Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/FqQAnVXYtPNZorJ-3SlyHcuZOJo.roa
File: FqQAnVXYtPNZorJ-3SlyHcuZOJo.roa (raw, json)
Hash identifier: cJ62b128m1BSaemke3PDTti1leJvSptQ3b13DraEbvs=
Subject key identifier: 16:A4:00:9D:55:D8:B4:F3:59:A2:B2:7E:DD:29:72:1D:CB:99:38:9A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019CF0600937061C8803955004D25BD855FF
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/FqQAnVXYtPNZorJ-3SlyHcuZOJo.roa
Signing time: Sun 15 Mar 2026 07:22:31 +0000
ROA not before: Sun 15 Mar 2026 07:22:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 31.56.86.0/24 maxlen: 24
31.57.122.0/24 maxlen: 24
31.57.124.0/24 maxlen: 24
31.57.125.0/24 maxlen: 24
31.57.162.0/23 maxlen: 24
31.57.164.0/23 maxlen: 24
31.57.180.0/24 maxlen: 24
31.58.42.0/24 maxlen: 24
31.58.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f0:60:09:37:06:1c:88:03:95:50:04:d2:5b:d8:55:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 15 07:22:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=16a4009d55d8b4f359a2b27edd29721dcb99389a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:79:e1:82:f6:50:69:f7:91:07:8e:20:26:52:
17:ee:0a:6d:ad:fa:d4:17:56:c8:03:29:c6:22:6e:
d0:54:81:82:fd:96:72:c5:c7:d5:bb:46:02:a5:bb:
75:b5:64:fb:b2:0d:d1:e7:e9:a2:5d:a9:2c:d4:28:
31:20:75:85:74:94:8e:96:94:41:68:91:e6:3e:19:
b3:10:60:64:5a:13:67:79:24:07:08:4e:98:9f:cc:
ed:2a:0c:06:20:23:d4:25:f2:ba:fb:b8:00:8e:87:
1a:8f:e4:9f:1f:18:79:27:11:8d:c6:e7:13:37:0b:
16:67:3c:43:e0:4f:a5:14:79:9e:45:a3:72:a4:d2:
2f:0a:ff:3b:d2:13:d2:c0:dd:c2:91:29:c1:15:4f:
08:e7:2f:e5:3c:ea:f2:2f:53:a3:d1:a1:1d:32:04:
06:19:5a:6a:52:5f:fc:52:8d:62:4a:bb:c6:7f:36:
0c:e1:c2:6a:d3:11:4e:db:4f:d2:cd:a0:d5:28:72:
4e:cf:88:ce:c0:77:78:ba:4a:ed:df:b5:b0:c2:b2:
fe:9d:9f:c0:40:c2:ab:3c:76:f1:de:6e:df:58:15:
61:0b:67:50:e4:87:87:d3:50:97:36:f3:1b:ee:b9:
ee:9e:87:36:07:3d:b9:d3:ad:95:2c:bd:ec:3e:01:
cc:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:A4:00:9D:55:D8:B4:F3:59:A2:B2:7E:DD:29:72:1D:CB:99:38:9A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/FqQAnVXYtPNZorJ-3SlyHcuZOJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.86.0/24
31.57.122.0/24
31.57.124.0/23
31.57.162.0-31.57.165.255
31.57.180.0/24
31.58.42.0/24
31.58.48.0/24
Signature Algorithm: sha256WithRSAEncryption
90:66:e6:a1:3f:6f:7e:e1:54:4a:bb:6a:5b:f3:b5:02:d8:50:
33:04:d3:dc:78:d7:4a:ba:82:13:aa:eb:e3:e5:26:90:a2:29:
36:7d:a9:44:39:2b:b4:41:7a:5a:ee:35:13:ea:bf:10:0e:e0:
68:62:f5:ba:9c:25:8b:ee:4d:9d:05:5e:f8:09:65:86:c0:70:
dd:ad:ba:83:77:a3:70:25:fa:a4:cd:0e:ac:60:61:0e:f3:f1:
8e:1c:65:aa:40:44:41:b0:60:1a:e2:21:23:ee:06:8d:24:0f:
7c:78:7b:a0:0e:9b:88:d2:96:6a:8b:19:7b:36:47:14:6e:21:
df:84:9e:94:c5:5a:ad:44:4a:61:57:83:0c:7b:e5:c1:0a:15:
5c:15:6f:9d:87:07:55:19:bf:74:85:37:c3:f8:e4:0e:63:ad:
96:dc:0e:6c:8b:bc:bc:33:45:a9:20:e2:d7:03:ec:7d:2a:ac:
d6:35:a7:18:f6:d6:1a:92:98:41:fe:57:f3:62:72:ca:26:84:
f7:15:d8:ce:26:ed:e9:e4:fa:4e:33:c9:5b:07:ee:ae:78:5e:
b4:0e:37:7c:40:ff:dc:e6:7f:63:ba:65:56:93:76:05:f8:19:
6a:92:21:4e:03:b0:0e:67:69:8f:25:f1:47:ed:d5:13:e9:e5:
44:36:62:6c
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZzwYAk3BhyIA5VQBNJb2FX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMzE1MDcyMjMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmE0MDA5ZDU1ZDhiNGYzNTlhMmIyN2VkZDI5NzIxZGNiOTkzODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXnhgvZQafeRB44gJlIX7gptrfrU
F1bIAynGIm7QVIGC/ZZyxcfVu0YCpbt1tWT7sg3R5+miXaks1CgxIHWFdJSOlpRB
aJHmPhmzEGBkWhNneSQHCE6Yn8ztKgwGICPUJfK6+7gAjocaj+SfHxh5JxGNxucT
NwsWZzxD4E+lFHmeRaNypNIvCv870hPSwN3CkSnBFU8I5y/lPOryL1Oj0aEdMgQG
GVpqUl/8Uo1iSrvGfzYM4cJq0xFO20/SzaDVKHJOz4jOwHd4ukrt37WwwrL+nZ/A
QMKrPHbx3m7fWBVhC2dQ5IeH01CXNvMb7rnunoc2Bz25062VLL3sPgHM9wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFBakAJ1V2LTzWaKyft0pch3LmTiaMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRnFRQW5WWFl0UE5ab3JKLTNTbHlIY3VaT0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAHzhWAwQA
Hzl6AwQBHzl8MAwDBAEfOaIDBAEfOaQDBAAfObQDBAAfOioDBAAfOjAwDQYJKoZI
hvcNAQELBQADggEBAJBm5qE/b37hVEq7alvztQLYUDME09x410q6ghOq6+PlJpCi
KTZ9qUQ5K7RBelruNRPqvxAO4Ghi9bqcJYvuTZ0FXvgJZYbAcN2tuoN3o3Al+qTN
DqxgYQ7z8Y4cZapAREGwYBriISPuBo0kD3x4e6AOm4jSlmqLGXs2RxRuId+EnpTF
Wq1ESmFXgwx75cEKFVwVb52HB1UZv3SFN8P45A5jrZbcDmyLvLwzRakg4tcD7H0q
rNY1pxj21hqSmEH+V/NicsomhPcV2M4m7enk+k4zyVsH7q54XrQON3xA/9zmf2O6
ZVaTdgX4GWqSIU4DsA5naY8l8Uft1RPp5UQ2Ymw=
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:16:19 2026 by rpki-client