Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OMnTJyYTqIL03fkLGDXZoHYHnhc.roa
File: OMnTJyYTqIL03fkLGDXZoHYHnhc.roa (raw, json)
Hash identifier: LnezlVXBhXqLpAADMuDm1aflElRimAuQsjie+VhHJkU=
Subject key identifier: 38:C9:D3:27:26:13:A8:82:F4:DD:F9:0B:18:35:D9:A0:76:07:9E:17
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019DD90AB41A1DCA66B2F4DC7C4635C91987
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OMnTJyYTqIL03fkLGDXZoHYHnhc.roa
Signing time: Wed 29 Apr 2026 11:40:50 +0000
ROA not before: Wed 29 Apr 2026 11:40:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 40676
IP address blocks: 31.58.100.0/22 maxlen: 24
31.58.169.0/24 maxlen: 24
31.59.29.0/24 maxlen: 24
31.59.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d9:0a:b4:1a:1d:ca:66:b2:f4:dc:7c:46:35:c9:19:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 29 11:40:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=38c9d3272613a882f4ddf90b1835d9a076079e17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4a:b8:4b:b7:c9:87:7a:d4:51:17:06:b2:46:
61:b4:7a:77:4c:da:89:51:b2:1c:1d:63:72:0d:c5:
5b:a4:ab:88:6a:60:bc:b2:31:d3:64:f2:b3:96:98:
70:09:a6:0a:40:b0:a5:51:6d:36:ce:3c:49:3a:5d:
ce:7b:7f:cc:bb:3a:d5:a5:fc:89:8b:61:44:d5:b5:
ab:d5:4f:e6:1d:2b:88:ed:51:29:83:d4:29:39:47:
24:e7:f3:6b:de:89:86:fe:6b:f0:b3:54:76:6b:e6:
81:ac:3c:5b:ed:dd:39:89:3d:9a:dc:38:75:2c:9f:
f9:44:75:e0:cf:5e:03:55:ec:7a:e1:b4:e2:32:bb:
b2:6e:dc:79:80:85:cc:85:a0:1d:13:69:17:aa:6d:
b4:d8:ad:64:61:0b:87:6e:e0:d4:08:05:14:68:8b:
8f:08:36:49:88:df:74:d0:c5:5a:a6:1f:e5:7a:38:
64:67:28:f3:f8:62:7e:84:55:10:39:a6:96:41:d9:
21:c8:d8:90:d3:6b:8b:93:8f:eb:d5:e3:45:b4:74:
00:d4:09:89:d1:bc:b5:b5:e4:42:0f:a0:c1:a3:0c:
2d:57:1f:67:db:b6:0e:9e:a6:9d:6e:60:16:45:06:
22:8e:a7:82:3d:ee:48:a8:57:4e:87:0b:4b:76:67:
0c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C9:D3:27:26:13:A8:82:F4:DD:F9:0B:18:35:D9:A0:76:07:9E:17
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OMnTJyYTqIL03fkLGDXZoHYHnhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.100.0/22
31.58.169.0/24
31.59.29.0/24
31.59.34.0/24
Signature Algorithm: sha256WithRSAEncryption
89:49:26:05:08:2f:69:36:d0:44:8c:df:67:a9:03:e2:a1:e7:
1a:4e:f2:d6:2d:9e:25:2c:f5:a9:b9:8b:26:56:40:c1:0f:ad:
5d:bb:fe:fa:eb:f0:7c:5a:8f:1e:b8:f7:af:07:47:78:67:af:
80:cf:03:cc:d1:8c:75:ea:32:40:d2:1c:3b:ac:dc:07:21:53:
46:31:f8:e6:99:c9:55:05:7e:58:c6:bd:8b:66:fb:94:e3:49:
ce:3d:50:27:93:5e:f3:3a:57:f4:e0:01:b3:c4:c7:8e:37:87:
83:60:b7:38:dd:cd:c6:af:25:14:eb:67:e7:0f:d7:49:4b:47:
21:b8:65:4e:d9:f1:5d:82:bc:d3:d1:6c:7a:06:c6:48:90:78:
4d:62:4a:bb:82:31:e3:79:3a:f9:5f:22:e2:2c:22:da:9d:88:
b7:a3:b4:c2:a6:17:6b:12:b6:d1:33:03:c4:e3:e6:cd:c9:df:
e8:78:63:4e:fa:79:a0:ea:8b:d3:4e:56:f6:70:8f:63:56:cd:
51:e3:f0:95:b5:55:b8:ce:b7:93:28:36:71:59:80:4d:c6:15:
77:a8:ab:07:3f:c5:aa:1b:05:c5:f4:89:58:88:c6:bf:6f:b2:
b5:62:31:8b:73:a8:ab:e3:fb:6a:6d:fe:2b:2c:05:03:59:c2:
56:78:d4:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3ZCrQaHcpmsvTcfEY1yRmHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNDI5MTE0MDUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGM5ZDMyNzI2MTNhODgyZjRkZGY5MGIxODM1ZDlhMDc2MDc5ZTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUq4S7fJh3rUURcGskZhtHp3TNqJ
UbIcHWNyDcVbpKuIamC8sjHTZPKzlphwCaYKQLClUW02zjxJOl3Oe3/MuzrVpfyJ
i2FE1bWr1U/mHSuI7VEpg9QpOUck5/Nr3omG/mvws1R2a+aBrDxb7d05iT2a3Dh1
LJ/5RHXgz14DVex64bTiMruybtx5gIXMhaAdE2kXqm202K1kYQuHbuDUCAUUaIuP
CDZJiN900MVaph/lejhkZyjz+GJ+hFUQOaaWQdkhyNiQ02uLk4/r1eNFtHQA1AmJ
0by1teRCD6DBowwtVx9n27YOnqadbmAWRQYijqeCPe5IqFdOhwtLdmcM/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDjJ0ycmE6iC9N35Cxg12aB2B54XMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvT01uVEp5WVRxSUwwM2ZrTEdEWFpvSFlIbmhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCHzpkAwQA
HzqpAwQAHzsdAwQAHzsiMA0GCSqGSIb3DQEBCwUAA4IBAQCJSSYFCC9pNtBEjN9n
qQPioecaTvLWLZ4lLPWpuYsmVkDBD61du/766/B8Wo8euPevB0d4Z6+AzwPM0Yx1
6jJA0hw7rNwHIVNGMfjmmclVBX5Yxr2LZvuU40nOPVAnk17zOlf04AGzxMeON4eD
YLc43c3GryUU62fnD9dJS0chuGVO2fFdgrzT0Wx6BsZIkHhNYkq7gjHjeTr5XyLi
LCLanYi3o7TCphdrErbRMwPE4+bNyd/oeGNO+nmg6ovTTlb2cI9jVs1R4/CVtVW4
zreTKDZxWYBNxhV3qKsHP8WqGwXF9IlYiMa/b7K1YjGLc6ir4/tqbf4rLAUDWcJW
eNTk
-----END CERTIFICATE-----
Generated at Wed May 13 02:34:12 2026 by rpki-client