Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bXp56GNeCmFAk5elTn17ALt12rg.roa
File: bXp56GNeCmFAk5elTn17ALt12rg.roa (raw, json)
Hash identifier: S8JI6Q4jJh6+Cpnqz97ch32aloCwr3ZvNgaRcXhzq0Q=
Subject key identifier: 6D:7A:79:E8:63:5E:0A:61:40:93:97:A5:4E:7D:7B:00:BB:75:DA:B8
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019D0CBA53C230BC1EBBED818EAA27CAC48C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bXp56GNeCmFAk5elTn17ALt12rg.roa
Signing time: Fri 20 Mar 2026 19:30:30 +0000
ROA not before: Fri 20 Mar 2026 19:30:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206119
IP address blocks: 31.57.217.0/24 maxlen: 24
31.59.37.0/24 maxlen: 24
94.183.152.0/24 maxlen: 24
217.60.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0c:ba:53:c2:30:bc:1e:bb:ed:81:8e:aa:27:ca:c4:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 20 19:30:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6d7a79e8635e0a61409397a54e7d7b00bb75dab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9c:b0:14:4d:6b:bd:5e:0f:ae:80:b5:0b:5e:
d2:a6:ce:58:4f:81:39:de:c9:b1:32:31:91:20:35:
2d:c5:1b:cc:33:04:40:bb:4c:32:44:9d:43:ee:45:
06:08:9b:66:65:13:77:8f:4a:e5:0d:63:25:cd:bd:
10:10:9d:cd:60:36:84:69:82:60:18:42:02:1d:02:
ec:66:08:79:3e:89:54:f8:fe:57:fc:76:62:ec:33:
7f:66:fb:a6:14:ec:c3:14:3b:01:a5:27:a9:48:95:
4b:d4:0f:eb:4c:01:7d:95:c7:35:9b:24:a2:1f:6d:
4a:03:da:88:85:7a:3f:1e:c2:2b:e1:1c:e4:72:8e:
82:38:c8:ee:d0:04:4b:ea:40:4f:69:aa:a5:e8:b4:
54:bb:95:fe:5b:53:98:30:3f:b9:03:86:e2:d6:54:
eb:6d:7e:ae:6b:3b:27:df:1e:ce:74:db:85:65:d8:
81:ea:43:af:88:94:69:82:0d:6a:00:98:51:a5:cf:
85:85:32:e4:33:b8:78:7c:26:ad:62:d9:e9:78:94:
39:09:f6:55:a2:0a:17:e3:96:80:45:b4:ba:e1:7c:
57:0b:5a:c2:48:74:64:f4:ef:00:44:6d:3f:78:63:
a1:be:4d:7c:ea:6b:20:e5:11:80:dc:b4:80:4a:19:
7d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:7A:79:E8:63:5E:0A:61:40:93:97:A5:4E:7D:7B:00:BB:75:DA:B8
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/bXp56GNeCmFAk5elTn17ALt12rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.217.0/24
31.59.37.0/24
94.183.152.0/24
217.60.242.0/24
Signature Algorithm: sha256WithRSAEncryption
11:04:09:93:6b:ee:77:13:21:b2:fe:33:b3:ef:7f:07:34:d3:
54:87:75:98:86:2f:84:47:56:bb:d9:76:8b:03:10:db:25:b5:
a5:43:eb:e9:fe:4d:4f:82:49:33:fd:5d:7d:c2:2b:7b:0d:73:
fe:dd:a0:bb:82:9e:51:e0:1d:35:3d:b4:dc:13:f8:ba:28:5b:
92:1c:59:4b:19:de:f8:d5:d4:28:81:b6:f7:14:38:e2:c3:63:
8e:04:03:68:8a:1a:47:07:36:2e:fe:d8:b2:5e:6a:43:ca:3e:
45:52:72:2b:4b:11:fa:68:ae:1d:17:b5:8a:d3:5e:89:47:ca:
99:11:64:1a:6d:c4:df:38:30:f4:79:10:3f:9f:a3:db:ce:ee:
aa:a4:cb:b9:89:96:55:a2:89:81:f2:f2:47:d3:78:ea:67:9f:
83:54:9f:2f:71:47:a2:72:67:eb:64:a7:aa:f1:3c:7b:c2:b8:
f1:3c:cd:e2:19:83:9a:c1:0c:06:10:c9:38:58:0a:3d:a6:a4:
e2:89:f4:2d:c8:30:a1:e4:96:a6:55:49:89:3f:fd:12:58:ac:
4d:83:88:6f:3f:a7:b2:a0:8d:d1:c0:e4:a1:60:a8:28:e0:cf:
90:ba:fb:64:95:28:fe:22:8d:a5:e9:af:90:23:07:78:4d:86:
5d:52:f3:bf
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ0MulPCMLweu+2BjqonysSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwMzIwMTkzMDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDdhNzllODYzNWUwYTYxNDA5Mzk3YTU0ZTdkN2IwMGJiNzVkYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupywFE1rvV4ProC1C17Sps5YT4E5
3smxMjGRIDUtxRvMMwRAu0wyRJ1D7kUGCJtmZRN3j0rlDWMlzb0QEJ3NYDaEaYJg
GEICHQLsZgh5PolU+P5X/HZi7DN/ZvumFOzDFDsBpSepSJVL1A/rTAF9lcc1mySi
H21KA9qIhXo/HsIr4Rzkco6COMju0ARL6kBPaaql6LRUu5X+W1OYMD+5A4bi1lTr
bX6uazsn3x7OdNuFZdiB6kOviJRpgg1qAJhRpc+FhTLkM7h4fCatYtnpeJQ5CfZV
ogoX45aARbS64XxXC1rCSHRk9O8ARG0/eGOhvk186msg5RGA3LSAShl94QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG16eehjXgphQJOXpU59ewC7ddq4MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYlhwNTZHTmVDbUZBazVlbFRuMTdBTHQxMnJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHznZAwQA
HzslAwQAXreYAwQA2TzyMA0GCSqGSIb3DQEBCwUAA4IBAQARBAmTa+53EyGy/jOz
738HNNNUh3WYhi+ER1a72XaLAxDbJbWlQ+vp/k1Pgkkz/V19wit7DXP+3aC7gp5R
4B01PbTcE/i6KFuSHFlLGd741dQogbb3FDjiw2OOBANoihpHBzYu/tiyXmpDyj5F
UnIrSxH6aK4dF7WK016JR8qZEWQabcTfODD0eRA/n6Pbzu6qpMu5iZZVoomB8vJH
03jqZ5+DVJ8vcUeicmfrZKeq8Tx7wrjxPM3iGYOawQwGEMk4WAo9pqTiifQtyDCh
5JamVUmJP/0SWKxNg4hvP6eyoI3RwOShYKgo4M+QuvtklSj+Io2l6a+QIwd4TYZd
UvO/
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:16:30 2026 by rpki-client