Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/UtblXfIDNM-2snjmPybKxXeqoV4.roa
File: UtblXfIDNM-2snjmPybKxXeqoV4.roa (raw, json)
Hash identifier: hX+ZNo8X6NlxyTigFNovi2KJLcwibuey+m+VqmKuKes=
Subject key identifier: 52:D6:E5:5D:F2:03:34:CF:B6:B2:78:E6:3F:26:CA:C5:77:AA:A1:5E
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019CBE524411FA6FA1DCFD3A3C13AA043316
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/UtblXfIDNM-2snjmPybKxXeqoV4.roa
Signing time: Thu 05 Mar 2026 14:06:28 +0000
ROA not before: Thu 05 Mar 2026 14:06:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213791
IP address blocks: 31.57.112.0/24 maxlen: 24
31.57.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:be:52:44:11:fa:6f:a1:dc:fd:3a:3c:13:aa:04:33:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 5 14:06:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=52d6e55df20334cfb6b278e63f26cac577aaa15e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:04:1d:82:2f:df:34:6b:58:69:ac:40:ea:b4:
54:fd:9e:9b:ec:0f:4d:f5:2d:b0:83:b0:84:14:a6:
16:86:96:6e:c8:78:bc:d3:f5:ca:07:7e:4a:db:93:
98:20:2c:27:f5:e5:a5:83:af:51:de:06:33:57:c1:
24:7c:fc:c6:e9:c1:2f:ee:24:9f:d1:3f:08:4e:41:
fa:e2:b4:d0:53:61:42:4f:67:64:e3:9d:7c:02:32:
f9:9d:4c:13:24:b3:b6:36:38:15:3a:8c:ab:2d:3a:
6a:99:4f:a3:2f:6a:86:f4:a4:47:a9:4d:03:ee:2e:
28:80:4f:78:df:f9:0f:ff:2b:78:2d:c1:71:96:b9:
ba:14:a3:ff:68:39:ed:37:77:fc:3a:25:a3:e6:9d:
00:38:d6:8f:f2:4d:ff:97:7f:2b:ef:8f:fa:5a:fc:
01:47:60:d1:b2:55:6b:ea:0c:a0:48:dc:25:88:f7:
12:a3:6b:f2:5c:2c:d1:a4:62:0c:57:ef:ee:09:10:
6a:5a:b5:d3:ad:01:04:63:70:18:13:41:f7:db:32:
53:74:cc:5a:a0:b3:bb:f7:de:dc:d4:17:ac:2c:67:
10:3d:58:78:2e:7c:59:80:b9:e9:88:cc:12:e3:3c:
5d:92:37:78:7c:08:58:73:8a:3b:6c:96:c9:0a:a2:
52:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:D6:E5:5D:F2:03:34:CF:B6:B2:78:E6:3F:26:CA:C5:77:AA:A1:5E
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/UtblXfIDNM-2snjmPybKxXeqoV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.112.0/24
31.57.202.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:70:3f:72:29:1f:8f:47:88:56:79:3b:71:2d:ce:c6:e5:05:
5d:51:05:11:26:ca:e9:a3:be:68:d3:33:ae:4e:87:16:23:78:
b7:7e:90:8d:6e:43:e1:04:15:e1:1a:4f:91:0a:62:31:95:dc:
2a:69:5b:b3:c7:e8:51:4f:9e:87:25:92:bf:c0:2a:af:4f:a2:
fa:22:8d:8c:b0:17:24:8d:5e:12:62:b2:bc:69:1e:71:92:8c:
4d:3f:bd:27:53:83:6e:4f:0d:f5:b3:c4:32:cb:42:00:cc:0d:
06:7c:ca:c0:c1:e3:56:0f:c1:18:3a:25:cf:b1:2c:5c:54:88:
03:2e:bd:c4:46:68:86:dc:52:49:2e:46:cc:aa:d3:3a:7f:2d:
01:cf:d6:9d:58:ad:09:9d:ee:c0:35:1c:55:12:c0:08:43:30:
e1:87:85:70:31:29:cb:df:1b:71:eb:11:26:65:1e:8a:22:79:
a5:37:66:d1:a2:49:9f:38:ed:73:45:e1:73:5e:33:2e:fb:a9:
65:59:9d:30:35:fb:3c:2e:e4:26:cc:88:c1:73:46:fb:6a:f0:
2e:9a:04:fc:5c:5f:4e:8e:5e:e0:8a:ec:c0:b1:d1:b8:d5:37:
58:2c:fd:fc:04:d0:3a:e0:3c:f2:ee:fb:6c:e6:5e:a6:8b:45:
a5:5e:00:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZy+UkQR+m+h3P06PBOqBDMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMzA1MTQwNjI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmQ2ZTU1ZGYyMDMzNGNmYjZiMjc4ZTYzZjI2Y2FjNTc3YWFhMTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AQdgi/fNGtYaaxA6rRU/Z6b7A9N
9S2wg7CEFKYWhpZuyHi80/XKB35K25OYICwn9eWlg69R3gYzV8EkfPzG6cEv7iSf
0T8ITkH64rTQU2FCT2dk4518AjL5nUwTJLO2NjgVOoyrLTpqmU+jL2qG9KRHqU0D
7i4ogE943/kP/yt4LcFxlrm6FKP/aDntN3f8OiWj5p0AONaP8k3/l38r74/6WvwB
R2DRslVr6gygSNwliPcSo2vyXCzRpGIMV+/uCRBqWrXTrQEEY3AYE0H32zJTdMxa
oLO7997c1BesLGcQPVh4LnxZgLnpiMwS4zxdkjd4fAhYc4o7bJbJCqJSGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFLW5V3yAzTPtrJ45j8mysV3qqFeMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVXRibFhmSUROTS0yc25qbVB5Ykt4WGVxb1Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHzlwAwQA
HznKMA0GCSqGSIb3DQEBCwUAA4IBAQC0cD9yKR+PR4hWeTtxLc7G5QVdUQURJsrp
o75o0zOuTocWI3i3fpCNbkPhBBXhGk+RCmIxldwqaVuzx+hRT56HJZK/wCqvT6L6
Io2MsBckjV4SYrK8aR5xkoxNP70nU4NuTw31s8Qyy0IAzA0GfMrAweNWD8EYOiXP
sSxcVIgDLr3ERmiG3FJJLkbMqtM6fy0Bz9adWK0Jne7ANRxVEsAIQzDhh4VwMSnL
3xtx6xEmZR6KInmlN2bRokmfOO1zReFzXjMu+6llWZ0wNfs8LuQmzIjBc0b7avAu
mgT8XF9Ojl7giuzAsdG41TdYLP38BNA64Dzy7vts5l6mi0WlXgBt
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:16:36 2026 by rpki-client