Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9qiaAFv7695pYDijhwZoE_UFDqQ.roa
File: 9qiaAFv7695pYDijhwZoE_UFDqQ.roa (raw, json)
Hash identifier: N7a9ZFMnUEP/Tat69eVjdXHHs24ZiVCX14vkDDJYkCw=
Subject key identifier: F6:A8:9A:00:5B:FB:EB:DE:69:60:38:A3:87:06:68:13:F5:05:0E:A4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019DB15589FDE5F3198F0610CB37684635D0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9qiaAFv7695pYDijhwZoE_UFDqQ.roa
Signing time: Tue 21 Apr 2026 18:37:46 +0000
ROA not before: Tue 21 Apr 2026 18:37:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 31.57.53.0/24 maxlen: 24
31.57.59.0/24 maxlen: 24
31.57.146.0/24 maxlen: 24
31.57.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b1:55:89:fd:e5:f3:19:8f:06:10:cb:37:68:46:35:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 21 18:37:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f6a89a005bfbebde696038a387066813f5050ea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1b:fe:c5:e9:18:a9:39:bc:07:a1:f5:28:f5:
99:2f:6d:ea:be:8f:b9:9c:e2:52:90:98:78:a3:13:
47:34:0c:d6:3b:b7:be:3a:02:55:73:dd:00:c2:0a:
ee:7b:5c:b6:fb:a1:9b:26:1c:90:f1:a6:96:9d:c5:
90:a8:1b:84:86:1a:0d:7c:4c:dd:a4:02:ee:8f:7b:
7e:85:04:4c:7b:ab:d8:99:e4:43:2c:b8:f7:02:5e:
ed:7a:2d:89:7e:c6:30:f9:3f:d6:88:21:16:e2:7b:
05:81:16:2e:38:91:3a:a7:24:08:ab:63:8b:1f:04:
99:b3:13:ba:d2:00:f6:f4:5b:7a:fc:16:a9:60:08:
90:a5:ab:8c:b9:07:ef:d4:a4:d0:e3:ac:f3:82:37:
82:0b:38:ec:e2:75:b2:b4:15:0f:35:a5:ee:66:d8:
2f:41:52:20:ee:d7:60:51:26:15:93:ef:4a:42:52:
0d:b9:db:55:c8:dc:69:d7:cd:27:18:b7:cc:aa:db:
39:af:03:4d:3e:3f:f1:be:88:b5:a3:da:02:ac:1d:
c6:22:9a:8e:e5:4b:cd:4d:a3:e7:dd:70:a9:27:3b:
5e:6a:3b:7a:f1:db:8f:0d:e0:b9:ee:58:ee:81:1d:
44:10:1e:25:3a:0c:41:c6:43:bc:14:f4:50:67:96:
7b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:A8:9A:00:5B:FB:EB:DE:69:60:38:A3:87:06:68:13:F5:05:0E:A4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/9qiaAFv7695pYDijhwZoE_UFDqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.53.0/24
31.57.59.0/24
31.57.146.0/24
31.57.171.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:7f:94:d7:c0:b2:1d:2c:2e:8f:09:b4:27:90:f2:f7:73:fe:
ba:c9:c7:8b:41:a6:bc:a2:b1:05:b2:3c:3c:a2:ec:78:ef:8c:
e9:23:e1:53:61:5f:85:98:20:39:f6:13:79:43:e5:4f:7a:02:
75:d6:e0:27:95:96:52:a8:0d:b6:dd:02:4e:12:d5:a2:4d:30:
d4:e4:a0:d1:53:1a:a0:fb:59:d9:af:ea:56:0d:06:c5:21:8d:
b0:14:38:cb:28:c5:b4:aa:7e:27:70:36:98:10:ea:1d:14:db:
ae:14:fa:c3:74:35:2f:2a:db:2a:87:1e:9f:71:a2:a9:c3:02:
7a:d1:20:de:10:a3:1e:8a:d5:96:14:1d:dd:f4:1f:2e:60:56:
bb:e7:83:21:9b:ef:e9:10:6e:a2:cd:b7:66:7d:c8:8a:5d:35:
50:15:70:13:ae:2a:7b:81:75:8f:de:d8:90:cd:04:4b:a5:4a:
64:5b:07:21:ca:5e:5a:d7:12:fc:e5:bd:fb:80:a0:47:7e:f2:
ca:73:e8:93:19:e0:5f:d3:f6:63:52:9d:5c:3c:c1:83:64:90:
7e:b1:35:b3:d4:b6:49:96:f7:cb:27:f5:d4:ef:ac:73:ba:37:
c6:9c:d5:65:b3:67:b3:8d:3f:65:ad:78:ff:66:e6:da:db:39:
f6:1b:4d:62
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2xVYn95fMZjwYQyzdoRjXQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNDIxMTgzNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmE4OWEwMDViZmJlYmRlNjk2MDM4YTM4NzA2NjgxM2Y1MDUwZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRv+xekYqTm8B6H1KPWZL23qvo+5
nOJSkJh4oxNHNAzWO7e+OgJVc90Awgrue1y2+6GbJhyQ8aaWncWQqBuEhhoNfEzd
pALuj3t+hQRMe6vYmeRDLLj3Al7tei2JfsYw+T/WiCEW4nsFgRYuOJE6pyQIq2OL
HwSZsxO60gD29Ft6/BapYAiQpauMuQfv1KTQ46zzgjeCCzjs4nWytBUPNaXuZtgv
QVIg7tdgUSYVk+9KQlINudtVyNxp180nGLfMqts5rwNNPj/xvoi1o9oCrB3GIpqO
5UvNTaPn3XCpJzteajt68duPDeC57ljugR1EEB4lOgxBxkO8FPRQZ5Z7hwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPaomgBb++veaWA4o4cGaBP1BQ6kMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvOXFpYUFGdjc2OTVwWURpamh3Wm9FX1VGRHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzk1AwQA
Hzk7AwQAHzmSAwQAHzmrMA0GCSqGSIb3DQEBCwUAA4IBAQCqf5TXwLIdLC6PCbQn
kPL3c/66yceLQaa8orEFsjw8oux474zpI+FTYV+FmCA59hN5Q+VPegJ11uAnlZZS
qA223QJOEtWiTTDU5KDRUxqg+1nZr+pWDQbFIY2wFDjLKMW0qn4ncDaYEOodFNuu
FPrDdDUvKtsqhx6fcaKpwwJ60SDeEKMeitWWFB3d9B8uYFa754Mhm+/pEG6izbdm
fciKXTVQFXATrip7gXWP3tiQzQRLpUpkWwchyl5a1xL85b37gKBHfvLKc+iTGeBf
0/ZjUp1cPMGDZJB+sTWz1LZJlvfLJ/XU76xzujfGnNVls2ezjT9lrXj/Zuba2zn2
G01i
-----END CERTIFICATE-----
Generated at Tue May 12 22:32:21 2026 by rpki-client