XzD01i+7Np1
g8gEea3B9s3IM3U1DJEBDJ1Sf54do++MSOtaRUA3LBO/TXKE5++H2HA5ROcaL1GB
Gwx/Hdfc7OYAOvyaCetA5eY4v+ZCFBSgzdMhcH5OL6wW3IcpGJ8ioMf1C5mXCxKr
JQ5lUg/K5CMnP/Q+aXTvioW2T4eF377uF7RByns8LOiwZj1YcDNx88lsXzOmGlal
e9U9WkGhJskAqyaJJokAGBhMVJCJ4Ipmx5UPynonwck3iVeorUpXqzTKNkxG
-----END CERTIFICATE-----
Generated at Tue May 12 22:56:23 2026 by rpki-client