Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Z3pt7np2uUY9CjGbWpqC_uWcY7Y.roa
File: Z3pt7np2uUY9CjGbWpqC_uWcY7Y.roa (raw, json)
Hash identifier: h+fwr4gsmQEaphN5WOT8KLai4NWah4CXxEsQmbUlIZU=
Subject key identifier: 67:7A:6D:EE:7A:76:B9:46:3D:0A:31:9B:5A:9A:82:FE:E5:9C:63:B6
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019DD54C256580C2BA9803ACCC79FDD7729F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Z3pt7np2uUY9CjGbWpqC_uWcY7Y.roa
Signing time: Tue 28 Apr 2026 18:13:50 +0000
ROA not before: Tue 28 Apr 2026 18:13:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202413
IP address blocks: 31.58.232.0/23 maxlen: 24
31.59.36.0/24 maxlen: 24
31.59.39.0/24 maxlen: 24
94.183.170.0/24 maxlen: 24
217.60.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d5:4c:25:65:80:c2:ba:98:03:ac:cc:79:fd:d7:72:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 28 18:13:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=677a6dee7a76b9463d0a319b5a9a82fee59c63b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:73:09:82:5e:9a:e1:97:26:41:66:c7:cc:9b:
4a:67:28:91:19:32:1a:80:ce:6b:3e:fd:8f:82:f3:
25:b0:d1:83:43:0e:eb:d0:a9:28:9d:b9:6d:d2:20:
02:ac:6b:67:dd:89:32:f1:45:bf:c4:aa:59:2f:b4:
a2:6b:a3:55:dd:1e:94:96:7f:6a:52:0c:e5:bc:73:
db:7c:b4:75:ab:f8:52:9a:4b:d6:41:3c:3e:1e:31:
e7:18:06:cd:6e:5a:23:fe:5e:17:b2:33:ef:e2:79:
0e:f1:5d:78:15:9a:67:d0:e4:1c:20:1d:f7:29:e2:
11:57:d2:e9:e8:7d:85:0d:bc:8e:ce:bf:87:a4:ca:
a6:e4:4b:d1:f7:17:67:52:c5:b4:29:67:29:65:d7:
33:f6:56:87:f7:f1:f9:b8:66:71:e5:23:c0:85:b6:
a6:80:6d:e3:a5:eb:f6:a5:8c:ea:cd:72:b5:47:49:
24:51:8f:f3:ff:88:2a:ac:13:20:4d:cf:b7:2d:e0:
6b:52:ac:49:01:73:48:58:83:b0:b0:05:a0:e1:20:
8c:e4:4f:d7:7f:a9:3a:ed:c9:b3:77:1a:26:9f:5b:
ea:9c:1a:f3:bb:5d:8d:8b:85:ff:db:5a:ff:9b:ac:
96:20:93:ba:8e:31:70:67:45:6f:6b:85:c2:62:af:
88:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:7A:6D:EE:7A:76:B9:46:3D:0A:31:9B:5A:9A:82:FE:E5:9C:63:B6
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Z3pt7np2uUY9CjGbWpqC_uWcY7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.232.0/23
31.59.36.0/24
31.59.39.0/24
94.183.170.0/24
217.60.24.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:7f:e6:d8:38:25:14:c5:e6:43:f0:3d:fe:97:c2:7c:ce:23:
9c:f0:a4:cc:7c:a8:ed:12:2e:ee:58:b7:be:c1:a8:d8:21:12:
ac:fd:9a:27:30:e6:01:a1:95:f3:85:5a:db:6f:a2:c3:e7:86:
af:80:3a:c2:02:e5:7d:bd:27:5a:1d:24:73:d4:36:79:14:7a:
7a:d3:b7:a6:62:9f:14:b6:21:b0:f7:da:9d:db:04:bd:44:b8:
89:7b:a0:10:e3:21:a8:0d:32:c6:2e:83:59:32:3a:26:20:84:
53:7f:b7:1c:9c:70:37:69:19:11:c2:52:eb:0f:ea:ed:42:16:
1e:ee:4d:14:b5:00:14:fb:fe:a6:54:dc:e5:cc:b3:60:61:0f:
2a:fa:fd:13:f1:4b:67:e5:f1:af:7a:25:43:0b:65:17:f8:bd:
74:50:d6:00:b0:ba:25:b6:d5:32:8d:38:e7:da:c6:f3:f8:6e:
f1:f4:c2:4b:a6:38:85:89:10:32:60:d2:5a:c8:b8:57:0d:af:
bf:c1:7e:5f:19:8b:a5:f5:f1:30:ca:89:af:a2:0e:2b:0b:11:
e2:71:e5:d3:1f:bf:f3:4b:d4:cc:92:c7:75:bc:0a:88:e7:3e:
77:a8:9d:8a:2e:b9:a9:43:4b:7a:4f:4c:b9:86:4d:fa:f7:ec:
f3:60:f2:7e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ3VTCVlgMK6mAOszHn913KfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNDI4MTgxMzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzdhNmRlZTdhNzZiOTQ2M2QwYTMxOWI1YTlhODJmZWU1OWM2M2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXMJgl6a4ZcmQWbHzJtKZyiRGTIa
gM5rPv2PgvMlsNGDQw7r0Kkonblt0iACrGtn3Yky8UW/xKpZL7Sia6NV3R6Uln9q
UgzlvHPbfLR1q/hSmkvWQTw+HjHnGAbNbloj/l4XsjPv4nkO8V14FZpn0OQcIB33
KeIRV9Lp6H2FDbyOzr+HpMqm5EvR9xdnUsW0KWcpZdcz9laH9/H5uGZx5SPAhbam
gG3jpev2pYzqzXK1R0kkUY/z/4gqrBMgTc+3LeBrUqxJAXNIWIOwsAWg4SCM5E/X
f6k67cmzdxomn1vqnBrzu12Ni4X/21r/m6yWIJO6jjFwZ0Vva4XCYq+IowIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGd6be56drlGPQoxm1qagv7lnGO2MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWjNwdDducDJ1VVk5Q2pHYldwcUNfdVdjWTdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBHzroAwQA
HzskAwQAHzsnAwQAXreqAwQA2TwYMA0GCSqGSIb3DQEBCwUAA4IBAQAPf+bYOCUU
xeZD8D3+l8J8ziOc8KTMfKjtEi7uWLe+wajYIRKs/ZonMOYBoZXzhVrbb6LD54av
gDrCAuV9vSdaHSRz1DZ5FHp607emYp8UtiGw99qd2wS9RLiJe6AQ4yGoDTLGLoNZ
MjomIIRTf7ccnHA3aRkRwlLrD+rtQhYe7k0UtQAU+/6mVNzlzLNgYQ8q+v0T8Utn
5fGveiVDC2UX+L10UNYAsLolttUyjTjn2sbz+G7x9MJLpjiFiRAyYNJayLhXDa+/
wX5fGYul9fEwyomvog4rCxHiceXTH7/zS9TMksd1vAqI5z53qJ2KLrmpQ0t6T0y5
hk369+zzYPJ+
-----END CERTIFICATE-----
Generated at Wed May 13 04:20:34 2026 by rpki-client