Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/mjmW764Jnr1dw7IUpxL8tpXerU8.roa
File: mjmW764Jnr1dw7IUpxL8tpXerU8.roa (raw, json)
Hash identifier: l91kVOu54gLCJPodM6w0/JTnz7XnWfC+ihe/kHDyNBo=
Subject key identifier: 9A:39:96:EF:AE:09:9E:BD:5D:C3:B2:14:A7:12:FC:B6:95:DE:AD:4F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E180E1D79D75D709E4DAA09112EE21334
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/mjmW764Jnr1dw7IUpxL8tpXerU8.roa
Signing time: Mon 11 May 2026 17:20:38 +0000
ROA not before: Mon 11 May 2026 17:20:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61317
IP address blocks: 31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.58.52.0/24 maxlen: 24
31.58.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:18:0e:1d:79:d7:5d:70:9e:4d:aa:09:11:2e:e2:13:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 11 17:20:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a3996efae099ebd5dc3b214a712fcb695dead4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9d:19:ea:a7:ee:34:08:bf:b9:4f:e7:b4:21:
01:34:a5:44:90:e2:bd:ac:d6:46:40:f1:73:f0:fc:
9a:86:e3:bb:ca:d3:07:5d:5c:c0:cb:8b:01:ce:5e:
c1:a5:2a:5a:08:1e:ec:48:74:28:5c:e4:ae:6f:fb:
a7:a0:a3:29:d3:4e:08:de:d6:50:2d:1d:9a:e8:5e:
85:20:4c:de:06:8a:d7:52:a0:33:85:4e:f4:7c:70:
a9:06:49:76:91:8f:27:6c:9b:e4:5a:e0:c6:df:db:
54:46:20:e3:4e:45:ac:38:d0:d7:eb:65:dc:0f:99:
96:b2:4a:e4:d4:3c:49:ec:53:af:b9:da:5f:98:2e:
b9:5a:75:48:c0:76:71:c1:a6:f2:7f:bc:e1:e2:69:
8a:fb:64:51:85:ba:74:5f:24:e4:e0:dc:58:b9:73:
7b:f4:81:a8:9a:01:21:ef:b3:25:7c:c6:e4:4c:f2:
31:19:30:d7:b1:eb:be:ec:84:66:c0:74:5d:c3:b6:
a8:ab:41:69:04:4c:ca:3c:ce:e0:90:27:23:a4:72:
23:15:0f:20:7a:bf:6d:72:cf:d8:3d:99:77:83:4d:
fe:76:b6:e6:ad:4d:ab:a8:35:d7:23:93:a7:a6:82:
ee:67:61:27:e5:82:05:28:d1:33:a0:44:cf:56:bd:
e8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:39:96:EF:AE:09:9E:BD:5D:C3:B2:14:A7:12:FC:B6:95:DE:AD:4F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/mjmW764Jnr1dw7IUpxL8tpXerU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.131.0/24
31.57.150.0/24
31.58.52.0/24
31.58.147.0/24
Signature Algorithm: sha256WithRSAEncryption
34:fb:b7:c8:0f:79:1a:60:06:af:dc:1f:b1:1f:2e:ee:9f:94:
2b:39:7e:c2:a5:f2:dc:9e:a3:70:4e:af:eb:48:1d:b0:5d:80:
90:cf:2d:92:aa:5b:7f:be:22:d3:c8:17:03:6b:01:36:fc:93:
46:b3:03:77:a7:5b:53:cc:26:c9:7c:5d:17:f6:a3:6f:14:ae:
25:96:e7:85:23:0e:51:2f:3c:72:85:74:f1:b1:72:fb:fa:e6:
d5:ef:e9:da:c0:34:b8:cd:0c:7b:12:17:3d:a0:36:08:b4:20:
ff:0b:11:b5:0e:08:55:15:da:ed:86:cc:ee:a9:72:c2:49:d7:
93:f0:b5:9c:f8:9a:cf:f6:8d:ef:33:a2:bb:60:b0:96:bb:df:
c9:21:d1:00:ce:65:94:e8:64:84:d8:08:99:22:40:c7:2f:48:
e4:be:f3:ce:0b:fc:45:79:63:ad:ee:63:1d:5d:b4:37:5f:8d:
2d:3e:8f:ec:8f:3f:e2:93:91:7b:31:f3:14:91:96:4d:8b:ca:
d5:b3:89:42:9f:a0:a6:d7:10:3c:69:3f:a9:0f:dd:0c:d6:74:
1b:9c:85:c4:a9:8a:9c:7c:02:76:9d:f2:2d:8b:0f:e3:1b:cc:
ee:27:d2:e2:37:14:2f:97:75:9d:e8:79:07:06:e3:57:92:87:
43:20:8c:93
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4YDh15111wnk2qCREu4hM0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTExMTcyMDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTM5OTZlZmFlMDk5ZWJkNWRjM2IyMTRhNzEyZmNiNjk1ZGVhZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJ0Z6qfuNAi/uU/ntCEBNKVEkOK9
rNZGQPFz8PyahuO7ytMHXVzAy4sBzl7BpSpaCB7sSHQoXOSub/unoKMp004I3tZQ
LR2a6F6FIEzeBorXUqAzhU70fHCpBkl2kY8nbJvkWuDG39tURiDjTkWsONDX62Xc
D5mWskrk1DxJ7FOvudpfmC65WnVIwHZxwabyf7zh4mmK+2RRhbp0XyTk4NxYuXN7
9IGomgEh77MlfMbkTPIxGTDXseu+7IRmwHRdw7aoq0FpBEzKPM7gkCcjpHIjFQ8g
er9tcs/YPZl3g03+drbmrU2rqDXXI5OnpoLuZ2En5YIFKNEzoETPVr3oCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJo5lu+uCZ69XcOyFKcS/LaV3q1PMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvbWptVzc2NEpucjFkdzdJVXB4TDh0cFhlclU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzmDAwQA
HzmWAwQAHzo0AwQAHzqTMA0GCSqGSIb3DQEBCwUAA4IBAQA0+7fID3kaYAav3B+x
Hy7un5QrOX7CpfLcnqNwTq/rSB2wXYCQzy2Sqlt/viLTyBcDawE2/JNGswN3p1tT
zCbJfF0X9qNvFK4llueFIw5RLzxyhXTxsXL7+ubV7+nawDS4zQx7Ehc9oDYItCD/
CxG1DghVFdrthszuqXLCSdeT8LWc+JrP9o3vM6K7YLCWu9/JIdEAzmWU6GSE2AiZ
IkDHL0jkvvPOC/xFeWOt7mMdXbQ3X40tPo/sjz/ik5F7MfMUkZZNi8rVs4lCn6Cm
1xA8aT+pD90M1nQbnIXEqYqcfAJ2nfItiw/jG8zuJ9LiNxQvl3Wd6HkHBuNXkodD
IIyT
-----END CERTIFICATE-----
Generated at Tue May 12 22:17:05 2026 by rpki-client