Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_1H3GbmlbavmVufteMLcqd-TAp0.roa
File: _1H3GbmlbavmVufteMLcqd-TAp0.roa (raw, json)
Hash identifier: mVbkmHL229XQMNWflPZyVlGw3yrceFr4zofgLxprqIQ=
Subject key identifier: FF:51:F7:19:B9:A5:6D:AB:E6:56:E7:ED:78:C2:DC:A9:DF:93:02:9D
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019CD3CAD91F6463277F4463DA2FD8D6D24E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_1H3GbmlbavmVufteMLcqd-TAp0.roa
Signing time: Mon 09 Mar 2026 18:10:12 +0000
ROA not before: Mon 09 Mar 2026 18:10:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215242
IP address blocks: 31.56.213.0/24 maxlen: 24
31.56.214.0/24 maxlen: 24
31.58.211.0/24 maxlen: 24
31.58.235.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.246.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.250.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
217.60.251.0/24 maxlen: 24
217.60.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d3:ca:d9:1f:64:63:27:7f:44:63:da:2f:d8:d6:d2:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 9 18:10:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ff51f719b9a56dabe656e7ed78c2dca9df93029d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:8a:26:87:69:be:90:a0:02:7a:88:15:a2:1c:
d9:3e:9d:65:6a:3e:9a:c4:b9:2a:3e:67:4b:bf:eb:
43:46:50:30:06:86:63:f2:22:56:62:04:24:46:37:
ed:8b:00:1f:c1:c9:84:05:39:6f:4a:45:6c:67:7c:
89:76:4e:3a:46:e7:e0:72:2d:d8:8f:96:f9:1d:02:
6c:9e:97:f7:c3:fd:da:0c:a5:69:b8:5b:08:45:bc:
b4:82:67:59:49:e7:b9:f4:fa:30:96:97:a0:b0:83:
17:b3:7c:c7:55:7e:bc:03:a1:a4:a0:cc:79:b0:41:
b9:10:48:15:f5:df:d2:69:d5:ea:b7:48:b6:99:85:
03:ad:46:92:ca:46:cd:f9:3e:2d:10:2b:5b:b5:df:
7d:86:12:ec:03:cb:ba:87:02:2e:b1:0e:cf:b4:40:
97:ef:dd:71:94:5c:b0:a4:3a:78:dc:ee:49:98:5f:
a6:f5:59:6c:74:e7:6e:71:f0:76:ff:42:5f:8b:72:
98:e5:60:d1:f3:9f:26:e8:7e:fe:d9:4b:6a:0c:57:
fc:61:d5:28:1e:11:ac:ea:70:0d:c0:f3:28:c3:b7:
5a:18:fd:8f:20:5d:d3:a8:44:a9:56:a4:8c:67:73:
0c:68:6d:dc:21:da:97:63:90:f1:04:e9:e6:c0:3e:
0b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:51:F7:19:B9:A5:6D:AB:E6:56:E7:ED:78:C2:DC:A9:DF:93:02:9D
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_1H3GbmlbavmVufteMLcqd-TAp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.213.0-31.56.214.255
31.58.211.0/24
31.58.235.0-31.58.236.255
31.58.246.0/23
31.58.250.0/23
217.60.251.0/24
217.60.254.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:9d:01:e7:25:cb:4a:a3:44:3b:6d:70:cb:cf:1e:0e:09:6c:
bc:a1:a8:d8:1e:3b:89:3d:5b:37:53:03:a7:77:e2:58:a9:ec:
8d:2b:0d:ee:9e:dd:64:18:17:62:14:8b:26:9e:d8:a3:2c:11:
45:a7:07:e4:c4:60:eb:ce:dc:31:23:7a:23:6d:be:e3:be:67:
a1:ce:59:e0:7f:04:c2:30:45:9d:c1:73:2d:23:09:bd:67:4c:
d1:6c:8a:3b:46:14:7c:11:49:6d:2e:4c:d1:45:5f:03:7a:94:
41:94:30:4f:56:81:7b:d4:dd:22:8d:0d:27:e3:46:8c:09:e7:
78:b0:ff:d9:99:22:98:ae:bf:46:c8:ac:3a:df:90:dd:20:b3:
6e:bf:b9:42:04:43:dd:68:43:20:80:a1:e4:41:2a:67:be:99:
b3:da:da:56:ba:0f:e4:9d:9f:b0:a9:a3:b1:67:8d:83:5a:37:
a8:44:36:a5:b5:6f:5c:4a:ab:e4:6c:8b:fe:93:d6:3a:a7:7f:
cc:e6:35:47:c7:cc:4d:99:fe:ef:1d:04:6e:75:97:32:7d:3f:
36:bd:31:84:9f:d8:eb:7c:c5:87:8f:cb:a3:19:41:f3:d8:9e:
21:86:86:ff:2c:35:42:3c:d6:a4:ea:96:aa:38:55:e7:cc:68:
d8:13:cb:c1
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZzTytkfZGMnf0Rj2i/Y1tJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMzA5MTgxMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjUxZjcxOWI5YTU2ZGFiZTY1NmU3ZWQ3OGMyZGNhOWRmOTMwMjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooomh2m+kKACeogVohzZPp1laj6a
xLkqPmdLv+tDRlAwBoZj8iJWYgQkRjftiwAfwcmEBTlvSkVsZ3yJdk46Rufgci3Y
j5b5HQJsnpf3w/3aDKVpuFsIRby0gmdZSee59PowlpegsIMXs3zHVX68A6GkoMx5
sEG5EEgV9d/SadXqt0i2mYUDrUaSykbN+T4tECtbtd99hhLsA8u6hwIusQ7PtECX
791xlFywpDp43O5JmF+m9VlsdOducfB2/0Jfi3KY5WDR858m6H7+2UtqDFf8YdUo
HhGs6nANwPMow7daGP2PIF3TqESpVqSMZ3MMaG3cIdqXY5DxBOnmwD4LcQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFP9R9xm5pW2r5lbn7XjC3KnfkwKdMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvXzFIM0dibWxiYXZtVnVmdGVNTGNxZC1UQXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6MAwDBAAfONUD
BAAfONYDBAAfOtMwDAMEAB866wMEAB867AMEAR869gMEAR86+gMEANk8+wMEANk8
/jANBgkqhkiG9w0BAQsFAAOCAQEArJ0B5yXLSqNEO21wy88eDglsvKGo2B47iT1b
N1MDp3fiWKnsjSsN7p7dZBgXYhSLJp7YoywRRacH5MRg687cMSN6I22+475noc5Z
4H8EwjBFncFzLSMJvWdM0WyKO0YUfBFJbS5M0UVfA3qUQZQwT1aBe9TdIo0NJ+NG
jAnneLD/2ZkimK6/RsisOt+Q3SCzbr+5QgRD3WhDIICh5EEqZ76Zs9raVroP5J2f
sKmjsWeNg1o3qEQ2pbVvXEqr5GyL/pPWOqd/zOY1R8fMTZn+7x0EbnWXMn0/Nr0x
hJ/Y63zFh4/LoxlB89ieIYaG/yw1QjzWpOqWqjhV58xo2BPLwQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:16:34 2026 by rpki-client