Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tsPcC_tIlsZd9TjPv8SRJzhwqDA.roa
File: tsPcC_tIlsZd9TjPv8SRJzhwqDA.roa (raw, json)
Hash identifier: bf24hzQEnqI8HTl2AHe7gEuSI2v+2Kq+ncaWSKXqejc=
Subject key identifier: B6:C3:DC:0B:FB:48:96:C6:5D:F5:38:CF:BF:C4:91:27:38:70:A8:30
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019DFE9B4EDF5DD8FE6BA5F1643A6D422C0A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tsPcC_tIlsZd9TjPv8SRJzhwqDA.roa
Signing time: Wed 06 May 2026 18:44:44 +0000
ROA not before: Wed 06 May 2026 18:44:44 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20738
IP address blocks: 31.57.89.0/24 maxlen: 24
31.58.11.0/24 maxlen: 24
31.58.25.0/24 maxlen: 24
31.58.27.0/24 maxlen: 24
31.59.12.0/24 maxlen: 24
31.59.16.0/24 maxlen: 24
31.59.17.0/24 maxlen: 24
31.59.26.0/24 maxlen: 24
31.59.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fe:9b:4e:df:5d:d8:fe:6b:a5:f1:64:3a:6d:42:2c:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 6 18:44:44 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b6c3dc0bfb4896c65df538cfbfc491273870a830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5c:ea:a5:86:7b:16:a3:c2:e6:05:4b:c3:e3:
4f:50:6d:99:88:06:3a:38:5d:12:16:46:d6:1b:dd:
5b:f7:ef:ab:16:77:9e:87:68:48:f9:f2:14:16:74:
92:11:c5:9b:4a:b1:8d:74:02:49:1e:09:f8:e7:50:
72:5b:1a:cd:1d:90:cf:5b:1d:d0:ce:fa:1d:3e:02:
03:b2:f0:ee:05:0d:8c:2c:7e:1a:bc:3e:28:4a:e7:
35:d8:91:e3:78:f0:9e:07:4c:d1:d8:c6:7b:93:eb:
15:b1:24:0e:00:35:c9:f4:f2:56:b3:1e:9d:4a:1e:
a8:0e:09:6f:5a:a9:d9:67:db:27:8a:f2:dc:89:f7:
8f:87:0f:09:f8:30:37:e9:d1:0b:89:51:6c:51:fc:
2c:64:86:8b:1c:65:a5:a9:29:f4:f4:5d:2c:d5:d8:
87:19:d0:d7:00:53:12:e0:ea:6a:64:56:ba:21:b6:
a6:b5:28:6a:aa:2f:87:e1:3f:bb:c0:1f:43:b0:a5:
18:a2:1f:cb:5e:7d:db:b9:e8:69:25:a0:2a:63:38:
8f:f2:c8:c2:74:80:20:a4:d1:d8:a8:9d:36:e8:25:
e5:d9:97:41:70:07:bd:76:e7:a5:da:2c:e3:ec:2c:
a3:e5:bc:68:55:88:72:b3:ef:f6:d7:94:af:a6:7c:
6a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C3:DC:0B:FB:48:96:C6:5D:F5:38:CF:BF:C4:91:27:38:70:A8:30
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tsPcC_tIlsZd9TjPv8SRJzhwqDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.89.0/24
31.58.11.0/24
31.58.25.0/24
31.58.27.0/24
31.59.12.0/24
31.59.16.0/23
31.59.26.0/24
31.59.32.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:b4:20:61:4e:25:2a:df:dd:69:2a:9d:ca:ee:2a:dd:53:9c:
42:b4:98:a2:9f:68:20:ee:ba:e2:2b:ae:ba:b4:b0:01:6c:fc:
e5:39:39:3f:12:5f:29:22:41:c5:f5:8f:6c:f9:fa:74:de:27:
41:eb:5e:f2:4d:49:31:ab:4e:d2:0e:18:2d:0f:86:6c:04:df:
a0:6b:d2:77:3f:0f:17:f2:34:e7:ad:8f:5b:b6:ea:46:81:b9:
f9:7f:83:cb:49:ea:99:f1:d6:45:1f:30:16:a7:22:64:10:73:
86:d7:bf:ea:8c:10:64:97:c1:9c:c0:0d:44:68:13:b4:58:0c:
8a:a0:4c:38:96:56:d2:78:0f:77:80:34:b1:d4:c9:29:55:e5:
fd:f5:f0:18:60:63:aa:2b:ff:dd:13:17:13:b7:33:9f:da:b8:
bd:90:03:6b:8e:90:60:35:50:40:63:fb:d0:73:66:a9:56:30:
c4:b6:66:0a:f0:1f:70:3a:37:13:e9:a3:09:91:07:f7:96:91:
26:e7:b9:f0:cf:9b:e3:c5:03:77:08:28:a2:96:ab:fd:57:0d:
7f:c5:f6:ed:38:c8:41:5e:11:74:e5:8b:b7:b8:b3:b1:6b:7f:
8f:f4:9a:9c:9e:6e:70:a9:de:32:18:7b:10:ed:86:10:19:02:
9b:73:ed:e2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ3+m07fXdj+a6XxZDptQiwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTA2MTg0NDQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmMzZGMwYmZiNDg5NmM2NWRmNTM4Y2ZiZmM0OTEyNzM4NzBhODMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVzqpYZ7FqPC5gVLw+NPUG2ZiAY6
OF0SFkbWG91b9++rFneeh2hI+fIUFnSSEcWbSrGNdAJJHgn451ByWxrNHZDPWx3Q
zvodPgIDsvDuBQ2MLH4avD4oSuc12JHjePCeB0zR2MZ7k+sVsSQOADXJ9PJWsx6d
Sh6oDglvWqnZZ9snivLcifePhw8J+DA36dELiVFsUfwsZIaLHGWlqSn09F0s1diH
GdDXAFMS4OpqZFa6IbamtShqqi+H4T+7wB9DsKUYoh/LXn3buehpJaAqYziP8sjC
dIAgpNHYqJ026CXl2ZdBcAe9duel2izj7Cyj5bxoVYhys+/215SvpnxqRwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLbD3Av7SJbGXfU4z7/EkSc4cKgwMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdHNQY0NfdElsc1pkOVRqUHY4U1JKemh3cURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAHzlZAwQA
HzoLAwQAHzoZAwQAHzobAwQAHzsMAwQBHzsQAwQAHzsaAwQAHzsgMA0GCSqGSIb3
DQEBCwUAA4IBAQAbtCBhTiUq391pKp3K7irdU5xCtJiin2gg7rriK666tLABbPzl
OTk/El8pIkHF9Y9s+fp03idB617yTUkxq07SDhgtD4ZsBN+ga9J3Pw8X8jTnrY9b
tupGgbn5f4PLSeqZ8dZFHzAWpyJkEHOG17/qjBBkl8GcwA1EaBO0WAyKoEw4llbS
eA93gDSx1MkpVeX99fAYYGOqK//dExcTtzOf2ri9kANrjpBgNVBAY/vQc2apVjDE
tmYK8B9wOjcT6aMJkQf3lpEm57nwz5vjxQN3CCiilqv9Vw1/xfbtOMhBXhF05Yu3
uLOxa3+P9Jqcnm5wqd4yGHsQ7YYQGQKbc+3i
-----END CERTIFICATE-----
Generated at Tue May 12 21:39:40 2026 by rpki-client