Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/EFmRFqwmCXrrpRxuUC0eAGnjexE.roa
File: EFmRFqwmCXrrpRxuUC0eAGnjexE.roa (raw, json)
Hash identifier: zsrXPA+wQgaMFJYzvn1Zo8tL8bY+NL0RSLz2101Qlo4=
Subject key identifier: 10:59:91:16:AC:26:09:7A:EB:A5:1C:6E:50:2D:1E:00:69:E3:7B:11
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E1B661FC0B252F7958DB8D67729BDF309
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/EFmRFqwmCXrrpRxuUC0eAGnjexE.roa
Signing time: Tue 12 May 2026 08:55:38 +0000
ROA not before: Tue 12 May 2026 08:55:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198250
IP address blocks: 31.56.82.0/24 maxlen: 24
31.56.87.0/24 maxlen: 24
31.56.99.0/24 maxlen: 24
31.57.45.0/24 maxlen: 24
31.57.55.0/24 maxlen: 24
31.58.53.0/24 maxlen: 24
31.59.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1b:66:1f:c0:b2:52:f7:95:8d:b8:d6:77:29:bd:f3:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 12 08:55:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=10599116ac26097aeba51c6e502d1e0069e37b11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d1:dd:2f:7e:20:20:18:0e:30:ad:d8:6b:35:
de:9b:84:85:7f:72:32:50:11:1e:73:4d:9a:f4:1a:
f0:aa:3d:1c:fe:fb:35:ea:53:8f:b8:ed:61:5b:c3:
92:ca:18:fb:72:ab:0c:1c:2f:46:b4:b6:db:aa:7a:
0e:8a:48:ed:8e:7d:4b:b0:a2:f6:3e:74:ac:b7:81:
24:3f:0d:e1:df:57:9c:67:d7:26:dc:2f:87:e6:69:
13:de:ba:cf:e3:35:53:87:84:10:07:81:dc:23:75:
d3:25:aa:63:04:0a:0b:f3:b6:6b:76:79:6c:3b:a1:
79:8d:29:42:b3:51:01:f1:02:46:7d:ae:75:96:cc:
4b:77:c0:47:59:bd:36:e9:cf:6b:35:62:2a:40:d1:
78:6b:be:e6:e4:b3:ec:63:16:5b:5e:06:4b:22:5c:
11:9c:71:ba:53:2d:42:61:75:88:5a:d4:0f:ea:b3:
94:c7:a7:96:b5:52:39:02:21:86:44:8a:f9:9f:e8:
aa:0d:17:0b:3d:38:36:b0:66:31:7d:d7:d8:ca:41:
03:74:94:67:c6:44:9e:d0:3f:ec:27:13:82:7a:83:
cc:08:d1:9c:dd:14:da:5f:3f:7f:cd:45:b2:8e:81:
a8:a8:24:50:d7:af:ec:8d:39:37:d3:f8:89:a7:75:
f9:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:59:91:16:AC:26:09:7A:EB:A5:1C:6E:50:2D:1E:00:69:E3:7B:11
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/EFmRFqwmCXrrpRxuUC0eAGnjexE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.82.0/24
31.56.87.0/24
31.56.99.0/24
31.57.45.0/24
31.57.55.0/24
31.58.53.0/24
31.59.55.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:9d:e8:56:de:5f:0b:77:28:e7:bb:fd:1a:c8:12:08:b5:bb:
c3:b3:03:a1:d6:07:d8:0a:c0:71:e7:2d:4a:3a:33:19:15:8d:
ce:b8:cd:aa:0d:d0:08:e8:b6:99:2e:7a:8b:bc:dc:ce:8d:2c:
8f:e0:30:ce:ec:2f:75:11:7b:8f:8d:bc:32:be:3d:54:b3:c0:
ca:06:1b:a4:4b:b4:31:0c:b2:78:d8:a1:c5:5f:d0:4f:11:10:
dd:95:92:13:bc:78:9a:80:c3:89:28:3b:31:14:33:05:7e:2d:
46:1c:78:42:b7:f8:35:e5:36:9e:04:91:5e:ef:bb:b2:28:3a:
0d:54:0a:3a:a5:89:20:bc:d5:e9:90:14:b3:0a:70:ad:40:00:
e6:da:e8:f8:f5:50:48:bc:40:5d:85:38:c6:85:45:e4:20:4e:
b9:7c:c6:8c:57:52:eb:a3:6f:a6:7e:12:fe:c0:c5:f6:37:76:
73:24:8c:f0:0e:11:44:a6:2e:d7:9d:64:bc:19:73:fc:27:9d:
d0:07:c3:a1:17:7b:48:6e:43:3f:49:73:71:bb:06:6a:5c:41:
4c:b1:bb:fa:a0:7f:c2:34:68:71:69:18:48:27:b4:43:eb:c5:
e2:8e:e0:74:d3:aa:f1:06:8a:c8:7b:2b:6f:23:e1:29:3d:2a:
8c:40:c1:80
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ4bZh/AslL3lY241ncpvfMJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTEyMDg1NTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDU5OTExNmFjMjYwOTdhZWJhNTFjNmU1MDJkMWUwMDY5ZTM3YjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9HdL34gIBgOMK3YazXem4SFf3Iy
UBEec02a9Brwqj0c/vs16lOPuO1hW8OSyhj7cqsMHC9GtLbbqnoOikjtjn1LsKL2
PnSst4EkPw3h31ecZ9cm3C+H5mkT3rrP4zVTh4QQB4HcI3XTJapjBAoL87Zrdnls
O6F5jSlCs1EB8QJGfa51lsxLd8BHWb026c9rNWIqQNF4a77m5LPsYxZbXgZLIlwR
nHG6Uy1CYXWIWtQP6rOUx6eWtVI5AiGGRIr5n+iqDRcLPTg2sGYxfdfYykEDdJRn
xkSe0D/sJxOCeoPMCNGc3RTaXz9/zUWyjoGoqCRQ16/sjTk30/iJp3X5PQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBBZkRasJgl666UcblAtHgBp43sRMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRUZtUkZxd21DWHJycFJ4dVVDMGVBR25qZXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAHzhSAwQA
HzhXAwQAHzhjAwQAHzktAwQAHzk3AwQAHzo1AwQAHzs3MA0GCSqGSIb3DQEBCwUA
A4IBAQB9nehW3l8Ldyjnu/0ayBIItbvDswOh1gfYCsBx5y1KOjMZFY3OuM2qDdAI
6LaZLnqLvNzOjSyP4DDO7C91EXuPjbwyvj1Us8DKBhukS7QxDLJ42KHFX9BPERDd
lZITvHiagMOJKDsxFDMFfi1GHHhCt/g15TaeBJFe77uyKDoNVAo6pYkgvNXpkBSz
CnCtQADm2uj49VBIvEBdhTjGhUXkIE65fMaMV1Lro2+mfhL+wMX2N3ZzJIzwDhFE
pi7XnWS8GXP8J53QB8OhF3tIbkM/SXNxuwZqXEFMsbv6oH/CNGhxaRhIJ7RD68Xi
juB006rxBorIeytvI+EpPSqMQMGA
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:24 2026 by rpki-client