Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/P_n6Mq_0OGxE1Vg_BFE-ebXd5HA.roa
File: P_n6Mq_0OGxE1Vg_BFE-ebXd5HA.roa (raw, json)
Hash identifier: 26hRbciwELyLunLs5WRQiEN5rPdcxS3MgKfLB+lOnNM=
Subject key identifier: 3F:F9:FA:32:AF:F4:38:6C:44:D5:58:3F:04:51:3E:79:B5:DD:E4:70
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019D152AFC8C9210721BB04406B229A477EC
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/P_n6Mq_0OGxE1Vg_BFE-ebXd5HA.roa
Signing time: Sun 22 Mar 2026 10:50:31 +0000
ROA not before: Sun 22 Mar 2026 10:50:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 31.56.5.0/24 maxlen: 24
31.56.119.0/24 maxlen: 24
31.56.128.0/24 maxlen: 24
31.56.129.0/24 maxlen: 24
31.56.130.0/24 maxlen: 24
31.56.131.0/24 maxlen: 24
31.56.132.0/24 maxlen: 24
31.56.133.0/24 maxlen: 24
31.56.134.0/24 maxlen: 24
31.56.135.0/24 maxlen: 24
31.56.136.0/24 maxlen: 24
31.56.137.0/24 maxlen: 24
31.56.207.0/24 maxlen: 24
31.56.246.0/24 maxlen: 24
31.56.247.0/24 maxlen: 24
31.56.248.0/24 maxlen: 24
31.56.249.0/24 maxlen: 24
31.56.250.0/24 maxlen: 24
31.56.251.0/24 maxlen: 24
31.56.252.0/24 maxlen: 24
31.56.253.0/24 maxlen: 24
31.56.254.0/24 maxlen: 24
31.56.255.0/24 maxlen: 24
31.57.41.0/24 maxlen: 24
31.57.42.0/24 maxlen: 24
31.57.82.0/24 maxlen: 24
31.58.116.0/22 maxlen: 24
31.59.0.0/24 maxlen: 24
31.59.1.0/24 maxlen: 24
31.59.2.0/24 maxlen: 24
31.59.3.0/24 maxlen: 24
31.59.4.0/24 maxlen: 24
31.59.5.0/24 maxlen: 24
31.59.6.0/24 maxlen: 24
31.59.7.0/24 maxlen: 24
31.59.8.0/24 maxlen: 24
31.59.9.0/24 maxlen: 24
31.59.246.0/24 maxlen: 24
31.59.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:15:2a:fc:8c:92:10:72:1b:b0:44:06:b2:29:a4:77:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 22 10:50:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3ff9fa32aff4386c44d5583f04513e79b5dde470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b0:e1:82:c9:f0:59:fc:55:42:d4:58:95:4d:
27:82:e8:97:3b:89:4c:c4:fe:74:6e:da:3c:c6:06:
ca:83:25:8f:4b:b7:e0:4c:a7:5a:5a:fa:7f:a5:f1:
aa:9c:32:c4:76:b0:a1:aa:f2:b1:08:4f:c3:22:f3:
1f:58:4e:fa:b8:50:2f:65:bf:9e:23:a7:e7:b9:20:
b1:8f:92:a8:c1:62:92:71:c7:30:bd:42:a5:54:e8:
b3:30:aa:c0:e4:fc:c4:a2:76:42:b3:fb:0e:09:27:
75:7b:74:58:f9:a8:f6:3a:63:08:51:87:51:86:8d:
49:4c:4e:1f:fe:33:6f:fd:65:a0:19:ec:73:89:da:
2a:84:9c:c4:18:02:19:2c:69:06:ce:ed:8d:8c:0a:
12:cf:5f:fc:85:4f:4f:af:5b:2c:0d:6d:b8:6c:b8:
7a:37:49:7f:b3:e3:ca:49:01:17:30:a4:48:c8:af:
99:c2:d1:60:56:dc:d3:8a:6d:0f:5a:4a:c1:fa:f6:
05:2f:fd:27:4f:0e:7f:3d:8f:53:97:88:5f:8d:41:
5e:9e:9b:b3:60:b7:e8:5c:79:e0:79:bb:84:26:b0:
89:e8:2b:24:e2:82:18:83:d5:36:24:fd:f0:a9:ce:
c5:0a:41:34:df:44:46:42:f1:e3:5b:ab:ad:b2:f4:
7f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:F9:FA:32:AF:F4:38:6C:44:D5:58:3F:04:51:3E:79:B5:DD:E4:70
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/P_n6Mq_0OGxE1Vg_BFE-ebXd5HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.5.0/24
31.56.119.0/24
31.56.128.0-31.56.137.255
31.56.207.0/24
31.56.246.0-31.56.255.255
31.57.41.0-31.57.42.255
31.57.82.0/24
31.58.116.0/22
31.59.0.0-31.59.9.255
31.59.246.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:97:b1:9e:72:6f:44:91:13:56:7d:03:91:97:23:4d:6e:a6:
ae:ee:32:88:99:06:9c:8b:cb:ba:be:0e:1c:87:b1:5e:07:f6:
63:c2:36:94:1c:16:50:bc:df:23:ac:60:3e:64:12:40:b0:96:
92:05:73:a7:93:35:68:d8:37:6d:56:ba:9c:c0:08:2f:4c:20:
c5:d3:b4:7a:ea:1f:4d:1e:64:cc:6f:1c:68:37:43:38:79:f3:
1f:3a:d7:98:60:c9:da:71:21:b8:66:ea:61:1d:12:de:bf:8b:
2d:94:8f:e2:51:6c:e4:07:20:e9:ed:ab:21:98:28:9e:d3:93:
f5:b6:8f:98:8d:75:68:b2:44:a2:7c:ab:28:93:f0:46:91:5e:
a3:ef:3f:6b:09:c2:a3:61:61:e8:99:3b:ad:38:09:94:f1:ba:
74:07:0c:a9:5b:c7:dd:aa:5d:6e:db:f9:07:10:ac:53:54:d1:
80:17:50:38:d7:02:eb:29:13:3c:2e:3d:48:e8:1d:25:3b:89:
b1:9a:1e:9b:ca:4f:3f:e7:32:91:a2:d1:6d:64:49:5e:01:62:
4c:c9:09:f2:99:24:db:99:b0:d6:47:26:8a:8a:39:8b:e9:f1:
ad:b4:c5:a2:d2:c6:8b:a5:2a:18:25:82:36:9c:94:56:8e:ed:
95:08:92:8e
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ0VKvyMkhByG7BEBrIppHfsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMzIyMTA1MDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmY5ZmEzMmFmZjQzODZjNDRkNTU4M2YwNDUxM2U3OWI1ZGRlNDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rDhgsnwWfxVQtRYlU0nguiXO4lM
xP50bto8xgbKgyWPS7fgTKdaWvp/pfGqnDLEdrChqvKxCE/DIvMfWE76uFAvZb+e
I6fnuSCxj5KowWKScccwvUKlVOizMKrA5PzEonZCs/sOCSd1e3RY+aj2OmMIUYdR
ho1JTE4f/jNv/WWgGexzidoqhJzEGAIZLGkGzu2NjAoSz1/8hU9Pr1ssDW24bLh6
N0l/s+PKSQEXMKRIyK+ZwtFgVtzTim0PWkrB+vYFL/0nTw5/PY9Tl4hfjUFenpuz
YLfoXHngebuEJrCJ6Csk4oIYg9U2JP3wqc7FCkE030RGQvHjW6utsvR/rQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFD/5+jKv9DhsRNVYPwRRPnm13eRwMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUF9uNk1xXzBPR3hFMVZnX0JGRS1lYlhkNUhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAHzgFAwQA
Hzh3MAwDBAcfOIADBAEfOIgDBAAfOM8wCwMEAR849gMDAB84MAwDBAAfOSkDBAAf
OSoDBAAfOVIDBAIfOnQwCwMDAB87AwQBHzsIAwQBHzv2MA0GCSqGSIb3DQEBCwUA
A4IBAQCal7Gecm9EkRNWfQORlyNNbqau7jKImQaci8u6vg4ch7FeB/ZjwjaUHBZQ
vN8jrGA+ZBJAsJaSBXOnkzVo2DdtVrqcwAgvTCDF07R66h9NHmTMbxxoN0M4efMf
OteYYMnacSG4ZuphHRLev4stlI/iUWzkByDp7ashmCie05P1to+YjXVoskSifKso
k/BGkV6j7z9rCcKjYWHomTutOAmU8bp0BwypW8fdql1u2/kHEKxTVNGAF1A41wLr
KRM8Lj1I6B0lO4mxmh6byk8/5zKRotFtZEleAWJMyQnymSTbmbDWRyaKijmL6fGt
tMWi0saLpSoYJYI2nJRWju2VCJKO
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:16:32 2026 by rpki-client